From 38c708d159ebe39cd8bfce8a2e9ccb7de2a8e5a3 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Fri, 14 Aug 2020 15:53:47 -0400 Subject: [PATCH 01/16] add security solution search strategy on server side --- .../data/common/search/es_search/types.ts | 4 +- src/plugins/data/server/search/types.ts | 26 +++- .../common/ecs/auditd/index.ts | 45 ++++++ .../common/ecs/cloud/index.ts | 20 +++ .../common/ecs/destination/index.ts | 21 +++ .../security_solution/common/ecs/dns/index.ts | 19 +++ .../common/ecs/endgame/index.ts | 33 +++++ .../common/ecs/event/index.ts | 45 ++++++ .../common/ecs/file/index.ts | 37 +++++ .../security_solution/common/ecs/geo/index.ts | 27 ++++ .../common/ecs/host/index.ts | 35 +++++ .../common/ecs/http/index.ts | 37 +++++ .../security_solution/common/ecs/index.ts | 78 ++++++++++ .../common/ecs/network/index.ts | 19 +++ .../common/ecs/process/index.ts | 39 +++++ .../common/ecs/rule/index.ts | 69 +++++++++ .../common/ecs/signal/index.ts | 13 ++ .../common/ecs/source/index.ts | 21 +++ .../common/ecs/suricata/index.ts | 23 +++ .../common/ecs/system/index.ts | 39 +++++ .../security_solution/common/ecs/tls/index.ts | 33 +++++ .../security_solution/common/ecs/url/index.ts | 15 ++ .../common/ecs/user/index.ts | 21 +++ .../common/ecs/winlog/index.ts | 9 ++ .../common/ecs/zeek/index.ts | 133 ++++++++++++++++++ .../security_solution/hosts/index.ts | 81 +++++++++++ .../security_solution/index.ts | 92 ++++++++++++ .../security_solution/server/plugin.ts | 13 ++ .../hosts/dsl/query.detail_host.dsl.ts | 48 +++++++ .../factory/hosts/dsl/query.hosts.dsl.ts | 89 ++++++++++++ .../dsl/query.last_first_seen_host.dsl.ts | 35 +++++ .../factory/hosts/helpers.ts | 87 ++++++++++++ .../security_solution/factory/hosts/index.ts | 93 ++++++++++++ .../security_solution/factory/index.ts | 17 +++ .../security_solution/factory/types.ts | 34 +++++ .../security_solution/index.ts | 38 +++++ .../server/utils/build_query/index.ts | 2 +- 37 files changed, 1481 insertions(+), 9 deletions(-) create mode 100644 x-pack/plugins/security_solution/common/ecs/auditd/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/cloud/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/destination/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/dns/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/endgame/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/event/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/file/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/geo/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/host/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/http/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/network/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/process/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/rule/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/signal/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/source/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/suricata/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/system/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/tls/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/url/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/user/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/winlog/index.ts create mode 100644 x-pack/plugins/security_solution/common/ecs/zeek/index.ts create mode 100644 x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts create mode 100644 x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/index.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts diff --git a/src/plugins/data/common/search/es_search/types.ts b/src/plugins/data/common/search/es_search/types.ts index db2e31706e95c..18988cbf130b7 100644 --- a/src/plugins/data/common/search/es_search/types.ts +++ b/src/plugins/data/common/search/es_search/types.ts @@ -30,6 +30,6 @@ export interface IEsSearchRequest extends IKibanaSearchRequest { indexType?: string; } -export interface IEsSearchResponse extends IKibanaSearchResponse { - rawResponse: SearchResponse; +export interface IEsSearchResponse extends IKibanaSearchResponse { + rawResponse: SearchResponse; } diff --git a/src/plugins/data/server/search/types.ts b/src/plugins/data/server/search/types.ts index 76afd7e8c951c..aaaa1b5f1e4c6 100644 --- a/src/plugins/data/server/search/types.ts +++ b/src/plugins/data/server/search/types.ts @@ -35,7 +35,13 @@ export interface ISearchSetup { * Extension point exposed for other plugins to register their own search * strategies. */ - registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; + registerSearchStrategy: < + SearchStrategyRequest = IEsSearchRequest, + SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse + >( + name: string, + strategy: ISearchStrategy + ) => void; /** * Used internally for telemetry @@ -43,12 +49,17 @@ export interface ISearchSetup { usage?: SearchUsage; } -export interface ISearchStart { +export interface ISearchStart< + SearchStrategyRequest = any, + SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse +> { /** * Get other registered search strategies. For example, if a new strategy needs to use the * already-registered ES search strategy, it can use this function to accomplish that. */ - getSearchStrategy: (name: string) => ISearchStrategy; + getSearchStrategy: ( + name: string + ) => ISearchStrategy; search: ( context: RequestHandlerContext, request: IKibanaSearchRequest, @@ -60,11 +71,14 @@ export interface ISearchStart { * Search strategy interface contains a search method that takes in a request and returns a promise * that resolves to a response. */ -export interface ISearchStrategy { +export interface ISearchStrategy< + SearchStrategyRequest = IEsSearchRequest, + SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse +> { search: ( context: RequestHandlerContext, - request: IEsSearchRequest, + request: SearchStrategyRequest, options?: ISearchOptions - ) => Promise; + ) => Promise; cancel?: (context: RequestHandlerContext, id: string) => Promise; } diff --git a/x-pack/plugins/security_solution/common/ecs/auditd/index.ts b/x-pack/plugins/security_solution/common/ecs/auditd/index.ts new file mode 100644 index 0000000000000..4b170eec98c02 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/auditd/index.ts @@ -0,0 +1,45 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface AuditdEcs { + result?: string[]; + + session?: string[]; + + data?: AuditdDataEcs; + + summary?: SummaryEcs; + + sequence?: string[]; +} + +export interface AuditdDataEcs { + acct?: string[]; + + terminal?: string[]; + + op?: string[]; +} + +export interface SummaryEcs { + actor?: PrimarySecondaryEcs; + + object?: PrimarySecondaryEcs; + + how?: string[]; + + message_type?: string[]; + + sequence?: string[]; +} + +export interface PrimarySecondaryEcs { + primary?: string[]; + + secondary?: string[]; + + type?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/cloud/index.ts b/x-pack/plugins/security_solution/common/ecs/cloud/index.ts new file mode 100644 index 0000000000000..812b30bcc13f1 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/cloud/index.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface CloudEcs { + instance?: CloudInstanceEcs; + machine?: CloudMachineEcs; + provider?: string[]; + region?: string[]; +} + +export interface CloudMachineEcs { + type?: string[]; +} + +export interface CloudInstanceEcs { + id?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/destination/index.ts b/x-pack/plugins/security_solution/common/ecs/destination/index.ts new file mode 100644 index 0000000000000..9b4038205350e --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/destination/index.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { GeoEcs } from '../geo'; + +export interface DestinationEcs { + bytes?: number[]; + + ip?: string[]; + + port?: number[]; + + domain?: string[]; + + geo?: GeoEcs; + + packets?: number[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/dns/index.ts b/x-pack/plugins/security_solution/common/ecs/dns/index.ts new file mode 100644 index 0000000000000..6844cd517aceb --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/dns/index.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface DnsEcs { + question?: DnsQuestionEcs; + + resolved_ip?: string[]; + + response_code?: string[]; +} + +export interface DnsQuestionEcs { + name?: string[]; + + type?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/endgame/index.ts b/x-pack/plugins/security_solution/common/ecs/endgame/index.ts new file mode 100644 index 0000000000000..f435db4f47810 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/endgame/index.ts @@ -0,0 +1,33 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface EndgameEcs { + exit_code?: number; + + file_name?: string; + + file_path?: string; + + logon_type?: number; + + parent_process_name?: string; + + pid?: number; + + process_name?: string; + + subject_domain_name?: string; + + subject_logon_id?: string; + + subject_user_name?: string; + + target_domain_name?: string; + + target_logon_id?: string; + + target_user_name?: string; +} diff --git a/x-pack/plugins/security_solution/common/ecs/event/index.ts b/x-pack/plugins/security_solution/common/ecs/event/index.ts new file mode 100644 index 0000000000000..cb18a8c5881e8 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/event/index.ts @@ -0,0 +1,45 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface EventEcs { + action?: string[]; + + category?: string[]; + + code?: string[]; + + created?: string[]; + + dataset?: string[]; + + duration?: number[]; + + end?: string[]; + + hash?: string[]; + + id?: string[]; + + kind?: string[]; + + module?: string[]; + + original?: string[]; + + outcome?: string[]; + + risk_score?: number[]; + + risk_score_norm?: number[]; + + severity?: number[]; + + start?: string[]; + + timezone?: string[]; + + type?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/file/index.ts b/x-pack/plugins/security_solution/common/ecs/file/index.ts new file mode 100644 index 0000000000000..808e9eaa3c854 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/file/index.ts @@ -0,0 +1,37 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface FileEcs { + name?: string[]; + + path?: string[]; + + target_path?: string[]; + + extension?: string[]; + + type?: string[]; + + device?: string[]; + + inode?: string[]; + + uid?: string[]; + + owner?: string[]; + + gid?: string[]; + + group?: string[]; + + mode?: string[]; + + size?: number[]; + + mtime?: string[]; + + ctime?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/geo/index.ts b/x-pack/plugins/security_solution/common/ecs/geo/index.ts new file mode 100644 index 0000000000000..409b5bbdc17a4 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/geo/index.ts @@ -0,0 +1,27 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface GeoEcs { + city_name?: string[]; + + continent_name?: string[]; + + country_iso_code?: string[]; + + country_name?: string[]; + + location?: Location; + + region_iso_code?: string[]; + + region_name?: string[]; +} + +export interface Location { + lon?: number[]; + + lat?: number[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/host/index.ts b/x-pack/plugins/security_solution/common/ecs/host/index.ts new file mode 100644 index 0000000000000..056291a70b62f --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/host/index.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface HostEcs { + architecture?: string[]; + + id?: string[]; + + ip?: string[]; + + mac?: string[]; + + name?: string[]; + + os?: OsEcs; + + type?: string[]; +} + +export interface OsEcs { + platform?: string[]; + + name?: string[]; + + full?: string[]; + + family?: string[]; + + version?: string[]; + + kernel?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/http/index.ts b/x-pack/plugins/security_solution/common/ecs/http/index.ts new file mode 100644 index 0000000000000..ff56d15e70bb3 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/http/index.ts @@ -0,0 +1,37 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface HttpEcs { + version?: string[]; + + request?: HttpRequestData; + + response?: HttpResponseData; +} + +export interface HttpRequestData { + method?: string[]; + + body?: HttpBodyData; + + referrer?: string[]; + + bytes?: number[]; +} + +export interface HttpBodyData { + content?: string[]; + + bytes?: number[]; +} + +export interface HttpResponseData { + status_code?: number[]; + + body?: HttpBodyData; + + bytes?: number[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/index.ts b/x-pack/plugins/security_solution/common/ecs/index.ts new file mode 100644 index 0000000000000..ff21ebc5ef973 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/index.ts @@ -0,0 +1,78 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AuditdEcs } from './auditd'; +import { DestinationEcs } from './destination'; +import { DnsEcs } from './dns'; +import { EndgameEcs } from './endgame'; +import { EventEcs } from './event'; +import { GeoEcs } from './geo'; +import { HostEcs } from './host'; +import { NetworkEcs } from './network'; +import { RuleEcs } from './rule'; +import { SignalEcs } from './signal'; +import { SourceEcs } from './source'; +import { SuricataEcs } from './suricata'; +import { TlsEcs } from './tls'; +import { ZeekEcs } from './zeek'; +import { HttpEcs } from './http'; +import { UrlEcs } from './url'; +import { UserEcs } from './user'; +import { WinlogEcs } from './winlog'; +import { ProcessEcs } from './process'; +import { SystemEcs } from './system'; + +export interface Ecs { + _id: string; + + _index?: string; + + auditd?: AuditdEcs; + + destination?: DestinationEcs; + + dns?: DnsEcs; + + endgame?: EndgameEcs; + + event?: EventEcs; + + geo?: GeoEcs; + + host?: HostEcs; + + network?: NetworkEcs; + + rule?: RuleEcs; + + signal?: SignalEcs; + + source?: SourceEcs; + + suricata?: SuricataEcs; + + tls?: TlsEcs; + + zeek?: ZeekEcs; + + http?: HttpEcs; + + url?: UrlEcs; + + timestamp?: string; + + message?: string[]; + + user?: UserEcs; + + winlog?: WinlogEcs; + + process?: ProcessEcs; + + file?: File; + + system?: SystemEcs; +} diff --git a/x-pack/plugins/security_solution/common/ecs/network/index.ts b/x-pack/plugins/security_solution/common/ecs/network/index.ts new file mode 100644 index 0000000000000..c2fc3cb4b9f48 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/network/index.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface NetworkEcs { + bytes?: number[]; + + community_id?: string[]; + + direction?: string[]; + + packets?: number[]; + + protocol?: string[]; + + transport?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/process/index.ts b/x-pack/plugins/security_solution/common/ecs/process/index.ts new file mode 100644 index 0000000000000..0584d95c8059d --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/process/index.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface ProcessEcs { + hash?: ProcessHashData; + + pid?: number[]; + + name?: string[]; + + ppid?: number[]; + + args?: string[]; + + executable?: string[]; + + title?: string[]; + + thread?: Thread; + + working_directory?: string[]; +} + +export interface ProcessHashData { + md5?: string[]; + + sha1?: string[]; + + sha256?: string[]; +} + +export interface Thread { + id?: number[]; + + start?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/rule/index.ts b/x-pack/plugins/security_solution/common/ecs/rule/index.ts new file mode 100644 index 0000000000000..c1ef1ee17ca0c --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/rule/index.ts @@ -0,0 +1,69 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface RuleEcs { + id?: string[]; + + rule_id?: string[]; + + false_positives: string[]; + + saved_id?: string[]; + + timeline_id?: string[]; + + timeline_title?: string[]; + + max_signals?: number[]; + + risk_score?: string[]; + + output_index?: string[]; + + description?: string[]; + + from?: string[]; + + immutable?: boolean[]; + + index?: string[]; + + interval?: string[]; + + language?: string[]; + + query?: string[]; + + references?: string[]; + + severity?: string[]; + + tags?: string[]; + + threat?: unknown; + + type?: string[]; + + size?: string[]; + + to?: string[]; + + enabled?: boolean[]; + + filters?: unknown; + + created_at?: string[]; + + updated_at?: string[]; + + created_by?: string[]; + + updated_by?: string[]; + + version?: string[]; + + note?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/signal/index.ts b/x-pack/plugins/security_solution/common/ecs/signal/index.ts new file mode 100644 index 0000000000000..66e35e26af341 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/signal/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { RuleEcs } from '../rule'; + +export interface SignalEcs { + rule?: RuleEcs; + + original_time?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/source/index.ts b/x-pack/plugins/security_solution/common/ecs/source/index.ts new file mode 100644 index 0000000000000..9e6b6563cec68 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/source/index.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { GeoEcs } from '../geo'; + +export interface SourceEcs { + bytes?: number[]; + + ip?: string[]; + + port?: number[]; + + domain?: string[]; + + geo?: GeoEcs; + + packets?: number[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/suricata/index.ts b/x-pack/plugins/security_solution/common/ecs/suricata/index.ts new file mode 100644 index 0000000000000..53c193edddaf2 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/suricata/index.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface SuricataEcs { + eve?: SuricataEveData; +} + +export interface SuricataEveData { + alert?: SuricataAlertData; + + flow_id?: number[]; + + proto?: string[]; +} + +export interface SuricataAlertData { + signature?: string[]; + + signature_id?: number[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/system/index.ts b/x-pack/plugins/security_solution/common/ecs/system/index.ts new file mode 100644 index 0000000000000..803d8197080ff --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/system/index.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface SystemEcs { + audit?: AuditEcs; + + auth?: AuthEcs; +} + +export interface AuditEcs { + package?: PackageEcs; +} + +export interface PackageEcs { + arch?: string[]; + + entity_id?: string[]; + + name?: string[]; + + size?: number[]; + + summary?: string[]; + + version?: string[]; +} + +export interface AuthEcs { + ssh?: SshEcs; +} + +export interface SshEcs { + method?: string[]; + + signature?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/tls/index.ts b/x-pack/plugins/security_solution/common/ecs/tls/index.ts new file mode 100644 index 0000000000000..86a2a1a9459a2 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/tls/index.ts @@ -0,0 +1,33 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface TlsEcs { + client_certificate?: TlsClientCertificateData; + + fingerprints?: TlsFingerprintsData; + + server_certificate?: TlsServerCertificateData; +} + +export interface TlsClientCertificateData { + fingerprint?: FingerprintData; +} + +export interface FingerprintData { + sha1?: string[]; +} + +export interface TlsFingerprintsData { + ja3?: TlsJa3Data; +} + +export interface TlsJa3Data { + hash?: string[]; +} + +export interface TlsServerCertificateData { + fingerprint?: FingerprintData; +} diff --git a/x-pack/plugins/security_solution/common/ecs/url/index.ts b/x-pack/plugins/security_solution/common/ecs/url/index.ts new file mode 100644 index 0000000000000..66033ea9f0725 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/url/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface UrlEcs { + domain?: string[]; + + original?: string[]; + + username?: string[]; + + password?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/user/index.ts b/x-pack/plugins/security_solution/common/ecs/user/index.ts new file mode 100644 index 0000000000000..d72362d5f5cf9 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/user/index.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface UserEcs { + domain?: string[]; + + id?: string[]; + + name?: string[]; + + full_name?: string[]; + + email?: string[]; + + hash?: string[]; + + group?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/winlog/index.ts b/x-pack/plugins/security_solution/common/ecs/winlog/index.ts new file mode 100644 index 0000000000000..a449fb9130e6f --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/winlog/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface WinlogEcs { + event_id?: number[]; +} diff --git a/x-pack/plugins/security_solution/common/ecs/zeek/index.ts b/x-pack/plugins/security_solution/common/ecs/zeek/index.ts new file mode 100644 index 0000000000000..289390a87db12 --- /dev/null +++ b/x-pack/plugins/security_solution/common/ecs/zeek/index.ts @@ -0,0 +1,133 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export interface ZeekEcs { + session_id?: string[]; + + connection?: ZeekConnectionData; + + notice?: ZeekNoticeData; + + dns?: ZeekDnsData; + + http?: ZeekHttpData; + + files?: ZeekFileData; + + ssl?: ZeekSslData; +} + +export interface ZeekConnectionData { + local_resp?: boolean[]; + + local_orig?: boolean[]; + + missed_bytes?: number[]; + + state?: string[]; + + history?: string[]; +} + +export interface ZeekNoticeData { + suppress_for?: number[]; + + msg?: string[]; + + note?: string[]; + + sub?: string[]; + + dst?: string[]; + + dropped?: boolean[]; + + peer_descr?: string[]; +} + +export interface ZeekDnsData { + AA?: boolean[]; + + qclass_name?: string[]; + + RD?: boolean[]; + + qtype_name?: string[]; + + rejected?: boolean[]; + + qtype?: string[]; + + query?: string[]; + + trans_id?: number[]; + + qclass?: string[]; + + RA?: boolean[]; + + TC?: boolean[]; +} + +export interface ZeekHttpData { + resp_mime_types?: string[]; + + trans_depth?: string[]; + + status_msg?: string[]; + + resp_fuids?: string[]; + + tags?: string[]; +} + +export interface ZeekFileData { + session_ids?: string[]; + + timedout?: boolean[]; + + local_orig?: boolean[]; + + tx_host?: string[]; + + source?: string[]; + + is_orig?: boolean[]; + + overflow_bytes?: number[]; + + sha1?: string[]; + + duration?: number[]; + + depth?: number[]; + + analyzers?: string[]; + + mime_type?: string[]; + + rx_host?: string[]; + + total_bytes?: number[]; + + fuid?: string[]; + + seen_bytes?: number[]; + + missing_bytes?: number[]; + + md5?: string[]; +} + +export interface ZeekSslData { + cipher?: string[]; + + established?: boolean[]; + + resumed?: boolean[]; + + version?: string[]; +} diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts new file mode 100644 index 0000000000000..c4f067deffa34 --- /dev/null +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts @@ -0,0 +1,81 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; +import { CloudEcs } from '../../../ecs/cloud'; +import { HostEcs } from '../../../ecs/host'; + +import { + CursorType, + Inspect, + Maybe, + PageInfoPaginated, + RequestOptionsPaginated, + SortField, + TimerangeInput, +} from '..'; + +export type HostsQueries = 'host_all' | 'host_details'; + +export enum HostPolicyResponseActionStatus { + success = 'success', + failure = 'failure', + warning = 'warning', +} + +export interface EndpointFields { + endpointPolicy?: Maybe; + + sensorVersion?: Maybe; + + policyStatus?: Maybe; +} + +export interface HostItem { + _id?: Maybe; + + cloud?: Maybe; + + endpoint?: Maybe; + + host?: Maybe; + + lastSeen?: Maybe; +} + +export interface HostsEdges { + node: HostItem; + + cursor: CursorType; +} + +export interface HostsStrategyResponse extends IEsSearchResponse { + edges: HostsEdges[]; + + totalCount: number; + + pageInfo: PageInfoPaginated; + + inspect?: Maybe; +} + +export interface HostDetailsStrategyResponse extends IEsSearchResponse, HostItem { + inspect?: Maybe; +} + +export interface HostsRequestOptions extends RequestOptionsPaginated { + sort: SortField; + defaultIndex: string[]; +} + +export interface HostLastFirstSeenRequestOptions extends Partial { + hostName: string; +} + +export interface HostOverviewRequestOptions extends HostLastFirstSeenRequestOptions { + fields: string[]; + timerange: TimerangeInput; +} diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts new file mode 100644 index 0000000000000..852c7b32e5dab --- /dev/null +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts @@ -0,0 +1,92 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { ESQuery } from '../../typed_json'; +import { HostsQueries } from './hosts'; +export * from './hosts'; +export type Maybe = T | null; + +export type FactoryQueryTypes = HostsQueries; + +export interface Inspect { + dsl: string[]; + response: string[]; +} + +export interface PageInfoPaginated { + activePage: number; + fakeTotalCount: number; + showMorePagesIndicator: boolean; +} + +export interface CursorType { + value?: Maybe; + tiebreaker?: Maybe; +} + +export enum Direction { + asc = 'asc', + desc = 'desc', +} + +export interface SortField { + field: string; + direction: Direction; +} + +export interface TimerangeInput { + /** The interval string to use for last bucket. The format is '{value}{unit}'. For example '5m' would return the metrics for the last 5 minutes of the timespan. */ + interval: string; + /** The end of the timerange */ + to: string; + /** The beginning of the timerange */ + from: string; +} + +export interface PaginationInput { + /** The limit parameter allows you to configure the maximum amount of items to be returned */ + limit: number; + /** The cursor parameter defines the next result you want to fetch */ + cursor?: Maybe; + /** The tiebreaker parameter allow to be more precise to fetch the next item */ + tiebreaker?: Maybe; +} + +export interface PaginationInputPaginated { + /** The activePage parameter defines the page of results you want to fetch */ + activePage: number; + /** The cursorStart parameter defines the start of the results to be displayed */ + cursorStart: number; + /** The fakePossibleCount parameter determines the total count in order to show 5 additional pages */ + fakePossibleCount: number; + /** The querySize parameter is the number of items to be returned */ + querySize: number; +} + +export interface DocValueFieldsInput { + field: string; + format: string; +} + +export interface RequestBasicOptions { + timerange: TimerangeInput; + filterQuery: ESQuery | undefined; + defaultIndex: string[]; + docValueFields?: DocValueFieldsInput[]; + factoryQueryType?: FactoryQueryTypes; +} + +export interface RequestOptions extends RequestBasicOptions { + pagination: PaginationInput; + fields: readonly string[]; + sortField?: SortField; +} + +export interface RequestOptionsPaginated extends RequestBasicOptions { + pagination: PaginationInputPaginated; + fields: readonly string[]; + sortField?: SortField; +} diff --git a/x-pack/plugins/security_solution/server/plugin.ts b/x-pack/plugins/security_solution/server/plugin.ts index f2fad16d80414..736ef97621b2e 100644 --- a/x-pack/plugins/security_solution/server/plugin.ts +++ b/x-pack/plugins/security_solution/server/plugin.ts @@ -17,6 +17,8 @@ import { PluginInitializerContext, SavedObjectsClient, } from '../../../../src/core/server'; +// eslint-disable-next-line @kbn/eslint/no-restricted-paths +import { DataPluginSetup, DataPluginStart } from '../../../../src/plugins/data/server/plugin'; import { UsageCollectionSetup } from '../../../../src/plugins/usage_collection/server'; import { PluginSetupContract as AlertingSetup } from '../../alerts/server'; import { SecurityPluginSetup as SecuritySetup } from '../../security/server'; @@ -58,9 +60,11 @@ import { EndpointAppContext } from './endpoint/types'; import { registerDownloadExceptionListRoute } from './endpoint/routes/artifacts'; import { initUsageCollectors } from './usage'; import { AppRequestContext } from './types'; +import { securitySolutionSearchStrategyProvider } from './search_strategy/security_solution'; export interface SetupPlugins { alerts: AlertingSetup; + data: DataPluginSetup; encryptedSavedObjects?: EncryptedSavedObjectsSetup; features: FeaturesSetup; licensing: LicensingPluginSetup; @@ -73,6 +77,7 @@ export interface SetupPlugins { } export interface StartPlugins { + data: DataPluginStart; ingestManager?: IngestManagerStartContract; taskManager?: TaskManagerStartContract; } @@ -263,6 +268,14 @@ export class Plugin implements IPlugin { + const securitySolutionSearchStrategy = securitySolutionSearchStrategyProvider(depsStart.data); + plugins.data.search.registerSearchStrategy( + 'securitySolutionSearchStrategy', + securitySolutionSearchStrategy + ); + }); + return {}; } diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts new file mode 100644 index 0000000000000..140a66be73eef --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts @@ -0,0 +1,48 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { HostOverviewRequestOptions } from '../../../../../../common/search_strategy/security_solution'; +import { cloudFieldsMap, hostFieldsMap } from '../../../../../lib/ecs_fields'; +import { buildFieldsTermAggregation } from '../../../../../lib/hosts/helpers'; +import { reduceFields } from '../../../../../utils/build_query/reduce_fields'; + +export const buildHostOverviewQuery = ({ + fields, + hostName, + defaultIndex, + timerange: { from, to }, +}: HostOverviewRequestOptions) => { + const esFields = reduceFields(fields, { ...hostFieldsMap, ...cloudFieldsMap }); + + const filter = [ + { term: { 'host.name': hostName } }, + { + range: { + '@timestamp': { + format: 'strict_date_optional_time', + gte: from, + lte: to, + }, + }, + }, + ]; + + const dslQuery = { + allowNoIndices: true, + index: defaultIndex, + ignoreUnavailable: true, + body: { + aggregations: { + ...buildFieldsTermAggregation(esFields.filter((field) => !['@timestamp'].includes(field))), + }, + query: { bool: { filter } }, + size: 0, + track_total_hits: false, + }, + }; + + return dslQuery; +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts new file mode 100644 index 0000000000000..d4e3fb19d243c --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts @@ -0,0 +1,89 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { isEmpty } from 'lodash/fp'; +import { + Direction, + HostsRequestOptions, + SortField, +} from '../../../../../../common/search_strategy/security_solution'; +import { assertUnreachable, createQueryFilterClauses } from '../../../../../utils/build_query'; + +export const buildHostsQuery = ({ + defaultIndex, + docValueFields, + fields, + filterQuery, + pagination: { querySize }, + sort, + timerange: { from, to }, +}: HostsRequestOptions) => { + const filter = [ + ...createQueryFilterClauses(filterQuery), + { + range: { + '@timestamp': { + gte: from, + lte: to, + format: 'strict_date_optional_time', + }, + }, + }, + ]; + + const agg = { host_count: { cardinality: { field: 'host.name' } } }; + + const dslQuery = { + allowNoIndices: true, + index: defaultIndex, + ignoreUnavailable: true, + body: { + ...(isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), + aggregations: { + ...agg, + host_data: { + terms: { size: querySize, field: 'host.name', order: getQueryOrder(sort) }, + aggs: { + lastSeen: { max: { field: '@timestamp' } }, + os: { + top_hits: { + size: 1, + sort: [ + { + '@timestamp': { + order: 'desc', + }, + }, + ], + _source: { + includes: ['host.os.*'], + }, + }, + }, + }, + }, + }, + query: { bool: { filter } }, + size: 0, + track_total_hits: false, + }, + }; + + return dslQuery; +}; + +type QueryOrder = { lastSeen: Direction } | { _key: Direction }; + +const getQueryOrder = (sort: SortField): QueryOrder => { + switch (sort.field) { + case 'lastSeen': + return { lastSeen: sort.direction }; + case 'hostName': + return { _key: sort.direction }; + default: + return assertUnreachable(sort.field); + } +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts new file mode 100644 index 0000000000000..42dbf46305b49 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { isEmpty } from 'lodash/fp'; + +import { HostLastFirstSeenRequestOptions } from '../../../../../../common/search_strategy/security_solution'; + +export const buildLastFirstSeenHostQuery = ({ + hostName, + defaultIndex, + docValueFields, +}: HostLastFirstSeenRequestOptions) => { + const filter = [{ term: { 'host.name': hostName } }]; + + const dslQuery = { + allowNoIndices: true, + index: defaultIndex, + ignoreUnavailable: true, + body: { + ...(isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), + aggregations: { + firstSeen: { min: { field: '@timestamp' } }, + lastSeen: { max: { field: '@timestamp' } }, + }, + query: { bool: { filter } }, + size: 0, + track_total_hits: false, + }, + }; + + return dslQuery; +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts new file mode 100644 index 0000000000000..0d99050286c85 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts @@ -0,0 +1,87 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { set } from '@elastic/safer-lodash-set/fp'; +import { get, has, head } from 'lodash/fp'; +import { + HostsEdges, + HostItem, +} from '../../../../../common/search_strategy/security_solution/hosts'; +import { hostFieldsMap } from '../../../../lib/ecs_fields'; + +import { HostAggEsItem, HostBuckets, HostValue } from '../../../../lib/hosts/types'; + +export const formatHostEdgesData = (fields: readonly string[], bucket: HostAggEsItem): HostsEdges => + fields.reduce( + (flattenedFields, fieldName) => { + const hostId = get('key', bucket); + flattenedFields.node._id = hostId || null; + flattenedFields.cursor.value = hostId || ''; + const fieldValue = getHostFieldValue(fieldName, bucket); + if (fieldValue != null) { + return set(`node.${fieldName}`, fieldValue, flattenedFields); + } + return flattenedFields; + }, + { + node: {}, + cursor: { + value: '', + tiebreaker: null, + }, + } as HostsEdges + ); + +export const formatHostItem = (fields: readonly string[], bucket: HostAggEsItem): HostItem => + fields.reduce((flattenedFields, fieldName) => { + const fieldValue = getHostFieldValue(fieldName, bucket); + if (fieldValue != null) { + return set(fieldName, fieldValue, flattenedFields); + } + return flattenedFields; + }, {}); + +const getHostFieldValue = (fieldName: string, bucket: HostAggEsItem): string | string[] | null => { + const aggField = hostFieldsMap[fieldName] + ? hostFieldsMap[fieldName].replace(/\./g, '_') + : fieldName.replace(/\./g, '_'); + if ( + [ + 'host.ip', + 'host.mac', + 'cloud.instance.id', + 'cloud.machine.type', + 'cloud.provider', + 'cloud.region', + ].includes(fieldName) && + has(aggField, bucket) + ) { + const data: HostBuckets = get(aggField, bucket); + return data.buckets.map((obj) => obj.key); + } else if (has(`${aggField}.buckets`, bucket)) { + return getFirstItem(get(`${aggField}`, bucket)); + } else if (has(aggField, bucket)) { + const valueObj: HostValue = get(aggField, bucket); + return valueObj.value_as_string; + } else if (['host.name', 'host.os.name', 'host.os.version'].includes(fieldName)) { + switch (fieldName) { + case 'host.name': + return get('key', bucket) || null; + case 'host.os.name': + return get('os.hits.hits[0]._source.host.os.name', bucket) || null; + case 'host.os.version': + return get('os.hits.hits[0]._source.host.os.version', bucket) || null; + } + } + return null; +}; + +const getFirstItem = (data: HostBuckets): string | null => { + const firstItem = head(data.buckets); + if (firstItem == null) { + return null; + } + return firstItem.key; +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts new file mode 100644 index 0000000000000..d3e4c91b37712 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts @@ -0,0 +1,93 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { get, getOr } from 'lodash/fp'; + +import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; + +import { DEFAULT_MAX_TABLE_QUERY_SIZE } from '../../../../../common/constants'; +import { FactoryQueryTypes } from '../../../../../common/search_strategy/security_solution'; +import { + HostsStrategyResponse, + HostDetailsStrategyResponse, + HostsQueries, + HostsRequestOptions, + HostOverviewRequestOptions, +} from '../../../../../common/search_strategy/security_solution/hosts'; + +// TO DO need to move all this types in common +import { HostAggEsData, HostAggEsItem } from '../../../../lib/hosts/types'; +import { TermAggregation } from '../../../../lib/types'; + +import { inspectStringifyObject } from '../../../../utils/build_query'; +import { SecuritySolutionFactory } from '../types'; +import { buildHostOverviewQuery } from './dsl/query.detail_host.dsl'; +import { buildHostsQuery } from './dsl/query.hosts.dsl'; +import { formatHostEdgesData, formatHostItem } from './helpers'; + +export const allHost: SecuritySolutionFactory<'host_all'> = { + buildDsl: (options: HostsRequestOptions) => { + if (options.pagination && options.pagination.querySize >= DEFAULT_MAX_TABLE_QUERY_SIZE) { + throw new Error(`No query size above ${DEFAULT_MAX_TABLE_QUERY_SIZE}`); + } + return buildHostsQuery(options); + }, + parse: async ( + options: HostsRequestOptions, + response: IEsSearchResponse + ): Promise => { + const { activePage, cursorStart, fakePossibleCount, querySize } = options.pagination; + const totalCount = getOr(0, 'aggregations.host_count.value', response.rawResponse); + const buckets: HostAggEsItem[] = getOr( + [], + 'aggregations.host_data.buckets', + response.rawResponse + ); + const hostsEdges = buckets.map((bucket) => formatHostEdgesData(options.fields, bucket)); + const fakeTotalCount = fakePossibleCount <= totalCount ? fakePossibleCount : totalCount; + const edges = hostsEdges.splice(cursorStart, querySize - cursorStart); + const inspect = { + dsl: [inspectStringifyObject(buildHostsQuery(options))], + response: [inspectStringifyObject(response)], + }; + const showMorePagesIndicator = totalCount > fakeTotalCount; + + return { + ...response, + inspect, + edges, + totalCount, + pageInfo: { + activePage: activePage ? activePage : 0, + fakeTotalCount, + showMorePagesIndicator, + }, + }; + }, +}; + +export const detailsHost: SecuritySolutionFactory<'host_details'> = { + buildDsl: (options: HostOverviewRequestOptions) => { + return buildHostOverviewQuery(options); + }, + parse: async ( + options: HostOverviewRequestOptions, + response: IEsSearchResponse + ): Promise => { + const aggregations: HostAggEsItem = get('aggregations', response.rawResponse) || {}; + const inspect = { + dsl: [inspectStringifyObject(buildHostOverviewQuery(options))], + response: [inspectStringifyObject(response)], + }; + const formattedHostItem = formatHostItem(options.fields, aggregations); + return { ...response, inspect, _id: options.hostName, ...formattedHostItem }; + }, +}; + +export const hostsFactory: Record> = { + host_all: allHost, + host_details: detailsHost, +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/index.ts new file mode 100644 index 0000000000000..53433dfc208cb --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/index.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { FactoryQueryTypes } from '../../../../common/search_strategy/security_solution'; + +import { hostsFactory } from './hosts'; +import { SecuritySolutionFactory } from './types'; + +export const securitySolutionFactory: Record< + FactoryQueryTypes, + SecuritySolutionFactory +> = { + ...hostsFactory, +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts new file mode 100644 index 0000000000000..8ede77222bb24 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; +import { FactoryQueryTypes } from '../../../../common/search_strategy/security_solution'; +import { + HostDetailsStrategyResponse, + HostsStrategyResponse, + HostsRequestOptions, + HostOverviewRequestOptions, +} from '../../../../common/search_strategy/security_solution/hosts'; + +export interface SecuritySolutionFactory { + buildDsl: (options: StrategyRequestType) => unknown; + parse: ( + options: StrategyRequestType, + response: IEsSearchResponse + ) => Promise>; +} + +export type StrategyResponseType = T extends 'host_all' + ? HostsStrategyResponse + : T extends 'host_details' + ? HostDetailsStrategyResponse + : never; + +export type StrategyRequestType = T extends 'host_all' + ? HostsRequestOptions + : T extends 'host_details' + ? HostOverviewRequestOptions + : never; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts new file mode 100644 index 0000000000000..2ee40f70686ac --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { ISearchStrategy, PluginStart } from '../../../../../../src/plugins/data/server'; +import { FactoryQueryTypes } from '../../../common/search_strategy/security_solution'; +import { securitySolutionFactory } from './factory'; +import { + StrategyResponseType, + StrategyRequestType, + SecuritySolutionFactory, +} from './factory/types'; + +export const securitySolutionSearchStrategyProvider = ( + data: PluginStart +): ISearchStrategy, StrategyResponseType> => { + const es = data.search.getSearchStrategy('es'); + + return { + search: async (context, request, options) => { + if (request.factoryQueryType == null) { + throw new Error('factoryQueryType is required'); + } + const queryFactory: SecuritySolutionFactory = + securitySolutionFactory[request.factoryQueryType]; + const dsl = queryFactory.buildDsl(request); + const esSearchRes = await es.search(context, { ...request, params: dsl }, options); + return queryFactory.parse(request, esSearchRes); + }, + cancel: async (context, id) => { + if (es.cancel) { + es.cancel(context, id); + } + }, + }; +}; diff --git a/x-pack/plugins/security_solution/server/utils/build_query/index.ts b/x-pack/plugins/security_solution/server/utils/build_query/index.ts index c97e78aad2b69..233ba70968fa1 100644 --- a/x-pack/plugins/security_solution/server/utils/build_query/index.ts +++ b/x-pack/plugins/security_solution/server/utils/build_query/index.ts @@ -10,7 +10,7 @@ export * from './merge_fields_with_hits'; export * from './calculate_timeseries_interval'; export const assertUnreachable = ( - x: never, + x: unknown, message: string = 'Unknown Field in switch statement' ): never => { throw new Error(`${message} ${x}`); From 0fdc5d6dbab8dd470fe7ea836a4c7843c3125b8e Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Wed, 19 Aug 2020 10:29:28 -0400 Subject: [PATCH 02/16] get security solution search strategy in the public app for all host --- .../data/public/search/search_interceptor.ts | 2 +- .../data/public/search/search_service.ts | 4 +- src/plugins/data/public/search/types.ts | 9 +- src/plugins/data/server/search/routes.test.ts | 4 +- src/plugins/data/server/search/routes.ts | 12 +- .../data/server/search/search_service.ts | 19 +- .../public/search/search_interceptor.ts | 2 +- .../security_solution/index.ts | 28 +- .../public/hosts/containers/hosts/index.tsx | 320 ++++++++++-------- .../pages/navigation/hosts_query_tab_body.tsx | 56 ++- .../factory/hosts/dsl/query.hosts.dsl.ts | 1 - .../factory/hosts/helpers.ts | 38 ++- .../security_solution/factory/hosts/index.ts | 4 +- .../security_solution/factory/types.ts | 22 +- .../security_solution/index.ts | 8 +- .../server/utils/build_query/filters.ts | 2 +- 16 files changed, 294 insertions(+), 237 deletions(-) diff --git a/src/plugins/data/public/search/search_interceptor.ts b/src/plugins/data/public/search/search_interceptor.ts index 99fccda7fddf3..30e509edd4987 100644 --- a/src/plugins/data/public/search/search_interceptor.ts +++ b/src/plugins/data/public/search/search_interceptor.ts @@ -106,7 +106,7 @@ export class SearchInterceptor { ): Observable { const { id, ...searchRequest } = request; const path = trimEnd(`/internal/search/${strategy || ES_SEARCH_STRATEGY}/${id || ''}`, '/'); - const body = JSON.stringify(id != null ? {} : searchRequest); + const body = JSON.stringify(searchRequest); return from( this.deps.http.fetch({ method: 'POST', diff --git a/src/plugins/data/public/search/search_service.ts b/src/plugins/data/public/search/search_service.ts index bd9c1b1253fe2..64c16b63f1b94 100644 --- a/src/plugins/data/public/search/search_service.ts +++ b/src/plugins/data/public/search/search_service.ts @@ -87,9 +87,9 @@ export class SearchService implements Plugin { { application, http, injectedMetadata, notifications, uiSettings }: CoreStart, { fieldFormats, indexPatterns }: SearchServiceStartDependencies ): ISearchStart { - const search: ISearchGeneric = (request, options) => { + const search = ((request, options) => { return this.searchInterceptor.search(request, options); - }; + }) as ISearchGeneric; const legacySearch = { esClient: this.esClient!, diff --git a/src/plugins/data/public/search/types.ts b/src/plugins/data/public/search/types.ts index d1a4437943402..e6d916348ae25 100644 --- a/src/plugins/data/public/search/types.ts +++ b/src/plugins/data/public/search/types.ts @@ -43,10 +43,13 @@ export type ISearch = ( options?: ISearchOptions ) => Observable; -export type ISearchGeneric = ( - request: IEsSearchRequest, +export type ISearchGeneric = < + SearchStrategyRequest = IEsSearchRequest, + SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse +>( + request: SearchStrategyRequest, options?: ISearchOptions -) => Observable; +) => Observable; export interface ISearchStartLegacy { esClient: LegacyApiCaller; diff --git a/src/plugins/data/server/search/routes.test.ts b/src/plugins/data/server/search/routes.test.ts index 167bd5af5d51d..d91aeee1fe818 100644 --- a/src/plugins/data/server/search/routes.test.ts +++ b/src/plugins/data/server/search/routes.test.ts @@ -36,7 +36,7 @@ describe('Search service', () => { const response = { id: 'yay' }; mockDataStart.search.search.mockResolvedValue(response); const mockContext = {}; - const mockBody = { params: {} }; + const mockBody = { id: undefined, params: {} }; const mockParams = { strategy: 'foo' }; const mockRequest = httpServerMock.createKibanaRequest({ body: mockBody, @@ -67,7 +67,7 @@ describe('Search service', () => { }); const mockContext = {}; - const mockBody = { params: {} }; + const mockBody = { id: undefined, params: {} }; const mockParams = { strategy: 'foo' }; const mockRequest = httpServerMock.createKibanaRequest({ body: mockBody, diff --git a/src/plugins/data/server/search/routes.ts b/src/plugins/data/server/search/routes.ts index 32d8f8c1b09e0..3d813f745305f 100644 --- a/src/plugins/data/server/search/routes.ts +++ b/src/plugins/data/server/search/routes.ts @@ -47,10 +47,14 @@ export function registerSearchRoute(core: CoreSetup): v const [, , selfStart] = await core.getStartServices(); try { - const response = await selfStart.search.search(context, id ? { id } : searchRequest, { - signal, - strategy, - }); + const response = await selfStart.search.search( + context, + { ...searchRequest, id }, + { + signal, + strategy, + } + ); return res.ok({ body: response }); } catch (err) { return res.customError({ diff --git a/src/plugins/data/server/search/search_service.ts b/src/plugins/data/server/search/search_service.ts index a8b1cdd608a84..9a37fcb6c9aac 100644 --- a/src/plugins/data/server/search/search_service.ts +++ b/src/plugins/data/server/search/search_service.ts @@ -37,11 +37,12 @@ import { UsageCollectionSetup } from '../../../usage_collection/server'; import { registerUsageCollector } from './collectors/register'; import { usageProvider } from './collectors/usage'; import { searchTelemetry } from '../saved_objects'; -import { IEsSearchRequest } from '../../common'; +import { IEsSearchRequest, IEsSearchResponse } from '../../common'; -interface StrategyMap { - [name: string]: ISearchStrategy; -} +type StrategyMap< + SearchStrategyRequest = IEsSearchRequest, + SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse +> = Record>; /** @internal */ export interface SearchServiceSetupDependencies { @@ -56,7 +57,7 @@ export interface SearchServiceStartDependencies { export class SearchService implements Plugin { private readonly aggsService = new AggsService(); - private searchStrategies: StrategyMap = {}; + private searchStrategies: StrategyMap = {}; constructor( private initializerContext: PluginInitializerContext, @@ -125,7 +126,13 @@ export class SearchService implements Plugin { this.aggsService.stop(); } - private registerSearchStrategy = (name: string, strategy: ISearchStrategy) => { + private registerSearchStrategy = < + SearchStrategyRequest = IEsSearchRequest, + SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse + >( + name: string, + strategy: ISearchStrategy + ) => { this.logger.info(`Register strategy ${name}`); this.searchStrategies[name] = strategy; }; diff --git a/x-pack/plugins/data_enhanced/public/search/search_interceptor.ts b/x-pack/plugins/data_enhanced/public/search/search_interceptor.ts index ae6dddf33536f..47099e32fcc72 100644 --- a/x-pack/plugins/data_enhanced/public/search/search_interceptor.ts +++ b/x-pack/plugins/data_enhanced/public/search/search_interceptor.ts @@ -96,7 +96,7 @@ export class EnhancedSearchInterceptor extends SearchInterceptor { return timer(pollInterval).pipe( // Send future requests using just the ID from the response mergeMap(() => { - return this.runSearch({ id }, combinedSignal, options?.strategy); + return this.runSearch({ ...request, id }, combinedSignal, options?.strategy); }) ); }), diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts index 852c7b32e5dab..8fa3dc6835639 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts @@ -5,7 +5,13 @@ */ import { ESQuery } from '../../typed_json'; -import { HostsQueries } from './hosts'; +import { + HostDetailsStrategyResponse, + HostOverviewRequestOptions, + HostsQueries, + HostsRequestOptions, + HostsStrategyResponse, +} from './hosts'; export * from './hosts'; export type Maybe = T | null; @@ -66,27 +72,37 @@ export interface PaginationInputPaginated { querySize: number; } -export interface DocValueFieldsInput { +export interface DocValueFields { field: string; format: string; } export interface RequestBasicOptions { timerange: TimerangeInput; - filterQuery: ESQuery | undefined; + filterQuery: ESQuery | string | undefined; defaultIndex: string[]; - docValueFields?: DocValueFieldsInput[]; + docValueFields?: DocValueFields[]; factoryQueryType?: FactoryQueryTypes; } export interface RequestOptions extends RequestBasicOptions { pagination: PaginationInput; - fields: readonly string[]; sortField?: SortField; } export interface RequestOptionsPaginated extends RequestBasicOptions { pagination: PaginationInputPaginated; - fields: readonly string[]; sortField?: SortField; } + +export type StrategyResponseType = T extends 'host_all' + ? HostsStrategyResponse + : T extends 'host_details' + ? HostDetailsStrategyResponse + : never; + +export type StrategyRequestType = T extends 'host_all' + ? HostsRequestOptions + : T extends 'host_details' + ? HostOverviewRequestOptions + : never; diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx index 8af24e6e6abc1..ec4730feea2c6 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx @@ -4,185 +4,205 @@ * you may not use this file except in compliance with the Elastic License. */ -import { get, getOr } from 'lodash/fp'; -import memoizeOne from 'memoize-one'; -import React from 'react'; -import { Query } from 'react-apollo'; -import { connect } from 'react-redux'; -import { compose } from 'redux'; +import deepEqual from 'fast-deep-equal'; +import { noop } from 'lodash/fp'; +import { useCallback, useEffect, useRef, useState } from 'react'; +import { useSelector } from 'react-redux'; import { DEFAULT_INDEX_KEY } from '../../../../common/constants'; -import { - Direction, - GetHostsTableQuery, - HostsEdges, - HostsFields, - PageInfoPaginated, -} from '../../../graphql/types'; -import { inputsModel, State, inputsSelectors } from '../../../common/store'; -import { createFilter, getDefaultFetchPolicy } from '../../../common/containers/helpers'; -import { - QueryTemplatePaginated, - QueryTemplatePaginatedProps, -} from '../../../common/containers/query_template_paginated'; -import { withKibana, WithKibanaProps } from '../../../common/lib/kibana'; +import { HostsEdges, PageInfoPaginated } from '../../../graphql/types'; +import { inputsModel, State } from '../../../common/store'; +import { createFilter } from '../../../common/containers/helpers'; +import { useKibana } from '../../../common/lib/kibana'; import { hostsModel, hostsSelectors } from '../../store'; -import { HostsTableQuery } from './hosts_table.gql_query'; import { generateTablePaginationOptions } from '../../../common/components/paginated_table/helpers'; +import { + DocValueFields, + HostsRequestOptions, + HostsStrategyResponse, +} from '../../../../common/search_strategy/security_solution'; +import { ESTermQuery } from '../../../../common/typed_json'; const ID = 'hostsQuery'; +type LoadPage = (newActivePage: number) => void; export interface HostsArgs { endDate: string; hosts: HostsEdges[]; id: string; inspect: inputsModel.InspectQuery; isInspected: boolean; - loading: boolean; - loadPage: (newActivePage: number) => void; + loadPage: LoadPage; pageInfo: PageInfoPaginated; refetch: inputsModel.Refetch; startDate: string; totalCount: number; } -export interface OwnProps extends QueryTemplatePaginatedProps { - children: (args: HostsArgs) => React.ReactNode; - type: hostsModel.HostsType; - startDate: string; +interface UseAllHost { + docValueFields?: DocValueFields[]; + filterQuery?: ESTermQuery | string; endDate: string; + startDate: string; + type: hostsModel.HostsType; } -export interface HostsComponentReduxProps { - activePage: number; - isInspected: boolean; - limit: number; - sortField: HostsFields; - direction: Direction; -} - -type HostsProps = OwnProps & HostsComponentReduxProps & WithKibanaProps; +export const useAllHost = ({ + docValueFields, + filterQuery, + endDate, + startDate, + type, +}: UseAllHost): [boolean, HostsArgs] => { + const getHostsSelector = hostsSelectors.hostsSelector(); + const { activePage, direction, limit, sortField } = useSelector((state: State) => + getHostsSelector(state, type) + ); + const { data, notifications, uiSettings } = useKibana().services; + const refetch = useRef(noop); + const abortCtrl = useRef(new AbortController()); + const defaultIndex = uiSettings.get(DEFAULT_INDEX_KEY); + const [loading, setLoading] = useState(false); + const [hostsRequest, setHostRequest] = useState({ + defaultIndex, + docValueFields: docValueFields ?? [], + factoryQueryType: 'host_all', + filterQuery: createFilter(filterQuery), + pagination: generateTablePaginationOptions(activePage, limit), + timerange: { + interval: '12h', + from: startDate, + to: endDate, + }, + sort: { + direction, + field: sortField, + }, + // inspect: isInspected, + }); -class HostsComponentQuery extends QueryTemplatePaginated< - HostsProps, - GetHostsTableQuery.Query, - GetHostsTableQuery.Variables -> { - private memoizedHosts: ( - variables: string, - data: GetHostsTableQuery.Source | undefined - ) => HostsEdges[]; + const wrappedLoadMore = useCallback( + (newActivePage: number) => { + setHostRequest((prevRequest) => { + return { + ...prevRequest, + pagination: generateTablePaginationOptions(newActivePage, limit), + }; + }); + }, + [limit] + ); - constructor(props: HostsProps) { - super(props); - this.memoizedHosts = memoizeOne(this.getHosts); - } + const [hostsResponse, setHostsResponse] = useState({ + endDate, + hosts: [], + id: ID, + inspect: { + dsl: [], + response: [], + }, + isInspected: false, + loadPage: wrappedLoadMore, + pageInfo: { + activePage: 0, + fakeTotalCount: 0, + showMorePagesIndicator: false, + }, + refetch: refetch.current, + startDate, + totalCount: -1, + }); - public render() { - const { - activePage, - docValueFields, - id = ID, - isInspected, - children, - direction, - filterQuery, - endDate, - kibana, - limit, - startDate, - skip, - sourceId, - sortField, - } = this.props; - const defaultIndex = kibana.services.uiSettings.get(DEFAULT_INDEX_KEY); + const hostsSearch = useCallback( + (request: HostsRequestOptions) => { + let didCancel = false; + const asyncSearch = async () => { + abortCtrl.current = new AbortController(); + setLoading(true); - const variables: GetHostsTableQuery.Variables = { - sourceId, - timerange: { - interval: '12h', - from: startDate, - to: endDate, - }, - sort: { - direction, - field: sortField, - }, - pagination: generateTablePaginationOptions(activePage, limit), - filterQuery: createFilter(filterQuery), - defaultIndex, - docValueFields: docValueFields ?? [], - inspect: isInspected, - }; - return ( - - query={HostsTableQuery} - fetchPolicy={getDefaultFetchPolicy()} - notifyOnNetworkStatusChange - variables={variables} - skip={skip} - > - {({ data, loading, fetchMore, networkStatus, refetch }) => { - this.setFetchMore(fetchMore); - this.setFetchMoreOptions((newActivePage: number) => ({ - variables: { - pagination: generateTablePaginationOptions(newActivePage, limit), - }, - updateQuery: (prev, { fetchMoreResult }) => { - if (!fetchMoreResult) { - return prev; + const searchSubscription$ = data.search + .search(request, { + strategy: 'securitySolutionSearchStrategy', + signal: abortCtrl.current.signal, + }) + .subscribe({ + next: (response) => { + if (!response.isPartial && !response.isRunning) { + if (!didCancel) { + setLoading(false); + setHostsResponse((prevResponse) => ({ + ...prevResponse, + hosts: response.edges, + inspect: response.inspect ?? prevResponse.inspect, + pageInfo: response.pageInfo, + refetch: refetch.current, + totalCount: response.totalCount, + })); + } + searchSubscription$.unsubscribe(); + } else if (response.isPartial && !response.isRunning) { + if (!didCancel) { + setLoading(false); + } + // TODO: Make response error status clearer + notifications.toasts.addWarning('An error has occurred'); + searchSubscription$.unsubscribe(); } - return { - ...fetchMoreResult, - source: { - ...fetchMoreResult.source, - Hosts: { - ...fetchMoreResult.source.Hosts, - edges: [...fetchMoreResult.source.Hosts.edges], - }, - }, - }; }, - })); - const isLoading = this.isItAValidLoading(loading, variables, networkStatus); - return children({ - endDate, - hosts: this.memoizedHosts(JSON.stringify(variables), get('source', data)), - id, - inspect: getOr(null, 'source.Hosts.inspect', data), - isInspected, - loading: isLoading, - loadPage: this.wrappedLoadMore, - pageInfo: getOr({}, 'source.Hosts.pageInfo', data), - refetch: this.memoizedRefetchQuery(variables, limit, refetch), - startDate, - totalCount: getOr(-1, 'source.Hosts.totalCount', data), + error: () => { + notifications.toasts.addDanger('Failed to run search'); + }, }); - }} - - ); - } + }; + abortCtrl.current.abort(); + asyncSearch(); + refetch.current = asyncSearch; + return () => { + didCancel = true; + abortCtrl.current.abort(); + }; + }, + [data.search, notifications.toasts] + ); - private getHosts = ( - variables: string, - source: GetHostsTableQuery.Source | undefined - ): HostsEdges[] => getOr([], 'Hosts.edges', source); -} + useEffect(() => { + setHostRequest((prevRequest) => { + const myRequest = { + ...prevRequest, + defaultIndex, + docValueFields: docValueFields ?? [], + filterQuery: createFilter(filterQuery), + pagination: generateTablePaginationOptions(activePage, limit), + timerange: { + interval: '12h', + from: startDate, + to: endDate, + }, + sort: { + direction, + field: sortField, + }, + }; + if (!deepEqual(prevRequest, myRequest)) { + return myRequest; + } + return prevRequest; + }); + }, [ + activePage, + defaultIndex, + direction, + docValueFields, + endDate, + filterQuery, + limit, + startDate, + sortField, + ]); -const makeMapStateToProps = () => { - const getHostsSelector = hostsSelectors.hostsSelector(); - const getQuery = inputsSelectors.globalQueryByIdSelector(); - const mapStateToProps = (state: State, { type, id = ID }: OwnProps) => { - const { isInspected } = getQuery(state, id); - return { - ...getHostsSelector(state, type), - isInspected, - }; - }; - return mapStateToProps; -}; + useEffect(() => { + hostsSearch(hostsRequest); + }, [hostsRequest, hostsSearch]); -export const HostsQuery = compose>( - connect(makeMapStateToProps), - withKibana -)(HostsComponentQuery); + return [loading, hostsResponse]; +}; diff --git a/x-pack/plugins/security_solution/public/hosts/pages/navigation/hosts_query_tab_body.tsx b/x-pack/plugins/security_solution/public/hosts/pages/navigation/hosts_query_tab_body.tsx index 80cf62bc49f78..5232dcfd88189 100644 --- a/x-pack/plugins/security_solution/public/hosts/pages/navigation/hosts_query_tab_body.tsx +++ b/x-pack/plugins/security_solution/public/hosts/pages/navigation/hosts_query_tab_body.tsx @@ -6,7 +6,7 @@ import { getOr } from 'lodash/fp'; import React from 'react'; -import { HostsQuery } from '../../containers/hosts'; +import { useAllHost } from '../../containers/hosts'; import { HostsComponentsQueryProps } from './types'; import { HostsTable } from '../../components/hosts_table'; import { manageQuery } from '../../../common/components/page/manage_query'; @@ -23,35 +23,29 @@ export const HostsQueryTabBody = ({ setQuery, startDate, type, -}: HostsComponentsQueryProps) => ( - - {({ hosts, totalCount, loading, pageInfo, loadPage, id, inspect, isInspected, refetch }) => ( - - )} - -); +}: HostsComponentsQueryProps) => { + const [ + loading, + { hosts, totalCount, pageInfo, loadPage, id, inspect, isInspected, refetch }, + ] = useAllHost({ docValueFields, endDate, filterQuery, startDate, type }); + return ( + + ); +}; HostsQueryTabBody.displayName = 'HostsQueryTabBody'; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts index d4e3fb19d243c..b05aa623ee0c4 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts @@ -15,7 +15,6 @@ import { assertUnreachable, createQueryFilterClauses } from '../../../../../util export const buildHostsQuery = ({ defaultIndex, docValueFields, - fields, filterQuery, pagination: { querySize }, sort, diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts index 0d99050286c85..a7ec822839d21 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/helpers.ts @@ -13,15 +13,21 @@ import { hostFieldsMap } from '../../../../lib/ecs_fields'; import { HostAggEsItem, HostBuckets, HostValue } from '../../../../lib/hosts/types'; -export const formatHostEdgesData = (fields: readonly string[], bucket: HostAggEsItem): HostsEdges => - fields.reduce( +const hostsFields = ['_id', 'lastSeen', 'host.id', 'host.name', 'host.os.name', 'host.os.version']; + +export const formatHostEdgesData = (bucket: HostAggEsItem): HostsEdges => + hostsFields.reduce( (flattenedFields, fieldName) => { const hostId = get('key', bucket); flattenedFields.node._id = hostId || null; flattenedFields.cursor.value = hostId || ''; const fieldValue = getHostFieldValue(fieldName, bucket); if (fieldValue != null) { - return set(`node.${fieldName}`, fieldValue, flattenedFields); + return set( + `node.${fieldName}`, + Array.isArray(fieldValue) ? fieldValue : [fieldValue], + flattenedFields + ); } return flattenedFields; }, @@ -34,8 +40,30 @@ export const formatHostEdgesData = (fields: readonly string[], bucket: HostAggEs } as HostsEdges ); -export const formatHostItem = (fields: readonly string[], bucket: HostAggEsItem): HostItem => - fields.reduce((flattenedFields, fieldName) => { +const hostFields = [ + '_id', + 'host.architecture', + 'host.id', + 'host.ip', + 'host.id', + 'host.mac', + 'host.name', + 'host.os.family', + 'host.os.name', + 'host.os.platform', + 'host.os.version', + 'host.type', + 'cloud.instance.id', + 'cloud.machine.type', + 'cloud.provider', + 'cloud.region', + 'endpoint.endpointPolicy', + 'endpoint.policyStatus', + 'endpoint.sensorVersion', +]; + +export const formatHostItem = (bucket: HostAggEsItem): HostItem => + hostFields.reduce((flattenedFields, fieldName) => { const fieldValue = getHostFieldValue(fieldName, bucket); if (fieldValue != null) { return set(fieldName, fieldValue, flattenedFields); diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts index d3e4c91b37712..f7df6095ef959 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts @@ -46,7 +46,7 @@ export const allHost: SecuritySolutionFactory<'host_all'> = { 'aggregations.host_data.buckets', response.rawResponse ); - const hostsEdges = buckets.map((bucket) => formatHostEdgesData(options.fields, bucket)); + const hostsEdges = buckets.map((bucket) => formatHostEdgesData(bucket)); const fakeTotalCount = fakePossibleCount <= totalCount ? fakePossibleCount : totalCount; const edges = hostsEdges.splice(cursorStart, querySize - cursorStart); const inspect = { @@ -82,7 +82,7 @@ export const detailsHost: SecuritySolutionFactory<'host_details'> = { dsl: [inspectStringifyObject(buildHostOverviewQuery(options))], response: [inspectStringifyObject(response)], }; - const formattedHostItem = formatHostItem(options.fields, aggregations); + const formattedHostItem = formatHostItem(aggregations); return { ...response, inspect, _id: options.hostName, ...formattedHostItem }; }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts index 8ede77222bb24..50d90cb799476 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts @@ -5,13 +5,11 @@ */ import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; -import { FactoryQueryTypes } from '../../../../common/search_strategy/security_solution'; import { - HostDetailsStrategyResponse, - HostsStrategyResponse, - HostsRequestOptions, - HostOverviewRequestOptions, -} from '../../../../common/search_strategy/security_solution/hosts'; + FactoryQueryTypes, + StrategyRequestType, + StrategyResponseType, +} from '../../../../common/search_strategy/security_solution'; export interface SecuritySolutionFactory { buildDsl: (options: StrategyRequestType) => unknown; @@ -20,15 +18,3 @@ export interface SecuritySolutionFactory { response: IEsSearchResponse ) => Promise>; } - -export type StrategyResponseType = T extends 'host_all' - ? HostsStrategyResponse - : T extends 'host_details' - ? HostDetailsStrategyResponse - : never; - -export type StrategyRequestType = T extends 'host_all' - ? HostsRequestOptions - : T extends 'host_details' - ? HostOverviewRequestOptions - : never; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts index 2ee40f70686ac..d94a32174cd7a 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/index.ts @@ -5,13 +5,13 @@ */ import { ISearchStrategy, PluginStart } from '../../../../../../src/plugins/data/server'; -import { FactoryQueryTypes } from '../../../common/search_strategy/security_solution'; -import { securitySolutionFactory } from './factory'; import { + FactoryQueryTypes, StrategyResponseType, StrategyRequestType, - SecuritySolutionFactory, -} from './factory/types'; +} from '../../../common/search_strategy/security_solution'; +import { securitySolutionFactory } from './factory'; +import { SecuritySolutionFactory } from './factory/types'; export const securitySolutionSearchStrategyProvider = ( data: PluginStart diff --git a/x-pack/plugins/security_solution/server/utils/build_query/filters.ts b/x-pack/plugins/security_solution/server/utils/build_query/filters.ts index 95c9a975454f2..ac736e8cb51ee 100644 --- a/x-pack/plugins/security_solution/server/utils/build_query/filters.ts +++ b/x-pack/plugins/security_solution/server/utils/build_query/filters.ts @@ -8,5 +8,5 @@ import { isEmpty } from 'lodash/fp'; import { ESQuery } from '../../../common/typed_json'; -export const createQueryFilterClauses = (filterQuery: ESQuery | undefined) => +export const createQueryFilterClauses = (filterQuery: ESQuery | string | undefined) => !isEmpty(filterQuery) ? [filterQuery] : []; From 9756431aca34f82ff4ad069b7ad960088ac49a20 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Wed, 19 Aug 2020 12:43:50 -0400 Subject: [PATCH 03/16] fix types --- src/plugins/data/common/search/es_search/types.ts | 4 ++-- .../search_strategy/security_solution/factory/hosts/index.ts | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/src/plugins/data/common/search/es_search/types.ts b/src/plugins/data/common/search/es_search/types.ts index 6c81202857b05..47e7fbc863bec 100644 --- a/src/plugins/data/common/search/es_search/types.ts +++ b/src/plugins/data/common/search/es_search/types.ts @@ -30,7 +30,7 @@ export interface IEsSearchRequest extends IKibanaSearchRequest { indexType?: string; } -export interface IEsSearchResponse extends IKibanaSearchResponse { +export interface IEsSearchResponse extends IKibanaSearchResponse { /** * Indicates whether async search is still in flight */ @@ -39,5 +39,5 @@ export interface IEsSearchResponse extends IKibanaSear * Indicates whether the results returned are complete or partial */ isPartial?: boolean; - rawResponse: SearchResponse; + rawResponse: SearchResponse; } diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts index f7df6095ef959..5a04786ab89fa 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts @@ -20,7 +20,6 @@ import { // TO DO need to move all this types in common import { HostAggEsData, HostAggEsItem } from '../../../../lib/hosts/types'; -import { TermAggregation } from '../../../../lib/types'; import { inspectStringifyObject } from '../../../../utils/build_query'; import { SecuritySolutionFactory } from '../types'; @@ -37,7 +36,7 @@ export const allHost: SecuritySolutionFactory<'host_all'> = { }, parse: async ( options: HostsRequestOptions, - response: IEsSearchResponse + response: IEsSearchResponse ): Promise => { const { activePage, cursorStart, fakePossibleCount, querySize } = options.pagination; const totalCount = getOr(0, 'aggregations.host_count.value', response.rawResponse); @@ -75,7 +74,7 @@ export const detailsHost: SecuritySolutionFactory<'host_details'> = { }, parse: async ( options: HostOverviewRequestOptions, - response: IEsSearchResponse + response: IEsSearchResponse ): Promise => { const aggregations: HostAggEsItem = get('aggregations', response.rawResponse) || {}; const inspect = { From 819e0ca6e0ccbfd5d6b612d6d684d4c39c68836e Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Wed, 19 Aug 2020 14:50:00 -0400 Subject: [PATCH 04/16] fix Check core API changes --- .../kibana-plugin-core-public.doclinksstart.md | 2 +- ...ugin-plugins-data-public.iessearchresponse.md | 4 ++-- ...-data-public.iessearchresponse.rawresponse.md | 2 +- ...-plugin-plugins-data-public.isearchgeneric.md | 2 +- ...ugin-plugins-data-server.iessearchresponse.md | 4 ++-- ...-data-server.iessearchresponse.rawresponse.md | 2 +- ...na-plugin-plugins-data-server.isearchsetup.md | 2 +- ...server.isearchsetup.registersearchstrategy.md | 2 +- ...data-server.isearchstart.getsearchstrategy.md | 2 +- ...na-plugin-plugins-data-server.isearchstart.md | 4 ++-- ...plugin-plugins-data-server.isearchstrategy.md | 4 ++-- ...plugins-data-server.isearchstrategy.search.md | 2 +- ...na-plugin-plugins-data-server.plugin.start.md | 4 ++-- src/plugins/data/public/public.api.md | 6 +++--- src/plugins/data/server/server.api.md | 16 ++++++++-------- 15 files changed, 29 insertions(+), 29 deletions(-) diff --git a/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md b/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md index fa2d9090e3159..4644dc432bc9a 100644 --- a/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md +++ b/docs/development/core/public/kibana-plugin-core-public.doclinksstart.md @@ -17,5 +17,5 @@ export interface DocLinksStart | --- | --- | --- | | [DOC\_LINK\_VERSION](./kibana-plugin-core-public.doclinksstart.doc_link_version.md) | string | | | [ELASTIC\_WEBSITE\_URL](./kibana-plugin-core-public.doclinksstart.elastic_website_url.md) | string | | -| [links](./kibana-plugin-core-public.doclinksstart.links.md) | {
readonly dashboard: {
readonly drilldowns: string;
};
readonly filebeat: {
readonly base: string;
readonly installation: string;
readonly configuration: string;
readonly elasticsearchOutput: string;
readonly startup: string;
readonly exportedFields: string;
};
readonly auditbeat: {
readonly base: string;
};
readonly metricbeat: {
readonly base: string;
};
readonly heartbeat: {
readonly base: string;
};
readonly logstash: {
readonly base: string;
};
readonly functionbeat: {
readonly base: string;
};
readonly winlogbeat: {
readonly base: string;
};
readonly aggs: {
readonly date_histogram: string;
readonly date_range: string;
readonly filter: string;
readonly filters: string;
readonly geohash_grid: string;
readonly histogram: string;
readonly ip_range: string;
readonly range: string;
readonly significant_terms: string;
readonly terms: string;
readonly avg: string;
readonly avg_bucket: string;
readonly max_bucket: string;
readonly min_bucket: string;
readonly sum_bucket: string;
readonly cardinality: string;
readonly count: string;
readonly cumulative_sum: string;
readonly derivative: string;
readonly geo_bounds: string;
readonly geo_centroid: string;
readonly max: string;
readonly median: string;
readonly min: string;
readonly moving_avg: string;
readonly percentile_ranks: string;
readonly serial_diff: string;
readonly std_dev: string;
readonly sum: string;
readonly top_hits: string;
};
readonly scriptedFields: {
readonly scriptFields: string;
readonly scriptAggs: string;
readonly painless: string;
readonly painlessApi: string;
readonly painlessSyntax: string;
readonly luceneExpressions: string;
};
readonly indexPatterns: {
readonly loadingData: string;
readonly introduction: string;
};
readonly addData: string;
readonly kibana: string;
readonly siem: {
readonly guide: string;
readonly gettingStarted: string;
};
readonly query: {
readonly luceneQuerySyntax: string;
readonly queryDsl: string;
readonly kueryQuerySyntax: string;
};
readonly date: {
readonly dateMath: string;
};
readonly management: Record<string, string>;
} | | +| [links](./kibana-plugin-core-public.doclinksstart.links.md) | {
readonly dashboard: {
readonly drilldowns: string;
};
readonly filebeat: {
readonly base: string;
readonly installation: string;
readonly configuration: string;
readonly elasticsearchOutput: string;
readonly startup: string;
readonly exportedFields: string;
};
readonly auditbeat: {
readonly base: string;
};
readonly metricbeat: {
readonly base: string;
};
readonly heartbeat: {
readonly base: string;
};
readonly logstash: {
readonly base: string;
};
readonly functionbeat: {
readonly base: string;
};
readonly winlogbeat: {
readonly base: string;
};
readonly aggs: {
readonly date_histogram: string;
readonly date_range: string;
readonly filter: string;
readonly filters: string;
readonly geohash_grid: string;
readonly histogram: string;
readonly ip_range: string;
readonly range: string;
readonly significant_terms: string;
readonly terms: string;
readonly avg: string;
readonly avg_bucket: string;
readonly max_bucket: string;
readonly min_bucket: string;
readonly sum_bucket: string;
readonly cardinality: string;
readonly count: string;
readonly cumulative_sum: string;
readonly derivative: string;
readonly geo_bounds: string;
readonly geo_centroid: string;
readonly max: string;
readonly median: string;
readonly min: string;
readonly moving_avg: string;
readonly percentile_ranks: string;
readonly serial_diff: string;
readonly std_dev: string;
readonly sum: string;
readonly top_hits: string;
};
readonly scriptedFields: {
readonly scriptFields: string;
readonly scriptAggs: string;
readonly painless: string;
readonly painlessApi: string;
readonly painlessSyntax: string;
readonly luceneExpressions: string;
};
readonly indexPatterns: {
readonly loadingData: string;
readonly introduction: string;
};
readonly addData: string;
readonly kibana: string;
readonly siem: {
readonly guide: string;
readonly gettingStarted: string;
};
readonly query: {
readonly luceneQuerySyntax: string;
readonly queryDsl: string;
readonly kueryQuerySyntax: string;
};
readonly date: {
readonly dateMath: string;
};
readonly management: Record<string, string>;
readonly visualize: Record<string, string>;
} | | diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.md index 041d79de3282e..7c9a6aa702463 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.md @@ -7,7 +7,7 @@ Signature: ```typescript -export interface IEsSearchResponse extends IKibanaSearchResponse +export interface IEsSearchResponse extends IKibanaSearchResponse ``` ## Properties @@ -16,5 +16,5 @@ export interface IEsSearchResponse extends IKibanaSearchResponse | --- | --- | --- | | [isPartial](./kibana-plugin-plugins-data-public.iessearchresponse.ispartial.md) | boolean | Indicates whether the results returned are complete or partial | | [isRunning](./kibana-plugin-plugins-data-public.iessearchresponse.isrunning.md) | boolean | Indicates whether async search is still in flight | -| [rawResponse](./kibana-plugin-plugins-data-public.iessearchresponse.rawresponse.md) | SearchResponse<any> | | +| [rawResponse](./kibana-plugin-plugins-data-public.iessearchresponse.rawresponse.md) | SearchResponse<Source> | | diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.rawresponse.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.rawresponse.md index d7912f377ca9f..f4648143ebc2e 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.rawresponse.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.iessearchresponse.rawresponse.md @@ -7,5 +7,5 @@ Signature: ```typescript -rawResponse: SearchResponse; +rawResponse: SearchResponse; ``` diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md index 3bd6a398c8df5..f4a25354282e0 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md @@ -7,5 +7,5 @@ Signature: ```typescript -export declare type ISearchGeneric = (request: IEsSearchRequest, options?: ISearchOptions) => Observable; +export declare type ISearchGeneric = (request: SearchStrategyRequest, options?: ISearchOptions) => Observable; ``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.md index 0407dce5fe418..55c0399e90e2f 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.md @@ -7,7 +7,7 @@ Signature: ```typescript -export interface IEsSearchResponse extends IKibanaSearchResponse +export interface IEsSearchResponse extends IKibanaSearchResponse ``` ## Properties @@ -16,5 +16,5 @@ export interface IEsSearchResponse extends IKibanaSearchResponse | --- | --- | --- | | [isPartial](./kibana-plugin-plugins-data-server.iessearchresponse.ispartial.md) | boolean | Indicates whether the results returned are complete or partial | | [isRunning](./kibana-plugin-plugins-data-server.iessearchresponse.isrunning.md) | boolean | Indicates whether async search is still in flight | -| [rawResponse](./kibana-plugin-plugins-data-server.iessearchresponse.rawresponse.md) | SearchResponse<any> | | +| [rawResponse](./kibana-plugin-plugins-data-server.iessearchresponse.rawresponse.md) | SearchResponse<Source> | | diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.rawresponse.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.rawresponse.md index 0ee1691d0f697..9987debfa551c 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.rawresponse.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.iessearchresponse.rawresponse.md @@ -7,5 +7,5 @@ Signature: ```typescript -rawResponse: SearchResponse; +rawResponse: SearchResponse; ``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md index e5b11a0b997ea..4f12a3ae41ee1 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md @@ -15,6 +15,6 @@ export interface ISearchSetup | Property | Type | Description | | --- | --- | --- | | [aggs](./kibana-plugin-plugins-data-server.isearchsetup.aggs.md) | AggsSetup | | -| [registerSearchStrategy](./kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md) | (name: string, strategy: ISearchStrategy) => void | Extension point exposed for other plugins to register their own search strategies. | +| [registerSearchStrategy](./kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md) | <SearchStrategyRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse>(name: string, strategy: ISearchStrategy<SearchStrategyRequest, SearchStrategyResponse>) => void | Extension point exposed for other plugins to register their own search strategies. | | [usage](./kibana-plugin-plugins-data-server.isearchsetup.usage.md) | SearchUsage | Used internally for telemetry | diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md index 73c575e7095ed..40cdfdeecae42 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md @@ -9,5 +9,5 @@ Extension point exposed for other plugins to register their own search strategie Signature: ```typescript -registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; +registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; ``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.getsearchstrategy.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.getsearchstrategy.md index 970b2811a574b..398ea21641942 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.getsearchstrategy.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.getsearchstrategy.md @@ -9,5 +9,5 @@ Get other registered search strategies. For example, if a new strategy needs to Signature: ```typescript -getSearchStrategy: (name: string) => ISearchStrategy; +getSearchStrategy: (name: string) => ISearchStrategy; ``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md index 3762da963d4d9..1e83e72d5c8a9 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md @@ -7,7 +7,7 @@ Signature: ```typescript -export interface ISearchStart +export interface ISearchStart ``` ## Properties @@ -15,6 +15,6 @@ export interface ISearchStart | Property | Type | Description | | --- | --- | --- | | [aggs](./kibana-plugin-plugins-data-server.isearchstart.aggs.md) | AggsStart | | -| [getSearchStrategy](./kibana-plugin-plugins-data-server.isearchstart.getsearchstrategy.md) | (name: string) => ISearchStrategy | Get other registered search strategies. For example, if a new strategy needs to use the already-registered ES search strategy, it can use this function to accomplish that. | +| [getSearchStrategy](./kibana-plugin-plugins-data-server.isearchstart.getsearchstrategy.md) | (name: string) => ISearchStrategy<SearchStrategyRequest, SearchStrategyResponse> | Get other registered search strategies. For example, if a new strategy needs to use the already-registered ES search strategy, it can use this function to accomplish that. | | [search](./kibana-plugin-plugins-data-server.isearchstart.search.md) | (context: RequestHandlerContext, request: IKibanaSearchRequest, options: ISearchOptions) => Promise<IKibanaSearchResponse> | | diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md index d54e027c4b847..1a04236e0dc57 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md @@ -9,7 +9,7 @@ Search strategy interface contains a search method that takes in a request and r Signature: ```typescript -export interface ISearchStrategy +export interface ISearchStrategy ``` ## Properties @@ -17,5 +17,5 @@ export interface ISearchStrategy | Property | Type | Description | | --- | --- | --- | | [cancel](./kibana-plugin-plugins-data-server.isearchstrategy.cancel.md) | (context: RequestHandlerContext, id: string) => Promise<void> | | -| [search](./kibana-plugin-plugins-data-server.isearchstrategy.search.md) | (context: RequestHandlerContext, request: IEsSearchRequest, options?: ISearchOptions) => Promise<IEsSearchResponse> | | +| [search](./kibana-plugin-plugins-data-server.isearchstrategy.search.md) | (context: RequestHandlerContext, request: SearchStrategyRequest, options?: ISearchOptions) => Promise<SearchStrategyResponse> | | diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.search.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.search.md index 1a225d0c9aeab..45f43648ab603 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.search.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.search.md @@ -7,5 +7,5 @@ Signature: ```typescript -search: (context: RequestHandlerContext, request: IEsSearchRequest, options?: ISearchOptions) => Promise; +search: (context: RequestHandlerContext, request: SearchStrategyRequest, options?: ISearchOptions) => Promise; ``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md index 74bffc516725f..b7d85a970be1f 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md @@ -8,7 +8,7 @@ ```typescript start(core: CoreStart): { - search: ISearchStart; + search: ISearchStart>; fieldFormats: { fieldFormatServiceFactory: (uiSettings: import("../../../core/server").IUiSettingsClient) => Promise; }; @@ -27,7 +27,7 @@ start(core: CoreStart): { Returns: `{ - search: ISearchStart; + search: ISearchStart>; fieldFormats: { fieldFormatServiceFactory: (uiSettings: import("../../../core/server").IUiSettingsClient) => Promise; }; diff --git a/src/plugins/data/public/public.api.md b/src/plugins/data/public/public.api.md index 58c2bd9957ab8..f8e1f332f43ac 100644 --- a/src/plugins/data/public/public.api.md +++ b/src/plugins/data/public/public.api.md @@ -792,11 +792,11 @@ export interface IEsSearchRequest extends IKibanaSearchRequest { // Warning: (ae-missing-release-tag) "IEsSearchResponse" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export interface IEsSearchResponse extends IKibanaSearchResponse { +export interface IEsSearchResponse extends IKibanaSearchResponse { isPartial?: boolean; isRunning?: boolean; // (undocumented) - rawResponse: SearchResponse_2; + rawResponse: SearchResponse_2; } // Warning: (ae-missing-release-tag) "IFieldFormat" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) @@ -1241,7 +1241,7 @@ export type ISearch = (request: IKibanaSearchRequest, options?: ISearchOptions) // Warning: (ae-missing-release-tag) "ISearchGeneric" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type ISearchGeneric = (request: IEsSearchRequest, options?: ISearchOptions) => Observable; +export type ISearchGeneric = (request: SearchStrategyRequest, options?: ISearchOptions) => Observable; // Warning: (ae-missing-release-tag) "ISearchOptions" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // diff --git a/src/plugins/data/server/server.api.md b/src/plugins/data/server/server.api.md index 9c8a79f27a9db..fe609d941bf68 100644 --- a/src/plugins/data/server/server.api.md +++ b/src/plugins/data/server/server.api.md @@ -496,11 +496,11 @@ export interface IEsSearchRequest extends IKibanaSearchRequest { // Warning: (ae-missing-release-tag) "IEsSearchResponse" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export interface IEsSearchResponse extends IKibanaSearchResponse { +export interface IEsSearchResponse extends IKibanaSearchResponse { isPartial?: boolean; isRunning?: boolean; // (undocumented) - rawResponse: SearchResponse; + rawResponse: SearchResponse; } // Warning: (ae-missing-release-tag) "IFieldFormatsRegistry" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) @@ -687,19 +687,19 @@ export interface ISearchSetup { // // (undocumented) aggs: AggsSetup; - registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; + registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; usage?: SearchUsage; } // Warning: (ae-missing-release-tag) "ISearchStart" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export interface ISearchStart { +export interface ISearchStart { // Warning: (ae-forgotten-export) The symbol "AggsStart" needs to be exported by the entry point index.d.ts // // (undocumented) aggs: AggsStart; - getSearchStrategy: (name: string) => ISearchStrategy; + getSearchStrategy: (name: string) => ISearchStrategy; // Warning: (ae-forgotten-export) The symbol "RequestHandlerContext" needs to be exported by the entry point index.d.ts // // (undocumented) @@ -709,11 +709,11 @@ export interface ISearchStart { // Warning: (ae-missing-release-tag) "ISearchStrategy" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public -export interface ISearchStrategy { +export interface ISearchStrategy { // (undocumented) cancel?: (context: RequestHandlerContext, id: string) => Promise; // (undocumented) - search: (context: RequestHandlerContext, request: IEsSearchRequest, options?: ISearchOptions) => Promise; + search: (context: RequestHandlerContext, request: SearchStrategyRequest, options?: ISearchOptions) => Promise; } // @public (undocumented) @@ -860,7 +860,7 @@ export class Plugin implements Plugin_2>; fieldFormats: { fieldFormatServiceFactory: (uiSettings: import("../../../core/server").IUiSettingsClient) => Promise; }; From 630913509b87caab1e9c7df51a9552908ff4e06c Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Wed, 19 Aug 2020 17:16:44 -0400 Subject: [PATCH 05/16] thank you cypress test --- .../security_solution/factory/hosts/dsl/query.hosts.dsl.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts index b05aa623ee0c4..f6e128a73882c 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { isEmpty } from 'lodash/fp'; +import { isEmpty, isString } from 'lodash/fp'; import { Direction, HostsRequestOptions, @@ -21,7 +21,7 @@ export const buildHostsQuery = ({ timerange: { from, to }, }: HostsRequestOptions) => { const filter = [ - ...createQueryFilterClauses(filterQuery), + ...createQueryFilterClauses(isString(filterQuery) ? JSON.parse(filterQuery) : filterQuery), { range: { '@timestamp': { From 8cc574e7101b926b9a34ee9feaa8c4ee09a7b314 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Thu, 20 Aug 2020 07:45:50 -0400 Subject: [PATCH 06/16] Remove any by the right type IESearchRequest Co-authored-by: Lukas Olson --- src/plugins/data/server/search/types.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/plugins/data/server/search/types.ts b/src/plugins/data/server/search/types.ts index 9dc49386cc6d8..5fa6c6c04ed40 100644 --- a/src/plugins/data/server/search/types.ts +++ b/src/plugins/data/server/search/types.ts @@ -52,7 +52,7 @@ export interface ISearchSetup { } export interface ISearchStart< - SearchStrategyRequest = any, + SearchStrategyRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse > { aggs: AggsStart; From 0b66d2a8045ebccb0ca09a66d16fe4e9c050dbb4 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Thu, 20 Aug 2020 09:06:35 -0400 Subject: [PATCH 07/16] add translation and filter error when we abort the query --- .../public/hosts/containers/hosts/index.tsx | 10 +++++++--- .../hosts/containers/hosts/translations.ts | 19 +++++++++++++++++++ 2 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx index ec4730feea2c6..0f44da3cb541b 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx @@ -23,6 +23,8 @@ import { } from '../../../../common/search_strategy/security_solution'; import { ESTermQuery } from '../../../../common/typed_json'; +import * as i18n from './translations'; + const ID = 'hostsQuery'; type LoadPage = (newActivePage: number) => void; @@ -145,12 +147,14 @@ export const useAllHost = ({ setLoading(false); } // TODO: Make response error status clearer - notifications.toasts.addWarning('An error has occurred'); + notifications.toasts.addWarning(i18n.ERROR_ALL_HOST); searchSubscription$.unsubscribe(); } }, - error: () => { - notifications.toasts.addDanger('Failed to run search'); + error: (msg) => { + if (msg.message !== 'Aborted') { + notifications.toasts.addDanger({ title: i18n.FAIL_ALL_HOST, text: msg.message }); + } }, }); }; diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts b/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts new file mode 100644 index 0000000000000..2a7c401eff201 --- /dev/null +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; + +export const ERROR_ALL_HOST = i18n.translate( + 'xpack.securitySolution.allHost.errorSearchDescription', + { + defaultMessage: `An error has occurred on all hosts search`, + } +); + +export const FAIL_ALL_HOST = () => + i18n.translate('xpack.securitySolution.allHost.errorSearchDescription', { + defaultMessage: `Failed to run search on all hosts`, + }); From 9accea59f35ceaff3f51687f0e221cb3b924f81c Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Thu, 20 Aug 2020 10:32:26 -0400 Subject: [PATCH 08/16] pr review --- ...a-plugin-plugins-data-public.isearchgeneric.md | 2 +- ...ana-plugin-plugins-data-server.isearchsetup.md | 2 +- ...-server.isearchsetup.registersearchstrategy.md | 2 +- ...ana-plugin-plugins-data-server.isearchstart.md | 2 +- ...-plugin-plugins-data-server.isearchstrategy.md | 2 +- ...ana-plugin-plugins-data-server.plugin.start.md | 4 ++-- src/plugins/data/public/public.api.md | 2 +- src/plugins/data/public/search/types.ts | 2 +- src/plugins/data/server/search/search_service.ts | 4 ++-- src/plugins/data/server/search/types.ts | 6 +++--- src/plugins/data/server/server.api.md | 8 ++++---- .../security_solution/hosts/index.ts | 7 +++++-- .../search_strategy/security_solution/index.ts | 15 ++++++++------- .../public/hosts/containers/hosts/index.tsx | 3 ++- .../public/hosts/containers/hosts/translations.ts | 8 +++++--- .../factory/hosts/dsl/query.detail_host.dsl.ts | 3 ++- .../factory/hosts/dsl/query.hosts.dsl.ts | 3 ++- .../hosts/dsl/query.last_first_seen_host.dsl.ts | 4 ++-- .../security_solution/factory/hosts/index.ts | 12 ++++++------ .../security_solution/factory/types.ts | 7 +++++-- 20 files changed, 55 insertions(+), 43 deletions(-) diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md index f4a25354282e0..861b59e73ef04 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.isearchgeneric.md @@ -7,5 +7,5 @@ Signature: ```typescript -export declare type ISearchGeneric = (request: SearchStrategyRequest, options?: ISearchOptions) => Observable; +export declare type ISearchGeneric = (request: SearchStrategyRequest, options?: ISearchOptions) => Observable; ``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md index 4f12a3ae41ee1..ac2ae13372f7a 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.md @@ -15,6 +15,6 @@ export interface ISearchSetup | Property | Type | Description | | --- | --- | --- | | [aggs](./kibana-plugin-plugins-data-server.isearchsetup.aggs.md) | AggsSetup | | -| [registerSearchStrategy](./kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md) | <SearchStrategyRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse>(name: string, strategy: ISearchStrategy<SearchStrategyRequest, SearchStrategyResponse>) => void | Extension point exposed for other plugins to register their own search strategies. | +| [registerSearchStrategy](./kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md) | <SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse>(name: string, strategy: ISearchStrategy<SearchStrategyRequest, SearchStrategyResponse>) => void | Extension point exposed for other plugins to register their own search strategies. | | [usage](./kibana-plugin-plugins-data-server.isearchsetup.usage.md) | SearchUsage | Used internally for telemetry | diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md index 40cdfdeecae42..f20c6f4911062 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchsetup.registersearchstrategy.md @@ -9,5 +9,5 @@ Extension point exposed for other plugins to register their own search strategie Signature: ```typescript -registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; +registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; ``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md index 1e83e72d5c8a9..62d954cb80eb7 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstart.md @@ -7,7 +7,7 @@ Signature: ```typescript -export interface ISearchStart +export interface ISearchStart ``` ## Properties diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md index 1a04236e0dc57..dc076455ab272 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.isearchstrategy.md @@ -9,7 +9,7 @@ Search strategy interface contains a search method that takes in a request and r Signature: ```typescript -export interface ISearchStrategy +export interface ISearchStrategy ``` ## Properties diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md index b7d85a970be1f..2d9104ef894bc 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.plugin.start.md @@ -8,7 +8,7 @@ ```typescript start(core: CoreStart): { - search: ISearchStart>; + search: ISearchStart>; fieldFormats: { fieldFormatServiceFactory: (uiSettings: import("../../../core/server").IUiSettingsClient) => Promise; }; @@ -27,7 +27,7 @@ start(core: CoreStart): { Returns: `{ - search: ISearchStart>; + search: ISearchStart>; fieldFormats: { fieldFormatServiceFactory: (uiSettings: import("../../../core/server").IUiSettingsClient) => Promise; }; diff --git a/src/plugins/data/public/public.api.md b/src/plugins/data/public/public.api.md index 5ba3c93094aa4..6efa4e05f3b16 100644 --- a/src/plugins/data/public/public.api.md +++ b/src/plugins/data/public/public.api.md @@ -1241,7 +1241,7 @@ export type ISearch = (request: IKibanaSearchRequest, options?: ISearchOptions) // Warning: (ae-missing-release-tag) "ISearchGeneric" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type ISearchGeneric = (request: SearchStrategyRequest, options?: ISearchOptions) => Observable; +export type ISearchGeneric = (request: SearchStrategyRequest, options?: ISearchOptions) => Observable; // Warning: (ae-missing-release-tag) "ISearchOptions" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // diff --git a/src/plugins/data/public/search/types.ts b/src/plugins/data/public/search/types.ts index e6d916348ae25..55726e40f5a77 100644 --- a/src/plugins/data/public/search/types.ts +++ b/src/plugins/data/public/search/types.ts @@ -44,7 +44,7 @@ export type ISearch = ( ) => Observable; export type ISearchGeneric = < - SearchStrategyRequest = IEsSearchRequest, + SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse >( request: SearchStrategyRequest, diff --git a/src/plugins/data/server/search/search_service.ts b/src/plugins/data/server/search/search_service.ts index 9a37fcb6c9aac..a522cef23a991 100644 --- a/src/plugins/data/server/search/search_service.ts +++ b/src/plugins/data/server/search/search_service.ts @@ -40,7 +40,7 @@ import { searchTelemetry } from '../saved_objects'; import { IEsSearchRequest, IEsSearchResponse } from '../../common'; type StrategyMap< - SearchStrategyRequest = IEsSearchRequest, + SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse > = Record>; @@ -127,7 +127,7 @@ export class SearchService implements Plugin { } private registerSearchStrategy = < - SearchStrategyRequest = IEsSearchRequest, + SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse >( name: string, diff --git a/src/plugins/data/server/search/types.ts b/src/plugins/data/server/search/types.ts index 5fa6c6c04ed40..56f803512aa19 100644 --- a/src/plugins/data/server/search/types.ts +++ b/src/plugins/data/server/search/types.ts @@ -38,7 +38,7 @@ export interface ISearchSetup { * strategies. */ registerSearchStrategy: < - SearchStrategyRequest = IEsSearchRequest, + SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse >( name: string, @@ -52,7 +52,7 @@ export interface ISearchSetup { } export interface ISearchStart< - SearchStrategyRequest = IEsSearchRequest, + SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse > { aggs: AggsStart; @@ -75,7 +75,7 @@ export interface ISearchStart< * that resolves to a response. */ export interface ISearchStrategy< - SearchStrategyRequest = IEsSearchRequest, + SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse > { search: ( diff --git a/src/plugins/data/server/server.api.md b/src/plugins/data/server/server.api.md index 57e2f6be1c43b..969eb721143d2 100644 --- a/src/plugins/data/server/server.api.md +++ b/src/plugins/data/server/server.api.md @@ -688,14 +688,14 @@ export interface ISearchSetup { // // (undocumented) aggs: AggsSetup; - registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; + registerSearchStrategy: (name: string, strategy: ISearchStrategy) => void; usage?: SearchUsage; } // Warning: (ae-missing-release-tag) "ISearchStart" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export interface ISearchStart { +export interface ISearchStart { // Warning: (ae-forgotten-export) The symbol "AggsStart" needs to be exported by the entry point index.d.ts // // (undocumented) @@ -710,7 +710,7 @@ export interface ISearchStart { +export interface ISearchStrategy { // (undocumented) cancel?: (context: RequestHandlerContext, id: string) => Promise; // (undocumented) @@ -861,7 +861,7 @@ export class Plugin implements Plugin_2>; + search: ISearchStart>; fieldFormats: { fieldFormatServiceFactory: (uiSettings: import("../../../core/server").IUiSettingsClient) => Promise; }; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts index c4f067deffa34..3a0942d2decb8 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts @@ -18,7 +18,10 @@ import { TimerangeInput, } from '..'; -export type HostsQueries = 'host_all' | 'host_details'; +export enum HostsQueries { + hosts = 'hosts', + hostOverview = 'hostOverview', +} export enum HostPolicyResponseActionStatus { success = 'success', @@ -62,7 +65,7 @@ export interface HostsStrategyResponse extends IEsSearchResponse { inspect?: Maybe; } -export interface HostDetailsStrategyResponse extends IEsSearchResponse, HostItem { +export interface HostOverviewStrategyResponse extends IEsSearchResponse, HostItem { inspect?: Maybe; } diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts index 8fa3dc6835639..edb5dda2ca6da 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts @@ -4,9 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ +import { IEsSearchRequest } from '../../../../../../src/plugins/data/common'; import { ESQuery } from '../../typed_json'; import { - HostDetailsStrategyResponse, + HostOverviewStrategyResponse, HostOverviewRequestOptions, HostsQueries, HostsRequestOptions, @@ -77,7 +78,7 @@ export interface DocValueFields { format: string; } -export interface RequestBasicOptions { +export interface RequestBasicOptions extends IEsSearchRequest { timerange: TimerangeInput; filterQuery: ESQuery | string | undefined; defaultIndex: string[]; @@ -95,14 +96,14 @@ export interface RequestOptionsPaginated extends RequestBasicOptions { sortField?: SortField; } -export type StrategyResponseType = T extends 'host_all' +export type StrategyResponseType = T extends HostsQueries.hosts ? HostsStrategyResponse - : T extends 'host_details' - ? HostDetailsStrategyResponse + : T extends HostsQueries.hostOverview + ? HostOverviewStrategyResponse : never; -export type StrategyRequestType = T extends 'host_all' +export type StrategyRequestType = T extends HostsQueries.hosts ? HostsRequestOptions - : T extends 'host_details' + : T extends HostsQueries.hostOverview ? HostOverviewRequestOptions : never; diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx index 0f44da3cb541b..55a387f563e12 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx @@ -18,6 +18,7 @@ import { hostsModel, hostsSelectors } from '../../store'; import { generateTablePaginationOptions } from '../../../common/components/paginated_table/helpers'; import { DocValueFields, + HostsQueries, HostsRequestOptions, HostsStrategyResponse, } from '../../../../common/search_strategy/security_solution'; @@ -68,7 +69,7 @@ export const useAllHost = ({ const [hostsRequest, setHostRequest] = useState({ defaultIndex, docValueFields: docValueFields ?? [], - factoryQueryType: 'host_all', + factoryQueryType: HostsQueries.hosts, filterQuery: createFilter(filterQuery), pagination: generateTablePaginationOptions(activePage, limit), timerange: { diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts b/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts index 2a7c401eff201..ab666bd3de6bb 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts @@ -13,7 +13,9 @@ export const ERROR_ALL_HOST = i18n.translate( } ); -export const FAIL_ALL_HOST = () => - i18n.translate('xpack.securitySolution.allHost.errorSearchDescription', { +export const FAIL_ALL_HOST = i18n.translate( + 'xpack.securitySolution.allHost.errorSearchDescription', + { defaultMessage: `Failed to run search on all hosts`, - }); + } +); diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts index 140a66be73eef..5c5dec92a5100 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.detail_host.dsl.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { ISearchRequestParams } from '../../../../../../../../../src/plugins/data/common'; import { HostOverviewRequestOptions } from '../../../../../../common/search_strategy/security_solution'; import { cloudFieldsMap, hostFieldsMap } from '../../../../../lib/ecs_fields'; import { buildFieldsTermAggregation } from '../../../../../lib/hosts/helpers'; @@ -14,7 +15,7 @@ export const buildHostOverviewQuery = ({ hostName, defaultIndex, timerange: { from, to }, -}: HostOverviewRequestOptions) => { +}: HostOverviewRequestOptions): ISearchRequestParams => { const esFields = reduceFields(fields, { ...hostFieldsMap, ...cloudFieldsMap }); const filter = [ diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts index f6e128a73882c..3d72f98f35355 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.hosts.dsl.ts @@ -5,6 +5,7 @@ */ import { isEmpty, isString } from 'lodash/fp'; +import { ISearchRequestParams } from '../../../../../../../../../src/plugins/data/common'; import { Direction, HostsRequestOptions, @@ -19,7 +20,7 @@ export const buildHostsQuery = ({ pagination: { querySize }, sort, timerange: { from, to }, -}: HostsRequestOptions) => { +}: HostsRequestOptions): ISearchRequestParams => { const filter = [ ...createQueryFilterClauses(isString(filterQuery) ? JSON.parse(filterQuery) : filterQuery), { diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts index 42dbf46305b49..b57bbd2960e4f 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/dsl/query.last_first_seen_host.dsl.ts @@ -5,14 +5,14 @@ */ import { isEmpty } from 'lodash/fp'; - +import { ISearchRequestParams } from '../../../../../../../../../src/plugins/data/common'; import { HostLastFirstSeenRequestOptions } from '../../../../../../common/search_strategy/security_solution'; export const buildLastFirstSeenHostQuery = ({ hostName, defaultIndex, docValueFields, -}: HostLastFirstSeenRequestOptions) => { +}: HostLastFirstSeenRequestOptions): ISearchRequestParams => { const filter = [{ term: { 'host.name': hostName } }]; const dslQuery = { diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts index 5a04786ab89fa..443e524d71ca3 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts @@ -12,7 +12,7 @@ import { DEFAULT_MAX_TABLE_QUERY_SIZE } from '../../../../../common/constants'; import { FactoryQueryTypes } from '../../../../../common/search_strategy/security_solution'; import { HostsStrategyResponse, - HostDetailsStrategyResponse, + HostOverviewStrategyResponse, HostsQueries, HostsRequestOptions, HostOverviewRequestOptions, @@ -27,7 +27,7 @@ import { buildHostOverviewQuery } from './dsl/query.detail_host.dsl'; import { buildHostsQuery } from './dsl/query.hosts.dsl'; import { formatHostEdgesData, formatHostItem } from './helpers'; -export const allHost: SecuritySolutionFactory<'host_all'> = { +export const allHosts: SecuritySolutionFactory = { buildDsl: (options: HostsRequestOptions) => { if (options.pagination && options.pagination.querySize >= DEFAULT_MAX_TABLE_QUERY_SIZE) { throw new Error(`No query size above ${DEFAULT_MAX_TABLE_QUERY_SIZE}`); @@ -68,14 +68,14 @@ export const allHost: SecuritySolutionFactory<'host_all'> = { }, }; -export const detailsHost: SecuritySolutionFactory<'host_details'> = { +export const overviewHost: SecuritySolutionFactory = { buildDsl: (options: HostOverviewRequestOptions) => { return buildHostOverviewQuery(options); }, parse: async ( options: HostOverviewRequestOptions, response: IEsSearchResponse - ): Promise => { + ): Promise => { const aggregations: HostAggEsItem = get('aggregations', response.rawResponse) || {}; const inspect = { dsl: [inspectStringifyObject(buildHostOverviewQuery(options))], @@ -87,6 +87,6 @@ export const detailsHost: SecuritySolutionFactory<'host_details'> = { }; export const hostsFactory: Record> = { - host_all: allHost, - host_details: detailsHost, + [HostsQueries.hosts]: allHosts, + [HostsQueries.hostOverview]: overviewHost, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts index 50d90cb799476..cb9e3a3d7628a 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/types.ts @@ -4,7 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; +import { + IEsSearchResponse, + ISearchRequestParams, +} from '../../../../../../../src/plugins/data/common'; import { FactoryQueryTypes, StrategyRequestType, @@ -12,7 +15,7 @@ import { } from '../../../../common/search_strategy/security_solution'; export interface SecuritySolutionFactory { - buildDsl: (options: StrategyRequestType) => unknown; + buildDsl: (options: StrategyRequestType) => ISearchRequestParams; parse: ( options: StrategyRequestType, response: IEsSearchResponse From 8731418f3ceeb1dc873886904397b63af1abe8b8 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Thu, 20 Aug 2020 13:25:49 -0400 Subject: [PATCH 09/16] fix translation --- .../public/hosts/containers/hosts/translations.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts b/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts index ab666bd3de6bb..ada713d135c22 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/translations.ts @@ -14,7 +14,7 @@ export const ERROR_ALL_HOST = i18n.translate( ); export const FAIL_ALL_HOST = i18n.translate( - 'xpack.securitySolution.allHost.errorSearchDescription', + 'xpack.securitySolution.allHost.failSearchDescription', { defaultMessage: `Failed to run search on all hosts`, } From cd70a768ab43a5d1ccbea9f2036ce72c7c42e7fa Mon Sep 17 00:00:00 2001 From: Patryk Kopycinski Date: Thu, 20 Aug 2020 20:01:23 +0200 Subject: [PATCH 10/16] init --- .../search_strategy/timeline/hosts/index.ts | 81 +++++++++ .../common/search_strategy/timeline/index.ts | 108 ++++++++++++ .../timeline/body/events/stateful_event.tsx | 157 +++++++++--------- .../timeline/expandable_event/index.tsx | 60 ++++--- .../timelines/containers/details/index.tsx | 130 +++++++++++---- .../security_solution/server/plugin.ts | 8 + .../details/dsl/query.timeline_details.dsl.ts | 26 +++ .../timeline/factory/details/helpers.ts | 55 ++++++ .../timeline/factory/details/index.ts | 58 +++++++ .../search_strategy/timeline/factory/index.ts | 17 ++ .../search_strategy/timeline/factory/types.ts | 20 +++ .../server/search_strategy/timeline/index.ts | 38 +++++ 12 files changed, 621 insertions(+), 137 deletions(-) create mode 100644 x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts create mode 100644 x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/dsl/query.timeline_details.dsl.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts create mode 100644 x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts diff --git a/x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts b/x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts new file mode 100644 index 0000000000000..c4f067deffa34 --- /dev/null +++ b/x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts @@ -0,0 +1,81 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; +import { CloudEcs } from '../../../ecs/cloud'; +import { HostEcs } from '../../../ecs/host'; + +import { + CursorType, + Inspect, + Maybe, + PageInfoPaginated, + RequestOptionsPaginated, + SortField, + TimerangeInput, +} from '..'; + +export type HostsQueries = 'host_all' | 'host_details'; + +export enum HostPolicyResponseActionStatus { + success = 'success', + failure = 'failure', + warning = 'warning', +} + +export interface EndpointFields { + endpointPolicy?: Maybe; + + sensorVersion?: Maybe; + + policyStatus?: Maybe; +} + +export interface HostItem { + _id?: Maybe; + + cloud?: Maybe; + + endpoint?: Maybe; + + host?: Maybe; + + lastSeen?: Maybe; +} + +export interface HostsEdges { + node: HostItem; + + cursor: CursorType; +} + +export interface HostsStrategyResponse extends IEsSearchResponse { + edges: HostsEdges[]; + + totalCount: number; + + pageInfo: PageInfoPaginated; + + inspect?: Maybe; +} + +export interface HostDetailsStrategyResponse extends IEsSearchResponse, HostItem { + inspect?: Maybe; +} + +export interface HostsRequestOptions extends RequestOptionsPaginated { + sort: SortField; + defaultIndex: string[]; +} + +export interface HostLastFirstSeenRequestOptions extends Partial { + hostName: string; +} + +export interface HostOverviewRequestOptions extends HostLastFirstSeenRequestOptions { + fields: string[]; + timerange: TimerangeInput; +} diff --git a/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts b/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts new file mode 100644 index 0000000000000..8fa3dc6835639 --- /dev/null +++ b/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts @@ -0,0 +1,108 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { ESQuery } from '../../typed_json'; +import { + HostDetailsStrategyResponse, + HostOverviewRequestOptions, + HostsQueries, + HostsRequestOptions, + HostsStrategyResponse, +} from './hosts'; +export * from './hosts'; +export type Maybe = T | null; + +export type FactoryQueryTypes = HostsQueries; + +export interface Inspect { + dsl: string[]; + response: string[]; +} + +export interface PageInfoPaginated { + activePage: number; + fakeTotalCount: number; + showMorePagesIndicator: boolean; +} + +export interface CursorType { + value?: Maybe; + tiebreaker?: Maybe; +} + +export enum Direction { + asc = 'asc', + desc = 'desc', +} + +export interface SortField { + field: string; + direction: Direction; +} + +export interface TimerangeInput { + /** The interval string to use for last bucket. The format is '{value}{unit}'. For example '5m' would return the metrics for the last 5 minutes of the timespan. */ + interval: string; + /** The end of the timerange */ + to: string; + /** The beginning of the timerange */ + from: string; +} + +export interface PaginationInput { + /** The limit parameter allows you to configure the maximum amount of items to be returned */ + limit: number; + /** The cursor parameter defines the next result you want to fetch */ + cursor?: Maybe; + /** The tiebreaker parameter allow to be more precise to fetch the next item */ + tiebreaker?: Maybe; +} + +export interface PaginationInputPaginated { + /** The activePage parameter defines the page of results you want to fetch */ + activePage: number; + /** The cursorStart parameter defines the start of the results to be displayed */ + cursorStart: number; + /** The fakePossibleCount parameter determines the total count in order to show 5 additional pages */ + fakePossibleCount: number; + /** The querySize parameter is the number of items to be returned */ + querySize: number; +} + +export interface DocValueFields { + field: string; + format: string; +} + +export interface RequestBasicOptions { + timerange: TimerangeInput; + filterQuery: ESQuery | string | undefined; + defaultIndex: string[]; + docValueFields?: DocValueFields[]; + factoryQueryType?: FactoryQueryTypes; +} + +export interface RequestOptions extends RequestBasicOptions { + pagination: PaginationInput; + sortField?: SortField; +} + +export interface RequestOptionsPaginated extends RequestBasicOptions { + pagination: PaginationInputPaginated; + sortField?: SortField; +} + +export type StrategyResponseType = T extends 'host_all' + ? HostsStrategyResponse + : T extends 'host_details' + ? HostDetailsStrategyResponse + : never; + +export type StrategyRequestType = T extends 'host_all' + ? HostsRequestOptions + : T extends 'host_details' + ? HostOverviewRequestOptions + : never; diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx index 3236482e6bc27..09fff4ecf624e 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx @@ -10,7 +10,7 @@ import uuid from 'uuid'; import VisibilitySensor from 'react-visibility-sensor'; import { BrowserFields, DocValueFields } from '../../../../../common/containers/source'; -import { TimelineDetailsQuery } from '../../../../containers/details'; +import { useTimelineDetails } from '../../../../containers/details'; import { TimelineItem, DetailItem, TimelineNonEcsData } from '../../../../../graphql/types'; import { Note } from '../../../../../common/lib/note'; import { ColumnHeaderOptions, TimelineModel } from '../../../../../timelines/store/timeline/model'; @@ -134,6 +134,13 @@ const StatefulEventComponent: React.FC = ({ return state.timeline.timelineById['timeline-1']; }); const divElement = useRef(null); + const [loading, detailsData] = useTimelineDetails({ + docValueFields, + sourceId: 'default', + indexName: event._index!, + eventId: event._id, + executeQuery: !!expanded[event._id], + }); const onToggleShowNotes = useCallback(() => { const eventId = event._id; @@ -171,93 +178,83 @@ const StatefulEventComponent: React.FC = ({ {({ isVisible }) => { if (isVisible || disableSensorVisibility) { return ( - - {({ detailsData, loading }) => ( - + + + - + - - - - - - {getRowRenderer(event.ecs, rowRenderers).renderRow({ - browserFields, - data: event.ecs, - timelineId, - })} + {getRowRenderer(event.ecs, rowRenderers).renderRow({ + browserFields, + data: event.ecs, + timelineId, + })} - - - - - - )} - + + + + + ); } else { // Height place holder for visibility detection as well as re-rendering sections. diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx index 269cd14b5973c..81ce5bee40828 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import React from 'react'; +import React, { useCallback } from 'react'; import styled from 'styled-components'; import { BrowserFields } from '../../../../common/containers/source'; @@ -51,27 +51,43 @@ export const ExpandableEvent = React.memo( toggleColumn, onEventToggled, onUpdateColumns, - }) => ( - - ( - - )} - forceExpand={forceExpand} - paddingSize="none" - /> - - ) + }) => { + const handleRenderExpandedContent = useCallback( + () => ( + + ), + [ + browserFields, + columnHeaders, + event, + id, + onEventToggled, + onUpdateColumns, + timelineId, + toggleColumn, + ] + ); + + return ( + + + + ); + } ); ExpandableEvent.displayName = 'ExpandableEvent'; diff --git a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx index a07420dead29b..5a3ba87630355 100644 --- a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx @@ -4,16 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ -import { getOr } from 'lodash/fp'; +import { noop } from 'lodash/fp'; import memoizeOne from 'memoize-one'; -import React from 'react'; -import { Query } from 'react-apollo'; +import { useCallback, useEffect, useRef, useState } from 'react'; +import deepEqual from 'fast-deep-equal'; +import { inputsModel } from '../../../common/store'; import { DEFAULT_INDEX_KEY } from '../../../../common/constants'; -import { DetailItem, GetTimelineDetailsQuery } from '../../../graphql/types'; -import { useUiSetting } from '../../../common/lib/kibana'; - -import { timelineDetailsQuery } from './index.gql_query'; +import { DetailItem } from '../../../graphql/types'; +import { useKibana } from '../../../common/lib/kibana'; import { DocValueFields } from '../../../common/containers/source'; export interface EventsArgs { @@ -22,7 +21,6 @@ export interface EventsArgs { } export interface TimelineDetailsProps { - children?: (args: EventsArgs) => React.ReactElement; docValueFields: DocValueFields[]; indexName: string; eventId: string; @@ -34,41 +32,103 @@ const getDetailsEvent = memoizeOne( (variables: string, detail: DetailItem[]): DetailItem[] => detail ); -const TimelineDetailsQueryComponent: React.FC = ({ - children, +type TimelineDetailsRequestOptions = TimelineDetailsProps & { defaultIndex: string[] }; + +export const useTimelineDetails = ({ docValueFields, indexName, eventId, executeQuery, sourceId, -}) => { - const variables: GetTimelineDetailsQuery.Variables = { +}: TimelineDetailsProps): [boolean, EventsArgs['detailsData']] => { + const { data, notifications, uiSettings } = useKibana().services; + const refetch = useRef(noop); + const abortCtrl = useRef(new AbortController()); + const defaultIndex = uiSettings.get(DEFAULT_INDEX_KEY); + const [loading, setLoading] = useState(false); + const [timelineDetailsRequest, setTimelineDetailsRequest] = useState< + TimelineDetailsRequestOptions + >({ + defaultIndex, docValueFields, + executeQuery, sourceId, indexName, eventId, - defaultIndex: useUiSetting(DEFAULT_INDEX_KEY), - }; - return executeQuery ? ( - - query={timelineDetailsQuery} - fetchPolicy="network-only" - notifyOnNetworkStatusChange - variables={variables} - > - {({ data, loading, refetch }) => - children!({ - loading, - detailsData: getDetailsEvent( - JSON.stringify(variables), - getOr([], 'source.TimelineDetails.data', data) - ), - }) - } - - ) : ( - children!({ loading: false, detailsData: null }) + factoryQueryType: 'timeline_details', + }); + + const [timelineDetailsResponse, setTimelineDetailsResponse] = useState( + null ); -}; -export const TimelineDetailsQuery = React.memo(TimelineDetailsQueryComponent); + const timelineDetailsSearch = useCallback( + (request: TimelineDetailsRequestOptions) => { + let didCancel = false; + const asyncSearch = async () => { + abortCtrl.current = new AbortController(); + setLoading(true); + + const searchSubscription$ = data.search + .search(request, { + strategy: 'securitySolutionTimelineSearchStrategy', + signal: abortCtrl.current.signal, + }) + .subscribe({ + next: (response) => { + if (!response.isPartial && !response.isRunning) { + if (!didCancel) { + setLoading(false); + setTimelineDetailsResponse( + getDetailsEvent(JSON.stringify(timelineDetailsRequest), response.data || []) + ); + } + searchSubscription$.unsubscribe(); + } else if (response.isPartial && !response.isRunning) { + if (!didCancel) { + setLoading(false); + } + // TODO: Make response error status clearer + notifications.toasts.addWarning('An error has occurred'); + searchSubscription$.unsubscribe(); + } + }, + error: () => { + notifications.toasts.addDanger('Failed to run search'); + }, + }); + }; + abortCtrl.current.abort(); + asyncSearch(); + refetch.current = asyncSearch; + return () => { + didCancel = true; + abortCtrl.current.abort(); + }; + }, + [data.search, notifications.toasts, timelineDetailsRequest] + ); + + useEffect(() => { + setTimelineDetailsRequest((prevRequest) => { + const myRequest = { + ...prevRequest, + defaultIndex, + docValueFields, + sourceId, + indexName, + eventId, + }; + if (!deepEqual(prevRequest, myRequest)) { + return myRequest; + } + return prevRequest; + }); + }, [defaultIndex, docValueFields, eventId, indexName, sourceId]); + + useEffect(() => { + if (executeQuery) timelineDetailsSearch(timelineDetailsRequest); + }, [executeQuery, timelineDetailsRequest, timelineDetailsSearch]); + + return [loading, timelineDetailsResponse]; +}; diff --git a/x-pack/plugins/security_solution/server/plugin.ts b/x-pack/plugins/security_solution/server/plugin.ts index 25ca89ce9186e..7620a39e8942b 100644 --- a/x-pack/plugins/security_solution/server/plugin.ts +++ b/x-pack/plugins/security_solution/server/plugin.ts @@ -61,6 +61,7 @@ import { registerDownloadExceptionListRoute } from './endpoint/routes/artifacts' import { initUsageCollectors } from './usage'; import { AppRequestContext } from './types'; import { securitySolutionSearchStrategyProvider } from './search_strategy/security_solution'; +import { securitySolutionTimelineSearchStrategyProvider } from './search_strategy/timeline'; export interface SetupPlugins { alerts: AlertingSetup; @@ -270,10 +271,17 @@ export class Plugin implements IPlugin { const securitySolutionSearchStrategy = securitySolutionSearchStrategyProvider(depsStart.data); + const securitySolutionTimelineSearchStrategy = securitySolutionTimelineSearchStrategyProvider( + depsStart.data + ); plugins.data.search.registerSearchStrategy( 'securitySolutionSearchStrategy', securitySolutionSearchStrategy ); + plugins.data.search.registerSearchStrategy( + 'securitySolutionTimelineSearchStrategy', + securitySolutionTimelineSearchStrategy + ); }); return {}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/dsl/query.timeline_details.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/dsl/query.timeline_details.dsl.ts new file mode 100644 index 0000000000000..ea29bf64b4ed4 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/dsl/query.timeline_details.dsl.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { DocValueFieldsInput } from '../../../../../graphql/types'; + +export const buildTimelineDetailsQuery = ( + indexName: string, + id: string, + docValueFields: DocValueFieldsInput[] +) => ({ + allowNoIndices: true, + index: indexName, + ignoreUnavailable: true, + body: { + docvalue_fields: docValueFields, + query: { + terms: { + _id: [id], + }, + }, + }, + size: 1, +}); diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts new file mode 100644 index 0000000000000..7543a943be8f5 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts @@ -0,0 +1,55 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { get, isEmpty, isNumber, isObject, isString } from 'lodash/fp'; + +import { DetailItem } from '../../../../graphql/types'; +import { baseCategoryFields } from '../../../../utils/beat_schema/8.0.0'; + +export const getFieldCategory = (field: string): string => { + const fieldCategory = field.split('.')[0]; + if (!isEmpty(fieldCategory) && baseCategoryFields.includes(fieldCategory)) { + return 'base'; + } + return fieldCategory; +}; + +export const getDataFromHits = ( + sources: EventSource, + category?: string, + path?: string +): DetailItem[] => + Object.keys(sources).reduce((accumulator, source) => { + const item: EventSource = get(source, sources); + if (Array.isArray(item) || isString(item) || isNumber(item)) { + const field = path ? `${path}.${source}` : source; + const fieldCategory = getFieldCategory(field); + + return [ + ...accumulator, + { + category: fieldCategory, + field, + values: Array.isArray(item) + ? item.map((value) => { + if (isObject(value)) { + return JSON.stringify(value); + } + + return value; + }) + : [item], + originalValue: item, + } as DetailItem, + ]; + } else if (isObject(item)) { + return [ + ...accumulator, + ...getDataFromHits(item, category || source, path ? `${path}.${source}` : source), + ]; + } + return accumulator; + }, []); diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts new file mode 100644 index 0000000000000..c7280f6decb72 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts @@ -0,0 +1,58 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { getOr, merge } from 'lodash/fp'; + +import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; + +import { FactoryQueryTypes } from '../../../../../common/search_strategy/security_solution'; +import { + HostsStrategyResponse, + HostDetailsStrategyResponse, + HostsQueries, + HostsRequestOptions, + HostOverviewRequestOptions, +} from '../../../../../common/search_strategy/security_solution/hosts'; + +import { HostAggEsData } from '../../../../lib/hosts/types'; + +import { inspectStringifyObject } from '../../../../utils/build_query'; +import { SecuritySolutionTimelineFactory } from '../types'; +import { buildTimelineDetailsQuery } from './dsl/query.timeline_details.dsl'; +import { getDataFromHits } from './helpers'; + +export const timelineDetails: SecuritySolutionTimelineFactory<'timeline_details'> = { + buildDsl: (options: HostOverviewRequestOptions) => { + const { indexName, eventId, docValueFields = [] } = options; + return buildTimelineDetailsQuery(indexName, eventId, docValueFields); + }, + parse: async ( + options: HostOverviewRequestOptions, + response: IEsSearchResponse + ): Promise => { + const { indexName, eventId, docValueFields = [] } = options; + const sourceData = getOr({}, 'hits.hits.0._source', response.rawResponse); + const hitsData = getOr({}, 'hits.hits.0', response.rawResponse); + delete hitsData._source; + const inspect = { + dsl: [inspectStringifyObject(buildTimelineDetailsQuery(indexName, eventId, docValueFields))], + response: [inspectStringifyObject(response.rawResponse)], + }; + const data = getDataFromHits(merge(sourceData, hitsData)); + + return { + data, + inspect, + }; + }, +}; + +export const timelineDetailsFactory: Record< + HostsQueries, + SecuritySolutionTimelineFactory +> = { + timeline_details: timelineDetails, +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts new file mode 100644 index 0000000000000..a164f4c384187 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { FactoryQueryTypes } from '../../../../common/search_strategy/security_solution'; + +import { timelineDetailsFactory } from './details'; +import { SecuritySolutionTimelineFactory } from './types'; + +export const securitySolutionTimelineFactory: Record< + FactoryQueryTypes, + SecuritySolutionTimelineFactory +> = { + ...timelineDetailsFactory, +}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts new file mode 100644 index 0000000000000..a2ff593b7d095 --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; +import { + FactoryQueryTypes, + StrategyRequestType, + StrategyResponseType, +} from '../../../../common/search_strategy/security_solution'; + +export interface SecuritySolutionTimelineFactory { + buildDsl: (options: StrategyRequestType) => unknown; + parse: ( + options: StrategyRequestType, + response: IEsSearchResponse + ) => Promise>; +} diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts new file mode 100644 index 0000000000000..d0b2a890356ef --- /dev/null +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { ISearchStrategy, PluginStart } from '../../../../../../src/plugins/data/server'; +import { + FactoryQueryTypes, + StrategyResponseType, + StrategyRequestType, +} from '../../../common/search_strategy/security_solution'; +import { securitySolutionTimelineFactory } from './factory'; +import { SecuritySolutionTimelineFactory } from './factory/types'; + +export const securitySolutionTimelineSearchStrategyProvider = ( + data: PluginStart +): ISearchStrategy, StrategyResponseType> => { + const es = data.search.getSearchStrategy('es'); + + return { + search: async (context, request, options) => { + if (request.factoryQueryType == null) { + throw new Error('factoryQueryType is required'); + } + const queryFactory: SecuritySolutionTimelineFactory = + securitySolutionTimelineFactory[request.factoryQueryType]; + const dsl = queryFactory.buildDsl(request); + const esSearchRes = await es.search(context, { ...request, params: dsl }, options); + return queryFactory.parse(request, esSearchRes); + }, + cancel: async (context, id) => { + if (es.cancel) { + es.cancel(context, id); + } + }, + }; +}; From 4ee7bf967c8364dcefcd5a6c458f3be598572fbf Mon Sep 17 00:00:00 2001 From: Patryk Kopycinski Date: Sun, 23 Aug 2020 22:44:31 +0200 Subject: [PATCH 11/16] update types --- .../search_strategy/timeline/details/index.ts | 35 ++++++++ .../search_strategy/timeline/hosts/index.ts | 81 ------------------- .../common/search_strategy/timeline/index.ts | 35 ++++---- .../event_details/event_details.tsx | 2 +- .../event_details/event_fields_browser.tsx | 2 +- .../event_details/stateful_event_details.tsx | 2 +- .../public/hosts/containers/hosts/index.tsx | 1 + .../timeline/body/events/stateful_event.tsx | 4 +- .../timeline/expandable_event/index.tsx | 2 +- .../timelines/containers/details/index.tsx | 22 +++-- .../timeline/factory/details/helpers.ts | 2 +- .../timeline/factory/details/index.ts | 29 +++---- .../search_strategy/timeline/factory/index.ts | 2 +- .../search_strategy/timeline/factory/types.ts | 2 +- .../server/search_strategy/timeline/index.ts | 2 +- 15 files changed, 84 insertions(+), 139 deletions(-) create mode 100644 x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts delete mode 100644 x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts diff --git a/x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts b/x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts new file mode 100644 index 0000000000000..19535fe89e3fa --- /dev/null +++ b/x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; + +import { Inspect, Maybe, RequestOptionsPaginated } from '..'; + +export enum TimelineDetailsQueries { + timelineDetails = 'timelineDetails', +} + +export interface DetailItem { + field: string; + + values?: Maybe; + + // eslint-disable-next-line @typescript-eslint/no-explicit-any + originalValue?: Maybe; +} + +export interface TimelineDetailsStrategyResponse extends IEsSearchResponse { + data?: Maybe; + + inspect?: Maybe; +} + +export interface TimelineDetailsRequestOptions extends Partial { + defaultIndex: string[]; + executeQuery: boolean; + indexName: string; + eventId: string; +} diff --git a/x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts b/x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts deleted file mode 100644 index c4f067deffa34..0000000000000 --- a/x-pack/plugins/security_solution/common/search_strategy/timeline/hosts/index.ts +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; -import { CloudEcs } from '../../../ecs/cloud'; -import { HostEcs } from '../../../ecs/host'; - -import { - CursorType, - Inspect, - Maybe, - PageInfoPaginated, - RequestOptionsPaginated, - SortField, - TimerangeInput, -} from '..'; - -export type HostsQueries = 'host_all' | 'host_details'; - -export enum HostPolicyResponseActionStatus { - success = 'success', - failure = 'failure', - warning = 'warning', -} - -export interface EndpointFields { - endpointPolicy?: Maybe; - - sensorVersion?: Maybe; - - policyStatus?: Maybe; -} - -export interface HostItem { - _id?: Maybe; - - cloud?: Maybe; - - endpoint?: Maybe; - - host?: Maybe; - - lastSeen?: Maybe; -} - -export interface HostsEdges { - node: HostItem; - - cursor: CursorType; -} - -export interface HostsStrategyResponse extends IEsSearchResponse { - edges: HostsEdges[]; - - totalCount: number; - - pageInfo: PageInfoPaginated; - - inspect?: Maybe; -} - -export interface HostDetailsStrategyResponse extends IEsSearchResponse, HostItem { - inspect?: Maybe; -} - -export interface HostsRequestOptions extends RequestOptionsPaginated { - sort: SortField; - defaultIndex: string[]; -} - -export interface HostLastFirstSeenRequestOptions extends Partial { - hostName: string; -} - -export interface HostOverviewRequestOptions extends HostLastFirstSeenRequestOptions { - fields: string[]; - timerange: TimerangeInput; -} diff --git a/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts b/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts index 8fa3dc6835639..777ff0d360c08 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts @@ -4,18 +4,17 @@ * you may not use this file except in compliance with the Elastic License. */ +import { IEsSearchRequest } from '../../../../../../src/plugins/data/common'; import { ESQuery } from '../../typed_json'; import { - HostDetailsStrategyResponse, - HostOverviewRequestOptions, - HostsQueries, - HostsRequestOptions, - HostsStrategyResponse, -} from './hosts'; -export * from './hosts'; + TimelineDetailsQueries, + TimelineDetailsRequestOptions, + TimelineDetailsStrategyResponse, +} from './details'; +export * from './details'; export type Maybe = T | null; -export type FactoryQueryTypes = HostsQueries; +export type FactoryQueryTypes = TimelineDetailsQueries; export interface Inspect { dsl: string[]; @@ -77,7 +76,7 @@ export interface DocValueFields { format: string; } -export interface RequestBasicOptions { +export interface RequestBasicOptions extends IEsSearchRequest { timerange: TimerangeInput; filterQuery: ESQuery | string | undefined; defaultIndex: string[]; @@ -95,14 +94,10 @@ export interface RequestOptionsPaginated extends RequestBasicOptions { sortField?: SortField; } -export type StrategyResponseType = T extends 'host_all' - ? HostsStrategyResponse - : T extends 'host_details' - ? HostDetailsStrategyResponse - : never; - -export type StrategyRequestType = T extends 'host_all' - ? HostsRequestOptions - : T extends 'host_details' - ? HostOverviewRequestOptions - : never; +export type StrategyResponseType< + T extends FactoryQueryTypes +> = T extends TimelineDetailsQueries.timelineDetails ? TimelineDetailsStrategyResponse : never; + +export type StrategyRequestType< + T extends FactoryQueryTypes +> = T extends TimelineDetailsQueries.timelineDetails ? TimelineDetailsRequestOptions : never; diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx index 1cc50b7d951a2..8068d51a80153 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx +++ b/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx @@ -9,7 +9,7 @@ import React, { useMemo } from 'react'; import styled from 'styled-components'; import { BrowserFields } from '../../containers/source'; -import { DetailItem } from '../../../graphql/types'; +import { DetailItem } from '../../../../common/search_strategy/timeline'; import { ColumnHeaderOptions } from '../../../timelines/store/timeline/model'; import { OnUpdateColumns } from '../../../timelines/components/timeline/events'; import { EventFieldsBrowser } from './event_fields_browser'; diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/event_fields_browser.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/event_fields_browser.tsx index 00a4e581320bb..9737a09c89f49 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/event_fields_browser.tsx +++ b/x-pack/plugins/security_solution/public/common/components/event_details/event_fields_browser.tsx @@ -10,7 +10,7 @@ import React, { useMemo } from 'react'; import { ColumnHeaderOptions } from '../../../timelines/store/timeline/model'; import { BrowserFields, getAllFieldsByName } from '../../containers/source'; -import { DetailItem } from '../../../graphql/types'; +import { DetailItem } from '../../../../common/search_strategy/timeline'; import { OnUpdateColumns } from '../../../timelines/components/timeline/events'; import { getColumns } from './columns'; diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/stateful_event_details.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/stateful_event_details.tsx index 0bb0532eee7be..f4028c988acb8 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/stateful_event_details.tsx +++ b/x-pack/plugins/security_solution/public/common/components/event_details/stateful_event_details.tsx @@ -7,7 +7,7 @@ import React, { useCallback, useState } from 'react'; import { BrowserFields } from '../../containers/source'; -import { DetailItem } from '../../../graphql/types'; +import { DetailItem } from '../../../../common/search_strategy/timeline'; import { ColumnHeaderOptions } from '../../../timelines/store/timeline/model'; import { OnUpdateColumns } from '../../../timelines/components/timeline/events'; diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx index 55a387f563e12..ef3421de1bbef 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx @@ -22,6 +22,7 @@ import { HostsRequestOptions, HostsStrategyResponse, } from '../../../../common/search_strategy/security_solution'; + import { ESTermQuery } from '../../../../common/typed_json'; import * as i18n from './translations'; diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx index 09fff4ecf624e..a05bb03c5b228 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx @@ -11,7 +11,8 @@ import VisibilitySensor from 'react-visibility-sensor'; import { BrowserFields, DocValueFields } from '../../../../../common/containers/source'; import { useTimelineDetails } from '../../../../containers/details'; -import { TimelineItem, DetailItem, TimelineNonEcsData } from '../../../../../graphql/types'; +import { TimelineItem, TimelineNonEcsData } from '../../../../../graphql/types'; +import { DetailItem } from '../../../../../../common/search_strategy/timeline'; import { Note } from '../../../../../common/lib/note'; import { ColumnHeaderOptions, TimelineModel } from '../../../../../timelines/store/timeline/model'; import { AddNoteToEvent, UpdateNote } from '../../../notes/helpers'; @@ -136,7 +137,6 @@ const StatefulEventComponent: React.FC = ({ const divElement = useRef(null); const [loading, detailsData] = useTimelineDetails({ docValueFields, - sourceId: 'default', indexName: event._index!, eventId: event._id, executeQuery: !!expanded[event._id], diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx index 81ce5bee40828..49f17db242f75 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/expandable_event/index.tsx @@ -9,7 +9,7 @@ import styled from 'styled-components'; import { BrowserFields } from '../../../../common/containers/source'; import { ColumnHeaderOptions } from '../../../../timelines/store/timeline/model'; -import { DetailItem } from '../../../../graphql/types'; +import { DetailItem } from '../../../../../common/search_strategy/timeline'; import { StatefulEventDetails } from '../../../../common/components/event_details/stateful_event_details'; import { LazyAccordion } from '../../lazy_accordion'; import { OnUpdateColumns } from '../events'; diff --git a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx index 5a3ba87630355..2edafc9ea85f4 100644 --- a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx @@ -11,10 +11,14 @@ import deepEqual from 'fast-deep-equal'; import { inputsModel } from '../../../common/store'; import { DEFAULT_INDEX_KEY } from '../../../../common/constants'; -import { DetailItem } from '../../../graphql/types'; import { useKibana } from '../../../common/lib/kibana'; -import { DocValueFields } from '../../../common/containers/source'; - +import { + DocValueFields, + DetailItem, + TimelineDetailsQueries, + TimelineDetailsRequestOptions, + TimelineDetailsStrategyResponse, +} from '../../../../common/search_strategy/timeline'; export interface EventsArgs { detailsData: DetailItem[] | null; loading: boolean; @@ -25,21 +29,17 @@ export interface TimelineDetailsProps { indexName: string; eventId: string; executeQuery: boolean; - sourceId: string; } const getDetailsEvent = memoizeOne( (variables: string, detail: DetailItem[]): DetailItem[] => detail ); -type TimelineDetailsRequestOptions = TimelineDetailsProps & { defaultIndex: string[] }; - export const useTimelineDetails = ({ docValueFields, indexName, eventId, executeQuery, - sourceId, }: TimelineDetailsProps): [boolean, EventsArgs['detailsData']] => { const { data, notifications, uiSettings } = useKibana().services; const refetch = useRef(noop); @@ -52,10 +52,9 @@ export const useTimelineDetails = ({ defaultIndex, docValueFields, executeQuery, - sourceId, indexName, eventId, - factoryQueryType: 'timeline_details', + factoryQueryType: TimelineDetailsQueries.timelineDetails, }); const [timelineDetailsResponse, setTimelineDetailsResponse] = useState( @@ -70,7 +69,7 @@ export const useTimelineDetails = ({ setLoading(true); const searchSubscription$ = data.search - .search(request, { + .search(request, { strategy: 'securitySolutionTimelineSearchStrategy', signal: abortCtrl.current.signal, }) @@ -115,7 +114,6 @@ export const useTimelineDetails = ({ ...prevRequest, defaultIndex, docValueFields, - sourceId, indexName, eventId, }; @@ -124,7 +122,7 @@ export const useTimelineDetails = ({ } return prevRequest; }); - }, [defaultIndex, docValueFields, eventId, indexName, sourceId]); + }, [defaultIndex, docValueFields, eventId, indexName]); useEffect(() => { if (executeQuery) timelineDetailsSearch(timelineDetailsRequest); diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts index 7543a943be8f5..b772dec773dce 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/helpers.ts @@ -6,7 +6,7 @@ import { get, isEmpty, isNumber, isObject, isString } from 'lodash/fp'; -import { DetailItem } from '../../../../graphql/types'; +import { DetailItem } from '../../../../../common/search_strategy/timeline'; import { baseCategoryFields } from '../../../../utils/beat_schema/8.0.0'; export const getFieldCategory = (field: string): string => { diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts index c7280f6decb72..16c2bf3718715 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts @@ -8,31 +8,27 @@ import { getOr, merge } from 'lodash/fp'; import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; -import { FactoryQueryTypes } from '../../../../../common/search_strategy/security_solution'; import { - HostsStrategyResponse, - HostDetailsStrategyResponse, - HostsQueries, - HostsRequestOptions, - HostOverviewRequestOptions, -} from '../../../../../common/search_strategy/security_solution/hosts'; - -import { HostAggEsData } from '../../../../lib/hosts/types'; + FactoryQueryTypes, + TimelineDetailsStrategyResponse, + TimelineDetailsQueries, + TimelineDetailsRequestOptions, +} from '../../../../../common/search_strategy/timeline'; import { inspectStringifyObject } from '../../../../utils/build_query'; import { SecuritySolutionTimelineFactory } from '../types'; import { buildTimelineDetailsQuery } from './dsl/query.timeline_details.dsl'; import { getDataFromHits } from './helpers'; -export const timelineDetails: SecuritySolutionTimelineFactory<'timeline_details'> = { - buildDsl: (options: HostOverviewRequestOptions) => { +export const timelineDetails: SecuritySolutionTimelineFactory = { + buildDsl: (options: TimelineDetailsRequestOptions) => { const { indexName, eventId, docValueFields = [] } = options; return buildTimelineDetailsQuery(indexName, eventId, docValueFields); }, parse: async ( - options: HostOverviewRequestOptions, - response: IEsSearchResponse - ): Promise => { + options: TimelineDetailsRequestOptions, + response: IEsSearchResponse + ): Promise => { const { indexName, eventId, docValueFields = [] } = options; const sourceData = getOr({}, 'hits.hits.0._source', response.rawResponse); const hitsData = getOr({}, 'hits.hits.0', response.rawResponse); @@ -44,6 +40,7 @@ export const timelineDetails: SecuritySolutionTimelineFactory<'timeline_details' const data = getDataFromHits(merge(sourceData, hitsData)); return { + ...response, data, inspect, }; @@ -51,8 +48,8 @@ export const timelineDetails: SecuritySolutionTimelineFactory<'timeline_details' }; export const timelineDetailsFactory: Record< - HostsQueries, + TimelineDetailsQueries, SecuritySolutionTimelineFactory > = { - timeline_details: timelineDetails, + [TimelineDetailsQueries.timelineDetails]: timelineDetails, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts index a164f4c384187..34e347f0ea2a9 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { FactoryQueryTypes } from '../../../../common/search_strategy/security_solution'; +import { FactoryQueryTypes } from '../../../../common/search_strategy/timeline'; import { timelineDetailsFactory } from './details'; import { SecuritySolutionTimelineFactory } from './types'; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts index a2ff593b7d095..571055e481e79 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts @@ -9,7 +9,7 @@ import { FactoryQueryTypes, StrategyRequestType, StrategyResponseType, -} from '../../../../common/search_strategy/security_solution'; +} from '../../../../common/search_strategy/timeline'; export interface SecuritySolutionTimelineFactory { buildDsl: (options: StrategyRequestType) => unknown; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts index d0b2a890356ef..3c3f3b5760e75 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts @@ -9,7 +9,7 @@ import { FactoryQueryTypes, StrategyResponseType, StrategyRequestType, -} from '../../../common/search_strategy/security_solution'; +} from '../../../common/search_strategy/timeline'; import { securitySolutionTimelineFactory } from './factory'; import { SecuritySolutionTimelineFactory } from './factory/types'; From 823450668eeeddfa8e99dd93eda2e240a01f483c Mon Sep 17 00:00:00 2001 From: Patryk Kopycinski Date: Mon, 24 Aug 2020 19:05:06 +0200 Subject: [PATCH 12/16] revert api docs --- src/plugins/data/public/public.api.md | 2576 +++++++++++-------------- 1 file changed, 1135 insertions(+), 1441 deletions(-) diff --git a/src/plugins/data/public/public.api.md b/src/plugins/data/public/public.api.md index 748def4a8ac28..f8a108a5a4c58 100644 --- a/src/plugins/data/public/public.api.md +++ b/src/plugins/data/public/public.api.md @@ -3,6 +3,7 @@ > Do not edit this file. It is a report generated by [API Extractor](https://api-extractor.com/). ```ts + import { $Values } from '@kbn/utility-types'; import _ from 'lodash'; import { Action } from 'history'; @@ -81,20 +82,17 @@ import { UserProvidedValues } from 'src/core/server/types'; // Warning: (ae-missing-release-tag) "AggConfigOptions" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type AggConfigOptions = Assign< - AggConfigSerialized, - { +export type AggConfigOptions = Assign; +}>; // Warning: (ae-missing-release-tag) "AggGroupLabels" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const AggGroupLabels: { - buckets: string; - metrics: string; - none: string; + buckets: string; + metrics: string; + none: string; }; // Warning: (ae-missing-release-tag) "AggGroupName" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) @@ -106,9 +104,9 @@ export type AggGroupName = $Values; // // @public (undocumented) export const AggGroupNames: Readonly<{ - Buckets: 'buckets'; - Metrics: 'metrics'; - None: 'none'; + Buckets: "buckets"; + Metrics: "metrics"; + None: "none"; }>; // Warning: (ae-forgotten-export) The symbol "BaseParamType" needs to be exported by the entry point index.d.ts @@ -121,41 +119,39 @@ export type AggParam = BaseParamType; // // @public (undocumented) export interface AggParamOption { - // (undocumented) - display: string; - // Warning: (ae-forgotten-export) The symbol "AggConfig" needs to be exported by the entry point index.d.ts - // - // (undocumented) - enabled?(agg: AggConfig): boolean; - // (undocumented) - val: string; + // (undocumented) + display: string; + // Warning: (ae-forgotten-export) The symbol "AggConfig" needs to be exported by the entry point index.d.ts + // + // (undocumented) + enabled?(agg: AggConfig): boolean; + // (undocumented) + val: string; } // Warning: (ae-missing-release-tag) "AggParamType" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export class AggParamType extends BaseParamType< - TAggConfig -> { - constructor(config: Record); - // (undocumented) - allowedAggs: string[]; - // (undocumented) - makeAgg: (agg: TAggConfig, state?: AggConfigSerialized) => TAggConfig; +export class AggParamType extends BaseParamType { + constructor(config: Record); + // (undocumented) + allowedAggs: string[]; + // (undocumented) + makeAgg: (agg: TAggConfig, state?: AggConfigSerialized) => TAggConfig; } // Warning: (ae-missing-release-tag) "ApplyGlobalFilterActionContext" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface ApplyGlobalFilterActionContext { - // Warning: (ae-forgotten-export) The symbol "IEmbeddable" needs to be exported by the entry point index.d.ts - // - // (undocumented) - embeddable?: IEmbeddable; - // (undocumented) - filters: Filter[]; - // (undocumented) - timeFieldName?: string; + // Warning: (ae-forgotten-export) The symbol "IEmbeddable" needs to be exported by the entry point index.d.ts + // + // (undocumented) + embeddable?: IEmbeddable; + // (undocumented) + filters: Filter[]; + // (undocumented) + timeFieldName?: string; } // Warning: (ae-forgotten-export) The symbol "DateFormat" needs to be exported by the entry point index.d.ts @@ -163,38 +159,34 @@ export interface ApplyGlobalFilterActionContext { // Warning: (ae-missing-release-tag) "baseFormattersPublic" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export const baseFormattersPublic: ( - | import('../../common').FieldFormatInstanceType - | typeof DateFormat - | typeof DateNanosFormat -)[]; +export const baseFormattersPublic: (import("../../common").FieldFormatInstanceType | typeof DateFormat | typeof DateNanosFormat)[]; // Warning: (ae-missing-release-tag) "BUCKET_TYPES" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export enum BUCKET_TYPES { - // (undocumented) - DATE_HISTOGRAM = 'date_histogram', - // (undocumented) - DATE_RANGE = 'date_range', - // (undocumented) - FILTER = 'filter', - // (undocumented) - FILTERS = 'filters', - // (undocumented) - GEOHASH_GRID = 'geohash_grid', - // (undocumented) - GEOTILE_GRID = 'geotile_grid', - // (undocumented) - HISTOGRAM = 'histogram', - // (undocumented) - IP_RANGE = 'ip_range', - // (undocumented) - RANGE = 'range', - // (undocumented) - SIGNIFICANT_TERMS = 'significant_terms', - // (undocumented) - TERMS = 'terms', + // (undocumented) + DATE_HISTOGRAM = "date_histogram", + // (undocumented) + DATE_RANGE = "date_range", + // (undocumented) + FILTER = "filter", + // (undocumented) + FILTERS = "filters", + // (undocumented) + GEOHASH_GRID = "geohash_grid", + // (undocumented) + GEOTILE_GRID = "geotile_grid", + // (undocumented) + HISTOGRAM = "histogram", + // (undocumented) + IP_RANGE = "ip_range", + // (undocumented) + RANGE = "range", + // (undocumented) + SIGNIFICANT_TERMS = "significant_terms", + // (undocumented) + TERMS = "terms" } // Warning: (ae-missing-release-tag) "castEsToKbnFieldTypeName" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) @@ -208,154 +200,143 @@ export const castEsToKbnFieldTypeName: (esType: ES_FIELD_TYPES | string) => KBN_ // Warning: (ae-missing-release-tag) "connectToQueryState" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public -export const connectToQueryState: ( - { - timefilter: { timefilter }, - filterManager, - queryString, - state$, - }: Pick, - stateContainer: BaseStateContainer, - syncConfig: { +export const connectToQueryState: ({ timefilter: { timefilter }, filterManager, queryString, state$, }: Pick, stateContainer: BaseStateContainer, syncConfig: { time?: boolean; refreshInterval?: boolean; filters?: FilterStateStore | boolean; query?: boolean; - } -) => () => void; +}) => () => void; // Warning: (ae-missing-release-tag) "createSavedQueryService" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export const createSavedQueryService: ( - savedObjectsClient: SavedObjectsClientContract -) => SavedQueryService; +export const createSavedQueryService: (savedObjectsClient: SavedObjectsClientContract) => SavedQueryService; // Warning: (ae-missing-release-tag) "CustomFilter" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export type CustomFilter = Filter & { - query: any; + query: any; }; // Warning: (ae-missing-release-tag) "DataPublicPluginSetup" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface DataPublicPluginSetup { - // Warning: (ae-forgotten-export) The symbol "DataPublicPluginEnhancements" needs to be exported by the entry point index.d.ts - // - // @internal (undocumented) - __enhance: (enhancements: DataPublicPluginEnhancements) => void; - // Warning: (ae-forgotten-export) The symbol "AutocompleteSetup" needs to be exported by the entry point index.d.ts - // - // (undocumented) - autocomplete: AutocompleteSetup; - // Warning: (ae-forgotten-export) The symbol "FieldFormatsSetup" needs to be exported by the entry point index.d.ts - // - // (undocumented) - fieldFormats: FieldFormatsSetup; - // (undocumented) - query: QuerySetup; - // Warning: (ae-forgotten-export) The symbol "ISearchSetup" needs to be exported by the entry point index.d.ts - // - // (undocumented) - search: ISearchSetup; + // Warning: (ae-forgotten-export) The symbol "DataPublicPluginEnhancements" needs to be exported by the entry point index.d.ts + // + // @internal (undocumented) + __enhance: (enhancements: DataPublicPluginEnhancements) => void; + // Warning: (ae-forgotten-export) The symbol "AutocompleteSetup" needs to be exported by the entry point index.d.ts + // + // (undocumented) + autocomplete: AutocompleteSetup; + // Warning: (ae-forgotten-export) The symbol "FieldFormatsSetup" needs to be exported by the entry point index.d.ts + // + // (undocumented) + fieldFormats: FieldFormatsSetup; + // (undocumented) + query: QuerySetup; + // Warning: (ae-forgotten-export) The symbol "ISearchSetup" needs to be exported by the entry point index.d.ts + // + // (undocumented) + search: ISearchSetup; } // Warning: (ae-missing-release-tag) "DataPublicPluginStart" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface DataPublicPluginStart { - // (undocumented) - actions: { - createFiltersFromValueClickAction: typeof createFiltersFromValueClickAction; - createFiltersFromRangeSelectAction: typeof createFiltersFromRangeSelectAction; - }; - // Warning: (ae-forgotten-export) The symbol "AutocompleteStart" needs to be exported by the entry point index.d.ts - // - // (undocumented) - autocomplete: AutocompleteStart; - // Warning: (ae-forgotten-export) The symbol "FieldFormatsStart" needs to be exported by the entry point index.d.ts - // - // (undocumented) - fieldFormats: FieldFormatsStart; - // (undocumented) - indexPatterns: IndexPatternsContract; - // (undocumented) - query: QueryStart; - // Warning: (ae-forgotten-export) The symbol "ISearchStart" needs to be exported by the entry point index.d.ts - // - // (undocumented) - search: ISearchStart; - // (undocumented) - ui: { - IndexPatternSelect: React.ComponentType; - SearchBar: React.ComponentType; - }; + // (undocumented) + actions: { + createFiltersFromValueClickAction: typeof createFiltersFromValueClickAction; + createFiltersFromRangeSelectAction: typeof createFiltersFromRangeSelectAction; + }; + // Warning: (ae-forgotten-export) The symbol "AutocompleteStart" needs to be exported by the entry point index.d.ts + // + // (undocumented) + autocomplete: AutocompleteStart; + // Warning: (ae-forgotten-export) The symbol "FieldFormatsStart" needs to be exported by the entry point index.d.ts + // + // (undocumented) + fieldFormats: FieldFormatsStart; + // (undocumented) + indexPatterns: IndexPatternsContract; + // (undocumented) + query: QueryStart; + // Warning: (ae-forgotten-export) The symbol "ISearchStart" needs to be exported by the entry point index.d.ts + // + // (undocumented) + search: ISearchStart; + // (undocumented) + ui: { + IndexPatternSelect: React.ComponentType; + SearchBar: React.ComponentType; + }; } // @public (undocumented) export enum ES_FIELD_TYPES { - // (undocumented) - ATTACHMENT = 'attachment', - // (undocumented) - BOOLEAN = 'boolean', - // (undocumented) - BYTE = 'byte', - // (undocumented) - DATE = 'date', - // (undocumented) - DATE_NANOS = 'date_nanos', - // (undocumented) - DOUBLE = 'double', - // (undocumented) - FLOAT = 'float', - // (undocumented) - GEO_POINT = 'geo_point', - // (undocumented) - GEO_SHAPE = 'geo_shape', - // (undocumented) - HALF_FLOAT = 'half_float', - // (undocumented) - HISTOGRAM = 'histogram', - // (undocumented) - _ID = '_id', - // (undocumented) - _INDEX = '_index', - // (undocumented) - INTEGER = 'integer', - // (undocumented) - IP = 'ip', - // (undocumented) - KEYWORD = 'keyword', - // (undocumented) - LONG = 'long', - // (undocumented) - MURMUR3 = 'murmur3', - // (undocumented) - NESTED = 'nested', - // (undocumented) - OBJECT = 'object', - // (undocumented) - SCALED_FLOAT = 'scaled_float', - // (undocumented) - SHORT = 'short', - // (undocumented) - _SOURCE = '_source', - // (undocumented) - STRING = 'string', - // (undocumented) - TEXT = 'text', - // (undocumented) - TOKEN_COUNT = 'token_count', - // (undocumented) - _TYPE = '_type', + // (undocumented) + ATTACHMENT = "attachment", + // (undocumented) + BOOLEAN = "boolean", + // (undocumented) + BYTE = "byte", + // (undocumented) + DATE = "date", + // (undocumented) + DATE_NANOS = "date_nanos", + // (undocumented) + DOUBLE = "double", + // (undocumented) + FLOAT = "float", + // (undocumented) + GEO_POINT = "geo_point", + // (undocumented) + GEO_SHAPE = "geo_shape", + // (undocumented) + HALF_FLOAT = "half_float", + // (undocumented) + HISTOGRAM = "histogram", + // (undocumented) + _ID = "_id", + // (undocumented) + _INDEX = "_index", + // (undocumented) + INTEGER = "integer", + // (undocumented) + IP = "ip", + // (undocumented) + KEYWORD = "keyword", + // (undocumented) + LONG = "long", + // (undocumented) + MURMUR3 = "murmur3", + // (undocumented) + NESTED = "nested", + // (undocumented) + OBJECT = "object", + // (undocumented) + SCALED_FLOAT = "scaled_float", + // (undocumented) + SHORT = "short", + // (undocumented) + _SOURCE = "_source", + // (undocumented) + STRING = "string", + // (undocumented) + TEXT = "text", + // (undocumented) + TOKEN_COUNT = "token_count", + // (undocumented) + _TYPE = "_type" } // Warning: (ae-missing-release-tag) "ES_SEARCH_STRATEGY" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export const ES_SEARCH_STRATEGY = 'es'; +export const ES_SEARCH_STRATEGY = "es"; // Warning: (ae-forgotten-export) The symbol "ExpressionFunctionDefinition" needs to be exported by the entry point index.d.ts // Warning: (ae-forgotten-export) The symbol "Input" needs to be exported by the entry point index.d.ts @@ -364,12 +345,7 @@ export const ES_SEARCH_STRATEGY = 'es'; // Warning: (ae-missing-release-tag) "EsaggsExpressionFunctionDefinition" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type EsaggsExpressionFunctionDefinition = ExpressionFunctionDefinition< - 'esaggs', - Input, - Arguments, - Output ->; +export type EsaggsExpressionFunctionDefinition = ExpressionFunctionDefinition<'esaggs', Input, Arguments, Output>; // Warning: (ae-forgotten-export) The symbol "name" needs to be exported by the entry point index.d.ts // Warning: (ae-forgotten-export) The symbol "Input" needs to be exported by the entry point index.d.ts @@ -378,145 +354,96 @@ export type EsaggsExpressionFunctionDefinition = ExpressionFunctionDefinition< // Warning: (ae-missing-release-tag) "EsdslExpressionFunctionDefinition" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type EsdslExpressionFunctionDefinition = ExpressionFunctionDefinition< - typeof name_2, - Input_2, - Arguments_2, - Output_2 ->; +export type EsdslExpressionFunctionDefinition = ExpressionFunctionDefinition; // Warning: (ae-missing-release-tag) "esFilters" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const esFilters: { - FilterLabel: typeof FilterLabel; - FILTERS: typeof FILTERS; - FilterStateStore: typeof FilterStateStore; - buildEmptyFilter: (isPinned: boolean, index?: string | undefined) => import('../common').Filter; - buildPhrasesFilter: ( - field: import('../common').IFieldType, - params: any[], - indexPattern: import('../common').IIndexPattern - ) => import('../common').PhrasesFilter; - buildExistsFilter: ( - field: import('../common').IFieldType, - indexPattern: import('../common').IIndexPattern - ) => import('../common').ExistsFilter; - buildPhraseFilter: ( - field: import('../common').IFieldType, - value: any, - indexPattern: import('../common').IIndexPattern - ) => import('../common').PhraseFilter; - buildQueryFilter: ( - query: any, - index: string, - alias: string - ) => import('../common').QueryStringFilter; - buildRangeFilter: ( - field: import('../common').IFieldType, - params: import('../common').RangeFilterParams, - indexPattern: import('../common').IIndexPattern, - formattedValue?: string | undefined - ) => import('../common').RangeFilter; - isPhraseFilter: (filter: any) => filter is import('../common').PhraseFilter; - isExistsFilter: (filter: any) => filter is import('../common').ExistsFilter; - isPhrasesFilter: (filter: any) => filter is import('../common').PhrasesFilter; - isRangeFilter: (filter: any) => filter is import('../common').RangeFilter; - isMatchAllFilter: (filter: any) => filter is import('../common').MatchAllFilter; - isMissingFilter: (filter: any) => filter is import('../common').MissingFilter; - isQueryStringFilter: (filter: any) => filter is import('../common').QueryStringFilter; - isFilterPinned: (filter: import('../common').Filter) => boolean | undefined; - toggleFilterNegated: ( - filter: import('../common').Filter - ) => { - meta: { - negate: boolean; - alias: string | null; - disabled: boolean; - controlledBy?: string | undefined; - index?: string | undefined; - type?: string | undefined; - key?: string | undefined; - params?: any; - value?: - | string - | ((formatter?: import('../common').FilterValueFormatter | undefined) => string) - | undefined; + FilterLabel: typeof FilterLabel; + FILTERS: typeof FILTERS; + FilterStateStore: typeof FilterStateStore; + buildEmptyFilter: (isPinned: boolean, index?: string | undefined) => import("../common").Filter; + buildPhrasesFilter: (field: import("../common").IFieldType, params: any[], indexPattern: import("../common").IIndexPattern) => import("../common").PhrasesFilter; + buildExistsFilter: (field: import("../common").IFieldType, indexPattern: import("../common").IIndexPattern) => import("../common").ExistsFilter; + buildPhraseFilter: (field: import("../common").IFieldType, value: any, indexPattern: import("../common").IIndexPattern) => import("../common").PhraseFilter; + buildQueryFilter: (query: any, index: string, alias: string) => import("../common").QueryStringFilter; + buildRangeFilter: (field: import("../common").IFieldType, params: import("../common").RangeFilterParams, indexPattern: import("../common").IIndexPattern, formattedValue?: string | undefined) => import("../common").RangeFilter; + isPhraseFilter: (filter: any) => filter is import("../common").PhraseFilter; + isExistsFilter: (filter: any) => filter is import("../common").ExistsFilter; + isPhrasesFilter: (filter: any) => filter is import("../common").PhrasesFilter; + isRangeFilter: (filter: any) => filter is import("../common").RangeFilter; + isMatchAllFilter: (filter: any) => filter is import("../common").MatchAllFilter; + isMissingFilter: (filter: any) => filter is import("../common").MissingFilter; + isQueryStringFilter: (filter: any) => filter is import("../common").QueryStringFilter; + isFilterPinned: (filter: import("../common").Filter) => boolean | undefined; + toggleFilterNegated: (filter: import("../common").Filter) => { + meta: { + negate: boolean; + alias: string | null; + disabled: boolean; + controlledBy?: string | undefined; + index?: string | undefined; + type?: string | undefined; + key?: string | undefined; + params?: any; + value?: string | ((formatter?: import("../common").FilterValueFormatter | undefined) => string) | undefined; + }; + $state?: import("../common").FilterState | undefined; + query?: any; }; - $state?: import('../common').FilterState | undefined; - query?: any; - }; - disableFilter: (filter: import('../common').Filter) => import('../common').Filter; - getPhraseFilterField: (filter: import('../common').PhraseFilter) => string; - getPhraseFilterValue: (filter: import('../common').PhraseFilter) => string | number | boolean; - getDisplayValueFromFilter: typeof getDisplayValueFromFilter; - compareFilters: ( - first: import('../common').Filter | import('../common').Filter[], - second: import('../common').Filter | import('../common').Filter[], - comparatorOptions?: import('../common').FilterCompareOptions - ) => boolean; - COMPARE_ALL_OPTIONS: import('../common').FilterCompareOptions; - generateFilters: typeof generateFilters; - onlyDisabledFiltersChanged: ( - newFilters?: import('../common').Filter[] | undefined, - oldFilters?: import('../common').Filter[] | undefined - ) => boolean; - changeTimeFilter: typeof changeTimeFilter; - convertRangeFilterToTimeRangeString: typeof convertRangeFilterToTimeRangeString; - mapAndFlattenFilters: (filters: import('../common').Filter[]) => import('../common').Filter[]; - extractTimeFilter: typeof extractTimeFilter; - extractTimeRange: typeof extractTimeRange; + disableFilter: (filter: import("../common").Filter) => import("../common").Filter; + getPhraseFilterField: (filter: import("../common").PhraseFilter) => string; + getPhraseFilterValue: (filter: import("../common").PhraseFilter) => string | number | boolean; + getDisplayValueFromFilter: typeof getDisplayValueFromFilter; + compareFilters: (first: import("../common").Filter | import("../common").Filter[], second: import("../common").Filter | import("../common").Filter[], comparatorOptions?: import("../common").FilterCompareOptions) => boolean; + COMPARE_ALL_OPTIONS: import("../common").FilterCompareOptions; + generateFilters: typeof generateFilters; + onlyDisabledFiltersChanged: (newFilters?: import("../common").Filter[] | undefined, oldFilters?: import("../common").Filter[] | undefined) => boolean; + changeTimeFilter: typeof changeTimeFilter; + convertRangeFilterToTimeRangeString: typeof convertRangeFilterToTimeRangeString; + mapAndFlattenFilters: (filters: import("../common").Filter[]) => import("../common").Filter[]; + extractTimeFilter: typeof extractTimeFilter; + extractTimeRange: typeof extractTimeRange; }; // Warning: (ae-missing-release-tag) "esKuery" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const esKuery: { - nodeTypes: import('../common/es_query/kuery/node_types').NodeTypes; - fromKueryExpression: ( - expression: any, - parseOptions?: Partial - ) => import('../common').KueryNode; - toElasticsearchQuery: ( - node: import('../common').KueryNode, - indexPattern?: import('../common').IIndexPattern | undefined, - config?: Record | undefined, - context?: Record | undefined - ) => import('../../kibana_utils/common').JsonObject; + nodeTypes: import("../common/es_query/kuery/node_types").NodeTypes; + fromKueryExpression: (expression: any, parseOptions?: Partial) => import("../common").KueryNode; + toElasticsearchQuery: (node: import("../common").KueryNode, indexPattern?: import("../common").IIndexPattern | undefined, config?: Record | undefined, context?: Record | undefined) => import("../../kibana_utils/common").JsonObject; }; // Warning: (ae-missing-release-tag) "esQuery" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const esQuery: { - buildEsQuery: typeof buildEsQuery; - getEsQueryConfig: typeof getEsQueryConfig; - buildQueryFromFilters: ( - filters: import('../common').Filter[] | undefined, - indexPattern: import('../common').IIndexPattern | undefined, - ignoreFilterIfFieldNotInIndex?: boolean - ) => { - must: never[]; - filter: import('../common').Filter[]; - should: never[]; - must_not: import('../common').Filter[]; - }; - luceneStringToDsl: typeof luceneStringToDsl; - decorateQuery: typeof decorateQuery; + buildEsQuery: typeof buildEsQuery; + getEsQueryConfig: typeof getEsQueryConfig; + buildQueryFromFilters: (filters: import("../common").Filter[] | undefined, indexPattern: import("../common").IIndexPattern | undefined, ignoreFilterIfFieldNotInIndex?: boolean) => { + must: never[]; + filter: import("../common").Filter[]; + should: never[]; + must_not: import("../common").Filter[]; + }; + luceneStringToDsl: typeof luceneStringToDsl; + decorateQuery: typeof decorateQuery; }; // Warning: (ae-missing-release-tag) "EsQueryConfig" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface EsQueryConfig { - // (undocumented) - allowLeadingWildcards: boolean; - // (undocumented) - dateFormatTZ?: string; - // (undocumented) - ignoreFilterIfFieldNotInIndex: boolean; - // (undocumented) - queryStringOptions: Record; + // (undocumented) + allowLeadingWildcards: boolean; + // (undocumented) + dateFormatTZ?: string; + // (undocumented) + ignoreFilterIfFieldNotInIndex: boolean; + // (undocumented) + queryStringOptions: Record; } // Warning: (ae-forgotten-export) The symbol "SortDirectionNumeric" needs to be exported by the entry point index.d.ts @@ -531,18 +458,14 @@ export type EsQuerySortValue = Record; +export type EsRawResponseExpressionTypeDefinition = ExpressionTypeDefinition; // Warning: (ae-missing-release-tag) "ExistsFilter" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export type ExistsFilter = Filter & { - meta: ExistsFilterMeta; - exists?: FilterExistsProperty; + meta: ExistsFilterMeta; + exists?: FilterExistsProperty; }; // Warning: (ae-forgotten-export) The symbol "ShorthandFieldMapObject" needs to be exported by the entry point index.d.ts @@ -554,81 +477,72 @@ export const expandShorthand: (sh: Record) => M // Warning: (ae-missing-release-tag) "extractReferences" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export const extractSearchSourceReferences: ( - state: SearchSourceFields -) => [ - SearchSourceFields & { +export const extractSearchSourceReferences: (state: SearchSourceFields) => [SearchSourceFields & { indexRefName?: string; - }, - SavedObjectReference[] -]; +}, SavedObjectReference[]]; // Warning: (ae-missing-release-tag) "FetchOptions" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface FetchOptions { - // (undocumented) - abortSignal?: AbortSignal; - // (undocumented) - searchStrategyId?: string; + // (undocumented) + abortSignal?: AbortSignal; + // (undocumented) + searchStrategyId?: string; } // Warning: (ae-missing-release-tag) "FieldFormat" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export abstract class FieldFormat { - // Warning: (ae-forgotten-export) The symbol "IFieldFormatMetaParams" needs to be exported by the entry point index.d.ts - constructor(_params?: IFieldFormatMetaParams, getConfig?: FieldFormatsGetConfigFn); - // Warning: (ae-forgotten-export) The symbol "HtmlContextTypeOptions" needs to be exported by the entry point index.d.ts - // Warning: (ae-forgotten-export) The symbol "TextContextTypeOptions" needs to be exported by the entry point index.d.ts - convert( - value: any, - contentType?: FieldFormatsContentType, - options?: HtmlContextTypeOptions | TextContextTypeOptions - ): string; - // Warning: (ae-forgotten-export) The symbol "FieldFormatConvert" needs to be exported by the entry point index.d.ts - convertObject: FieldFormatConvert | undefined; - static fieldType: string | string[]; - // Warning: (ae-incompatible-release-tags) The symbol "from" is marked as @public, but its signature references "FieldFormatInstanceType" which is marked as @internal - // - // (undocumented) - static from(convertFn: FieldFormatConvertFunction): FieldFormatInstanceType; - // (undocumented) - protected getConfig: FieldFormatsGetConfigFn | undefined; - // Warning: (ae-forgotten-export) The symbol "FieldFormatConvertFunction" needs to be exported by the entry point index.d.ts - getConverterFor(contentType?: FieldFormatsContentType): FieldFormatConvertFunction; - getParamDefaults(): Record; - // Warning: (ae-forgotten-export) The symbol "HtmlContextTypeConvert" needs to be exported by the entry point index.d.ts - htmlConvert: HtmlContextTypeConvert | undefined; - static id: string; - // (undocumented) - static isInstanceOfFieldFormat(fieldFormat: any): fieldFormat is FieldFormat; - param(name: string): any; - params(): Record; - // (undocumented) - protected readonly _params: any; - // (undocumented) - setupContentType(): FieldFormatConvert; - // Warning: (ae-forgotten-export) The symbol "TextContextTypeConvert" needs to be exported by the entry point index.d.ts - textConvert: TextContextTypeConvert | undefined; - static title: string; - toJSON(): { - id: any; - params: any; - }; - type: any; + // Warning: (ae-forgotten-export) The symbol "IFieldFormatMetaParams" needs to be exported by the entry point index.d.ts + constructor(_params?: IFieldFormatMetaParams, getConfig?: FieldFormatsGetConfigFn); + // Warning: (ae-forgotten-export) The symbol "HtmlContextTypeOptions" needs to be exported by the entry point index.d.ts + // Warning: (ae-forgotten-export) The symbol "TextContextTypeOptions" needs to be exported by the entry point index.d.ts + convert(value: any, contentType?: FieldFormatsContentType, options?: HtmlContextTypeOptions | TextContextTypeOptions): string; + // Warning: (ae-forgotten-export) The symbol "FieldFormatConvert" needs to be exported by the entry point index.d.ts + convertObject: FieldFormatConvert | undefined; + static fieldType: string | string[]; + // Warning: (ae-incompatible-release-tags) The symbol "from" is marked as @public, but its signature references "FieldFormatInstanceType" which is marked as @internal + // + // (undocumented) + static from(convertFn: FieldFormatConvertFunction): FieldFormatInstanceType; + // (undocumented) + protected getConfig: FieldFormatsGetConfigFn | undefined; + // Warning: (ae-forgotten-export) The symbol "FieldFormatConvertFunction" needs to be exported by the entry point index.d.ts + getConverterFor(contentType?: FieldFormatsContentType): FieldFormatConvertFunction; + getParamDefaults(): Record; + // Warning: (ae-forgotten-export) The symbol "HtmlContextTypeConvert" needs to be exported by the entry point index.d.ts + htmlConvert: HtmlContextTypeConvert | undefined; + static id: string; + // (undocumented) + static isInstanceOfFieldFormat(fieldFormat: any): fieldFormat is FieldFormat; + param(name: string): any; + params(): Record; + // (undocumented) + protected readonly _params: any; + // (undocumented) + setupContentType(): FieldFormatConvert; + // Warning: (ae-forgotten-export) The symbol "TextContextTypeConvert" needs to be exported by the entry point index.d.ts + textConvert: TextContextTypeConvert | undefined; + static title: string; + toJSON(): { + id: any; + params: any; + }; + type: any; } // Warning: (ae-missing-release-tag) "FieldFormatConfig" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface FieldFormatConfig { - // (undocumented) - es?: boolean; - // (undocumented) - id: FieldFormatId; - // (undocumented) - params: Record; + // (undocumented) + es?: boolean; + // (undocumented) + id: FieldFormatId; + // (undocumented) + params: Record; } // Warning: (ae-forgotten-export) The symbol "FIELD_FORMAT_IDS" needs to be exported by the entry point index.d.ts @@ -638,45 +552,42 @@ export interface FieldFormatConfig { export type FieldFormatId = FIELD_FORMAT_IDS | string; // @internal (undocumented) -export type FieldFormatInstanceType = (new ( - params?: any, - getConfig?: FieldFormatsGetConfigFn -) => FieldFormat) & { - id: FieldFormatId; - title: string; - fieldType: string | string[]; +export type FieldFormatInstanceType = (new (params?: any, getConfig?: FieldFormatsGetConfigFn) => FieldFormat) & { + id: FieldFormatId; + title: string; + fieldType: string | string[]; }; // Warning: (ae-missing-release-tag) "fieldFormats" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const fieldFormats: { - FieldFormat: typeof FieldFormat; - FieldFormatsRegistry: typeof FieldFormatsRegistry; - DEFAULT_CONVERTER_COLOR: { - range: string; - regex: string; - text: string; - background: string; - }; - HTML_CONTEXT_TYPE: import('../common').FieldFormatsContentType; - TEXT_CONTEXT_TYPE: import('../common').FieldFormatsContentType; - FIELD_FORMAT_IDS: typeof FIELD_FORMAT_IDS; - BoolFormat: typeof BoolFormat; - BytesFormat: typeof BytesFormat; - ColorFormat: typeof ColorFormat; - DateFormat: typeof DateFormat; - DateNanosFormat: typeof DateNanosFormat; - DurationFormat: typeof DurationFormat; - IpFormat: typeof IpFormat; - NumberFormat: typeof NumberFormat; - PercentFormat: typeof PercentFormat; - RelativeDateFormat: typeof RelativeDateFormat; - SourceFormat: typeof SourceFormat; - StaticLookupFormat: typeof StaticLookupFormat; - UrlFormat: typeof UrlFormat; - StringFormat: typeof StringFormat; - TruncateFormat: typeof TruncateFormat; + FieldFormat: typeof FieldFormat; + FieldFormatsRegistry: typeof FieldFormatsRegistry; + DEFAULT_CONVERTER_COLOR: { + range: string; + regex: string; + text: string; + background: string; + }; + HTML_CONTEXT_TYPE: import("../common").FieldFormatsContentType; + TEXT_CONTEXT_TYPE: import("../common").FieldFormatsContentType; + FIELD_FORMAT_IDS: typeof FIELD_FORMAT_IDS; + BoolFormat: typeof BoolFormat; + BytesFormat: typeof BytesFormat; + ColorFormat: typeof ColorFormat; + DateFormat: typeof DateFormat; + DateNanosFormat: typeof DateNanosFormat; + DurationFormat: typeof DurationFormat; + IpFormat: typeof IpFormat; + NumberFormat: typeof NumberFormat; + PercentFormat: typeof PercentFormat; + RelativeDateFormat: typeof RelativeDateFormat; + SourceFormat: typeof SourceFormat; + StaticLookupFormat: typeof StaticLookupFormat; + UrlFormat: typeof UrlFormat; + StringFormat: typeof StringFormat; + TruncateFormat: typeof TruncateFormat; }; // @public (undocumented) @@ -692,130 +603,116 @@ export type FieldFormatsGetConfigFn = GetConfigFn; // // @public (undocumented) export class FieldList extends Array implements IIndexPatternFieldList { - // Warning: (ae-forgotten-export) The symbol "FieldSpec" needs to be exported by the entry point index.d.ts - constructor( - indexPattern: IndexPattern, - specs?: FieldSpec[], - shortDotsEnable?: boolean, - onNotification?: () => void - ); - // (undocumented) - readonly add: (field: FieldSpec) => void; - // (undocumented) - readonly getAll: () => IndexPatternField[]; - // (undocumented) - readonly getByName: (name: IndexPatternField['name']) => IndexPatternField | undefined; - // (undocumented) - readonly getByType: (type: IndexPatternField['type']) => any[]; - // (undocumented) - readonly remove: (field: IFieldType) => void; - // (undocumented) - readonly removeAll: () => void; - // (undocumented) - readonly replaceAll: (specs: FieldSpec[]) => void; - // (undocumented) - readonly toSpec: () => { - count: number; - script: string | undefined; - lang: string | undefined; - conflictDescriptions: Record | undefined; - name: string; - type: string; - esTypes: string[] | undefined; - scripted: boolean; - searchable: boolean; - aggregatable: boolean; - readFromDocValues: boolean; - subType: import('../types').IFieldSubType | undefined; - format: any; - }[]; - // (undocumented) - readonly update: (field: FieldSpec) => void; + // Warning: (ae-forgotten-export) The symbol "FieldSpec" needs to be exported by the entry point index.d.ts + constructor(indexPattern: IndexPattern, specs?: FieldSpec[], shortDotsEnable?: boolean, onNotification?: () => void); + // (undocumented) + readonly add: (field: FieldSpec) => void; + // (undocumented) + readonly getAll: () => IndexPatternField[]; + // (undocumented) + readonly getByName: (name: IndexPatternField['name']) => IndexPatternField | undefined; + // (undocumented) + readonly getByType: (type: IndexPatternField['type']) => any[]; + // (undocumented) + readonly remove: (field: IFieldType) => void; + // (undocumented) + readonly removeAll: () => void; + // (undocumented) + readonly replaceAll: (specs: FieldSpec[]) => void; + // (undocumented) + readonly toSpec: () => { + count: number; + script: string | undefined; + lang: string | undefined; + conflictDescriptions: Record | undefined; + name: string; + type: string; + esTypes: string[] | undefined; + scripted: boolean; + searchable: boolean; + aggregatable: boolean; + readFromDocValues: boolean; + subType: import("../types").IFieldSubType | undefined; + format: any; + }[]; + // (undocumented) + readonly update: (field: FieldSpec) => void; } // @public (undocumented) export interface FieldMappingSpec { - // (undocumented) - _deserialize?: (mapping: string) => any | undefined; - // (undocumented) - _serialize?: (mapping: any) => string | undefined; - // (undocumented) - type: ES_FIELD_TYPES; + // (undocumented) + _deserialize?: (mapping: string) => any | undefined; + // (undocumented) + _serialize?: (mapping: any) => string | undefined; + // (undocumented) + type: ES_FIELD_TYPES; } // Warning: (ae-missing-release-tag) "Filter" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface Filter { - // Warning: (ae-forgotten-export) The symbol "FilterState" needs to be exported by the entry point index.d.ts - // - // (undocumented) - $state?: FilterState; - // Warning: (ae-forgotten-export) The symbol "FilterMeta" needs to be exported by the entry point index.d.ts - // - // (undocumented) - meta: FilterMeta; - // (undocumented) - query?: any; + // Warning: (ae-forgotten-export) The symbol "FilterState" needs to be exported by the entry point index.d.ts + // + // (undocumented) + $state?: FilterState; + // Warning: (ae-forgotten-export) The symbol "FilterMeta" needs to be exported by the entry point index.d.ts + // + // (undocumented) + meta: FilterMeta; + // (undocumented) + query?: any; } // Warning: (ae-forgotten-export) The symbol "Props" needs to be exported by the entry point index.d.ts // Warning: (ae-missing-release-tag) "FilterBar" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export const FilterBar: React.ComponentClass< - Pick, - any -> & { - WrappedComponent: React.ComponentType; +export const FilterBar: React.ComponentClass, any> & { + WrappedComponent: React.ComponentType; }; // Warning: (ae-missing-release-tag) "FilterManager" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export class FilterManager { - constructor(uiSettings: IUiSettingsClient); - // (undocumented) - addFilters(filters: Filter[] | Filter, pinFilterStatus?: boolean): void; - // (undocumented) - getAppFilters(): Filter[]; - // (undocumented) - getFetches$(): import('rxjs').Observable; - // (undocumented) - getFilters(): Filter[]; - // (undocumented) - getGlobalFilters(): Filter[]; - // Warning: (ae-forgotten-export) The symbol "PartitionedFilters" needs to be exported by the entry point index.d.ts - // - // (undocumented) - getPartitionedFilters(): PartitionedFilters; - // (undocumented) - getUpdates$(): import('rxjs').Observable; - // (undocumented) - removeAll(): void; - // (undocumented) - removeFilter(filter: Filter): void; - setAppFilters(newAppFilters: Filter[]): void; - // (undocumented) - setFilters(newFilters: Filter[], pinFilterStatus?: boolean): void; - // (undocumented) - static setFiltersStore( - filters: Filter[], - store: FilterStateStore, - shouldOverrideStore?: boolean - ): void; - setGlobalFilters(newGlobalFilters: Filter[]): void; -} + constructor(uiSettings: IUiSettingsClient); + // (undocumented) + addFilters(filters: Filter[] | Filter, pinFilterStatus?: boolean): void; + // (undocumented) + getAppFilters(): Filter[]; + // (undocumented) + getFetches$(): import("rxjs").Observable; + // (undocumented) + getFilters(): Filter[]; + // (undocumented) + getGlobalFilters(): Filter[]; + // Warning: (ae-forgotten-export) The symbol "PartitionedFilters" needs to be exported by the entry point index.d.ts + // + // (undocumented) + getPartitionedFilters(): PartitionedFilters; + // (undocumented) + getUpdates$(): import("rxjs").Observable; + // (undocumented) + removeAll(): void; + // (undocumented) + removeFilter(filter: Filter): void; + setAppFilters(newAppFilters: Filter[]): void; + // (undocumented) + setFilters(newFilters: Filter[], pinFilterStatus?: boolean): void; + // (undocumented) + static setFiltersStore(filters: Filter[], store: FilterStateStore, shouldOverrideStore?: boolean): void; + setGlobalFilters(newGlobalFilters: Filter[]): void; + } // Warning: (ae-forgotten-export) The symbol "QueryLanguage" needs to be exported by the entry point index.d.ts // Warning: (ae-missing-release-tag) "getDefaultQuery" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export function getDefaultQuery( - language?: QueryLanguage -): { - query: string; - language: QueryLanguage; +export function getDefaultQuery(language?: QueryLanguage): { + query: string; + language: QueryLanguage; }; // Warning: (ae-forgotten-export) The symbol "IUiSettingsClient" needs to be exported by the entry point index.d.ts @@ -833,25 +730,18 @@ export const getKbnTypeNames: () => string[]; // Warning: (ae-incompatible-release-tags) The symbol "getSearchParamsFromRequest" is marked as @public, but its signature references "SearchRequest" which is marked as @internal // // @public (undocumented) -export function getSearchParamsFromRequest( - searchRequest: SearchRequest, - dependencies: { +export function getSearchParamsFromRequest(searchRequest: SearchRequest, dependencies: { esShardTimeout: number; getConfig: GetConfigFn; - } -): ISearchRequestParams; +}): ISearchRequestParams; // Warning: (ae-missing-release-tag) "getTime" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export function getTime( - indexPattern: IIndexPattern | undefined, - timeRange: TimeRange, - options?: { +export function getTime(indexPattern: IIndexPattern | undefined, timeRange: TimeRange, options?: { forceNow?: Date; fieldName?: string; - } -): import('../..').RangeFilter | undefined; +}): import("../..").RangeFilter | undefined; // Warning: (ae-missing-release-tag) "IAggConfig" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // @@ -873,40 +763,40 @@ export type IAggType = AggType; // // @public (undocumented) export interface IDataPluginServices extends Partial { - // (undocumented) - appName: string; - // (undocumented) - data: DataPublicPluginStart; - // (undocumented) - http: CoreStart_2['http']; - // (undocumented) - notifications: CoreStart_2['notifications']; - // (undocumented) - savedObjects: CoreStart_2['savedObjects']; - // (undocumented) - storage: IStorageWrapper; - // (undocumented) - uiSettings: CoreStart_2['uiSettings']; + // (undocumented) + appName: string; + // (undocumented) + data: DataPublicPluginStart; + // (undocumented) + http: CoreStart_2['http']; + // (undocumented) + notifications: CoreStart_2['notifications']; + // (undocumented) + savedObjects: CoreStart_2['savedObjects']; + // (undocumented) + storage: IStorageWrapper; + // (undocumented) + uiSettings: CoreStart_2['uiSettings']; } // Warning: (ae-missing-release-tag) "IEsSearchRequest" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IEsSearchRequest extends IKibanaSearchRequest { - // (undocumented) - indexType?: string; - // (undocumented) - params?: ISearchRequestParams; + // (undocumented) + indexType?: string; + // (undocumented) + params?: ISearchRequestParams; } // Warning: (ae-missing-release-tag) "IEsSearchResponse" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IEsSearchResponse extends IKibanaSearchResponse { - isPartial?: boolean; - isRunning?: boolean; - // (undocumented) - rawResponse: SearchResponse; + isPartial?: boolean; + isRunning?: boolean; + // (undocumented) + rawResponse: SearchResponse; } // Warning: (ae-missing-release-tag) "IFieldFormat" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) @@ -929,121 +819,118 @@ export type IFieldParamType = FieldParamType; // // @public (undocumented) export interface IFieldSubType { - // (undocumented) - multi?: { - parent: string; - }; - // (undocumented) - nested?: { - path: string; - }; + // (undocumented) + multi?: { + parent: string; + }; + // (undocumented) + nested?: { + path: string; + }; } // Warning: (ae-missing-release-tag) "IFieldType" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IFieldType { - // (undocumented) - aggregatable?: boolean; - // (undocumented) - count?: number; - // (undocumented) - displayName?: string; - // (undocumented) - esTypes?: string[]; - // (undocumented) - filterable?: boolean; - // (undocumented) - format?: any; - // (undocumented) - lang?: string; - // (undocumented) - name: string; - // (undocumented) - readFromDocValues?: boolean; - // (undocumented) - script?: string; - // (undocumented) - scripted?: boolean; - // (undocumented) - searchable?: boolean; - // (undocumented) - sortable?: boolean; - // (undocumented) - subType?: IFieldSubType; - // (undocumented) - toSpec?: () => FieldSpec; - // (undocumented) - type: string; - // (undocumented) - visualizable?: boolean; + // (undocumented) + aggregatable?: boolean; + // (undocumented) + count?: number; + // (undocumented) + displayName?: string; + // (undocumented) + esTypes?: string[]; + // (undocumented) + filterable?: boolean; + // (undocumented) + format?: any; + // (undocumented) + lang?: string; + // (undocumented) + name: string; + // (undocumented) + readFromDocValues?: boolean; + // (undocumented) + script?: string; + // (undocumented) + scripted?: boolean; + // (undocumented) + searchable?: boolean; + // (undocumented) + sortable?: boolean; + // (undocumented) + subType?: IFieldSubType; + // (undocumented) + toSpec?: () => FieldSpec; + // (undocumented) + type: string; + // (undocumented) + visualizable?: boolean; } // Warning: (ae-missing-release-tag) "IIndexPattern" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IIndexPattern { - // (undocumented) - [key: string]: any; - // (undocumented) - fieldFormatMap?: Record< - string, - { - id: string; - params: unknown; - } - >; - // (undocumented) - fields: IFieldType[]; - // (undocumented) - getTimeField?(): IFieldType | undefined; - // (undocumented) - id?: string; - // (undocumented) - timeFieldName?: string; - // (undocumented) - title: string; - // (undocumented) - type?: string; + // (undocumented) + [key: string]: any; + // (undocumented) + fieldFormatMap?: Record; + // (undocumented) + fields: IFieldType[]; + // (undocumented) + getTimeField?(): IFieldType | undefined; + // (undocumented) + id?: string; + // (undocumented) + timeFieldName?: string; + // (undocumented) + title: string; + // (undocumented) + type?: string; } // Warning: (ae-missing-release-tag) "IIndexPatternFieldList" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IIndexPatternFieldList extends Array { - // (undocumented) - add(field: FieldSpec): void; - // (undocumented) - getAll(): IndexPatternField[]; - // (undocumented) - getByName(name: IndexPatternField['name']): IndexPatternField | undefined; - // (undocumented) - getByType(type: IndexPatternField['type']): IndexPatternField[]; - // (undocumented) - remove(field: IFieldType): void; - // (undocumented) - removeAll(): void; - // (undocumented) - replaceAll(specs: FieldSpec[]): void; - // (undocumented) - update(field: FieldSpec): void; + // (undocumented) + add(field: FieldSpec): void; + // (undocumented) + getAll(): IndexPatternField[]; + // (undocumented) + getByName(name: IndexPatternField['name']): IndexPatternField | undefined; + // (undocumented) + getByType(type: IndexPatternField['type']): IndexPatternField[]; + // (undocumented) + remove(field: IFieldType): void; + // (undocumented) + removeAll(): void; + // (undocumented) + replaceAll(specs: FieldSpec[]): void; + // (undocumented) + update(field: FieldSpec): void; } // Warning: (ae-missing-release-tag) "IKibanaSearchRequest" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IKibanaSearchRequest { - debug?: boolean; - id?: string; + debug?: boolean; + id?: string; } // Warning: (ae-missing-release-tag) "IKibanaSearchResponse" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IKibanaSearchResponse { - id?: string; - loaded?: number; - total?: number; + id?: string; + loaded?: number; + total?: number; } // Warning: (ae-forgotten-export) The symbol "MetricAggType" needs to be exported by the entry point index.d.ts @@ -1056,269 +943,236 @@ export type IMetricAggType = MetricAggType; // // @public (undocumented) export class IndexPattern implements IIndexPattern { - // Warning: (ae-forgotten-export) The symbol "IndexPatternDeps" needs to be exported by the entry point index.d.ts - constructor( - id: string | undefined, - { - getConfig, - savedObjectsClient, - apiClient, - patternCache, - fieldFormats, - onNotification, - onError, - uiSettingsValues, - }: IndexPatternDeps - ); - // (undocumented) - [key: string]: any; - // (undocumented) - addScriptedField( - name: string, - script: string, - fieldType: string | undefined, - lang: string - ): Promise; - // (undocumented) - create(allowOverride?: boolean): Promise; - // (undocumented) - _fetchFields(): Promise; - // (undocumented) - fieldFormatMap: any; - // (undocumented) - fields: IIndexPatternFieldList & { - toSpec: () => FieldSpec[]; - }; - // (undocumented) - fieldsFetcher: any; - // (undocumented) - flattenHit: any; - // (undocumented) - formatField: any; - // (undocumented) - formatHit: any; - // (undocumented) - getAggregationRestrictions(): - | Record< - string, - Record< - string, - { - agg?: string | undefined; - interval?: number | undefined; - fixed_interval?: string | undefined; - calendar_interval?: string | undefined; - delay?: string | undefined; - time_zone?: string | undefined; - } - > - > - | undefined; - // (undocumented) - getComputedFields(): { - storedFields: string[]; - scriptFields: any; - docvalueFields: { - field: any; - format: string; - }[]; - }; - // (undocumented) - getFieldByName(name: string): IndexPatternField | undefined; - // (undocumented) - getFormatterForField(field: IndexPatternField | IndexPatternField['spec']): FieldFormat; - // (undocumented) - getNonScriptedFields(): IndexPatternField[]; - // (undocumented) - getScriptedFields(): IndexPatternField[]; - // (undocumented) - getSourceFiltering(): { - excludes: any[]; - }; - // (undocumented) - getTimeField(): IndexPatternField | undefined; - // (undocumented) - id?: string; - // (undocumented) - init(forceFieldRefresh?: boolean): Promise; - // Warning: (ae-forgotten-export) The symbol "IndexPatternSpec" needs to be exported by the entry point index.d.ts - // - // (undocumented) - initFromSpec(spec: IndexPatternSpec): this; - // (undocumented) - isTimeBased(): boolean; - // (undocumented) - isTimeBasedWildcard(): boolean; - // (undocumented) - isTimeNanosBased(): boolean; - // (undocumented) - isWildcard(): boolean; - // (undocumented) - metaFields: string[]; - // (undocumented) - popularizeField(fieldName: string, unit?: number): Promise; - // (undocumented) - prepBody(): { + // Warning: (ae-forgotten-export) The symbol "IndexPatternDeps" needs to be exported by the entry point index.d.ts + constructor(id: string | undefined, { getConfig, savedObjectsClient, apiClient, patternCache, fieldFormats, onNotification, onError, uiSettingsValues, }: IndexPatternDeps); + // (undocumented) [key: string]: any; - }; - // (undocumented) - refreshFields(): Promise; - // (undocumented) - removeScriptedField(fieldName: string): Promise; - // (undocumented) - save(saveAttempts?: number): Promise; - // (undocumented) - timeFieldName: string | undefined; - // (undocumented) - title: string; - // (undocumented) - toJSON(): string | undefined; - // (undocumented) - toSpec(): IndexPatternSpec; - // (undocumented) - toString(): string; - // (undocumented) - typeMeta?: IndexPatternTypeMeta; -} + // (undocumented) + addScriptedField(name: string, script: string, fieldType: string | undefined, lang: string): Promise; + // (undocumented) + create(allowOverride?: boolean): Promise; + // (undocumented) + _fetchFields(): Promise; + // (undocumented) + fieldFormatMap: any; + // (undocumented) + fields: IIndexPatternFieldList & { + toSpec: () => FieldSpec[]; + }; + // (undocumented) + fieldsFetcher: any; + // (undocumented) + flattenHit: any; + // (undocumented) + formatField: any; + // (undocumented) + formatHit: any; + // (undocumented) + getAggregationRestrictions(): Record> | undefined; + // (undocumented) + getComputedFields(): { + storedFields: string[]; + scriptFields: any; + docvalueFields: { + field: any; + format: string; + }[]; + }; + // (undocumented) + getFieldByName(name: string): IndexPatternField | undefined; + // (undocumented) + getFormatterForField(field: IndexPatternField | IndexPatternField['spec']): FieldFormat; + // (undocumented) + getNonScriptedFields(): IndexPatternField[]; + // (undocumented) + getScriptedFields(): IndexPatternField[]; + // (undocumented) + getSourceFiltering(): { + excludes: any[]; + }; + // (undocumented) + getTimeField(): IndexPatternField | undefined; + // (undocumented) + id?: string; + // (undocumented) + init(forceFieldRefresh?: boolean): Promise; + // Warning: (ae-forgotten-export) The symbol "IndexPatternSpec" needs to be exported by the entry point index.d.ts + // + // (undocumented) + initFromSpec(spec: IndexPatternSpec): this; + // (undocumented) + isTimeBased(): boolean; + // (undocumented) + isTimeBasedWildcard(): boolean; + // (undocumented) + isTimeNanosBased(): boolean; + // (undocumented) + isWildcard(): boolean; + // (undocumented) + metaFields: string[]; + // (undocumented) + popularizeField(fieldName: string, unit?: number): Promise; + // (undocumented) + prepBody(): { + [key: string]: any; + }; + // (undocumented) + refreshFields(): Promise; + // (undocumented) + removeScriptedField(fieldName: string): Promise; + // (undocumented) + save(saveAttempts?: number): Promise; + // (undocumented) + timeFieldName: string | undefined; + // (undocumented) + title: string; + // (undocumented) + toJSON(): string | undefined; + // (undocumented) + toSpec(): IndexPatternSpec; + // (undocumented) + toString(): string; + // (undocumented) + typeMeta?: IndexPatternTypeMeta; + } // Warning: (ae-missing-release-tag) "AggregationRestrictions" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type IndexPatternAggRestrictions = Record< - string, - { +export type IndexPatternAggRestrictions = Record; +}>; // Warning: (ae-missing-release-tag) "IndexPatternAttributes" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public @deprecated export interface IndexPatternAttributes { - // (undocumented) - fieldFormatMap?: string; - // (undocumented) - fields: string; - // (undocumented) - intervalName?: string; - // (undocumented) - sourceFilters?: string; - // (undocumented) - timeFieldName?: string; - // (undocumented) - title: string; - // (undocumented) - type: string; - // (undocumented) - typeMeta: string; + // (undocumented) + fieldFormatMap?: string; + // (undocumented) + fields: string; + // (undocumented) + intervalName?: string; + // (undocumented) + sourceFilters?: string; + // (undocumented) + timeFieldName?: string; + // (undocumented) + title: string; + // (undocumented) + type: string; + // (undocumented) + typeMeta: string; } // Warning: (ae-missing-release-tag) "IndexPatternField" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export class IndexPatternField implements IFieldType { - // Warning: (ae-forgotten-export) The symbol "OnNotification" needs to be exported by the entry point index.d.ts - constructor( - indexPattern: IndexPattern, - spec: FieldSpec, - displayName: string, - onNotification: OnNotification - ); - // (undocumented) - get aggregatable(): boolean; - // (undocumented) - get conflictDescriptions(): Record | undefined; - set conflictDescriptions(conflictDescriptions: Record | undefined); - // (undocumented) - get count(): number; - set count(count: number); - // (undocumented) - readonly displayName: string; - // (undocumented) - get esTypes(): string[] | undefined; - // (undocumented) - get filterable(): boolean; - // (undocumented) - get format(): FieldFormat; - // (undocumented) - readonly indexPattern: IndexPattern; - // (undocumented) - get lang(): string | undefined; - set lang(lang: string | undefined); - // (undocumented) - get name(): string; - // (undocumented) - get readFromDocValues(): boolean; - // (undocumented) - get script(): string | undefined; - set script(script: string | undefined); - // (undocumented) - get scripted(): boolean; - // (undocumented) - get searchable(): boolean; - // (undocumented) - get sortable(): boolean; - // (undocumented) - readonly spec: FieldSpec; - // (undocumented) - get subType(): import('../types').IFieldSubType | undefined; - // (undocumented) - toJSON(): { - count: number; - script: string | undefined; - lang: string | undefined; - conflictDescriptions: Record | undefined; - name: string; - type: string; - esTypes: string[] | undefined; - scripted: boolean; - searchable: boolean; - aggregatable: boolean; - readFromDocValues: boolean; - subType: import('../types').IFieldSubType | undefined; - }; - // (undocumented) - toSpec(): { - count: number; - script: string | undefined; - lang: string | undefined; - conflictDescriptions: Record | undefined; - name: string; - type: string; - esTypes: string[] | undefined; - scripted: boolean; - searchable: boolean; - aggregatable: boolean; - readFromDocValues: boolean; - subType: import('../types').IFieldSubType | undefined; - format: any; - }; - // (undocumented) - get type(): string; - // (undocumented) - get visualizable(): boolean; + // Warning: (ae-forgotten-export) The symbol "OnNotification" needs to be exported by the entry point index.d.ts + constructor(indexPattern: IndexPattern, spec: FieldSpec, displayName: string, onNotification: OnNotification); + // (undocumented) + get aggregatable(): boolean; + // (undocumented) + get conflictDescriptions(): Record | undefined; + set conflictDescriptions(conflictDescriptions: Record | undefined); + // (undocumented) + get count(): number; + set count(count: number); + // (undocumented) + readonly displayName: string; + // (undocumented) + get esTypes(): string[] | undefined; + // (undocumented) + get filterable(): boolean; + // (undocumented) + get format(): FieldFormat; + // (undocumented) + readonly indexPattern: IndexPattern; + // (undocumented) + get lang(): string | undefined; + set lang(lang: string | undefined); + // (undocumented) + get name(): string; + // (undocumented) + get readFromDocValues(): boolean; + // (undocumented) + get script(): string | undefined; + set script(script: string | undefined); + // (undocumented) + get scripted(): boolean; + // (undocumented) + get searchable(): boolean; + // (undocumented) + get sortable(): boolean; + // (undocumented) + readonly spec: FieldSpec; + // (undocumented) + get subType(): import("../types").IFieldSubType | undefined; + // (undocumented) + toJSON(): { + count: number; + script: string | undefined; + lang: string | undefined; + conflictDescriptions: Record | undefined; + name: string; + type: string; + esTypes: string[] | undefined; + scripted: boolean; + searchable: boolean; + aggregatable: boolean; + readFromDocValues: boolean; + subType: import("../types").IFieldSubType | undefined; + }; + // (undocumented) + toSpec(): { + count: number; + script: string | undefined; + lang: string | undefined; + conflictDescriptions: Record | undefined; + name: string; + type: string; + esTypes: string[] | undefined; + scripted: boolean; + searchable: boolean; + aggregatable: boolean; + readFromDocValues: boolean; + subType: import("../types").IFieldSubType | undefined; + format: any; + }; + // (undocumented) + get type(): string; + // (undocumented) + get visualizable(): boolean; } // Warning: (ae-missing-release-tag) "indexPatterns" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const indexPatterns: { - ILLEGAL_CHARACTERS_KEY: string; - CONTAINS_SPACES_KEY: string; - ILLEGAL_CHARACTERS_VISIBLE: string[]; - ILLEGAL_CHARACTERS: string[]; - isDefault: (indexPattern: import('../common').IIndexPattern) => boolean; - isFilterable: typeof isFilterable; - isNestedField: typeof isNestedField; - validate: typeof validateIndexPattern; - getFromSavedObject: typeof getFromSavedObject; - flattenHitWrapper: typeof flattenHitWrapper; - formatHitProvider: typeof formatHitProvider; + ILLEGAL_CHARACTERS_KEY: string; + CONTAINS_SPACES_KEY: string; + ILLEGAL_CHARACTERS_VISIBLE: string[]; + ILLEGAL_CHARACTERS: string[]; + isDefault: (indexPattern: import("../common").IIndexPattern) => boolean; + isFilterable: typeof isFilterable; + isNestedField: typeof isNestedField; + validate: typeof validateIndexPattern; + getFromSavedObject: typeof getFromSavedObject; + flattenHitWrapper: typeof flattenHitWrapper; + formatHitProvider: typeof formatHitProvider; }; // Warning: (ae-forgotten-export) The symbol "IndexPatternsService" needs to be exported by the entry point index.d.ts @@ -1331,86 +1185,72 @@ export type IndexPatternsContract = PublicMethodsOf; // // @public (undocumented) export class IndexPatternSelect extends Component { - constructor(props: IndexPatternSelectProps); - // (undocumented) - componentDidMount(): void; - // (undocumented) - componentWillUnmount(): void; - // (undocumented) - debouncedFetch: ((searchValue: string) => Promise) & _.Cancelable; - // (undocumented) - fetchOptions: (searchValue?: string) => void; - // (undocumented) - fetchSelectedIndexPattern: (indexPatternId: string) => Promise; - // (undocumented) - onChange: (selectedOptions: any) => void; - // (undocumented) - render(): JSX.Element; - // Warning: (ae-forgotten-export) The symbol "IndexPatternSelectState" needs to be exported by the entry point index.d.ts - // - // (undocumented) - state: IndexPatternSelectState; - // (undocumented) - UNSAFE_componentWillReceiveProps(nextProps: IndexPatternSelectProps): void; + constructor(props: IndexPatternSelectProps); + // (undocumented) + componentDidMount(): void; + // (undocumented) + componentWillUnmount(): void; + // (undocumented) + debouncedFetch: ((searchValue: string) => Promise) & _.Cancelable; + // (undocumented) + fetchOptions: (searchValue?: string) => void; + // (undocumented) + fetchSelectedIndexPattern: (indexPatternId: string) => Promise; + // (undocumented) + onChange: (selectedOptions: any) => void; + // (undocumented) + render(): JSX.Element; + // Warning: (ae-forgotten-export) The symbol "IndexPatternSelectState" needs to be exported by the entry point index.d.ts + // + // (undocumented) + state: IndexPatternSelectState; + // (undocumented) + UNSAFE_componentWillReceiveProps(nextProps: IndexPatternSelectProps): void; } // Warning: (ae-missing-release-tag) "TypeMeta" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface IndexPatternTypeMeta { - // (undocumented) - [key: string]: any; - // (undocumented) - aggs?: Record; + // (undocumented) + [key: string]: any; + // (undocumented) + aggs?: Record; } // Warning: (ae-missing-release-tag) "injectReferences" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export const injectSearchSourceReferences: ( - searchSourceFields: SearchSourceFields & { +export const injectSearchSourceReferences: (searchSourceFields: SearchSourceFields & { indexRefName: string; - }, - references: SavedObjectReference[] -) => SearchSourceFields; +}, references: SavedObjectReference[]) => SearchSourceFields; // Warning: (ae-missing-release-tag) "InputTimeRange" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type InputTimeRange = - | TimeRange - | { - from: Moment; - to: Moment; - }; +export type InputTimeRange = TimeRange | { + from: Moment; + to: Moment; +}; // Warning: (ae-missing-release-tag) "ISearch" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type ISearch = ( - request: IKibanaSearchRequest, - options?: ISearchOptions -) => Observable; +export type ISearch = (request: IKibanaSearchRequest, options?: ISearchOptions) => Observable; // Warning: (ae-missing-release-tag) "ISearchGeneric" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type ISearchGeneric = < - SearchStrategyRequest extends IEsSearchRequest = IEsSearchRequest, - SearchStrategyResponse extends IEsSearchResponse = IEsSearchResponse ->( - request: SearchStrategyRequest, - options?: ISearchOptions -) => Observable; +export type ISearchGeneric = (request: SearchStrategyRequest, options?: ISearchOptions) => Observable; // Warning: (ae-missing-release-tag) "ISearchOptions" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface ISearchOptions { - // (undocumented) - signal?: AbortSignal; - // (undocumented) - strategy?: string; + // (undocumented) + signal?: AbortSignal; + // (undocumented) + strategy?: string; } // Warning: (ae-forgotten-export) The symbol "SearchSource" needs to be exported by the entry point index.d.ts @@ -1440,48 +1280,48 @@ export const isTimeRange: (x: unknown) => x is TimeRange; // @public (undocumented) export enum KBN_FIELD_TYPES { - // (undocumented) - ATTACHMENT = 'attachment', - // (undocumented) - BOOLEAN = 'boolean', - // (undocumented) - CONFLICT = 'conflict', - // (undocumented) - DATE = 'date', - // (undocumented) - GEO_POINT = 'geo_point', - // (undocumented) - GEO_SHAPE = 'geo_shape', - // (undocumented) - HISTOGRAM = 'histogram', - // (undocumented) - IP = 'ip', - // (undocumented) - MURMUR3 = 'murmur3', - // (undocumented) - NESTED = 'nested', - // (undocumented) - NUMBER = 'number', - // (undocumented) - OBJECT = 'object', - // (undocumented) - _SOURCE = '_source', - // (undocumented) - STRING = 'string', - // (undocumented) - UNKNOWN = 'unknown', + // (undocumented) + ATTACHMENT = "attachment", + // (undocumented) + BOOLEAN = "boolean", + // (undocumented) + CONFLICT = "conflict", + // (undocumented) + DATE = "date", + // (undocumented) + GEO_POINT = "geo_point", + // (undocumented) + GEO_SHAPE = "geo_shape", + // (undocumented) + HISTOGRAM = "histogram", + // (undocumented) + IP = "ip", + // (undocumented) + MURMUR3 = "murmur3", + // (undocumented) + NESTED = "nested", + // (undocumented) + NUMBER = "number", + // (undocumented) + OBJECT = "object", + // (undocumented) + _SOURCE = "_source", + // (undocumented) + STRING = "string", + // (undocumented) + UNKNOWN = "unknown" } // Warning: (ae-missing-release-tag) "KueryNode" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface KueryNode { - // (undocumented) - [key: string]: any; - // Warning: (ae-forgotten-export) The symbol "NodeTypes" needs to be exported by the entry point index.d.ts - // - // (undocumented) - type: keyof NodeTypes; + // (undocumented) + [key: string]: any; + // Warning: (ae-forgotten-export) The symbol "NodeTypes" needs to be exported by the entry point index.d.ts + // + // (undocumented) + type: keyof NodeTypes; } // @public (undocumented) @@ -1491,79 +1331,79 @@ export type MappingObject = Record; // // @public (undocumented) export type MatchAllFilter = Filter & { - meta: MatchAllFilterMeta; - match_all: any; + meta: MatchAllFilterMeta; + match_all: any; }; // Warning: (ae-missing-release-tag) "METRIC_TYPES" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export enum METRIC_TYPES { - // (undocumented) - AVG = 'avg', - // (undocumented) - AVG_BUCKET = 'avg_bucket', - // (undocumented) - CARDINALITY = 'cardinality', - // (undocumented) - COUNT = 'count', - // (undocumented) - CUMULATIVE_SUM = 'cumulative_sum', - // (undocumented) - DERIVATIVE = 'derivative', - // (undocumented) - GEO_BOUNDS = 'geo_bounds', - // (undocumented) - GEO_CENTROID = 'geo_centroid', - // (undocumented) - MAX = 'max', - // (undocumented) - MAX_BUCKET = 'max_bucket', - // (undocumented) - MEDIAN = 'median', - // (undocumented) - MIN = 'min', - // (undocumented) - MIN_BUCKET = 'min_bucket', - // (undocumented) - MOVING_FN = 'moving_avg', - // (undocumented) - PERCENTILE_RANKS = 'percentile_ranks', - // (undocumented) - PERCENTILES = 'percentiles', - // (undocumented) - SERIAL_DIFF = 'serial_diff', - // (undocumented) - STD_DEV = 'std_dev', - // (undocumented) - SUM = 'sum', - // (undocumented) - SUM_BUCKET = 'sum_bucket', - // (undocumented) - TOP_HITS = 'top_hits', + // (undocumented) + AVG = "avg", + // (undocumented) + AVG_BUCKET = "avg_bucket", + // (undocumented) + CARDINALITY = "cardinality", + // (undocumented) + COUNT = "count", + // (undocumented) + CUMULATIVE_SUM = "cumulative_sum", + // (undocumented) + DERIVATIVE = "derivative", + // (undocumented) + GEO_BOUNDS = "geo_bounds", + // (undocumented) + GEO_CENTROID = "geo_centroid", + // (undocumented) + MAX = "max", + // (undocumented) + MAX_BUCKET = "max_bucket", + // (undocumented) + MEDIAN = "median", + // (undocumented) + MIN = "min", + // (undocumented) + MIN_BUCKET = "min_bucket", + // (undocumented) + MOVING_FN = "moving_avg", + // (undocumented) + PERCENTILE_RANKS = "percentile_ranks", + // (undocumented) + PERCENTILES = "percentiles", + // (undocumented) + SERIAL_DIFF = "serial_diff", + // (undocumented) + STD_DEV = "std_dev", + // (undocumented) + SUM = "sum", + // (undocumented) + SUM_BUCKET = "sum_bucket", + // (undocumented) + TOP_HITS = "top_hits" } // Warning: (ae-missing-release-tag) "OptionedParamType" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export class OptionedParamType extends BaseParamType { - constructor(config: Record); - // (undocumented) - options: OptionedValueProp[]; + constructor(config: Record); + // (undocumented) + options: OptionedValueProp[]; } // Warning: (ae-missing-release-tag) "OptionedValueProp" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface OptionedValueProp { - // (undocumented) - disabled?: boolean; - // (undocumented) - isCompatible: (agg: IAggConfig) => boolean; - // (undocumented) - text: string; - // (undocumented) - value: string; + // (undocumented) + disabled?: boolean; + // (undocumented) + isCompatible: (agg: IAggConfig) => boolean; + // (undocumented) + text: string; + // (undocumented) + value: string; } // Warning: (ae-forgotten-export) The symbol "parseEsInterval" needs to be exported by the entry point index.d.ts @@ -1581,21 +1421,21 @@ export const parseSearchSourceJSON: (searchSourceJSON: string) => SearchSourceFi // // @public (undocumented) export type PhraseFilter = Filter & { - meta: PhraseFilterMeta; - script?: { - script: { - source?: any; - lang?: string; - params: any; + meta: PhraseFilterMeta; + script?: { + script: { + source?: any; + lang?: string; + params: any; + }; }; - }; }; // Warning: (ae-missing-release-tag) "PhrasesFilter" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export type PhrasesFilter = Filter & { - meta: PhrasesFilterMeta; + meta: PhrasesFilterMeta; }; // Warning: (ae-forgotten-export) The symbol "DataSetupDependencies" needs to be exported by the entry point index.d.ts @@ -1603,26 +1443,16 @@ export type PhrasesFilter = Filter & { // Warning: (ae-missing-release-tag) "DataPublicPlugin" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export class Plugin - implements - Plugin_2< - DataPublicPluginSetup, - DataPublicPluginStart, - DataSetupDependencies, - DataStartDependencies - > { - // Warning: (ae-forgotten-export) The symbol "ConfigSchema" needs to be exported by the entry point index.d.ts - constructor(initializerContext: PluginInitializerContext_2); - // (undocumented) - setup( - core: CoreSetup, - { expressions, uiActions, usageCollection }: DataSetupDependencies - ): DataPublicPluginSetup; - // (undocumented) - start(core: CoreStart_2, { uiActions }: DataStartDependencies): DataPublicPluginStart; - // (undocumented) - stop(): void; -} +export class Plugin implements Plugin_2 { + // Warning: (ae-forgotten-export) The symbol "ConfigSchema" needs to be exported by the entry point index.d.ts + constructor(initializerContext: PluginInitializerContext_2); + // (undocumented) + setup(core: CoreSetup, { expressions, uiActions, usageCollection }: DataSetupDependencies): DataPublicPluginSetup; + // (undocumented) + start(core: CoreStart_2, { uiActions }: DataStartDependencies): DataPublicPluginStart; + // (undocumented) + stop(): void; + } // Warning: (ae-forgotten-export) The symbol "PluginInitializerContext" needs to be exported by the entry point index.d.ts // Warning: (ae-missing-release-tag) "plugin" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) @@ -1634,376 +1464,247 @@ export function plugin(initializerContext: PluginInitializerContext>; +export const QueryStringInput: React.FC>; // @public (undocumented) export type QuerySuggestion = QuerySuggestionBasic | QuerySuggestionField; // @public (undocumented) export interface QuerySuggestionBasic { - // (undocumented) - cursorIndex?: number; - // (undocumented) - description?: string | JSX.Element; - // (undocumented) - end: number; - // (undocumented) - start: number; - // (undocumented) - text: string; - // (undocumented) - type: QuerySuggestionTypes; + // (undocumented) + cursorIndex?: number; + // (undocumented) + description?: string | JSX.Element; + // (undocumented) + end: number; + // (undocumented) + start: number; + // (undocumented) + text: string; + // (undocumented) + type: QuerySuggestionTypes; } // @public (undocumented) export interface QuerySuggestionField extends QuerySuggestionBasic { - // (undocumented) - field: IFieldType; - // (undocumented) - type: QuerySuggestionTypes.Field; + // (undocumented) + field: IFieldType; + // (undocumented) + type: QuerySuggestionTypes.Field; } // Warning: (ae-missing-release-tag) "QuerySuggestionGetFn" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type QuerySuggestionGetFn = ( - args: QuerySuggestionGetFnArgs -) => Promise | undefined; +export type QuerySuggestionGetFn = (args: QuerySuggestionGetFnArgs) => Promise | undefined; // @public (undocumented) export interface QuerySuggestionGetFnArgs { - // (undocumented) - boolFilter?: any; - // (undocumented) - indexPatterns: IIndexPattern[]; - // (undocumented) - language: string; - // (undocumented) - query: string; - // (undocumented) - selectionEnd: number; - // (undocumented) - selectionStart: number; - // (undocumented) - signal?: AbortSignal; + // (undocumented) + boolFilter?: any; + // (undocumented) + indexPatterns: IIndexPattern[]; + // (undocumented) + language: string; + // (undocumented) + query: string; + // (undocumented) + selectionEnd: number; + // (undocumented) + selectionStart: number; + // (undocumented) + signal?: AbortSignal; } // Warning: (ae-missing-release-tag) "QuerySuggestionTypes" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export enum QuerySuggestionTypes { - // (undocumented) - Conjunction = 'conjunction', - // (undocumented) - Field = 'field', - // (undocumented) - Operator = 'operator', - // (undocumented) - RecentSearch = 'recentSearch', - // (undocumented) - Value = 'value', + // (undocumented) + Conjunction = "conjunction", + // (undocumented) + Field = "field", + // (undocumented) + Operator = "operator", + // (undocumented) + RecentSearch = "recentSearch", + // (undocumented) + Value = "value" } // Warning: (ae-forgotten-export) The symbol "EsRangeFilter" needs to be exported by the entry point index.d.ts // Warning: (ae-missing-release-tag) "RangeFilter" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export type RangeFilter = Filter & - EsRangeFilter & { +export type RangeFilter = Filter & EsRangeFilter & { meta: RangeFilterMeta; script?: { - script: { - params: any; - lang: string; - source: any; - }; + script: { + params: any; + lang: string; + source: any; + }; }; match_all?: any; - }; +}; // Warning: (ae-missing-release-tag) "RangeFilterMeta" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export type RangeFilterMeta = FilterMeta & { - params: RangeFilterParams; - field?: any; - formattedValue?: string; + params: RangeFilterParams; + field?: any; + formattedValue?: string; }; // Warning: (ae-missing-release-tag) "RangeFilterParams" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface RangeFilterParams { - // (undocumented) - format?: string; - // (undocumented) - from?: number | string; - // (undocumented) - gt?: number | string; - // (undocumented) - gte?: number | string; - // (undocumented) - lt?: number | string; - // (undocumented) - lte?: number | string; - // (undocumented) - to?: number | string; + // (undocumented) + format?: string; + // (undocumented) + from?: number | string; + // (undocumented) + gt?: number | string; + // (undocumented) + gte?: number | string; + // (undocumented) + lt?: number | string; + // (undocumented) + lte?: number | string; + // (undocumented) + to?: number | string; } // Warning: (ae-missing-release-tag) "RefreshInterval" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface RefreshInterval { - // (undocumented) - pause: boolean; - // (undocumented) - value: number; + // (undocumented) + pause: boolean; + // (undocumented) + value: number; } // Warning: (ae-missing-release-tag) "RequestTimeoutError" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public export class RequestTimeoutError extends Error { - constructor(message?: string); + constructor(message?: string); } // Warning: (ae-missing-release-tag) "SavedQuery" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface SavedQuery { - // Warning: (ae-forgotten-export) The symbol "SavedQueryAttributes" needs to be exported by the entry point index.d.ts - // - // (undocumented) - attributes: SavedQueryAttributes; - // (undocumented) - id: string; + // Warning: (ae-forgotten-export) The symbol "SavedQueryAttributes" needs to be exported by the entry point index.d.ts + // + // (undocumented) + attributes: SavedQueryAttributes; + // (undocumented) + id: string; } // Warning: (ae-missing-release-tag) "SavedQueryService" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface SavedQueryService { - // (undocumented) - deleteSavedQuery: (id: string) => Promise<{}>; - // (undocumented) - findSavedQueries: ( - searchText?: string, - perPage?: number, - activePage?: number - ) => Promise<{ - total: number; - queries: SavedQuery[]; - }>; - // (undocumented) - getAllSavedQueries: () => Promise; - // (undocumented) - getSavedQuery: (id: string) => Promise; - // (undocumented) - getSavedQueryCount: () => Promise; - // (undocumented) - saveQuery: ( - attributes: SavedQueryAttributes, - config?: { - overwrite: boolean; - } - ) => Promise; + // (undocumented) + deleteSavedQuery: (id: string) => Promise<{}>; + // (undocumented) + findSavedQueries: (searchText?: string, perPage?: number, activePage?: number) => Promise<{ + total: number; + queries: SavedQuery[]; + }>; + // (undocumented) + getAllSavedQueries: () => Promise; + // (undocumented) + getSavedQuery: (id: string) => Promise; + // (undocumented) + getSavedQueryCount: () => Promise; + // (undocumented) + saveQuery: (attributes: SavedQueryAttributes, config?: { + overwrite: boolean; + }) => Promise; } // Warning: (ae-missing-release-tag) "SavedQueryTimeFilter" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export type SavedQueryTimeFilter = TimeRange & { - refreshInterval: RefreshInterval; + refreshInterval: RefreshInterval; }; // Warning: (ae-missing-release-tag) "search" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const search: { - aggs: { - CidrMask: typeof CidrMask; - dateHistogramInterval: typeof dateHistogramInterval; - intervalOptions: ( - | { - display: string; - val: string; - enabled(agg: import('../common').IBucketAggConfig): boolean | '' | undefined; - } - | { - display: string; - val: string; - } - )[]; - InvalidEsCalendarIntervalError: typeof InvalidEsCalendarIntervalError; - InvalidEsIntervalFormatError: typeof InvalidEsIntervalFormatError; - Ipv4Address: typeof Ipv4Address; - isDateHistogramBucketAggConfig: typeof isDateHistogramBucketAggConfig; - isNumberType: (agg: import('../common').AggConfig) => boolean; - isStringType: (agg: import('../common').AggConfig) => boolean; - isType: (...types: string[]) => (agg: import('../common').AggConfig) => boolean; - isValidEsInterval: typeof isValidEsInterval; - isValidInterval: typeof isValidInterval; - parentPipelineType: string; - parseEsInterval: typeof parseEsInterval; - parseInterval: typeof parseInterval; - propFilter: typeof propFilter; - siblingPipelineType: string; - termsAggFilter: string[]; - toAbsoluteDates: typeof toAbsoluteDates; - }; - getRequestInspectorStats: typeof getRequestInspectorStats; - getResponseInspectorStats: typeof getResponseInspectorStats; - tabifyAggResponse: typeof tabifyAggResponse; - tabifyGetColumns: typeof tabifyGetColumns; + aggs: { + CidrMask: typeof CidrMask; + dateHistogramInterval: typeof dateHistogramInterval; + intervalOptions: ({ + display: string; + val: string; + enabled(agg: import("../common").IBucketAggConfig): boolean | "" | undefined; + } | { + display: string; + val: string; + })[]; + InvalidEsCalendarIntervalError: typeof InvalidEsCalendarIntervalError; + InvalidEsIntervalFormatError: typeof InvalidEsIntervalFormatError; + Ipv4Address: typeof Ipv4Address; + isDateHistogramBucketAggConfig: typeof isDateHistogramBucketAggConfig; + isNumberType: (agg: import("../common").AggConfig) => boolean; + isStringType: (agg: import("../common").AggConfig) => boolean; + isType: (...types: string[]) => (agg: import("../common").AggConfig) => boolean; + isValidEsInterval: typeof isValidEsInterval; + isValidInterval: typeof isValidInterval; + parentPipelineType: string; + parseEsInterval: typeof parseEsInterval; + parseInterval: typeof parseInterval; + propFilter: typeof propFilter; + siblingPipelineType: string; + termsAggFilter: string[]; + toAbsoluteDates: typeof toAbsoluteDates; + }; + getRequestInspectorStats: typeof getRequestInspectorStats; + getResponseInspectorStats: typeof getResponseInspectorStats; + tabifyAggResponse: typeof tabifyAggResponse; + tabifyGetColumns: typeof tabifyGetColumns; }; // Warning: (ae-missing-release-tag) "SearchBar" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -export const SearchBar: React.ComponentClass< - Pick< - Pick< - SearchBarProps, - | 'query' - | 'isLoading' - | 'filters' - | 'onRefresh' - | 'onRefreshChange' - | 'refreshInterval' - | 'intl' - | 'indexPatterns' - | 'dataTestSubj' - | 'customSubmitButton' - | 'screenTitle' - | 'showQueryBar' - | 'showQueryInput' - | 'showFilterBar' - | 'showDatePicker' - | 'showAutoRefreshOnly' - | 'isRefreshPaused' - | 'dateRangeFrom' - | 'dateRangeTo' - | 'showSaveQuery' - | 'savedQuery' - | 'onQueryChange' - | 'onQuerySubmit' - | 'onSaved' - | 'onSavedQueryUpdated' - | 'onClearSavedQuery' - | 'indicateNoData' - | 'timeHistory' - | 'onFiltersUpdated' - >, - | 'query' - | 'isLoading' - | 'filters' - | 'onRefresh' - | 'onRefreshChange' - | 'refreshInterval' - | 'indexPatterns' - | 'dataTestSubj' - | 'customSubmitButton' - | 'screenTitle' - | 'showQueryBar' - | 'showQueryInput' - | 'showFilterBar' - | 'showDatePicker' - | 'showAutoRefreshOnly' - | 'isRefreshPaused' - | 'dateRangeFrom' - | 'dateRangeTo' - | 'showSaveQuery' - | 'savedQuery' - | 'onQueryChange' - | 'onQuerySubmit' - | 'onSaved' - | 'onSavedQueryUpdated' - | 'onClearSavedQuery' - | 'indicateNoData' - | 'timeHistory' - | 'onFiltersUpdated' - >, - any -> & { - WrappedComponent: React.ComponentType< - Pick< - SearchBarProps, - | 'query' - | 'isLoading' - | 'filters' - | 'onRefresh' - | 'onRefreshChange' - | 'refreshInterval' - | 'intl' - | 'indexPatterns' - | 'dataTestSubj' - | 'customSubmitButton' - | 'screenTitle' - | 'showQueryBar' - | 'showQueryInput' - | 'showFilterBar' - | 'showDatePicker' - | 'showAutoRefreshOnly' - | 'isRefreshPaused' - | 'dateRangeFrom' - | 'dateRangeTo' - | 'showSaveQuery' - | 'savedQuery' - | 'onQueryChange' - | 'onQuerySubmit' - | 'onSaved' - | 'onSavedQueryUpdated' - | 'onClearSavedQuery' - | 'indicateNoData' - | 'timeHistory' - | 'onFiltersUpdated' - > & - ReactIntl.InjectedIntlProps - >; +export const SearchBar: React.ComponentClass, "query" | "isLoading" | "filters" | "onRefresh" | "onRefreshChange" | "refreshInterval" | "indexPatterns" | "dataTestSubj" | "customSubmitButton" | "screenTitle" | "showQueryBar" | "showQueryInput" | "showFilterBar" | "showDatePicker" | "showAutoRefreshOnly" | "isRefreshPaused" | "dateRangeFrom" | "dateRangeTo" | "showSaveQuery" | "savedQuery" | "onQueryChange" | "onQuerySubmit" | "onSaved" | "onSavedQueryUpdated" | "onClearSavedQuery" | "indicateNoData" | "timeHistory" | "onFiltersUpdated">, any> & { + WrappedComponent: React.ComponentType & ReactIntl.InjectedIntlProps>; }; // Warning: (ae-forgotten-export) The symbol "SearchBarOwnProps" needs to be exported by the entry point index.d.ts @@ -2017,76 +1718,70 @@ export type SearchBarProps = SearchBarOwnProps & SearchBarInjectedDeps; // // @public (undocumented) export interface SearchError { - // (undocumented) - message: string; - // (undocumented) - name: string; - // (undocumented) - path: string; - // (undocumented) - status: string; - // (undocumented) - title: string; - // (undocumented) - type: string; + // (undocumented) + message: string; + // (undocumented) + name: string; + // (undocumented) + path: string; + // (undocumented) + status: string; + // (undocumented) + title: string; + // (undocumented) + type: string; } // Warning: (ae-missing-release-tag) "SearchInterceptor" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export class SearchInterceptor { - constructor(deps: SearchInterceptorDeps, requestTimeout?: number | undefined); - // @internal - protected abortController: AbortController; - // @internal (undocumented) - protected application: CoreStart['application']; - // (undocumented) - protected readonly deps: SearchInterceptorDeps; - getPendingCount$(): Observable; - // @internal (undocumented) - protected hideToast: () => void; - // @internal - protected longRunningToast?: Toast; - // @internal - protected pendingCount$: BehaviorSubject; - // (undocumented) - protected readonly requestTimeout?: number | undefined; - // (undocumented) - protected runSearch( - request: IEsSearchRequest, - signal: AbortSignal, - strategy?: string - ): Observable; - search(request: IEsSearchRequest, options?: ISearchOptions): Observable; - // (undocumented) - protected setupTimers( - options?: ISearchOptions - ): { - combinedSignal: AbortSignal; - cleanup: () => void; - }; - // @internal (undocumented) - protected showToast: () => void; - // @internal - protected timeoutSubscriptions: Subscription; + constructor(deps: SearchInterceptorDeps, requestTimeout?: number | undefined); + // @internal + protected abortController: AbortController; + // @internal (undocumented) + protected application: CoreStart['application']; + // (undocumented) + protected readonly deps: SearchInterceptorDeps; + getPendingCount$(): Observable; + // @internal (undocumented) + protected hideToast: () => void; + // @internal + protected longRunningToast?: Toast; + // @internal + protected pendingCount$: BehaviorSubject; + // (undocumented) + protected readonly requestTimeout?: number | undefined; + // (undocumented) + protected runSearch(request: IEsSearchRequest, signal: AbortSignal, strategy?: string): Observable; + search(request: IEsSearchRequest, options?: ISearchOptions): Observable; + // (undocumented) + protected setupTimers(options?: ISearchOptions): { + combinedSignal: AbortSignal; + cleanup: () => void; + }; + // @internal (undocumented) + protected showToast: () => void; + // @internal + protected timeoutSubscriptions: Subscription; } // Warning: (ae-missing-release-tag) "SearchInterceptorDeps" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export interface SearchInterceptorDeps { - // (undocumented) - http: CoreSetup_2['http']; - // (undocumented) - startServices: Promise<[CoreStart, any, unknown]>; - // (undocumented) - toasts: ToastsSetup; - // (undocumented) - uiSettings: CoreSetup_2['uiSettings']; - // Warning: (ae-forgotten-export) The symbol "SearchUsageCollector" needs to be exported by the entry point index.d.ts - // - // (undocumented) - usageCollector?: SearchUsageCollector; + // (undocumented) + http: CoreSetup_2['http']; + // (undocumented) + startServices: Promise<[CoreStart, any, unknown]>; + // (undocumented) + toasts: ToastsSetup; + // (undocumented) + uiSettings: CoreSetup_2['uiSettings']; + // Warning: (ae-forgotten-export) The symbol "SearchUsageCollector" needs to be exported by the entry point index.d.ts + // + // (undocumented) + usageCollector?: SearchUsageCollector; } // @internal @@ -2096,82 +1791,79 @@ export type SearchRequest = Record; // // @public (undocumented) export interface SearchSourceFields { - // (undocumented) - aggs?: any; - // (undocumented) - fields?: NameList; - // (undocumented) - filter?: Filter[] | Filter | (() => Filter[] | Filter | undefined); - // (undocumented) - from?: number; - // (undocumented) - highlight?: any; - // (undocumented) - highlightAll?: boolean; - // (undocumented) - index?: IndexPattern; - // (undocumented) - query?: Query; - // Warning: (ae-forgotten-export) The symbol "EsQuerySearchAfter" needs to be exported by the entry point index.d.ts - // - // (undocumented) - searchAfter?: EsQuerySearchAfter; - // (undocumented) - size?: number; - // (undocumented) - sort?: EsQuerySortValue | EsQuerySortValue[]; - // (undocumented) - source?: NameList; - // (undocumented) - terminate_after?: number; - // (undocumented) - timeout?: string; - // (undocumented) - type?: string; - // (undocumented) - version?: boolean; + // (undocumented) + aggs?: any; + // (undocumented) + fields?: NameList; + // (undocumented) + filter?: Filter[] | Filter | (() => Filter[] | Filter | undefined); + // (undocumented) + from?: number; + // (undocumented) + highlight?: any; + // (undocumented) + highlightAll?: boolean; + // (undocumented) + index?: IndexPattern; + // (undocumented) + query?: Query; + // Warning: (ae-forgotten-export) The symbol "EsQuerySearchAfter" needs to be exported by the entry point index.d.ts + // + // (undocumented) + searchAfter?: EsQuerySearchAfter; + // (undocumented) + size?: number; + // (undocumented) + sort?: EsQuerySortValue | EsQuerySortValue[]; + // (undocumented) + source?: NameList; + // (undocumented) + terminate_after?: number; + // (undocumented) + timeout?: string; + // (undocumented) + type?: string; + // (undocumented) + version?: boolean; } // Warning: (ae-missing-release-tag) "SortDirection" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export enum SortDirection { - // (undocumented) - asc = 'asc', - // (undocumented) - desc = 'desc', + // (undocumented) + asc = "asc", + // (undocumented) + desc = "desc" } // Warning: (ae-missing-release-tag) "StatefulSearchBarProps" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export type StatefulSearchBarProps = SearchBarOwnProps & { - appName: string; - useDefaultBehaviors?: boolean; - savedQueryId?: string; - onSavedQueryIdChange?: (savedQueryId?: string) => void; + appName: string; + useDefaultBehaviors?: boolean; + savedQueryId?: string; + onSavedQueryIdChange?: (savedQueryId?: string) => void; }; // Warning: (ae-forgotten-export) The symbol "IKbnUrlStateStorage" needs to be exported by the entry point index.d.ts // Warning: (ae-missing-release-tag) "syncQueryStateWithUrl" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public -export const syncQueryStateWithUrl: ( - query: Pick, - kbnUrlStateStorage: IKbnUrlStateStorage -) => { - stop: () => void; - hasInheritedQueryFromUrl: boolean; +export const syncQueryStateWithUrl: (query: Pick, kbnUrlStateStorage: IKbnUrlStateStorage) => { + stop: () => void; + hasInheritedQueryFromUrl: boolean; }; // @public (undocumented) export interface TabbedAggColumn { - // (undocumented) - aggConfig: IAggConfig; - // (undocumented) - id: string; - // (undocumented) - name: string; + // (undocumented) + aggConfig: IAggConfig; + // (undocumented) + id: string; + // (undocumented) + name: string; } // @public (undocumented) @@ -2179,10 +1871,10 @@ export type TabbedAggRow = Record; // @public (undocumented) export interface TabbedTable { - // (undocumented) - columns: TabbedAggColumn[]; - // (undocumented) - rows: TabbedAggRow[]; + // (undocumented) + columns: TabbedAggColumn[]; + // (undocumented) + rows: TabbedAggRow[]; } // Warning: (ae-forgotten-export) The symbol "Timefilter" needs to be exported by the entry point index.d.ts @@ -2195,12 +1887,12 @@ export type TimefilterContract = PublicMethodsOf; // // @public (undocumented) export class TimeHistory { - constructor(storage: IStorageWrapper); - // (undocumented) - add(time: TimeRange): void; - // (undocumented) - get(): TimeRange[]; -} + constructor(storage: IStorageWrapper); + // (undocumented) + add(time: TimeRange): void; + // (undocumented) + get(): TimeRange[]; + } // Warning: (ae-missing-release-tag) "TimeHistoryContract" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // @@ -2211,48 +1903,49 @@ export type TimeHistoryContract = PublicMethodsOf; // // @public (undocumented) export interface TimeRange { - // (undocumented) - from: string; - // (undocumented) - mode?: 'absolute' | 'relative'; - // (undocumented) - to: string; + // (undocumented) + from: string; + // (undocumented) + mode?: 'absolute' | 'relative'; + // (undocumented) + to: string; } // Warning: (ae-missing-release-tag) "UI_SETTINGS" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) export const UI_SETTINGS: { - readonly META_FIELDS: 'metaFields'; - readonly DOC_HIGHLIGHT: 'doc_table:highlight'; - readonly QUERY_STRING_OPTIONS: 'query:queryString:options'; - readonly QUERY_ALLOW_LEADING_WILDCARDS: 'query:allowLeadingWildcards'; - readonly SEARCH_QUERY_LANGUAGE: 'search:queryLanguage'; - readonly SORT_OPTIONS: 'sort:options'; - readonly COURIER_IGNORE_FILTER_IF_FIELD_NOT_IN_INDEX: 'courier:ignoreFilterIfFieldNotInIndex'; - readonly COURIER_SET_REQUEST_PREFERENCE: 'courier:setRequestPreference'; - readonly COURIER_CUSTOM_REQUEST_PREFERENCE: 'courier:customRequestPreference'; - readonly COURIER_MAX_CONCURRENT_SHARD_REQUESTS: 'courier:maxConcurrentShardRequests'; - readonly COURIER_BATCH_SEARCHES: 'courier:batchSearches'; - readonly SEARCH_INCLUDE_FROZEN: 'search:includeFrozen'; - readonly HISTOGRAM_BAR_TARGET: 'histogram:barTarget'; - readonly HISTOGRAM_MAX_BARS: 'histogram:maxBars'; - readonly HISTORY_LIMIT: 'history:limit'; - readonly SHORT_DOTS_ENABLE: 'shortDots:enable'; - readonly FORMAT_DEFAULT_TYPE_MAP: 'format:defaultTypeMap'; - readonly FORMAT_NUMBER_DEFAULT_PATTERN: 'format:number:defaultPattern'; - readonly FORMAT_PERCENT_DEFAULT_PATTERN: 'format:percent:defaultPattern'; - readonly FORMAT_BYTES_DEFAULT_PATTERN: 'format:bytes:defaultPattern'; - readonly FORMAT_CURRENCY_DEFAULT_PATTERN: 'format:currency:defaultPattern'; - readonly FORMAT_NUMBER_DEFAULT_LOCALE: 'format:number:defaultLocale'; - readonly TIMEPICKER_REFRESH_INTERVAL_DEFAULTS: 'timepicker:refreshIntervalDefaults'; - readonly TIMEPICKER_QUICK_RANGES: 'timepicker:quickRanges'; - readonly TIMEPICKER_TIME_DEFAULTS: 'timepicker:timeDefaults'; - readonly INDEXPATTERN_PLACEHOLDER: 'indexPattern:placeholder'; - readonly FILTERS_PINNED_BY_DEFAULT: 'filters:pinnedByDefault'; - readonly FILTERS_EDITOR_SUGGEST_VALUES: 'filterEditor:suggestValues'; + readonly META_FIELDS: "metaFields"; + readonly DOC_HIGHLIGHT: "doc_table:highlight"; + readonly QUERY_STRING_OPTIONS: "query:queryString:options"; + readonly QUERY_ALLOW_LEADING_WILDCARDS: "query:allowLeadingWildcards"; + readonly SEARCH_QUERY_LANGUAGE: "search:queryLanguage"; + readonly SORT_OPTIONS: "sort:options"; + readonly COURIER_IGNORE_FILTER_IF_FIELD_NOT_IN_INDEX: "courier:ignoreFilterIfFieldNotInIndex"; + readonly COURIER_SET_REQUEST_PREFERENCE: "courier:setRequestPreference"; + readonly COURIER_CUSTOM_REQUEST_PREFERENCE: "courier:customRequestPreference"; + readonly COURIER_MAX_CONCURRENT_SHARD_REQUESTS: "courier:maxConcurrentShardRequests"; + readonly COURIER_BATCH_SEARCHES: "courier:batchSearches"; + readonly SEARCH_INCLUDE_FROZEN: "search:includeFrozen"; + readonly HISTOGRAM_BAR_TARGET: "histogram:barTarget"; + readonly HISTOGRAM_MAX_BARS: "histogram:maxBars"; + readonly HISTORY_LIMIT: "history:limit"; + readonly SHORT_DOTS_ENABLE: "shortDots:enable"; + readonly FORMAT_DEFAULT_TYPE_MAP: "format:defaultTypeMap"; + readonly FORMAT_NUMBER_DEFAULT_PATTERN: "format:number:defaultPattern"; + readonly FORMAT_PERCENT_DEFAULT_PATTERN: "format:percent:defaultPattern"; + readonly FORMAT_BYTES_DEFAULT_PATTERN: "format:bytes:defaultPattern"; + readonly FORMAT_CURRENCY_DEFAULT_PATTERN: "format:currency:defaultPattern"; + readonly FORMAT_NUMBER_DEFAULT_LOCALE: "format:number:defaultLocale"; + readonly TIMEPICKER_REFRESH_INTERVAL_DEFAULTS: "timepicker:refreshIntervalDefaults"; + readonly TIMEPICKER_QUICK_RANGES: "timepicker:quickRanges"; + readonly TIMEPICKER_TIME_DEFAULTS: "timepicker:timeDefaults"; + readonly INDEXPATTERN_PLACEHOLDER: "indexPattern:placeholder"; + readonly FILTERS_PINNED_BY_DEFAULT: "filters:pinnedByDefault"; + readonly FILTERS_EDITOR_SUGGEST_VALUES: "filterEditor:suggestValues"; }; + // Warnings were encountered during analysis: // // src/plugins/data/common/es_query/filters/exists_filter.ts:30:3 - (ae-forgotten-export) The symbol "ExistsFilterMeta" needs to be exported by the entry point index.d.ts @@ -2313,4 +2006,5 @@ export const UI_SETTINGS: { // src/plugins/data/public/types.ts:71:5 - (ae-forgotten-export) The symbol "IndexPatternSelectProps" needs to be exported by the entry point index.d.ts // (No @packageDocumentation comment for this package) + ``` From 2e36ea0c9f18389d4944fd5e45a690e2df6aa5d5 Mon Sep 17 00:00:00 2001 From: Patryk Kopycinski Date: Wed, 2 Sep 2020 12:26:10 +0200 Subject: [PATCH 13/16] imports --- .../components/timeline/body/events/stateful_event.tsx | 10 +++------- .../timeline/body/renderers/get_row_renderer.ts | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx index a6095de60a825..9691327f2c988 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/events/stateful_event.tsx @@ -12,12 +12,8 @@ import VisibilitySensor from 'react-visibility-sensor'; import { TimelineId } from '../../../../../../common/types/timeline'; import { BrowserFields, DocValueFields } from '../../../../../common/containers/source'; import { useTimelineDetails } from '../../../../containers/details'; -import { - TimelineItem, - TimelineNonEcsData, - DetailItem, -} from '../../../../../../common/search_strategy/timeline'; -import { Ecs } from '../../../../../../common/ecs'; +import { TimelineItem, TimelineNonEcsData } from '../../../../../graphql/types'; +import { DetailItem } from '../../../../../../common/search_strategy/timeline'; import { Note } from '../../../../../common/lib/note'; import { ColumnHeaderOptions, TimelineModel } from '../../../../../timelines/store/timeline/model'; import { AddNoteToEvent, UpdateNote } from '../../../notes/helpers'; @@ -239,7 +235,7 @@ const StatefulEventComponent: React.FC = ({ /> - {getRowRenderer(event.ecs, rowRenderers).renderRow({ + {getRowRenderer(event.ecs, rowRenderers).renderRow({ browserFields, data: event.ecs, timelineId, diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/get_row_renderer.ts b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/get_row_renderer.ts index 4f7f9bced5704..778246aeb1815 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/get_row_renderer.ts +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/get_row_renderer.ts @@ -11,7 +11,7 @@ const unhandledRowRenderer = (): never => { throw new Error('Unhandled Row Renderer'); }; -export const getRowRenderer = (ecs: T, rowRenderers: RowRenderer[]): RowRenderer => { +export const getRowRenderer = (ecs: Ecs, rowRenderers: RowRenderer[]): RowRenderer => { const renderer = rowRenderers.find((rowRenderer) => rowRenderer.isInstance(ecs)); if (renderer == null) { return unhandledRowRenderer(); From e512f1d9ac09c2302ed0564eff17be4eeb080568 Mon Sep 17 00:00:00 2001 From: Patryk Kopycinski Date: Thu, 3 Sep 2020 11:02:18 +0200 Subject: [PATCH 14/16] PR comments --- .../common/search_strategy/common/index.ts | 119 +++++++++++++++++ .../common/search_strategy/index.ts | 9 ++ .../security_solution/index.ts | 121 ++---------------- .../search_strategy/timeline/details/index.ts | 10 +- .../common/search_strategy/timeline/index.ts | 97 ++++---------- .../timelines/containers/details/index.tsx | 6 +- .../timeline/factory/details/index.ts | 17 +-- .../{dsl => }/query.timeline_details.dsl.ts | 4 +- .../search_strategy/timeline/factory/index.ts | 13 +- .../search_strategy/timeline/factory/types.ts | 14 +- .../server/search_strategy/timeline/index.ts | 10 +- 11 files changed, 191 insertions(+), 229 deletions(-) create mode 100644 x-pack/plugins/security_solution/common/search_strategy/common/index.ts create mode 100644 x-pack/plugins/security_solution/common/search_strategy/index.ts rename x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/{dsl => }/query.timeline_details.dsl.ts (83%) diff --git a/x-pack/plugins/security_solution/common/search_strategy/common/index.ts b/x-pack/plugins/security_solution/common/search_strategy/common/index.ts new file mode 100644 index 0000000000000..0576871a2bf81 --- /dev/null +++ b/x-pack/plugins/security_solution/common/search_strategy/common/index.ts @@ -0,0 +1,119 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IEsSearchResponse } from '../../../../../../src/plugins/data/common'; + +export type Maybe = T | null; + +export type SearchHit = IEsSearchResponse['rawResponse']['hits']['hits'][0]; + +export interface TotalValue { + value: number; + relation: string; +} + +export interface Inspect { + dsl: string[]; +} + +export interface PageInfoPaginated { + activePage: number; + fakeTotalCount: number; + showMorePagesIndicator: boolean; +} + +export interface CursorType { + value?: Maybe; + tiebreaker?: Maybe; +} + +export enum Direction { + asc = 'asc', + desc = 'desc', +} + +export interface SortField { + field: Field; + direction: Direction; +} + +export interface TimerangeInput { + /** The interval string to use for last bucket. The format is '{value}{unit}'. For example '5m' would return the metrics for the last 5 minutes of the timespan. */ + interval: string; + /** The end of the timerange */ + to: string; + /** The beginning of the timerange */ + from: string; +} + +export interface PaginationInput { + /** The limit parameter allows you to configure the maximum amount of items to be returned */ + limit: number; + /** The cursor parameter defines the next result you want to fetch */ + cursor?: Maybe; + /** The tiebreaker parameter allow to be more precise to fetch the next item */ + tiebreaker?: Maybe; +} + +export interface PaginationInputPaginated { + /** The activePage parameter defines the page of results you want to fetch */ + activePage: number; + /** The cursorStart parameter defines the start of the results to be displayed */ + cursorStart: number; + /** The fakePossibleCount parameter determines the total count in order to show 5 additional pages */ + fakePossibleCount: number; + /** The querySize parameter is the number of items to be returned */ + querySize: number; +} + +export interface DocValueFields { + field: string; + format: string; +} + +export interface Explanation { + value: number; + description: string; + details: Explanation[]; +} + +export interface TotalValue { + value: number; + relation: string; +} +export interface ShardsResponse { + total: number; + successful: number; + failed: number; + skipped: number; +} + +export interface TotalHit { + value: number; + relation: string; +} + +export interface Hit { + _index: string; + _type: string; + _id: string; + _score: number | null; +} + +export interface Hits { + hits: { + total: T; + max_score: number | null; + hits: U[]; + }; +} + +export interface GenericBuckets { + key: string; + doc_count: number; +} + +export type StringOrNumber = string | number; diff --git a/x-pack/plugins/security_solution/common/search_strategy/index.ts b/x-pack/plugins/security_solution/common/search_strategy/index.ts new file mode 100644 index 0000000000000..cff9f4ca2f029 --- /dev/null +++ b/x-pack/plugins/security_solution/common/search_strategy/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export * from './common'; +export * from './security_solution'; +export * from './timeline'; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts index 474002c93f24f..981145d4a94fb 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { IEsSearchRequest, IEsSearchResponse } from '../../../../../../src/plugins/data/common'; +import { IEsSearchRequest } from '../../../../../../src/plugins/data/common'; import { ESQuery } from '../../typed_json'; import { HostOverviewStrategyResponse, @@ -26,116 +26,20 @@ import { NetworkHttpStrategyResponse, NetworkHttpRequestOptions, } from './network'; +import { + DocValueFields, + TimerangeInput, + SortField, + PaginationInput, + PaginationInputPaginated, +} from '../common'; export * from './hosts'; export * from './network'; -export type Maybe = T | null; +export * from '../common'; export type FactoryQueryTypes = HostsQueries | NetworkQueries; -export type SearchHit = IEsSearchResponse['rawResponse']['hits']['hits'][0]; - -export interface TotalValue { - value: number; - relation: string; -} - -export interface Inspect { - dsl: string[]; -} - -export interface PageInfoPaginated { - activePage: number; - fakeTotalCount: number; - showMorePagesIndicator: boolean; -} - -export interface CursorType { - value?: Maybe; - tiebreaker?: Maybe; -} - -export enum Direction { - asc = 'asc', - desc = 'desc', -} - -export interface SortField { - field: Field; - direction: Direction; -} - -export interface TimerangeInput { - /** The interval string to use for last bucket. The format is '{value}{unit}'. For example '5m' would return the metrics for the last 5 minutes of the timespan. */ - interval: string; - /** The end of the timerange */ - to: string; - /** The beginning of the timerange */ - from: string; -} - -export interface PaginationInput { - /** The limit parameter allows you to configure the maximum amount of items to be returned */ - limit: number; - /** The cursor parameter defines the next result you want to fetch */ - cursor?: Maybe; - /** The tiebreaker parameter allow to be more precise to fetch the next item */ - tiebreaker?: Maybe; -} - -export interface PaginationInputPaginated { - /** The activePage parameter defines the page of results you want to fetch */ - activePage: number; - /** The cursorStart parameter defines the start of the results to be displayed */ - cursorStart: number; - /** The fakePossibleCount parameter determines the total count in order to show 5 additional pages */ - fakePossibleCount: number; - /** The querySize parameter is the number of items to be returned */ - querySize: number; -} - -export interface DocValueFields { - field: string; - format: string; -} - -export interface Explanation { - value: number; - description: string; - details: Explanation[]; -} - -export interface TotalValue { - value: number; - relation: string; -} -export interface ShardsResponse { - total: number; - successful: number; - failed: number; - skipped: number; -} - -export interface TotalHit { - value: number; - relation: string; -} - -export interface Hit { - _index: string; - _type: string; - _id: string; - _score: number | null; -} - -export interface Hits { - hits: { - total: T; - max_score: number | null; - hits: U[]; - }; -} - export interface RequestBasicOptions extends IEsSearchRequest { timerange: TimerangeInput; filterQuery: ESQuery | string | undefined; @@ -183,10 +87,3 @@ export type StrategyRequestType = T extends HostsQu : T extends NetworkQueries.http ? NetworkHttpRequestOptions : never; - -export type StringOrNumber = string | number; - -export interface GenericBuckets { - key: string; - doc_count: number; -} diff --git a/x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts b/x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts index b629f730ca33f..e5e1c41f4731a 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/timeline/details/index.ts @@ -5,11 +5,8 @@ */ import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; -import { Inspect, Maybe, RequestOptionsPaginated } from '..'; - -export enum TimelineDetailsQueries { - timelineDetails = 'timelineDetails', -} +import { Inspect, Maybe } from '../../common'; +import { TimelineRequestOptionsPaginated } from '..'; export interface DetailItem { field: string; @@ -20,11 +17,10 @@ export interface DetailItem { export interface TimelineDetailsStrategyResponse extends IEsSearchResponse { data?: Maybe; - inspect?: Maybe; } -export interface TimelineDetailsRequestOptions extends Partial { +export interface TimelineDetailsRequestOptions extends Partial { defaultIndex: string[]; executeQuery: boolean; indexName: string; diff --git a/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts b/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts index f6612256ddf6c..a7bf61c102cd4 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/timeline/index.ts @@ -8,40 +8,23 @@ import { IEsSearchRequest } from '../../../../../../src/plugins/data/common'; import { ESQuery } from '../../typed_json'; import { Ecs } from '../../ecs'; import { - TimelineDetailsQueries, - TimelineDetailsRequestOptions, - TimelineDetailsStrategyResponse, -} from './details'; -export * from './details'; -export type Maybe = T | null; - -export type FactoryQueryTypes = TimelineDetailsQueries; - -export interface Inspect { - dsl: string[]; - response: string[]; -} - -export interface PageInfoPaginated { - activePage: number; - fakeTotalCount: number; - showMorePagesIndicator: boolean; -} + CursorType, + Maybe, + TimerangeInput, + DocValueFields, + PaginationInput, + PaginationInputPaginated, + SortField, +} from '../common'; +import { TimelineDetailsRequestOptions, TimelineDetailsStrategyResponse } from './details'; -export interface CursorType { - value?: Maybe; - tiebreaker?: Maybe; -} +export * from './details'; -export enum Direction { - asc = 'asc', - desc = 'desc', +export enum TimelineQueries { + details = 'details', } -export interface SortField { - field: string; - direction: Direction; -} +export type TimelineFactoryQueryTypes = TimelineQueries; export interface TimelineEdges { node: TimelineItem; @@ -60,62 +43,28 @@ export interface TimelineNonEcsData { value?: Maybe; } -export interface TimerangeInput { - /** The interval string to use for last bucket. The format is '{value}{unit}'. For example '5m' would return the metrics for the last 5 minutes of the timespan. */ - interval: string; - /** The end of the timerange */ - to: string; - /** The beginning of the timerange */ - from: string; -} - -export interface PaginationInput { - /** The limit parameter allows you to configure the maximum amount of items to be returned */ - limit: number; - /** The cursor parameter defines the next result you want to fetch */ - cursor?: Maybe; - /** The tiebreaker parameter allow to be more precise to fetch the next item */ - tiebreaker?: Maybe; -} - -export interface PaginationInputPaginated { - /** The activePage parameter defines the page of results you want to fetch */ - activePage: number; - /** The cursorStart parameter defines the start of the results to be displayed */ - cursorStart: number; - /** The fakePossibleCount parameter determines the total count in order to show 5 additional pages */ - fakePossibleCount: number; - /** The querySize parameter is the number of items to be returned */ - querySize: number; -} - -export interface DocValueFields { - field: string; - format: string; -} - -export interface RequestBasicOptions extends IEsSearchRequest { +export interface TimelineRequestBasicOptions extends IEsSearchRequest { timerange: TimerangeInput; filterQuery: ESQuery | string | undefined; defaultIndex: string[]; docValueFields?: DocValueFields[]; - factoryQueryType?: FactoryQueryTypes; + factoryQueryType?: TimelineFactoryQueryTypes; } -export interface RequestOptions extends RequestBasicOptions { +export interface TimelineRequestOptions extends TimelineRequestBasicOptions { pagination: PaginationInput; sortField?: SortField; } -export interface RequestOptionsPaginated extends RequestBasicOptions { +export interface TimelineRequestOptionsPaginated extends TimelineRequestBasicOptions { pagination: PaginationInputPaginated; sortField?: SortField; } -export type StrategyResponseType< - T extends FactoryQueryTypes -> = T extends TimelineDetailsQueries.timelineDetails ? TimelineDetailsStrategyResponse : never; +export type TimelineStrategyResponseType< + T extends TimelineFactoryQueryTypes +> = T extends TimelineQueries.details ? TimelineDetailsStrategyResponse : never; -export type StrategyRequestType< - T extends FactoryQueryTypes -> = T extends TimelineDetailsQueries.timelineDetails ? TimelineDetailsRequestOptions : never; +export type TimelineStrategyRequestType< + T extends TimelineFactoryQueryTypes +> = T extends TimelineQueries.details ? TimelineDetailsRequestOptions : never; diff --git a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx index 2edafc9ea85f4..64042f4c41ccc 100644 --- a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx @@ -15,10 +15,10 @@ import { useKibana } from '../../../common/lib/kibana'; import { DocValueFields, DetailItem, - TimelineDetailsQueries, + TimelineQueries, TimelineDetailsRequestOptions, TimelineDetailsStrategyResponse, -} from '../../../../common/search_strategy/timeline'; +} from '../../../../common/search_strategy'; export interface EventsArgs { detailsData: DetailItem[] | null; loading: boolean; @@ -54,7 +54,7 @@ export const useTimelineDetails = ({ executeQuery, indexName, eventId, - factoryQueryType: TimelineDetailsQueries.timelineDetails, + factoryQueryType: TimelineQueries.details, }); const [timelineDetailsResponse, setTimelineDetailsResponse] = useState( diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts index 16c2bf3718715..e1fabe2b4d586 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/index.ts @@ -7,20 +7,17 @@ import { getOr, merge } from 'lodash/fp'; import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; - import { - FactoryQueryTypes, + TimelineQueries, TimelineDetailsStrategyResponse, - TimelineDetailsQueries, TimelineDetailsRequestOptions, } from '../../../../../common/search_strategy/timeline'; - import { inspectStringifyObject } from '../../../../utils/build_query'; import { SecuritySolutionTimelineFactory } from '../types'; -import { buildTimelineDetailsQuery } from './dsl/query.timeline_details.dsl'; +import { buildTimelineDetailsQuery } from './query.timeline_details.dsl'; import { getDataFromHits } from './helpers'; -export const timelineDetails: SecuritySolutionTimelineFactory = { +export const timelineDetails: SecuritySolutionTimelineFactory = { buildDsl: (options: TimelineDetailsRequestOptions) => { const { indexName, eventId, docValueFields = [] } = options; return buildTimelineDetailsQuery(indexName, eventId, docValueFields); @@ -35,7 +32,6 @@ export const timelineDetails: SecuritySolutionTimelineFactory -> = { - [TimelineDetailsQueries.timelineDetails]: timelineDetails, -}; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/dsl/query.timeline_details.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/query.timeline_details.dsl.ts similarity index 83% rename from x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/dsl/query.timeline_details.dsl.ts rename to x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/query.timeline_details.dsl.ts index ea29bf64b4ed4..4f003c1c27ef2 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/dsl/query.timeline_details.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/details/query.timeline_details.dsl.ts @@ -4,12 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ -import { DocValueFieldsInput } from '../../../../../graphql/types'; +import { DocValueFields } from '../../../../../common/search_strategy'; export const buildTimelineDetailsQuery = ( indexName: string, id: string, - docValueFields: DocValueFieldsInput[] + docValueFields: DocValueFields[] ) => ({ allowNoIndices: true, index: indexName, diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts index 34e347f0ea2a9..aa4cdaeedb131 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/index.ts @@ -4,14 +4,17 @@ * you may not use this file except in compliance with the Elastic License. */ -import { FactoryQueryTypes } from '../../../../common/search_strategy/timeline'; +import { + TimelineFactoryQueryTypes, + TimelineQueries, +} from '../../../../common/search_strategy/timeline'; -import { timelineDetailsFactory } from './details'; +import { timelineDetails } from './details'; import { SecuritySolutionTimelineFactory } from './types'; export const securitySolutionTimelineFactory: Record< - FactoryQueryTypes, - SecuritySolutionTimelineFactory + TimelineFactoryQueryTypes, + SecuritySolutionTimelineFactory > = { - ...timelineDetailsFactory, + [TimelineQueries.details]: timelineDetails, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts index 571055e481e79..55eddf64b68ff 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/types.ts @@ -6,15 +6,15 @@ import { IEsSearchResponse } from '../../../../../../../src/plugins/data/common'; import { - FactoryQueryTypes, - StrategyRequestType, - StrategyResponseType, + TimelineFactoryQueryTypes, + TimelineStrategyRequestType, + TimelineStrategyResponseType, } from '../../../../common/search_strategy/timeline'; -export interface SecuritySolutionTimelineFactory { - buildDsl: (options: StrategyRequestType) => unknown; +export interface SecuritySolutionTimelineFactory { + buildDsl: (options: TimelineStrategyRequestType) => unknown; parse: ( - options: StrategyRequestType, + options: TimelineStrategyRequestType, response: IEsSearchResponse - ) => Promise>; + ) => Promise>; } diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts index 3c3f3b5760e75..6d8505211123b 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/index.ts @@ -6,16 +6,16 @@ import { ISearchStrategy, PluginStart } from '../../../../../../src/plugins/data/server'; import { - FactoryQueryTypes, - StrategyResponseType, - StrategyRequestType, + TimelineFactoryQueryTypes, + TimelineStrategyResponseType, + TimelineStrategyRequestType, } from '../../../common/search_strategy/timeline'; import { securitySolutionTimelineFactory } from './factory'; import { SecuritySolutionTimelineFactory } from './factory/types'; -export const securitySolutionTimelineSearchStrategyProvider = ( +export const securitySolutionTimelineSearchStrategyProvider = ( data: PluginStart -): ISearchStrategy, StrategyResponseType> => { +): ISearchStrategy, TimelineStrategyResponseType> => { const es = data.search.getSearchStrategy('es'); return { From 33705201074f1da3bf8528ed78ce3190e35679e8 Mon Sep 17 00:00:00 2001 From: Patryk Kopycinski Date: Thu, 3 Sep 2020 11:34:11 +0200 Subject: [PATCH 15/16] fix test --- .../common/search_strategy/security_solution/index.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts index 981145d4a94fb..bdf2b1f4a1e48 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts @@ -36,7 +36,6 @@ import { export * from './hosts'; export * from './network'; -export * from '../common'; export type FactoryQueryTypes = HostsQueries | NetworkQueries; From a055a5b8ff151a04cfe819202d05a214121d90ff Mon Sep 17 00:00:00 2001 From: Patryk Kopycinski Date: Thu, 3 Sep 2020 18:47:12 +0200 Subject: [PATCH 16/16] Fix types --- .../security_solution/hosts/all/index.ts | 3 ++- .../security_solution/hosts/authentications/index.ts | 4 ++-- .../security_solution/hosts/common/index.ts | 2 +- .../security_solution/hosts/first_last_seen/index.ts | 3 ++- .../search_strategy/security_solution/hosts/index.ts | 1 + .../security_solution/hosts/overview/index.ts | 4 ++-- .../security_solution/network/http/index.ts | 10 ++-------- .../security_solution/network/tls/index.ts | 3 ++- .../security_solution/network/top_countries/index.ts | 3 ++- .../public/hosts/containers/authentications/index.tsx | 4 +--- .../public/hosts/containers/hosts/index.tsx | 2 +- .../components/network_top_countries_table/index.tsx | 2 +- .../public/network/containers/network_http/index.tsx | 2 +- .../network/containers/network_top_countries/index.tsx | 4 ++-- .../public/timelines/containers/details/index.tsx | 2 +- x-pack/plugins/security_solution/public/types.ts | 2 +- .../factory/hosts/all/query.all_hosts.dsl.ts | 2 +- .../factory/hosts/authentications/helpers.ts | 4 +--- .../factory/hosts/authentications/index.tsx | 4 ++-- .../security_solution/factory/hosts/index.ts | 6 ++++-- .../factory/network/http/query.http_network.dsl.ts | 5 +---- .../security_solution/factory/network/index.ts | 6 ++++-- .../factory/network/tls/query.tls_network.dsl.ts | 2 +- .../top_countries/query.top_countries_network.dsl.ts | 2 +- 24 files changed, 39 insertions(+), 43 deletions(-) diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/all/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/all/index.ts index 91a53066b4f4b..5ddcd8da30efb 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/all/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/all/index.ts @@ -7,7 +7,8 @@ import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; import { HostItem, HostsFields } from '../common'; -import { CursorType, Inspect, Maybe, PageInfoPaginated, RequestOptionsPaginated } from '../..'; +import { CursorType, Inspect, Maybe, PageInfoPaginated } from '../../../common'; +import { RequestOptionsPaginated } from '../..'; export interface HostsEdges { node: HostItem; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/authentications/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/authentications/index.ts index 0071fe3deeb1f..0fb0609b60ba5 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/authentications/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/authentications/index.ts @@ -13,11 +13,11 @@ import { Inspect, Maybe, PageInfoPaginated, - RequestOptionsPaginated, StringOrNumber, Hit, TotalHit, -} from '../../'; +} from '../../../common'; +import { RequestOptionsPaginated } from '../../'; export interface AuthenticationsStrategyResponse extends IEsSearchResponse { edges: AuthenticationsEdges[]; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/common/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/common/index.ts index d15da4bf07ae7..8ae41a101cee2 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/common/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/common/index.ts @@ -6,7 +6,7 @@ import { CloudEcs } from '../../../../ecs/cloud'; import { HostEcs, OsEcs } from '../../../../ecs/host'; -import { Maybe, SearchHit, TotalValue } from '../..'; +import { Maybe, SearchHit, TotalValue } from '../../../common'; export enum HostPolicyResponseActionStatus { success = 'success', diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/first_last_seen/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/first_last_seen/index.ts index cbabe9dd11115..adf70a109bc03 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/first_last_seen/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/first_last_seen/index.ts @@ -5,7 +5,8 @@ */ import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; -import { Inspect, Maybe, RequestOptionsPaginated } from '../..'; +import { Inspect, Maybe } from '../../../common'; +import { RequestOptionsPaginated } from '../..'; import { HostsFields } from '../common'; export interface HostFirstLastSeenRequestOptions diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts index dc81c0a9137f8..9cb43c91adfd9 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +export * from './authentications'; export * from './all'; export * from './common'; export * from './overview'; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/overview/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/overview/index.ts index 8d54481f56dbd..7d212a951905a 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/overview/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/overview/index.ts @@ -5,9 +5,9 @@ */ import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; - +import { Inspect, Maybe, TimerangeInput } from '../../../common'; import { HostItem, HostsFields } from '../common'; -import { Inspect, Maybe, RequestOptionsPaginated, TimerangeInput } from '../..'; +import { RequestOptionsPaginated } from '../..'; export interface HostOverviewStrategyResponse extends IEsSearchResponse { hostOverview: HostItem; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/http/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/http/index.ts index c42b3d2ab8db3..ad58442b16994 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/http/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/http/index.ts @@ -5,14 +5,8 @@ */ import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; -import { - Maybe, - CursorType, - Inspect, - RequestOptionsPaginated, - PageInfoPaginated, - GenericBuckets, -} from '../..'; +import { Maybe, CursorType, Inspect, PageInfoPaginated, GenericBuckets } from '../../../common'; +import { RequestOptionsPaginated } from '../..'; export interface NetworkHttpRequestOptions extends RequestOptionsPaginated { ip?: string; diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/tls/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/tls/index.ts index b1d30c3d4f9bf..dffc994fcf4cb 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/tls/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/tls/index.ts @@ -5,7 +5,8 @@ */ import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; -import { CursorType, Inspect, Maybe, PageInfoPaginated, RequestOptionsPaginated } from '../..'; +import { CursorType, Inspect, Maybe, PageInfoPaginated } from '../../../common'; +import { RequestOptionsPaginated } from '../..'; import { FlowTargetSourceDest } from '../common'; export interface TlsBuckets { diff --git a/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/top_countries/index.ts b/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/top_countries/index.ts index 6d514d12519c3..3188a26dd69fd 100644 --- a/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/top_countries/index.ts +++ b/x-pack/plugins/security_solution/common/search_strategy/security_solution/network/top_countries/index.ts @@ -6,7 +6,8 @@ import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common'; import { GeoEcs } from '../../../../ecs/geo'; -import { CursorType, Inspect, Maybe, PageInfoPaginated, RequestOptionsPaginated } from '../..'; +import { CursorType, Inspect, Maybe, PageInfoPaginated } from '../../../common'; +import { RequestOptionsPaginated } from '../..'; import { FlowTargetSourceDest } from '../common'; export enum NetworkTopTablesFields { diff --git a/x-pack/plugins/security_solution/public/hosts/containers/authentications/index.tsx b/x-pack/plugins/security_solution/public/hosts/containers/authentications/index.tsx index 19294fc5e4780..79d83404f8c4a 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/authentications/index.tsx +++ b/x-pack/plugins/security_solution/public/hosts/containers/authentications/index.tsx @@ -18,12 +18,10 @@ import { HostPolicyResponseActionStatus, HostsQueries, PageInfoPaginated, -} from '../../../../common/search_strategy/security_solution'; -import { AuthenticationsRequestOptions, AuthenticationsStrategyResponse, AuthenticationsEdges, -} from '../../../../common/search_strategy/security_solution/hosts/authentications'; +} from '../../../../common/search_strategy'; import { ESTermQuery } from '../../../../common/typed_json'; import { inputsModel, State } from '../../../common/store'; diff --git a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx index 74748e5399b78..958d62dfe9b6a 100644 --- a/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx +++ b/x-pack/plugins/security_solution/public/hosts/containers/hosts/index.tsx @@ -22,7 +22,7 @@ import { HostsQueries, HostsRequestOptions, HostsStrategyResponse, -} from '../../../../common/search_strategy/security_solution'; +} from '../../../../common/search_strategy'; import { ESTermQuery } from '../../../../common/typed_json'; import * as i18n from './translations'; diff --git a/x-pack/plugins/security_solution/public/network/components/network_top_countries_table/index.tsx b/x-pack/plugins/security_solution/public/network/components/network_top_countries_table/index.tsx index dfd93caf25394..114bca9f59d9c 100644 --- a/x-pack/plugins/security_solution/public/network/components/network_top_countries_table/index.tsx +++ b/x-pack/plugins/security_solution/public/network/components/network_top_countries_table/index.tsx @@ -17,7 +17,7 @@ import { NetworkTopCountriesEdges, NetworkTopTablesFields, SortField, -} from '../../../../common/search_strategy/security_solution'; +} from '../../../../common/search_strategy'; import { State } from '../../../common/store'; import { Criteria, ItemsPerRow, PaginatedTable } from '../../../common/components/paginated_table'; diff --git a/x-pack/plugins/security_solution/public/network/containers/network_http/index.tsx b/x-pack/plugins/security_solution/public/network/containers/network_http/index.tsx index 857d7fe0229b2..d3e8067d1802e 100644 --- a/x-pack/plugins/security_solution/public/network/containers/network_http/index.tsx +++ b/x-pack/plugins/security_solution/public/network/containers/network_http/index.tsx @@ -22,7 +22,7 @@ import { NetworkHttpRequestOptions, NetworkHttpStrategyResponse, SortField, -} from '../../../../common/search_strategy/security_solution'; +} from '../../../../common/search_strategy'; import { AbortError } from '../../../../../../../src/plugins/data/common'; import * as i18n from './translations'; import { InspectResponse } from '../../../types'; diff --git a/x-pack/plugins/security_solution/public/network/containers/network_top_countries/index.tsx b/x-pack/plugins/security_solution/public/network/containers/network_top_countries/index.tsx index 0b07991725f87..6bed779d49638 100644 --- a/x-pack/plugins/security_solution/public/network/containers/network_top_countries/index.tsx +++ b/x-pack/plugins/security_solution/public/network/containers/network_top_countries/index.tsx @@ -14,7 +14,6 @@ import { DEFAULT_INDEX_KEY } from '../../../../common/constants'; import { inputsModel, State } from '../../../common/store'; import { useKibana } from '../../../common/lib/kibana'; import { createFilter } from '../../../common/containers/helpers'; -import { PageInfoPaginated } from '../../../../common/search_strategy/security_solution'; import { generateTablePaginationOptions } from '../../../common/components/paginated_table/helpers'; import { networkModel, networkSelectors } from '../../store'; import { @@ -23,7 +22,8 @@ import { NetworkTopCountriesEdges, NetworkTopCountriesRequestOptions, NetworkTopCountriesStrategyResponse, -} from '../../../../common/search_strategy/security_solution/network'; + PageInfoPaginated, +} from '../../../../common/search_strategy'; import { AbortError } from '../../../../../../../src/plugins/data/common'; import { getInspectResponse } from '../../../helpers'; import { InspectResponse } from '../../../types'; diff --git a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx index 64042f4c41ccc..35f8c7ae90e6e 100644 --- a/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/containers/details/index.tsx @@ -71,7 +71,7 @@ export const useTimelineDetails = ({ const searchSubscription$ = data.search .search(request, { strategy: 'securitySolutionTimelineSearchStrategy', - signal: abortCtrl.current.signal, + abortSignal: abortCtrl.current.signal, }) .subscribe({ next: (response) => { diff --git a/x-pack/plugins/security_solution/public/types.ts b/x-pack/plugins/security_solution/public/types.ts index 4fdacb2621abd..62069484dd8bd 100644 --- a/x-pack/plugins/security_solution/public/types.ts +++ b/x-pack/plugins/security_solution/public/types.ts @@ -22,7 +22,7 @@ import { import { SecurityPluginSetup } from '../../security/public'; import { AppFrontendLibs } from './common/lib/lib'; import { ResolverPluginSetup } from './resolver/types'; -import { Inspect } from '../common/search_strategy/security_solution'; +import { Inspect } from '../common/search_strategy'; export interface SetupPlugins { home?: HomePublicPluginSetup; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts index ea1b896452c4e..93390c314a637 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts @@ -11,7 +11,7 @@ import { HostsRequestOptions, SortField, HostsFields, -} from '../../../../../../common/search_strategy/security_solution'; +} from '../../../../../../common/search_strategy'; import { createQueryFilterClauses } from '../../../../../utils/build_query'; import { assertUnreachable } from '../../../../../../common/utility_types'; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/helpers.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/helpers.ts index 722445a7275a1..c6b68bd1c0762 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/helpers.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/helpers.ts @@ -6,13 +6,11 @@ import { get, getOr } from 'lodash/fp'; import { set } from '@elastic/safer-lodash-set/fp'; import { mergeFieldsWithHit } from '../../../../../utils/build_query'; +import { toArray } from '../../../../helpers/to_array'; import { AuthenticationsEdges, AuthenticationHit, AuthenticationBucket, -} from '../../../../../../common/search_strategy/security_solution/hosts/authentications'; -import { toArray } from '../../../../helpers/to_array'; -import { FactoryQueryTypes, StrategyResponseType, } from '../../../../../../common/search_strategy/security_solution'; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/index.tsx b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/index.tsx index d07c239dfab86..200818c40dec5 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/index.tsx +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/authentications/index.tsx @@ -9,13 +9,13 @@ import { getOr } from 'lodash/fp'; import { IEsSearchResponse } from '../../../../../../../../../src/plugins/data/common'; import { DEFAULT_MAX_TABLE_QUERY_SIZE } from '../../../../../../common/constants'; -import { HostsQueries } from '../../../../../../common/search_strategy/security_solution'; import { + HostsQueries, AuthenticationsEdges, AuthenticationsRequestOptions, AuthenticationsStrategyResponse, AuthenticationHit, -} from '../../../../../../common/search_strategy/security_solution/hosts/authentications'; +} from '../../../../../../common/search_strategy/security_solution/hosts'; import { inspectStringifyObject } from '../../../../../utils/build_query'; import { SecuritySolutionFactory } from '../../types'; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts index ddd2a458b3b8c..6585abde60281 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts @@ -4,8 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -import { FactoryQueryTypes } from '../../../../../common/search_strategy/security_solution'; -import { HostsQueries } from '../../../../../common/search_strategy/security_solution/hosts'; +import { + FactoryQueryTypes, + HostsQueries, +} from '../../../../../common/search_strategy/security_solution'; import { SecuritySolutionFactory } from '../types'; import { allHosts } from './all'; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/http/query.http_network.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/http/query.http_network.dsl.ts index 31d695d6a0591..feffe7f70afd9 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/http/query.http_network.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/http/query.http_network.dsl.ts @@ -6,10 +6,7 @@ import { createQueryFilterClauses } from '../../../../../utils/build_query'; -import { - NetworkHttpRequestOptions, - SortField, -} from '../../../../../../common/search_strategy/security_solution'; +import { NetworkHttpRequestOptions, SortField } from '../../../../../../common/search_strategy'; const getCountAgg = () => ({ http_count: { diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/index.ts index 93e5f113197da..9e73312bdb8e1 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/index.ts @@ -4,8 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -import { FactoryQueryTypes } from '../../../../../common/search_strategy/security_solution'; -import { NetworkQueries } from '../../../../../common/search_strategy/security_solution/network'; +import { + FactoryQueryTypes, + NetworkQueries, +} from '../../../../../common/search_strategy/security_solution'; import { SecuritySolutionFactory } from '../types'; import { networkHttp } from './http'; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts index eb4e25c29e3a1..6e5ba0674a0e7 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts @@ -12,7 +12,7 @@ import { SortField, Direction, TlsFields, -} from '../../../../../../common/search_strategy/security_solution'; +} from '../../../../../../common/search_strategy'; const getAggs = (querySize: number, sort: SortField) => ({ count: { diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/top_countries/query.top_countries_network.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/top_countries/query.top_countries_network.dsl.ts index 88007b3329a90..4f4b347e4db02 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/top_countries/query.top_countries_network.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/top_countries/query.top_countries_network.dsl.ts @@ -12,7 +12,7 @@ import { NetworkTopTablesFields, NetworkTopCountriesRequestOptions, SortField, -} from '../../../../../../common/search_strategy/security_solution'; +} from '../../../../../../common/search_strategy'; const getCountAgg = (flowTarget: FlowTargetSourceDest) => ({ top_countries_count: {