Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Alerting][Connectors] Refactor IBM Resilient: Generic Implementation (phase one) #74357

Merged
merged 50 commits into from
Sep 11, 2020
Merged

[Alerting][Connectors] Refactor IBM Resilient: Generic Implementation (phase one) #74357

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
6cc8ea0
Create schema
cnasikas Aug 5, 2020
de92c6b
Create types
cnasikas Aug 5, 2020
62448a2
Fix service
cnasikas Aug 5, 2020
91dc222
Fix validators
cnasikas Aug 5, 2020
d6c040c
Fix api
cnasikas Aug 5, 2020
4413f74
Fix init
cnasikas Aug 5, 2020
9643164
Init resilient ui
cnasikas Aug 5, 2020
0f0d291
Add cases mapping
cnasikas Aug 5, 2020
1512448
Add types (ui)
cnasikas Aug 5, 2020
24ed4f0
Add logo
cnasikas Aug 5, 2020
416abb3
Add translations (ui)
cnasikas Aug 5, 2020
2ae2421
Add config (ui)
cnasikas Aug 5, 2020
956b297
Create resilient connectors flyout
cnasikas Aug 5, 2020
d1fe7ed
Create resilient alerts flyout
cnasikas Aug 30, 2020
a7f7365
Unregister resilient connector from security solutions
cnasikas Aug 30, 2020
2a0e535
Register resilient (ui)
cnasikas Aug 30, 2020
4077016
Filter out non resilient case connectors
cnasikas Aug 30, 2020
b6dadee
Get incident types
cnasikas Aug 30, 2020
f1aca9d
Get severity
cnasikas Aug 30, 2020
7fc5a73
Pass actionConnector to alerts flyout
cnasikas Aug 31, 2020
316645a
Create api (ui)
cnasikas Aug 31, 2020
d698782
Create use_get_severity
cnasikas Aug 31, 2020
f92cb6f
Create use_get_incident_types
cnasikas Aug 31, 2020
59d7100
Get issue types and severity (ui)
cnasikas Aug 31, 2020
6422de7
Show toast notification on error
cnasikas Aug 31, 2020
71f9015
Improve integration tests
cnasikas Sep 1, 2020
e928a39
Reset fields when changing connectors
cnasikas Sep 1, 2020
d1a6ded
Update incident types and severity
cnasikas Sep 1, 2020
1dd0125
Improve service test
cnasikas Sep 1, 2020
5253721
Improve api test
cnasikas Sep 1, 2020
e2e6723
Create resilient_connectors test
cnasikas Sep 1, 2020
a0345d2
Create jira test (ui)
cnasikas Sep 1, 2020
d67b2f0
Remove resilient from lib
cnasikas Sep 2, 2020
d9847fe
Convert from maybe to nullable
cnasikas Sep 2, 2020
81f8bf0
Create resilient_params test
cnasikas Sep 2, 2020
cb8d2bf
Fix i18n
cnasikas Sep 2, 2020
e302b4e
Improve README
cnasikas Sep 10, 2020
a153a20
Refactor for inclusive language
cnasikas Sep 10, 2020
6141ad4
Remove optional connectors from tests
cnasikas Sep 10, 2020
9a37d03
Fix i18n
cnasikas Sep 10, 2020
b378255
Use common case mapping folder
cnasikas Sep 10, 2020
672ce8c
Fix optional connector
cnasikas Sep 10, 2020
5bbac3f
Refactor case common schema and types
cnasikas Sep 10, 2020
4ec2477
Remove findIncidents function
cnasikas Sep 10, 2020
dce7928
Clean up case related code
cnasikas Sep 10, 2020
d3cbd8e
Clean up cases lib connectors
cnasikas Sep 10, 2020
d35aab5
Improve UX when editing an alert
cnasikas Sep 10, 2020
2fb4fe0
Remove unused translations
cnasikas Sep 10, 2020
c659161
Convert missed casesConfiguration to incidentConfiguration
cnasikas Sep 10, 2020
31714d5
Merge branch 'master' into refactor_resilient_phase_one
elasticmachine Sep 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 32 additions & 28 deletions x-pack/plugins/actions/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -331,15 +331,17 @@ const result = await actionsClient.execute({

Kibana ships with a set of built-in action types:

| Type | Id | Description |
| ------------------------- | ------------- | ------------------------------------------------------------------ |
| [Server log](#server-log) | `.server-log` | Logs messages to the Kibana log using Kibana's logger |
| [Email](#email) | `.email` | Sends an email using SMTP |
| [Slack](#slack) | `.slack` | Posts a message to a slack channel |
| [Index](#index) | `.index` | Indexes document(s) into Elasticsearch |
| [Webhook](#webhook) | `.webhook` | Send a payload to a web service using HTTP POST or PUT |
| [PagerDuty](#pagerduty) | `.pagerduty` | Trigger, resolve, or acknowlege an incident to a PagerDuty service |
| [ServiceNow](#servicenow) | `.servicenow` | Create or update an incident to a ServiceNow instance |
| Type | Id | Description |
| ------------------------------- | ------------- | ------------------------------------------------------------------ |
| [Server log](#server-log) | `.server-log` | Logs messages to the Kibana log using Kibana's logger |
| [Email](#email) | `.email` | Sends an email using SMTP |
| [Slack](#slack) | `.slack` | Posts a message to a slack channel |
| [Index](#index) | `.index` | Indexes document(s) into Elasticsearch |
| [Webhook](#webhook) | `.webhook` | Send a payload to a web service using HTTP POST or PUT |
| [PagerDuty](#pagerduty) | `.pagerduty` | Trigger, resolve, or acknowlege an incident to a PagerDuty service |
| [ServiceNow](#servicenow) | `.servicenow` | Create or update an incident to a ServiceNow instance |
| [Jira](#jira) | `.jira` | Create or update an issue to a Jira instance |
| [IBM Resilient](#ibm-resilient) | `.resilient` | Create or update an incident to a IBM Resilient instance |

---

Expand Down Expand Up @@ -561,8 +563,8 @@ The ServiceNow action uses the [V2 Table API](https://developer.servicenow.com/a
| Property | Description | Type |
| ------------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------- |
| savedObjectId | The id of the saved object. | string |
| title | The title of the case. | string _(optional)_ |
| description | The description of the case. | string _(optional)_ |
| title | The title of the incident. | string _(optional)_ |
| description | The description of the incident. | string _(optional)_ |
| comment | A comment. | string _(optional)_ |
| comments | The comments of the case. A comment is of the form `{ commentId: string, version: string, comment: string }`. | object[] _(optional)_ |
| externalId | The id of the incident in ServiceNow. If presented the incident will be update. Otherwise a new incident will be created. | string _(optional)_ |
Expand Down Expand Up @@ -601,16 +603,16 @@ The Jira action uses the [V2 API](https://developer.atlassian.com/cloud/jira/pla

#### `subActionParams (pushToService)`

| Property | Description | Type |
| ------------- | ------------------------------------------------------------------------------------------------------------------- | --------------------- |
| savedObjectId | The id of the saved object | string |
| title | The title of the case | string _(optional)_ |
| description | The description of the case | string _(optional)_ |
| externalId | The id of the incident in Jira. If presented the incident will be update. Otherwise a new incident will be created. | string _(optional)_ |
| issueType | The id of the issue type in Jira. | string _(optional)_ |
| priority | The name of the priority in Jira. Example: `Medium`. | string _(optional)_ |
| labels | An array of labels. | string[] _(optional)_ |
| comments | The comments of the case. A comment is of the form `{ commentId: string, version: string, comment: string }` | object[] _(optional)_ |
| Property | Description | Type |
| ------------- | ---------------------------------------------------------------------------------------------------------------- | --------------------- |
| savedObjectId | The id of the saved object | string |
| title | The title of the issue | string _(optional)_ |
| description | The description of the issue | string _(optional)_ |
| externalId | The id of the issue in Jira. If presented the incident will be update. Otherwise a new incident will be created. | string _(optional)_ |
| issueType | The id of the issue type in Jira. | string _(optional)_ |
| priority | The name of the priority in Jira. Example: `Medium`. | string _(optional)_ |
| labels | An array of labels. | string[] _(optional)_ |
| comments | The comments of the case. A comment is of the form `{ commentId: string, version: string, comment: string }` | object[] _(optional)_ |

#### `subActionParams (issueTypes)`

Expand All @@ -628,10 +630,10 @@ ID: `.resilient`

### `config`

| Property | Description | Type |
| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------ |
| apiUrl | IBM Resilient instance URL. | string |
| incidentConfiguration | Case configuration object. The object should contain an attribute called `mapping`. A `mapping` is an array of objects. Each mapping object should be of the form `{ source: string, target: string, actionType: string }`. `source` is the Case field. `target` is the Jira field where `source` will be mapped to. `actionType` can be one of `nothing`, `overwrite` or `append`. For example the `{ source: 'title', target: 'summary', actionType: 'overwrite' }` record, inside mapping array, means that the title of a case will be mapped to the short description of an incident in IBM Resilient and will be overwrite on each update. | object |
| Property | Description | Type |
| --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
| apiUrl | IBM Resilient instance URL. | string |
| incidentConfiguration | Optional property and specific to **Cases only**. If defined, the object should contain an attribute called `mapping`. A `mapping` is an array of objects. Each mapping object should be of the form `{ source: string, target: string, actionType: string }`. `source` is the Case field. `target` is the Jira field where `source` will be mapped to. `actionType` can be one of `nothing`, `overwrite` or `append`. For example the `{ source: 'title', target: 'summary', actionType: 'overwrite' }` record, inside mapping array, means that the title of a case will be mapped to the short description of an incident in IBM Resilient and will be overwrite on each update. | object |

### `secrets`

Expand All @@ -652,10 +654,12 @@ ID: `.resilient`
| Property | Description | Type |
| ------------- | ---------------------------------------------------------------------------------------------------------------------------- | --------------------- |
| savedObjectId | The id of the saved object | string |
| title | The title of the case | string _(optional)_ |
| description | The description of the case | string _(optional)_ |
| comments | The comments of the case. A comment is of the form `{ commentId: string, version: string, comment: string }` | object[] _(optional)_ |
| title | The title of the incident | string _(optional)_ |
| description | The description of the incident | string _(optional)_ |
| comments | The comments of the incident. A comment is of the form `{ commentId: string, version: string, comment: string }` | object[] _(optional)_ |
| externalId | The id of the incident in IBM Resilient. If presented the incident will be update. Otherwise a new incident will be created. | string _(optional)_ |
| incidentTypes | An array with the ids of IBM Resilient incident types. | number[] _(optional)_ |
| severityCode | IBM Resilient id of the severity code. | number _(optional)_ |

# Command Line Utility

Expand Down
93 changes: 0 additions & 93 deletions x-pack/plugins/actions/server/builtin_action_types/case/api.ts
View file
Open in desktop

This file was deleted.

43 changes: 0 additions & 43 deletions x-pack/plugins/actions/server/builtin_action_types/case/common_schema.ts
View file
Open in desktop

This file was deleted.

48 changes: 0 additions & 48 deletions x-pack/plugins/actions/server/builtin_action_types/case/common_types.ts
View file
Open in desktop

This file was deleted.

Loading