Skip to content

[7.x] Disable Product check in @elastic/elasticsearch-js (#107642)#107825

Merged
afharo merged 2 commits intoelastic:7.xfrom
afharo:backport/7.x/pr-107642
Aug 6, 2021
Merged

[7.x] Disable Product check in @elastic/elasticsearch-js (#107642)#107825
afharo merged 2 commits intoelastic:7.xfrom
afharo:backport/7.x/pr-107642

Conversation

@afharo
Copy link
Copy Markdown
Member

@afharo afharo commented Aug 6, 2021

Backports the following commits to 7.x:

@afharo @kibanamachine
Disable Product check in @elastic/elasticsearch-js (elastic#107642)
b49b11e 
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
# Conflicts:
#	package.json
#	yarn.lock
@afharo afharo added the backport This PR is a backport of another PR label Aug 6, 2021
@afharo afharo enabled auto-merge (squash) August 6, 2021 08:25
@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Aug 6, 2021

💛 Build succeeded, but was flaky

Test Failures

Kibana Pipeline / general / X-Pack Detection Engine API Integration Tests.x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_endpoint_exceptions·ts.detection engine api security and spaces enabled Rule exception operators for endpoints operating system types (os_types) endpoints should filter multiple operating system types (os_type) with multiple filter items for an endpoint

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has not failed recently on tracked branches

[00:00:00]       │
[00:00:00]         └-: detection engine api security and spaces enabled
[00:00:00]           └-> "before all" hook in "detection engine api security and spaces enabled"
[00:00:00]           └-: 
[00:00:00]             └-> "before all" hook in ""
[00:00:23]             └-: Rule exception operators for endpoints
[00:00:23]               └-> "before all" hook in "Rule exception operators for endpoints"
[00:00:46]               └-: operating system types (os_types)
[00:00:46]                 └-> "before all" hook in "operating system types (os_types)"
[00:00:46]                 └-: endpoints
[00:00:46]                   └-> "before all" hook for "should filter 1 operating system types (os_type) if it is set as part of an endpoint exception"
[00:00:46]                   └-> should filter 1 operating system types (os_type) if it is set as part of an endpoint exception
[00:00:46]                     └-> "before each" hook: global before each for "should filter 1 operating system types (os_type) if it is set as part of an endpoint exception"
[00:00:46]                     └-> "before each" hook for "should filter 1 operating system types (os_type) if it is set as part of an endpoint exception"
[00:00:46]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.siem-signals-default]
[00:00:46]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding index template [.siem-signals-default] for index patterns [.siem-signals-default-*]
[00:00:46]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.siem-signals-default-000001] creating index, cause [api], templates [.siem-signals-default], shards [1]/[1]
[00:00:46]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.siem-signals-default]
[00:00:46]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.siem-signals-default]
[00:00:46]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.siem-signals-default]
[00:00:46]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.lists-default]
[00:00:46]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.items-default]
[00:00:46]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.lists-default] for index patterns [.lists-default-*]
[00:00:46]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.items-default] for index patterns [.items-default-*]
[00:00:47]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.lists-default-000001] creating index, cause [api], templates [.lists-default], shards [1]/[1]
[00:00:47]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.lists-default]
[00:00:47]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.lists-default]
[00:00:47]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.items-default-000001] creating index, cause [api], templates [.items-default], shards [1]/[1]
[00:00:47]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.lists-default]
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "mappings.json"
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "data.json"
[00:00:47]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [endpoint_without_host_type] creating index, cause [api], templates [], shards [1]/[1]
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Created index "endpoint_without_host_type"
[00:00:47]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] "endpoint_without_host_type" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:00:47]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.items-default]
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Indexed 4 docs into "endpoint_without_host_type"
[00:00:47]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.items-default]
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "mappings.json"
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "data.json"
[00:00:47]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [agent] creating index, cause [api], templates [], shards [1]/[1]
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Created index "agent"
[00:00:47]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/agent] "agent" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:00:47]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.items-default]
[00:00:47]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Indexed 4 docs into "agent"
[00:00:47]                     │ info [o.e.c.m.MetadataMappingService] [node-01] [.kibana_7.15.0_001/kKx5NYc8RkSO6bQmTUccrA] update_mapping [_doc]
[00:00:55]                     │ proc [kibana]   log   [09:15:16.543] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:15:16.542Z","event":{"provider":"alerting","action":"execute-start","kind":"alert","category":["siem"],"start":"2021-08-06T09:15:16.542Z"},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"cd05f8a0-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:15:15.068Z","schedule_delay":1474000000},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"cd05f8a0-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem"},"message":"alert execution start: \"cd05f8a0-f696-11eb-95ba-b598d8f8a145\"","ecs":{"version":"1.8.0"}}
[00:00:58]                     │ proc [kibana]   log   [09:15:19.144] [info][plugins][securitySolution] [+] Finished indexing 3  signals searched between date ranges [
[00:00:58]                     │ proc [kibana]   {
[00:00:58]                     │ proc [kibana]     "to": "2021-08-06T09:15:18.138Z",
[00:00:58]                     │ proc [kibana]     "from": "1900-01-01T00:00:00.000Z",
[00:00:58]                     │ proc [kibana]     "maxSignals": 100
[00:00:58]                     │ proc [kibana]   }
[00:00:58]                     │ proc [kibana] ] name: "Signal Testing Query" id: "cd05f8a0-f696-11eb-95ba-b598d8f8a145" rule id: "rule-1" signals index: ".siem-signals-default"
[00:00:58]                     │ proc [kibana]   log   [09:15:19.158] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:15:16.542Z","event":{"provider":"alerting","action":"execute","kind":"alert","category":["siem"],"start":"2021-08-06T09:15:16.542Z","outcome":"success","end":"2021-08-06T09:15:19.157Z","duration":2615000000},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"cd05f8a0-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:15:15.068Z","schedule_delay":1474000000},"alerting":{"status":"ok"},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"cd05f8a0-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem","name":"Signal Testing Query"},"message":"alert executed: siem.signals:cd05f8a0-f696-11eb-95ba-b598d8f8a145: 'Signal Testing Query'","ecs":{"version":"1.8.0"}}
[00:00:58]                     └- ✓ pass  (10.8s) "detection engine api security and spaces enabled  Rule exception operators for endpoints operating system types (os_types) endpoints should filter 1 operating system types (os_type) if it is set as part of an endpoint exception"
[00:00:58]                   └-> "after each" hook for "should filter 1 operating system types (os_type) if it is set as part of an endpoint exception"
[00:00:58]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.siem-signals-default-000001/CyQscodDSNC9i29DmECTYQ] deleting index
[00:00:58]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing index template [.siem-signals-default]
[00:01:01]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.lists-default-000001/6jRA_S1vQ3G-QZwgiY9mwA] deleting index
[00:01:01]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.items-default-000001/Tpj6-wNTRVyIjzdEITwMlQ] deleting index
[00:01:01]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing template [.lists-default]
[00:01:01]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing template [.items-default]
[00:01:01]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Unloading indices from "mappings.json"
[00:01:01]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [endpoint_without_host_type/-3TGQ0b7SJa5E-cEU4eSdg] deleting index
[00:01:01]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Deleted existing index "endpoint_without_host_type"
[00:01:01]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Unloading indices from "data.json"
[00:01:01]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Unloading indices from "mappings.json"
[00:01:01]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [agent/LTGI5uO6Ta2e6U7mWyn1cA] deleting index
[00:01:01]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Deleted existing index "agent"
[00:01:01]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Unloading indices from "data.json"
[00:01:01]                   └-> should filter 2 operating system types as an "OR" (os_type) if it is set as part of an endpoint exception
[00:01:01]                     └-> "before each" hook: global before each for "should filter 2 operating system types as an "OR" (os_type) if it is set as part of an endpoint exception"
[00:01:01]                     └-> "before each" hook for "should filter 2 operating system types as an "OR" (os_type) if it is set as part of an endpoint exception"
[00:01:01]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.siem-signals-default]
[00:01:01]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding index template [.siem-signals-default] for index patterns [.siem-signals-default-*]
[00:01:01]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.siem-signals-default-000001] creating index, cause [api], templates [.siem-signals-default], shards [1]/[1]
[00:01:01]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.siem-signals-default]
[00:01:01]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.lists-default]
[00:01:01]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.items-default]
[00:01:01]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.siem-signals-default]
[00:01:01]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.lists-default] for index patterns [.lists-default-*]
[00:01:01]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.siem-signals-default]
[00:01:02]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.items-default] for index patterns [.items-default-*]
[00:01:02]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.lists-default-000001] creating index, cause [api], templates [.lists-default], shards [1]/[1]
[00:01:02]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.lists-default]
[00:01:02]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.items-default-000001] creating index, cause [api], templates [.items-default], shards [1]/[1]
[00:01:02]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.lists-default]
[00:01:02]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.items-default]
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "mappings.json"
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "data.json"
[00:01:02]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [endpoint_without_host_type] creating index, cause [api], templates [], shards [1]/[1]
[00:01:02]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.lists-default]
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Created index "endpoint_without_host_type"
[00:01:02]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] "endpoint_without_host_type" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Indexed 4 docs into "endpoint_without_host_type"
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "mappings.json"
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "data.json"
[00:01:02]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [agent] creating index, cause [api], templates [], shards [1]/[1]
[00:01:02]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.items-default]
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Created index "agent"
[00:01:02]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/agent] "agent" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:01:02]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.items-default]
[00:01:02]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Indexed 4 docs into "agent"
[00:01:10]                     │ proc [kibana]   log   [09:15:31.453] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:15:31.452Z","event":{"provider":"alerting","action":"execute-start","kind":"alert","category":["siem"],"start":"2021-08-06T09:15:31.452Z"},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"d6150080-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:15:30.272Z","schedule_delay":1180000000},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"d6150080-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem"},"message":"alert execution start: \"d6150080-f696-11eb-95ba-b598d8f8a145\"","ecs":{"version":"1.8.0"}}
[00:01:13]                     │ proc [kibana]   log   [09:15:34.334] [info][plugins][securitySolution] [+] Finished indexing 3  signals searched between date ranges [
[00:01:13]                     │ proc [kibana]   {
[00:01:13]                     │ proc [kibana]     "to": "2021-08-06T09:15:33.320Z",
[00:01:13]                     │ proc [kibana]     "from": "1900-01-01T00:00:00.000Z",
[00:01:13]                     │ proc [kibana]     "maxSignals": 100
[00:01:13]                     │ proc [kibana]   }
[00:01:13]                     │ proc [kibana] ] name: "Signal Testing Query" id: "d6150080-f696-11eb-95ba-b598d8f8a145" rule id: "rule-1" signals index: ".siem-signals-default"
[00:01:13]                     │ proc [kibana]   log   [09:15:34.350] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:15:31.452Z","event":{"provider":"alerting","action":"execute","kind":"alert","category":["siem"],"start":"2021-08-06T09:15:31.452Z","outcome":"success","end":"2021-08-06T09:15:34.349Z","duration":2897000000},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"d6150080-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:15:30.272Z","schedule_delay":1180000000},"alerting":{"status":"ok"},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"d6150080-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem","name":"Signal Testing Query"},"message":"alert executed: siem.signals:d6150080-f696-11eb-95ba-b598d8f8a145: 'Signal Testing Query'","ecs":{"version":"1.8.0"}}
[00:01:13]                     └- ✓ pass  (11.1s) "detection engine api security and spaces enabled  Rule exception operators for endpoints operating system types (os_types) endpoints should filter 2 operating system types as an "OR" (os_type) if it is set as part of an endpoint exception"
[00:01:13]                   └-> "after each" hook for "should filter 2 operating system types as an "OR" (os_type) if it is set as part of an endpoint exception"
[00:01:13]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.siem-signals-default-000001/_ywdiVT8R0estFbd1Rf7lQ] deleting index
[00:01:13]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing index template [.siem-signals-default]
[00:01:16]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.lists-default-000001/IQPyJOvnT96G_LJk_GsuLw] deleting index
[00:01:16]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.items-default-000001/wHxSVzLYSmWBHrWG3D8xww] deleting index
[00:01:16]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing template [.lists-default]
[00:01:16]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing template [.items-default]
[00:01:16]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Unloading indices from "mappings.json"
[00:01:16]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [endpoint_without_host_type/MKlH6lj4QySTrhb3GhtwIQ] deleting index
[00:01:16]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Deleted existing index "endpoint_without_host_type"
[00:01:16]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Unloading indices from "data.json"
[00:01:16]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Unloading indices from "mappings.json"
[00:01:16]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [agent/-sFCxj8eS9eJepRoOHJq_g] deleting index
[00:01:16]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Deleted existing index "agent"
[00:01:16]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Unloading indices from "data.json"
[00:01:16]                   └-> should filter multiple operating system types if it is set as part of an endpoint exception
[00:01:16]                     └-> "before each" hook: global before each for "should filter multiple operating system types if it is set as part of an endpoint exception"
[00:01:16]                     └-> "before each" hook for "should filter multiple operating system types if it is set as part of an endpoint exception"
[00:01:16]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.siem-signals-default]
[00:01:16]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding index template [.siem-signals-default] for index patterns [.siem-signals-default-*]
[00:01:16]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.siem-signals-default-000001] creating index, cause [api], templates [.siem-signals-default], shards [1]/[1]
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.siem-signals-default]
[00:01:17]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.lists-default]
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.siem-signals-default]
[00:01:17]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.items-default]
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.siem-signals-default]
[00:01:17]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.lists-default] for index patterns [.lists-default-*]
[00:01:17]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.items-default] for index patterns [.items-default-*]
[00:01:17]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.lists-default-000001] creating index, cause [api], templates [.lists-default], shards [1]/[1]
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.lists-default]
[00:01:17]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.items-default-000001] creating index, cause [api], templates [.items-default], shards [1]/[1]
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.lists-default]
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.items-default]
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "mappings.json"
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "data.json"
[00:01:17]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [endpoint_without_host_type] creating index, cause [api], templates [], shards [1]/[1]
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.lists-default]
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Created index "endpoint_without_host_type"
[00:01:17]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] "endpoint_without_host_type" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.items-default]
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Indexed 4 docs into "endpoint_without_host_type"
[00:01:17]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.items-default]
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "mappings.json"
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "data.json"
[00:01:17]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [agent] creating index, cause [api], templates [], shards [1]/[1]
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Created index "agent"
[00:01:17]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/agent] "agent" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:01:17]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Indexed 4 docs into "agent"
[00:01:25]                     │ proc [kibana]   log   [09:15:46.517] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:15:46.516Z","event":{"provider":"alerting","action":"execute-start","kind":"alert","category":["siem"],"start":"2021-08-06T09:15:46.516Z"},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"df231e00-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:15:45.464Z","schedule_delay":1052000000},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"df231e00-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem"},"message":"alert execution start: \"df231e00-f696-11eb-95ba-b598d8f8a145\"","ecs":{"version":"1.8.0"}}
[00:01:28]                     │ proc [kibana]   log   [09:15:49.528] [info][plugins][securitySolution] [+] Finished indexing 2  signals searched between date ranges [
[00:01:28]                     │ proc [kibana]   {
[00:01:28]                     │ proc [kibana]     "to": "2021-08-06T09:15:48.518Z",
[00:01:28]                     │ proc [kibana]     "from": "1900-01-01T00:00:00.000Z",
[00:01:28]                     │ proc [kibana]     "maxSignals": 100
[00:01:28]                     │ proc [kibana]   }
[00:01:28]                     │ proc [kibana] ] name: "Signal Testing Query" id: "df231e00-f696-11eb-95ba-b598d8f8a145" rule id: "rule-1" signals index: ".siem-signals-default"
[00:01:28]                     │ proc [kibana]   log   [09:15:49.545] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:15:46.516Z","event":{"provider":"alerting","action":"execute","kind":"alert","category":["siem"],"start":"2021-08-06T09:15:46.516Z","outcome":"success","end":"2021-08-06T09:15:49.543Z","duration":3027000000},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"df231e00-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:15:45.464Z","schedule_delay":1052000000},"alerting":{"status":"ok"},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"df231e00-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem","name":"Signal Testing Query"},"message":"alert executed: siem.signals:df231e00-f696-11eb-95ba-b598d8f8a145: 'Signal Testing Query'","ecs":{"version":"1.8.0"}}
[00:01:28]                     └- ✓ pass  (11.0s) "detection engine api security and spaces enabled  Rule exception operators for endpoints operating system types (os_types) endpoints should filter multiple operating system types if it is set as part of an endpoint exception"
[00:01:28]                   └-> "after each" hook for "should filter multiple operating system types if it is set as part of an endpoint exception"
[00:01:28]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.siem-signals-default-000001/QAf3_ya5QCaoD6yWBNmy1Q] deleting index
[00:01:28]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing index template [.siem-signals-default]
[00:01:31]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.lists-default-000001/txuiSDVYRtCS9rFPAg7rHA] deleting index
[00:01:31]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [.items-default-000001/wfWrVl16QMyuRu1PY-ZvpA] deleting index
[00:01:31]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing template [.lists-default]
[00:01:32]                     │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] removing template [.items-default]
[00:01:32]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Unloading indices from "mappings.json"
[00:01:32]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [endpoint_without_host_type/K7i7n5rJRX6qEsupBR1V7w] deleting index
[00:01:32]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Deleted existing index "endpoint_without_host_type"
[00:01:32]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Unloading indices from "data.json"
[00:01:32]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Unloading indices from "mappings.json"
[00:01:32]                     │ info [o.e.c.m.MetadataDeleteIndexService] [node-01] [agent/bc71zFmhRxqhOqPxgWTY5g] deleting index
[00:01:32]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Deleted existing index "agent"
[00:01:32]                     │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Unloading indices from "data.json"
[00:01:32]                   └-> should filter multiple operating system types (os_type) with multiple filter items for an endpoint
[00:01:32]                     └-> "before each" hook: global before each for "should filter multiple operating system types (os_type) with multiple filter items for an endpoint"
[00:01:32]                     └-> "before each" hook for "should filter multiple operating system types (os_type) with multiple filter items for an endpoint"
[00:01:32]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.siem-signals-default]
[00:01:32]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding index template [.siem-signals-default] for index patterns [.siem-signals-default-*]
[00:01:32]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.siem-signals-default-000001] creating index, cause [api], templates [.siem-signals-default], shards [1]/[1]
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.siem-signals-default]
[00:01:32]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.lists-default]
[00:01:32]                       │ info [o.e.x.i.a.TransportPutLifecycleAction] [node-01] adding index lifecycle policy [.items-default]
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.siem-signals-default]
[00:01:32]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.lists-default] for index patterns [.lists-default-*]
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.siem-signals-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.siem-signals-default]
[00:01:32]                       │ info [o.e.c.m.MetadataIndexTemplateService] [node-01] adding template [.items-default] for index patterns [.items-default-*]
[00:01:32]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.lists-default-000001] creating index, cause [api], templates [.lists-default], shards [1]/[1]
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.lists-default]
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.lists-default]
[00:01:32]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [.items-default-000001] creating index, cause [api], templates [.items-default], shards [1]/[1]
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.lists-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.lists-default]
[00:01:32]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "mappings.json"
[00:01:32]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Loading "data.json"
[00:01:32]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [endpoint_without_host_type] creating index, cause [api], templates [], shards [1]/[1]
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.items-default]
[00:01:32]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Created index "endpoint_without_host_type"
[00:01:32]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] "endpoint_without_host_type" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] in policy [.items-default]
[00:01:32]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/endpoint_without_host_type] Indexed 4 docs into "endpoint_without_host_type"
[00:01:32]                       │ info [o.e.x.i.IndexLifecycleTransition] [node-01] moving index [.items-default-000001] from [{"phase":"hot","action":"unfollow","name":"branch-check-unfollow-prerequisites"}] to [{"phase":"hot","action":"rollover","name":"check-rollover-ready"}] in policy [.items-default]
[00:01:32]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "mappings.json"
[00:01:32]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Loading "data.json"
[00:01:32]                       │ info [o.e.c.m.MetadataCreateIndexService] [node-01] [agent] creating index, cause [api], templates [], shards [1]/[1]
[00:01:33]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Created index "agent"
[00:01:33]                       │ debg [x-pack/test/functional/es_archives/rule_exceptions/agent] "agent" settings {"index":{"number_of_replicas":"1","number_of_shards":"1"}}
[00:01:33]                       │ info [x-pack/test/functional/es_archives/rule_exceptions/agent] Indexed 4 docs into "agent"
[00:01:40]                     │ proc [kibana]   log   [09:16:01.468] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:16:01.467Z","event":{"provider":"alerting","action":"execute-start","kind":"alert","category":["siem"],"start":"2021-08-06T09:16:01.467Z"},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"e836b9c0-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:16:00.704Z","schedule_delay":763000000},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"e836b9c0-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem"},"message":"alert execution start: \"e836b9c0-f696-11eb-95ba-b598d8f8a145\"","ecs":{"version":"1.8.0"}}
[00:01:40]                     │ proc [kibana]   log   [09:16:01.772] [info][eventLog][plugins] event logged: {"@timestamp":"2021-08-06T09:16:01.467Z","event":{"provider":"alerting","action":"execute","kind":"alert","category":["siem"],"start":"2021-08-06T09:16:01.467Z","outcome":"failure","end":"2021-08-06T09:16:01.770Z","duration":303000000,"reason":"execute"},"kibana":{"saved_objects":[{"rel":"primary","type":"alert","id":"e836b9c0-f696-11eb-95ba-b598d8f8a145","type_id":"siem.signals"}],"task":{"scheduled":"2021-08-06T09:16:00.704Z","schedule_delay":763000000},"alerting":{"status":"error"},"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d"},"rule":{"id":"e836b9c0-f696-11eb-95ba-b598d8f8a145","license":"basic","category":"siem.signals","ruleset":"siem"},"message":"alert execution failure: siem.signals:e836b9c0-f696-11eb-95ba-b598d8f8a145: 'Signal Testing Query'","error":{"message":"[siem-detection-engine-rule-status:eb2415b0-f696-11eb-95ba-b598d8f8a145]: version conflict, required seqNo [131], primary term [1]. current document has seqNo [132] and primary term [1]: version_conflict_engine_exception: [version_conflict_engine_exception] Reason: [siem-detection-engine-rule-status:eb2415b0-f696-11eb-95ba-b598d8f8a145]: version conflict, required seqNo [131], primary term [1]. current document has seqNo [132] and primary term [1]"},"ecs":{"version":"1.8.0"}}
[00:01:40]                     │ proc [kibana]   log   [09:16:01.783] [error][alerting][plugins] Executing Alert default:siem.signals:e836b9c0-f696-11eb-95ba-b598d8f8a145 has resulted in Error: [siem-detection-engine-rule-status:eb2415b0-f696-11eb-95ba-b598d8f8a145]: version conflict, required seqNo [131], primary term [1]. current document has seqNo [132] and primary term [1]: version_conflict_engine_exception: [version_conflict_engine_exception] Reason: [siem-detection-engine-rule-status:eb2415b0-f696-11eb-95ba-b598d8f8a145]: version conflict, required seqNo [131], primary term [1]. current document has seqNo [132] and primary term [1], caused by: ""
[00:03:07]                     └- ✖ fail: detection engine api security and spaces enabled  Rule exception operators for endpoints operating system types (os_types) endpoints should filter multiple operating system types (os_type) with multiple filter items for an endpoint
[00:03:07]                     │      Error: timed out waiting for function condition to be true within waitForRuleSuccessOrStatus
[00:03:07]                     │       at /dev/shm/workspace/parallel/7/kibana/x-pack/test/detection_engine_api_integration/utils.ts:785:9
[00:03:07]                     │ 
[00:03:07]                     │

Stack Trace

Error: timed out waiting for function condition to be true within waitForRuleSuccessOrStatus
    at /dev/shm/workspace/parallel/7/kibana/x-pack/test/detection_engine_api_integration/utils.ts:785:9

Metrics [docs]

✅ unchanged

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@afharo afharo merged commit 209b062 into elastic:7.x Aug 6, 2021
@afharo afharo deleted the backport/7.x/pr-107642 branch August 6, 2021 10:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@afharo @kibanamachine