Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Improves detections tests #77295

Merged
merged 26 commits into from
Sep 29, 2020
Merged

[Security Solution] Improves detections tests #77295

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
ee00b9f
improves 'Creates and activates a new custom rule' test
MadameSheema Sep 10, 2020
5e3f5d5
fixes constant problem
MadameSheema Sep 13, 2020
0b5afe1
improves 'Creates and activates a new custom rule with override optio…
MadameSheema Sep 13, 2020
0c34e9b
improves 'Creates and activates a new threshold rule' test
MadameSheema Sep 13, 2020
d97ef1a
Merge branch 'master' into improves-detections
MadameSheema Sep 16, 2020
56c4c92
refactor
MadameSheema Sep 16, 2020
5ac8324
fixes type check issue
MadameSheema Sep 17, 2020
579fb54
Merge branch 'master' into improves-detections
elasticmachine Sep 17, 2020
9486073
improves assertions
MadameSheema Sep 17, 2020
f41a9e8
Merge branch 'improves-detections' of github.com:MadameSheema/kibana …
MadameSheema Sep 17, 2020
a1948b1
Merge branch 'master' into improves-detections
elasticmachine Sep 20, 2020
5a48b9b
Merge branch 'master' into improves-detections
elasticmachine Sep 23, 2020
578ce01
removes unused code
MadameSheema Sep 23, 2020
f9c3555
changes variables for constants
MadameSheema Sep 23, 2020
6fe2d60
improves 'waitForTheRuleToBeExecuted' test
MadameSheema Sep 23, 2020
905ee85
improves readability
MadameSheema Sep 23, 2020
c061b7a
Merge branch 'master' into improves-detections
elasticmachine Sep 24, 2020
da955b6
Merge branch 'master' into improves-detections
elasticmachine Sep 24, 2020
6a2ec50
Merge branch 'master' into improves-detections
elasticmachine Sep 24, 2020
26e6298
Merge branch 'master' into improves-detections
elasticmachine Sep 24, 2020
492cf98
fixes jenkins error
MadameSheema Sep 26, 2020
2fe6861
Merge branch 'master' into improves-detections
elasticmachine Sep 26, 2020
1e7dde8
refactor
MadameSheema Sep 27, 2020
3b8ca5e
Merge branch 'improves-detections' of github.com:MadameSheema/kibana …
MadameSheema Sep 27, 2020
1dec5b2
refactor
MadameSheema Sep 28, 2020
f683221
Merge branch 'master' into improves-detections
elasticmachine Sep 29, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 8 additions & 19 deletions x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,25 +100,14 @@ import { refreshPage } from '../tasks/security_header';

import { DETECTIONS_URL } from '../urls/navigation';

let expectedUrls = '';
newRule.referenceUrls.forEach((url) => {
expectedUrls = expectedUrls + url;
});
let expectedFalsePositives = '';
newRule.falsePositivesExamples.forEach((falsePositive) => {
expectedFalsePositives = expectedFalsePositives + falsePositive;
});
let expectedTags = '';
newRule.tags.forEach((tag) => {
expectedTags = expectedTags + tag;
});
let expectedMitre = '';
newRule.mitre.forEach((mitre) => {
expectedMitre = expectedMitre + mitre.tactic;
mitre.techniques.forEach((technique) => {
expectedMitre = expectedMitre + technique;
});
});
const expectedUrls = newRule.referenceUrls.join('');
const expectedFalsePositives = newRule.falsePositivesExamples.join('');
const expectedTags = newRule.tags.join('');
const expectedMitre = newRule.mitre
.map(function (mitre) {
return mitre.tactic + mitre.techniques.join('');
})
.join('');
const expectedNumberOfRules = 1;
const expectedEditedtags = editedRule.tags.join('');
const expectedEditedIndexPatterns =
Expand Down
27 changes: 8 additions & 19 deletions x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,25 +65,14 @@ import { loginAndWaitForPageWithoutDateRange } from '../tasks/login';

import { DETECTIONS_URL } from '../urls/navigation';

let expectedUrls = '';
eqlRule.referenceUrls.forEach((url) => {
expectedUrls = expectedUrls + url;
});
let expectedFalsePositives = '';
eqlRule.falsePositivesExamples.forEach((falsePositive) => {
expectedFalsePositives = expectedFalsePositives + falsePositive;
});
let expectedTags = '';
eqlRule.tags.forEach((tag) => {
expectedTags = expectedTags + tag;
});
let expectedMitre = '';
eqlRule.mitre.forEach((mitre) => {
expectedMitre = expectedMitre + mitre.tactic;
mitre.techniques.forEach((technique) => {
expectedMitre = expectedMitre + technique;
});
});
const expectedUrls = eqlRule.referenceUrls.join('');
const expectedFalsePositives = eqlRule.falsePositivesExamples.join('');
const expectedTags = eqlRule.tags.join('');
const expectedMitre = eqlRule.mitre
.map(function (mitre) {
return mitre.tactic + mitre.techniques.join('');
})
.join('');
const expectedNumberOfRules = 1;

describe('Detection rules, EQL', () => {
Expand Down
27 changes: 8 additions & 19 deletions x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,25 +62,14 @@ import { loginAndWaitForPageWithoutDateRange } from '../tasks/login';

import { DETECTIONS_URL } from '../urls/navigation';

let expectedUrls = '';
machineLearningRule.referenceUrls.forEach((url) => {
expectedUrls = expectedUrls + url;
});
let expectedFalsePositives = '';
machineLearningRule.falsePositivesExamples.forEach((falsePositive) => {
expectedFalsePositives = expectedFalsePositives + falsePositive;
});
let expectedTags = '';
machineLearningRule.tags.forEach((tag) => {
expectedTags = expectedTags + tag;
});
let expectedMitre = '';
machineLearningRule.mitre.forEach((mitre) => {
expectedMitre = expectedMitre + mitre.tactic;
mitre.techniques.forEach((technique) => {
expectedMitre = expectedMitre + technique;
});
});
const expectedUrls = machineLearningRule.referenceUrls.join('');
const expectedFalsePositives = machineLearningRule.falsePositivesExamples.join('');
const expectedTags = machineLearningRule.tags.join('');
const expectedMitre = machineLearningRule.mitre
.map(function (mitre) {
return mitre.tactic + mitre.techniques.join('');
})
.join('');
const expectedNumberOfRules = totalNumberOfPrebuiltRulesInEsArchive + 1;

describe('Detection rules, machine learning', () => {
Expand Down
27 changes: 8 additions & 19 deletions x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,25 +80,14 @@ import { refreshPage } from '../tasks/security_header';

import { DETECTIONS_URL } from '../urls/navigation';

let expectedUrls = '';
newOverrideRule.referenceUrls.forEach((url) => {
expectedUrls = expectedUrls + url;
});
let expectedFalsePositives = '';
newOverrideRule.falsePositivesExamples.forEach((falsePositive) => {
expectedFalsePositives = expectedFalsePositives + falsePositive;
});
let expectedTags = '';
newOverrideRule.tags.forEach((tag) => {
expectedTags = expectedTags + tag;
});
let expectedMitre = '';
newOverrideRule.mitre.forEach((mitre) => {
expectedMitre = expectedMitre + mitre.tactic;
mitre.techniques.forEach((technique) => {
expectedMitre = expectedMitre + technique;
});
});
const expectedUrls = newOverrideRule.referenceUrls.join('');
const expectedFalsePositives = newOverrideRule.falsePositivesExamples.join('');
const expectedTags = newOverrideRule.tags.join('');
const expectedMitre = newOverrideRule.mitre
.map(function (mitre) {
return mitre.tactic + mitre.techniques.join('');
})
.join('');

describe('Detection rules, override', () => {
before(() => {
Expand Down
27 changes: 8 additions & 19 deletions ...ck/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,25 +76,14 @@ import { refreshPage } from '../tasks/security_header';

import { DETECTIONS_URL } from '../urls/navigation';

let expectedUrls = '';
newThresholdRule.referenceUrls.forEach((url) => {
expectedUrls = expectedUrls + url;
});
let expectedFalsePositives = '';
newThresholdRule.falsePositivesExamples.forEach((falsePositive) => {
expectedFalsePositives = expectedFalsePositives + falsePositive;
});
let expectedTags = '';
newThresholdRule.tags.forEach((tag) => {
expectedTags = expectedTags + tag;
});
let expectedMitre = '';
newThresholdRule.mitre.forEach((mitre) => {
expectedMitre = expectedMitre + mitre.tactic;
mitre.techniques.forEach((technique) => {
expectedMitre = expectedMitre + technique;
});
});
const expectedUrls = newThresholdRule.referenceUrls.join('');
const expectedFalsePositives = newThresholdRule.falsePositivesExamples.join('');
const expectedTags = newThresholdRule.tags.join('');
const expectedMitre = newThresholdRule.mitre
.map(function (mitre) {
return mitre.tactic + mitre.techniques.join('');
})
.join('');

describe('Detection rules, threshold', () => {
before(() => {
Expand Down
4 changes: 4 additions & 0 deletions x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,8 @@ export const MITRE_TECHNIQUES_INPUT =
export const REFERENCE_URLS_INPUT =
'[data-test-subj="detectionEngineStepAboutRuleReferenceUrls"] input';

export const REFRESH_BUTTON = '[data-test-subj=refreshButton]';

export const RISK_INPUT = '.euiRangeInput';

export const RISK_MAPPING_OVERRIDE_OPTION = '#risk_score-mapping-override';
Expand All @@ -94,6 +96,8 @@ export const RULE_NAME_INPUT =

export const RULE_NAME_OVERRIDE = '[data-test-subj="detectionEngineStepAboutRuleRuleNameOverride"]';

export const RULE_STATUS = '[data-test-subj=ruleStatus]';

export const RULE_TIMESTAMP_OVERRIDE =
'[data-test-subj="detectionEngineStepAboutRuleTimestampOverride"]';

Expand Down
5 changes: 3 additions & 2 deletions x-pack/plugins/security_solution/cypress/tasks/alerts.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import {
ALERT_RISK_SCORE_HEADER,
} from '../screens/alerts';
import { REFRESH_BUTTON } from '../screens/security_header';
import { TIMELINE_COLUMN_SPINNER } from '../screens/timeline';

export const closeFirstAlert = () => {
cy.get(TIMELINE_CONTEXT_MENU_BTN).first().click({ force: true });
Expand Down Expand Up @@ -84,8 +85,8 @@ export const selectNumberOfAlerts = (numberOfAlerts: number) => {

export const sortRiskScore = () => {
cy.get(ALERT_RISK_SCORE_HEADER).click();
cy.get('[data-test-subj="timeline-loading-spinner"]').should('exist');
cy.get('[data-test-subj="timeline-loading-spinner"]').should('not.exist');
cy.get(TIMELINE_COLUMN_SPINNER).should('exist');
cy.get(TIMELINE_COLUMN_SPINNER).should('not.exist');
};

export const investigateFirstAlertInTimeline = () => {
Expand Down
30 changes: 6 additions & 24 deletions x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ import {
} from '../objects/rule';
import {
ABOUT_CONTINUE_BTN,
ABOUT_EDIT_BUTTON,
ABOUT_EDIT_TAB,
ACTIONS_EDIT_TAB,
ADD_FALSE_POSITIVE_BTN,
Expand All @@ -25,7 +24,6 @@ import {
CUSTOM_QUERY_INPUT,
DEFINE_CONTINUE_BUTTON,
DEFINE_EDIT_TAB,
DEFINE_EDIT_BUTTON,
FALSE_POSITIVES_INPUT,
IMPORT_QUERY_FROM_SAVED_TIMELINE_LINK,
INPUT,
Expand All @@ -40,12 +38,14 @@ import {
MITRE_TACTIC_DROPDOWN,
MITRE_TECHNIQUES_INPUT,
REFERENCE_URLS_INPUT,
REFRESH_BUTTON,
RISK_INPUT,
RISK_MAPPING_OVERRIDE_OPTION,
RISK_OVERRIDE,
RULE_DESCRIPTION_INPUT,
RULE_NAME_INPUT,
RULE_NAME_OVERRIDE,
RULE_STATUS,
RULE_TIMESTAMP_OVERRIDE,
RUNS_EVERY_INTERVAL,
RUNS_EVERY_TIME_TYPE,
Expand Down Expand Up @@ -203,20 +203,6 @@ export const fillScheduleRuleAndContinue = (rule: CustomRule | MachineLearningRu
cy.get(LOOK_BACK_TIME_TYPE).select(rule.lookBack.timeType);
};

export const expectDefineFormToRepopulateAndContinue = (rule: CustomRule) => {
cy.get(DEFINE_EDIT_BUTTON).click();
cy.get(CUSTOM_QUERY_INPUT).invoke('text').should('eq', rule.customQuery);
cy.get(DEFINE_CONTINUE_BUTTON).should('exist').click({ force: true });
cy.get(DEFINE_CONTINUE_BUTTON).should('not.exist');
};

export const expectAboutFormToRepopulateAndContinue = (rule: CustomRule) => {
cy.get(ABOUT_EDIT_BUTTON).click();
cy.get(RULE_NAME_INPUT).invoke('val').should('eq', rule.name);
cy.get(ABOUT_CONTINUE_BTN).should('exist').click({ force: true });
cy.get(ABOUT_CONTINUE_BTN).should('not.exist');
};

export const fillDefineThresholdRuleAndContinue = (rule: ThresholdRule) => {
const thresholdField = 0;
const threshold = 1;
Expand Down Expand Up @@ -279,14 +265,10 @@ export const selectThresholdRuleType = () => {
};

export const waitForTheRuleToBeExecuted = () => {
cy.get('[data-test-subj=ruleStatus]')
.invoke('text')
.then((ruleStatus) => {
if (ruleStatus !== 'succeeded') {
cy.get('[data-test-subj=refreshButton]').click();
// cy.get('[data-test-subj=ruleStatus]').should('have.text', 'succeeded')
}
});
cy.get(RULE_STATUS).should((ruleStatus) => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🥇 💯 I was hoping cypress would have have a nice way to do this, but this is better than I expected!

cy.get(REFRESH_BUTTON).click();
expect(ruleStatus).to.be('succeeded');
});
};

export const selectEqlRuleType = () => {
Expand Down