Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SECURITY_SOLUTION][ENDPOINT] Improve Endpoint Host data generator to also integrate with Ingest #74305

Merged
merged 31 commits into from
Sep 30, 2020
Merged

[SECURITY_SOLUTION][ENDPOINT] Improve Endpoint Host data generator to also integrate with Ingest #74305

Show file tree
Hide file tree
Changes from 14 commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
293eeaf
Create Policies for each generated host
paul-tavares Aug 3, 2020
2b5ab65
Refactor Ingest setup to also setup Fleet
paul-tavares Aug 3, 2020
ad39d54
Rename prop name
paul-tavares Aug 3, 2020
c2aea57
Add generic response type to KbnClient.request + support for headers
paul-tavares Aug 3, 2020
b71e438
first attempt at adding fleet agent registration
paul-tavares Aug 4, 2020
73a0754
a little closer with fleet integration
paul-tavares Aug 4, 2020
a8221bb
SUCCESS. Able to enroll agent and set it to online
paul-tavares Aug 4, 2020
e3ef509
update names to be policy
kevinlog Aug 23, 2020
4deebbf
policy generator has advanced types in endpoint confit
parkiino Aug 31, 2020
0e61d00
use KbnClientWithRequestAPI
parkiino Sep 16, 2020
dfb9627
fix typecheck errors
parkiino Sep 17, 2020
76db23b
add flag to skip fleet
parkiino Sep 17, 2020
a6b6d3f
Merge remote-tracking branch 'upstream/master' into task/endpoint-hos…
parkiino Sep 21, 2020
848eec5
fix tests
parkiino Sep 21, 2020
4caaf96
make advanced field type optional
parkiino Sep 22, 2020
02cd8fa
remove advanced fields
parkiino Sep 22, 2020
58ef6d5
another advanced removal
parkiino Sep 22, 2020
7b82e05
revert experimental change
parkiino Sep 22, 2020
e8ead7f
shorten urls that use requestWithApiKey
parkiino Sep 22, 2020
51730fa
Merge remote-tracking branch 'upstream/master' into task/endpoint-hos…
parkiino Sep 22, 2020
65596ec
remove excess quaotes
parkiino Sep 23, 2020
047925b
Merge remote-tracking branch 'upstream/master' into task/endpoint-hos…
parkiino Sep 23, 2020
c6ee44e
Merge remote-tracking branch 'upstream/master' into task/endpoint-hos…
parkiino Sep 23, 2020
2f4d043
fix ci errors
parkiino Sep 23, 2020
c3d9282
agent enrollment fix
parkiino Sep 28, 2020
02d122f
Merge remote-tracking branch 'upstream/master' into task/endpoint-hos…
parkiino Sep 28, 2020
321546a
Merge remote-tracking branch 'upstream/master' into task/endpoint-hos…
parkiino Sep 28, 2020
56d2c99
marshall's changes + edits to hostname
parkiino Sep 29, 2020
edd7bde
fetch kibana version
parkiino Sep 30, 2020
575282e
Merge remote-tracking branch 'upstream/master' into task/endpoint-hos…
parkiino Sep 30, 2020
369318c
remove circular dependency
parkiino Sep 30, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions packages/kbn-dev-utils/src/kbn_client/kbn_client.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,8 +54,8 @@ export class KbnClient {
/**
* Make a direct request to the Kibana server
*/
async request(options: ReqOptions) {
return await this.requester.request(options);
async request<T>(options: ReqOptions) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need someone from Kibana (??) to look over this change and give us a 👍 - just to make sure they are aware 😬 .

return await this.requester.request<T>(options);
}

resolveUrl(relativeUrl: string) {
Expand Down
2 changes: 2 additions & 0 deletions packages/kbn-dev-utils/src/kbn_client/kbn_client_requester.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ export interface ReqOptions {
path: string;
query?: Record<string, any>;
method: 'GET' | 'POST' | 'PUT' | 'DELETE';
headers?: Record<string, string>;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can revert the changes in this file. Originally, I was trying to use this client to make Kibana API calls using an API key, which requires us to pass in headers, but that did not seem to work because the userid/password were still being used in the URL for the request.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the Kibana Team:

It would be great if KbnClient allows us to make .request() calls using API keys - see the sub-class created here in this PR under this file: https://github.com/elastic/kibana/pull/74305/files#diff-52d0282fedafcd94a4ef5a5021c90c80R22-R38

body?: any;
retries?: number;
}
Expand Down Expand Up @@ -117,6 +118,7 @@ export class KbnClientRequester {
params: options.query,
headers: {
'kbn-xsrf': 'kbn-client',
...options.headers,
},
httpsAgent: this.httpsAgent,
});
Expand Down
24 changes: 16 additions & 8 deletions x-pack/plugins/security_solution/common/endpoint/generate_data.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,12 @@ const Mac: OSFields[] = [];

const OS: OSFields[] = [...Windows, ...Mac, ...Linux];

const POLICY_RESPONSE_STATUSES: HostPolicyResponseActionStatus[] = [
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noice

HostPolicyResponseActionStatus.success,
HostPolicyResponseActionStatus.failure,
HostPolicyResponseActionStatus.warning,
];

const APPLIED_POLICIES: Array<{
name: string;
id: string;
Expand All @@ -125,6 +131,11 @@ const APPLIED_POLICIES: Array<{
id: 'C2A9093E-E289-4C0A-AA44-8C32A414FA7A',
status: HostPolicyResponseActionStatus.success,
},
{
name: 'Detect Malware Only',
id: '47d7965d-6869-478b-bd9c-fb0d2bb3959f',
status: HostPolicyResponseActionStatus.success,
},
];

const FILE_OPERATIONS: string[] = ['creation', 'open', 'rename', 'execution', 'deletion'];
Expand Down Expand Up @@ -364,15 +375,12 @@ export class EndpointDocGenerator {
}

/**
* Creates new random policy id for the host to simulate new policy application
* Updates the current Host common record applied Policy to a different one from the list
* of random choices and gives it a random policy response status.
*/
public updatePolicyId() {
this.commonInfo.Endpoint.policy.applied.id = this.randomChoice(APPLIED_POLICIES).id;
this.commonInfo.Endpoint.policy.applied.status = this.randomChoice([
HostPolicyResponseActionStatus.success,
HostPolicyResponseActionStatus.failure,
HostPolicyResponseActionStatus.warning,
]);
public updateHostPolicyData() {
this.commonInfo.Endpoint.policy.applied = this.randomChoice(APPLIED_POLICIES);
this.commonInfo.Endpoint.policy.applied.status = this.randomChoice(POLICY_RESPONSE_STATUSES);
}

private createHostData(): HostInfo {
Expand Down
Loading