Skip to content

Commit

Permalink
Fix issue with parsing out endpoint package policy. (elastic#123287)
Browse files Browse the repository at this point in the history
* Fix issue with parsing out endpoint package policy.

* revert schedule.

(cherry picked from commit 4d98af8)
  • Loading branch information
pjhampton authored and kibanamachine committed Jan 18, 2022
1 parent 1ecd3f0 commit ccbe8a7
Show file tree
Hide file tree
Showing 3 changed files with 55 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,15 @@ import {
LIST_TRUSTED_APPLICATION,
} from './constants';
import {
extractEndpointPolicyConfig,
getPreviousDiagTaskTimestamp,
getPreviousDailyTaskTimestamp,
batchTelemetryRecords,
isPackagePolicyList,
templateExceptionList,
} from './helpers';
import type { ESClusterInfo, ESLicense, ExceptionListItem } from './types';
import { PolicyData } from '../../../common/endpoint/types';

describe('test diagnostic telemetry scheduled task timing helper', () => {
test('test -5 mins is returned when there is no previous task run', async () => {
Expand Down Expand Up @@ -266,3 +268,39 @@ describe('list telemetry schema', () => {
expect(templatedItems[0]?.trusted_application).toBeUndefined();
});
});

describe('test endpoint policy data config extraction', () => {
const stubPolicyData = {
id: '872de8c5-85cf-4e1b-a504-9fd39b38570c',
version: 'WzU4MjkwLDFd',
name: 'Test Policy Data',
namespace: 'default',
description: '',
package: {
name: 'endpoint',
title: 'Endpoint Security',
version: '1.4.1',
},
enabled: true,
policy_id: '499b5aa7-d214-5b5d-838b-3cd76469844e',
output_id: '',
inputs: [
{
type: 'endpoint',
enabled: true,
streams: [],
config: null,
},
],
revision: 1,
created_at: '2022-01-18T14:52:17.385Z',
created_by: 'elastic',
updated_at: '2022-01-18T14:52:17.385Z',
updated_by: 'elastic',
} as unknown as PolicyData;

test('can succeed when policy config is null or empty', async () => {
const endpointPolicyConfig = extractEndpointPolicyConfig(stubPolicyData);
expect(endpointPolicyConfig).toBeNull();
});
});
15 changes: 12 additions & 3 deletions x-pack/plugins/security_solution/server/lib/telemetry/helpers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import moment from 'moment';
import type { ExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { PackagePolicy } from '../../../../fleet/common/types/models/package_policy';
import { copyAllowlistedFields, exceptionListEventFields } from './filters';
import { PolicyData } from '../../../common/endpoint/types';
import type {
ExceptionListItem,
ESClusterInfo,
Expand Down Expand Up @@ -216,6 +217,14 @@ export const templateExceptionList = (
* @param label_list the list of labels to create standardized UsageCounter from
* @returns a string label for usage in the UsageCounter
*/
export function createUsageCounterLabel(labelList: string[]): string {
return labelList.join('-');
}
export const createUsageCounterLabel = (labelList: string[]): string => labelList.join('-');

/**
* Resiliantly handles an edge case where the endpoint config details are not present
*
* @returns the endpoint policy configuration
*/
export const extractEndpointPolicyConfig = (policyData: PolicyData | null) => {
const epPolicyConfig = policyData?.inputs[0]?.config?.policy;
return epPolicyConfig ? epPolicyConfig : null;
};
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import { TelemetryReceiver } from '../receiver';
import { TaskExecutionPeriod } from '../task';
import {
batchTelemetryRecords,
extractEndpointPolicyConfig,
getPreviousDailyTaskTimestamp,
isPackagePolicyList,
} from '../helpers';
Expand Down Expand Up @@ -145,11 +146,11 @@ export function createTelemetryEndpointTaskConfig(maxTelemetryBatch: number) {
packagePolicies
.map((pPolicy) => pPolicy as PolicyData)
.forEach((pPolicy) => {
if (pPolicy.inputs[0].config !== undefined) {
if (pPolicy.inputs[0]?.config !== undefined && pPolicy.inputs[0]?.config !== null) {
pPolicy.inputs.forEach((input) => {
if (
input.type === FLEET_ENDPOINT_PACKAGE &&
input.config !== undefined &&
input?.config !== undefined &&
policyInfo !== undefined
) {
endpointPolicyCache.set(policyInfo, pPolicy);
Expand Down Expand Up @@ -212,6 +213,7 @@ export function createTelemetryEndpointTaskConfig(maxTelemetryBatch: number) {
}

const { cpu, memory, uptime } = endpoint.endpoint_metrics.Endpoint.metrics;
const endpointPolicyDetail = extractEndpointPolicyConfig(policyConfig);

return {
'@timestamp': taskExecutionPeriod.current,
Expand All @@ -229,7 +231,7 @@ export function createTelemetryEndpointTaskConfig(maxTelemetryBatch: number) {
endpoint_meta: {
os: endpoint.endpoint_metrics.host.os,
},
policy_config: policyConfig !== null ? policyConfig?.inputs[0].config.policy : {},
policy_config: endpointPolicyDetail !== null ? endpointPolicyDetail : {},
policy_response:
failedPolicy !== null && failedPolicy !== undefined
? {
Expand Down

0 comments on commit ccbe8a7

Please sign in to comment.