From 8d30d070b2cace46b9a1a987430b4e45cfecceab Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Tue, 5 Apr 2022 14:33:29 +0200
Subject: [PATCH 01/18] Add default osquery_saved_query objects

---
 x-pack/plugins/fleet/common/types/models/epm.ts             | 2 ++
 .../applications/integrations/sections/epm/constants.tsx    | 6 +++++-
 .../fleet/server/services/epm/kibana/assets/install.ts      | 1 +
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/x-pack/plugins/fleet/common/types/models/epm.ts b/x-pack/plugins/fleet/common/types/models/epm.ts
index 060606251a6a5..b045ad56a1aa4 100644
--- a/x-pack/plugins/fleet/common/types/models/epm.ts
+++ b/x-pack/plugins/fleet/common/types/models/epm.ts
@@ -76,6 +76,7 @@ export enum KibanaAssetType {
   mlModule = 'ml_module',
   tag = 'tag',
   osqueryPackAsset = 'osquery_pack_asset',
+  osquerySavedQuery = 'osquery_saved_query',
 }
 
 /*
@@ -93,6 +94,7 @@ export enum KibanaSavedObjectType {
   cloudSecurityPostureRuleTemplate = 'csp-rule-template',
   tag = 'tag',
   osqueryPackAsset = 'osquery-pack-asset',
+  osquerySavedQuery = 'osquery-saved-query',
 }
 
 export enum ElasticsearchAssetType {
diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx
index 3af6002e014c1..1fe4b7b38434d 100644
--- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx
+++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/constants.tsx
@@ -62,9 +62,12 @@ export const AssetTitleMap: Record<DisplayedAssetType, string> = {
   security_rule: i18n.translate('xpack.fleet.epm.assetTitles.securityRules', {
     defaultMessage: 'Security rules',
   }),
-  osquery_pack_asset: i18n.translate('xpack.fleet.epm.assetTitles.osqueryPackAsset', {
+  osquery_pack_asset: i18n.translate('xpack.fleet.epm.assetTitles.osqueryPackAssets', {
     defaultMessage: 'Osquery packs',
   }),
+  osquery_saved_query: i18n.translate('xpack.fleet.epm.assetTitles.osquerySavedQuery', {
+    defaultMessage: 'Osquery saved queries',
+  }),
   ml_module: i18n.translate('xpack.fleet.epm.assetTitles.mlModules', {
     defaultMessage: 'ML modules',
   }),
@@ -102,6 +105,7 @@ export const AssetIcons: Record<KibanaAssetType, IconType> = {
   ml_module: 'mlApp',
   tag: 'tagApp',
   osquery_pack_asset: 'osqueryApp',
+  osquery_saved_query: 'osqueryApp',
 };
 
 export const ServiceIcons: Record<ServiceName, IconType> = {
diff --git a/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts b/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
index b8ef796f8817c..677e84016589e 100644
--- a/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
+++ b/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
@@ -56,6 +56,7 @@ const KibanaSavedObjectTypeMapping: Record<KibanaAssetType, KibanaSavedObjectTyp
     KibanaSavedObjectType.cloudSecurityPostureRuleTemplate,
   [KibanaAssetType.tag]: KibanaSavedObjectType.tag,
   [KibanaAssetType.osqueryPackAsset]: KibanaSavedObjectType.osqueryPackAsset,
+  [KibanaAssetType.osquerySavedQuery]: KibanaSavedObjectType.osquerySavedQuery,
 };
 
 const AssetFilters: Record<string, (kibanaAssets: ArchiveAsset[]) => ArchiveAsset[]> = {

From 3fbbff8fe67359b0b0ab71196b09065049af25c8 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Tue, 5 Apr 2022 15:19:42 +0200
Subject: [PATCH 02/18] Fix mock data

---
 .../fleet/.storybook/context/fixtures/integration.nginx.ts    | 1 +
 .../fleet/.storybook/context/fixtures/integration.okta.ts     | 1 +
 .../fleet/common/services/package_to_package_policy.test.ts   | 1 +
 .../sections/epm/components/assets_facet_group.stories.tsx    | 1 +
 .../services/package_policies_to_agent_permissions.test.ts    | 4 ++++
 5 files changed, 8 insertions(+)

diff --git a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts
index 3a2bdc1c00faf..d74d7656ad58e 100644
--- a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts
+++ b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.nginx.ts
@@ -255,6 +255,7 @@ export const item: GetInfoResponse['item'] = {
       csp_rule_template: [],
       tag: [],
       osquery_pack_asset: [],
+      osquery_saved_query: [],
     },
     elasticsearch: {
       ingest_pipeline: [
diff --git a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts
index 7bba58dcaac7b..1f4b9e85043a6 100644
--- a/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts
+++ b/x-pack/plugins/fleet/.storybook/context/fixtures/integration.okta.ts
@@ -105,6 +105,7 @@ export const item: GetInfoResponse['item'] = {
       lens: [],
       ml_module: [],
       osquery_pack_asset: [],
+      osquery_saved_query: [],
       security_rule: [],
       csp_rule_template: [],
       tag: [],
diff --git a/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts b/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts
index edffbdabc6c4e..79a501140a184 100644
--- a/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts
+++ b/x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts
@@ -36,6 +36,7 @@ describe('Fleet - packageToPackagePolicy', () => {
         security_rule: [],
         tag: [],
         osquery_pack_asset: [],
+        osquery_saved_query: [],
       },
       elasticsearch: {
         ingest_pipeline: [],
diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx
index 713d026726926..f76a1f85772be 100644
--- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx
+++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/assets_facet_group.stories.tsx
@@ -39,6 +39,7 @@ export const AssetsFacetGroup = ({ width }: Args) => {
             ml_module: [],
             tag: [],
             osquery_pack_asset: [],
+            osquery_saved_query: [],
           },
           elasticsearch: {
             component_template: [],
diff --git a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
index fbf0dbe22c51a..3c6df1107ebc8 100644
--- a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
+++ b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
@@ -69,6 +69,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],
@@ -183,6 +184,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],
@@ -277,6 +279,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],
@@ -403,6 +406,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
           ml_module: [],
           tag: [],
           osquery_pack_asset: [],
+          osquery_saved_query: [],
         },
         elasticsearch: {
           component_template: [],

From 077cf45a4cd47072eecd435e08949d286f0fd192 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Wed, 6 Apr 2022 16:22:42 +0200
Subject: [PATCH 03/18] Disable edit for prebuilt queries

---
 .../routes/saved_queries/edit/index.tsx       | 43 ++++++++++++++-----
 1 file changed, 33 insertions(+), 10 deletions(-)

diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
index 555a9ce973407..3144fa008737b 100644
--- a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
@@ -12,18 +12,24 @@ import {
   EuiFlexItem,
   EuiConfirmModal,
   EuiText,
+  EuiCallOut,
 } from '@elastic/eui';
 import { isEmpty } from 'lodash/fp';
 import React, { useCallback, useMemo, useState } from 'react';
 import { FormattedMessage } from '@kbn/i18n-react';
 import { useParams } from 'react-router-dom';
 
+import styled from 'styled-components';
 import { useKibana, useRouterNavigate } from '../../../common/lib/kibana';
 import { WithHeaderLayout } from '../../../components/layouts';
 import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs';
 import { EditSavedQueryForm } from './form';
 import { useDeleteSavedQuery, useUpdateSavedQuery, useSavedQuery } from '../../../saved_queries';
 
+const StyledEuiCallOut = styled(EuiCallOut)`
+  margin: 10px;
+`;
+
 const EditSavedQueryPageComponent = () => {
   const permissions = useKibana().services.application.capabilities.osquery;
 
@@ -37,7 +43,14 @@ const EditSavedQueryPageComponent = () => {
 
   useBreadcrumbs('saved_query_edit', { savedQueryName: savedQueryDetails?.attributes?.id ?? '' });
 
-  const viewMode = useMemo(() => !permissions.writeSavedQueries, [permissions.writeSavedQueries]);
+  const elasticPrebuiltQuery = useMemo(
+    () => savedQueryDetails?.attributes?.version,
+    [savedQueryDetails]
+  );
+  const viewMode = useMemo(
+    () => !permissions.writeSavedQueries || elasticPrebuiltQuery,
+    [permissions.writeSavedQueries, elasticPrebuiltQuery]
+  );
 
   const handleCloseDeleteConfirmationModal = useCallback(() => {
     setIsDeleteModalVisible(false);
@@ -68,14 +81,24 @@ const EditSavedQueryPageComponent = () => {
           <EuiText>
             <h1>
               {viewMode ? (
-                <FormattedMessage
-                  id="xpack.osquery.viewSavedQuery.pageTitle"
-                  defaultMessage='"{savedQueryId}" details'
-                  // eslint-disable-next-line react-perf/jsx-no-new-object-as-prop
-                  values={{
-                    savedQueryId: savedQueryDetails?.attributes?.id ?? '',
-                  }}
-                />
+                <>
+                  <FormattedMessage
+                    id="xpack.osquery.viewSavedQuery.pageTitle"
+                    defaultMessage='"{savedQueryId}" details'
+                    // eslint-disable-next-line react-perf/jsx-no-new-object-as-prop
+                    values={{
+                      savedQueryId: savedQueryDetails?.attributes?.id ?? '',
+                    }}
+                  />
+                  {elasticPrebuiltQuery && (
+                    <StyledEuiCallOut size="s">
+                      <FormattedMessage
+                        id="xpack.osquery.viewSavedQuery.prebuiltInfo"
+                        defaultMessage="This is a prebuilt Elastic query. You can modify the scheduled agent policies, but you cannot edit queries itself."
+                      />
+                    </StyledEuiCallOut>
+                  )}
+                </>
               ) : (
                 <FormattedMessage
                   id="xpack.osquery.editSavedQuery.pageTitle"
@@ -91,7 +114,7 @@ const EditSavedQueryPageComponent = () => {
         </EuiFlexItem>
       </EuiFlexGroup>
     ),
-    [savedQueryDetails?.attributes?.id, savedQueryListProps, viewMode]
+    [elasticPrebuiltQuery, savedQueryDetails?.attributes?.id, savedQueryListProps, viewMode]
   );
 
   const RightColumn = useMemo(

From 18d4060772534c989be10335f1ed289f537ff825 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Thu, 7 Apr 2022 07:48:04 +0200
Subject: [PATCH 04/18] Disable form on viewMode

---
 .../queries/ecs_mapping_editor_field.tsx      | 26 +++++++++----------
 .../routes/saved_queries/edit/index.tsx       |  2 +-
 .../saved_queries/form/code_editor_field.tsx  |  2 +-
 .../public/saved_queries/form/index.tsx       |  7 ++++-
 4 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx b/x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx
index b5bfe1a234d91..063afc11d0ecc 100644
--- a/x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx
+++ b/x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx
@@ -424,9 +424,10 @@ const OsqueryColumnFieldComponent: React.FC<OsqueryColumnFieldProps> = ({
           },
         }}
         onChange={onTypeChange}
+        disabled={euiFieldProps?.isDisabled}
       />
     ),
-    [onTypeChange, resultType.value]
+    [euiFieldProps?.isDisabled, onTypeChange, resultType.value]
   );
 
   useEffect(() => {
@@ -1157,18 +1158,17 @@ export const ECSMappingEditorField = React.memo(
             isDisabled={!!euiFieldProps?.isDisabled}
           />
         ))}
-        {!euiFieldProps?.isDisabled && (
-          <ECSMappingEditorForm
-            // eslint-disable-next-line
-            ref={(formRef) => {
-              if (formRef) {
-                formRefs.current.new = formRef;
-              }
-            }}
-            osquerySchemaOptions={osquerySchemaOptions}
-            onAdd={handleAddRow}
-          />
-        )}
+        <ECSMappingEditorForm
+          // eslint-disable-next-line
+          ref={(formRef) => {
+            if (formRef) {
+              formRefs.current.new = formRef;
+            }
+          }}
+          osquerySchemaOptions={osquerySchemaOptions}
+          onAdd={handleAddRow}
+          isDisabled={euiFieldProps?.isDisabled}
+        />
       </>
     );
   },
diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
index 3144fa008737b..94b1f092e1ede 100644
--- a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx
@@ -94,7 +94,7 @@ const EditSavedQueryPageComponent = () => {
                     <StyledEuiCallOut size="s">
                       <FormattedMessage
                         id="xpack.osquery.viewSavedQuery.prebuiltInfo"
-                        defaultMessage="This is a prebuilt Elastic query. You can modify the scheduled agent policies, but you cannot edit queries itself."
+                        defaultMessage="This is a prebuilt Elastic query, and it cannot be edited."
                       />
                     </StyledEuiCallOut>
                   )}
diff --git a/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx b/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx
index cc64e539e399f..441960e1c2c98 100644
--- a/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx
+++ b/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx
@@ -36,7 +36,7 @@ const CodeEditorFieldComponent: React.FC<CodeEditorFieldProps> = ({ euiFieldProp
       error={error}
       fullWidth
     >
-      {euiFieldProps?.disabled ? (
+      {euiFieldProps?.isDisabled ? (
         <StyledEuiCodeBlock
           language="sql"
           fontSize="m"
diff --git a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
index 33bb7672618e4..6555171677563 100644
--- a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
+++ b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
@@ -94,6 +94,7 @@ const SavedQueryFormComponent = forwardRef<SavedQueryFormRefObject, SavedQueryFo
               component={ECSMappingEditorField}
               query={query}
               fieldRef={ecsFieldRef}
+              euiFieldProps={euiFieldProps}
             />
           </EuiFlexItem>
         </EuiFlexGroup>
@@ -153,7 +154,11 @@ const SavedQueryFormComponent = forwardRef<SavedQueryFormRefObject, SavedQueryFo
             />
           </EuiFlexItem>
           <EuiFlexItem>
-            <CommonUseField path="platform" component={PlatformCheckBoxGroupField} />
+            <CommonUseField
+              path="platform"
+              component={PlatformCheckBoxGroupField}
+              euiFieldProps={euiFieldProps}
+            />
           </EuiFlexItem>
         </EuiFlexGroup>
         {playgroundVisible && (

From 667a341ab9dcf35902e5a7b053e70c0e57606568 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 11 Apr 2022 11:28:46 +0200
Subject: [PATCH 05/18] Uncomment integration tests, and add saved queries
 check

---
 .../integration/all/add_integration.spec.ts   | 107 +++++++++---------
 1 file changed, 56 insertions(+), 51 deletions(-)

diff --git a/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts b/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts
index 673ff082a606c..d6f8e14381bc2 100644
--- a/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts
+++ b/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts
@@ -5,11 +5,11 @@
  * 2.0.
  */
 
-import { FLEET_AGENT_POLICIES, OLD_OSQUERY_MANAGER } from '../../tasks/navigation';
+import { FLEET_AGENT_POLICIES, navigateTo, OLD_OSQUERY_MANAGER } from '../../tasks/navigation';
 import { addIntegration, closeModalIfVisible } from '../../tasks/integrations';
 
 import { login } from '../../tasks/login';
-// import { findAndClickButton, findFormFieldByRowsLabelAndType } from '../../tasks/live_query';
+import { findAndClickButton, findFormFieldByRowsLabelAndType } from '../../tasks/live_query';
 import { ArchiverMethod, runKbnArchiverScript } from '../../tasks/archiver';
 import { DEFAULT_POLICY } from '../../screens/fleet';
 
@@ -76,53 +76,58 @@ describe('ALL - Add Integration', () => {
     addIntegration();
     cy.contains('osquery_manager-');
   });
-  // it('should have integration and packs copied when upgrading integration', () => {
-  //   const packageName = 'osquery_manager';
-  //   const oldVersion = '0.7.4';
-  //   const newVersion = '0.8.1';
-  //
-  //   cy.visit(`app/integrations/detail/${packageName}-${oldVersion}/overview`);
-  //   cy.contains('Add Osquery Manager').click();
-  //   cy.contains('Save and continue').click();
-  //   cy.contains('Add Elastic Agent later').click();
-  //   cy.contains('Upgrade');
-  //   cy.contains('Default policy').click();
-  //   cy.get('tr')
-  //     .should('contain', 'osquery_manager-2')
-  //     .and('contain', 'Osquery Manager')
-  //     .and('contain', `v${oldVersion}`);
-  //   cy.contains('Actions').click();
-  //   cy.contains('View policy').click();
-  //   cy.contains('name: osquery_manager-2');
-  //   cy.contains(`version: ${oldVersion}`);
-  //   cy.contains('Close').click();
-  //   navigateTo('app/osquery/packs');
-  //   findAndClickButton('Add pack');
-  //   findFormFieldByRowsLabelAndType('Name', 'Integration');
-  //   findFormFieldByRowsLabelAndType('Scheduled agent policies (optional)', '{downArrow} {enter}');
-  //   findAndClickButton('Add query');
-  //   cy.react('EuiComboBox', { props: { placeholder: 'Search for saved queries' } })
-  //     .click()
-  //     .type('{downArrow} {enter}');
-  //   cy.contains(/^Save$/).click();
-  //   cy.contains(/^Save pack$/).click();
-  //   cy.visit('app/fleet/policies');
-  //   cy.contains('Default policy').click();
-  //   cy.contains('Upgrade').click();
-  //   cy.contains(/^Advanced$/).click();
-  //   cy.contains('"Integration":');
-  //   cy.contains(/^Upgrade integration$/).click();
-  //   cy.contains(/^osquery_manager-2$/).click();
-  //   cy.contains(/^Advanced$/).click();
-  //   cy.contains('"Integration":');
-  //   cy.contains('Cancel').click();
-  //   cy.get('tr')
-  //     .should('contain', 'osquery_manager-2')
-  //     .and('contain', 'Osquery Manager')
-  //     .and('contain', `v${newVersion}`);
-  //   cy.contains('Actions').click();
-  //   cy.contains('View policy').click();
-  //   cy.contains('name: osquery_manager-2');
-  //   cy.contains(`version: ${newVersion}`);
-  // });
+  it('should have integration and packs copied when upgrading integration', () => {
+    const packageName = 'osquery_manager';
+    const oldVersion = '1.2.0';
+    const newVersion = '1.3.0';
+
+    cy.visit(`app/integrations/detail/${packageName}-${oldVersion}/overview`);
+    cy.contains('Add Osquery Manager').click();
+    cy.contains('Save and continue').click();
+    cy.contains('Add Elastic Agent later').click();
+    cy.contains('Upgrade');
+    cy.contains('Agent policy 1').click();
+    cy.get('tr')
+      .should('contain', 'osquery_manager-2')
+      .and('contain', 'Osquery Manager')
+      .and('contain', `v${oldVersion}`);
+    cy.contains('Actions').click();
+    cy.contains('View policy').click();
+    cy.contains('name: osquery_manager-2');
+    cy.contains(`version: ${oldVersion}`);
+    cy.contains('Close').click();
+    navigateTo('app/osquery/packs');
+    findAndClickButton('Add pack');
+    findFormFieldByRowsLabelAndType('Name', 'Integration');
+    findFormFieldByRowsLabelAndType('Scheduled agent policies (optional)', '{downArrow} {enter}');
+    findAndClickButton('Add query');
+    cy.react('EuiComboBox', { props: { placeholder: 'Search for saved queries' } })
+      .click()
+      .type('{downArrow} {enter}');
+    cy.contains(/^Save$/).click();
+    cy.contains(/^Save pack$/).click();
+    cy.visit('app/fleet/policies');
+    cy.contains('Agent policy 1').click();
+    cy.contains('Upgrade').click();
+    cy.contains(/^Advanced$/).click();
+    cy.contains('"Integration":');
+    cy.contains(/^Upgrade integration$/).click();
+    cy.contains(/^osquery_manager-2$/).click();
+    cy.contains(/^Advanced$/).click();
+    cy.contains('"Integration":');
+    cy.contains('Cancel').click();
+    cy.get('tr')
+      .should('contain', 'osquery_manager-2')
+      .and('contain', 'Osquery Manager')
+      .and('contain', `v${newVersion}`);
+    cy.contains('Actions').click();
+    cy.contains('View policy').click();
+    cy.contains('name: osquery_manager-2');
+    cy.contains(`version: ${newVersion}`);
+
+    // test list of prebuilt queries
+    navigateTo('/app/osquery/saved_queries');
+    cy.waitForReact();
+    cy.react('EuiTableRow').should('have.length.above', 5);
+  });
 });

From e673efb662169ee0543304dc1f3c70536f4f0b75 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Tue, 19 Apr 2022 09:26:52 +0200
Subject: [PATCH 06/18] Add test that gets saved object

---
 .../apis/epm/install_remove_assets.ts         | 19 +++++++++++++++++++
 .../apis/epm/update_assets.ts                 |  4 ++++
 2 files changed, 23 insertions(+)

diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
index 34cebed5b5d5a..e69ed7dd3580e 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
@@ -251,6 +251,16 @@ export default function (providerContext: FtrProviderContext) {
           resOsqueryPackAsset = err;
         }
         expect(resOsqueryPackAsset.response.data.statusCode).equal(404);
+        let resOsquerySavedQuery;
+        try {
+          resOsquerySavedQuery = await kibanaServer.savedObjects.get({
+            type: 'osquery-saved-query',
+            id: 'sample_osquery_saved_query',
+          });
+        } catch (err) {
+          resOsquerySavedQuery = err;
+        }
+        expect(resOsquerySavedQuery.response.data.statusCode).equal(404);
       });
       it('should have removed the saved object', async function () {
         let res;
@@ -443,6 +453,11 @@ const expectAssetsInstalled = ({
       id: 'sample_osquery_pack_asset',
     });
     expect(resOsqueryPackAsset.id).equal('sample_osquery_pack_asset');
+    const resOsquerySavedObject = await kibanaServer.savedObjects.get({
+      type: 'osquery-saved-query',
+      id: 'sample_osquery_saved_query',
+    });
+    expect(resOsquerySavedObject.id).equal('sample_osquery_saved_query');
     const resCloudSecurityPostureRuleTemplate = await kibanaServer.savedObjects.get({
       type: 'csp-rule-template',
       id: 'sample_csp_rule_template',
@@ -526,6 +541,10 @@ const expectAssetsInstalled = ({
           id: 'sample_osquery_pack_asset',
           type: 'osquery-pack-asset',
         },
+        {
+          id: 'sample_osquery_saved_query',
+          type: 'osquery-saved-query',
+        },
         {
           id: 'sample_search',
           type: 'search',
diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
index b73ca9537990c..545689c5abe3d 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
@@ -400,6 +400,10 @@ export default function (providerContext: FtrProviderContext) {
             id: 'sample_osquery_pack_asset',
             type: 'osquery-pack-asset',
           },
+          {
+            id: 'sample_osquery_saved_query',
+            type: 'osquery-saved-query',
+          },
         ],
         installed_es: [
           {

From 8aa63a1cc0804ad4c4a800813fcbcb162b44f2e5 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Tue, 19 Apr 2022 13:27:11 +0200
Subject: [PATCH 07/18] add saved_query to mocks

---
 .../pages/policy/view/ingest_manager_integration/mocks.tsx       | 1 +
 1 file changed, 1 insertion(+)

diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx
index a6e0a80d9793c..d4522fe289ab1 100644
--- a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx
+++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/mocks.tsx
@@ -174,6 +174,7 @@ export const generateFleetPackageInfo = (): PackageInfo => {
         security_rule: [],
         tag: [],
         osquery_pack_asset: [],
+        osquery_saved_query: [],
       },
       elasticsearch: {
         ingest_pipeline: [],

From 41ec3ccd9a337e969badc20d678470ac07eb2d23 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Wed, 4 May 2022 11:58:00 +0200
Subject: [PATCH 08/18] pass props with disabled flag to ecs editor

---
 x-pack/plugins/osquery/public/saved_queries/form/index.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
index 77205ce4f4602..ec87f430eea92 100644
--- a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
+++ b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx
@@ -85,7 +85,7 @@ const SavedQueryFormComponent: React.FC<SavedQueryFormProps> = ({
       <EuiSpacer size="xl" />
       <EuiFlexGroup>
         <EuiFlexItem>
-          <ECSMappingEditorField />
+          <ECSMappingEditorField euiFieldProps={euiFieldProps} />
         </EuiFlexItem>
       </EuiFlexGroup>
       {!viewMode && hasPlayground && (

From 80c2633a6d42e3d0466def1ec6d73e26dbd9479d Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Wed, 4 May 2022 14:13:07 +0200
Subject: [PATCH 09/18] update translations key

---
 x-pack/plugins/translations/translations/fr-FR.json | 2 +-
 x-pack/plugins/translations/translations/ja-JP.json | 2 +-
 x-pack/plugins/translations/translations/zh-CN.json | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json
index 9bc497a66f473..d1ce2fc3bdd03 100644
--- a/x-pack/plugins/translations/translations/fr-FR.json
+++ b/x-pack/plugins/translations/translations/fr-FR.json
@@ -12796,7 +12796,7 @@
     "xpack.fleet.epm.assetTitles.maps": "Cartes",
     "xpack.fleet.epm.assetTitles.mlModels": "Modèles ML",
     "xpack.fleet.epm.assetTitles.mlModules": "Modules ML",
-    "xpack.fleet.epm.assetTitles.osqueryPackAsset": "Packs Osquery",
+    "xpack.fleet.epm.assetTitles.osqueryPackAssets": "Packs Osquery",
     "xpack.fleet.epm.assetTitles.savedSearches": "Recherches enregistrées",
     "xpack.fleet.epm.assetTitles.securityRules": "Règles de sécurité",
     "xpack.fleet.epm.assetTitles.tag": "Balise",
diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
index 9c22df3fdabb2..552dba79002cb 100644
--- a/x-pack/plugins/translations/translations/ja-JP.json
+++ b/x-pack/plugins/translations/translations/ja-JP.json
@@ -12804,7 +12804,7 @@
     "xpack.fleet.epm.assetTitles.maps": "マップ",
     "xpack.fleet.epm.assetTitles.mlModels": "MLモデル",
     "xpack.fleet.epm.assetTitles.mlModules": "機械学習モジュール",
-    "xpack.fleet.epm.assetTitles.osqueryPackAsset": "Osqueryパック",
+    "xpack.fleet.epm.assetTitles.osqueryPackAssets": "Osqueryパック",
     "xpack.fleet.epm.assetTitles.savedSearches": "保存された検索",
     "xpack.fleet.epm.assetTitles.securityRules": "セキュリティルール",
     "xpack.fleet.epm.assetTitles.tag": "タグ",
diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
index 6c6a5d60ed320..9a6c1d54993bb 100644
--- a/x-pack/plugins/translations/translations/zh-CN.json
+++ b/x-pack/plugins/translations/translations/zh-CN.json
@@ -12829,7 +12829,7 @@
     "xpack.fleet.epm.assetTitles.maps": "Maps",
     "xpack.fleet.epm.assetTitles.mlModels": "ML 模型",
     "xpack.fleet.epm.assetTitles.mlModules": "ML 模块",
-    "xpack.fleet.epm.assetTitles.osqueryPackAsset": "Osquery 包",
+    "xpack.fleet.epm.assetTitles.osqueryPackAssets": "Osquery 包",
     "xpack.fleet.epm.assetTitles.savedSearches": "已保存的搜索",
     "xpack.fleet.epm.assetTitles.securityRules": "安全规则",
     "xpack.fleet.epm.assetTitles.tag": "标签",

From aead9f0dbde181b2d893ba9c3aa56369d6efb137 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 10:39:17 +0200
Subject: [PATCH 10/18] [WIP] change tests to see ID

---
 .../fleet_api_integration/apis/epm/install_remove_assets.ts   | 4 ++++
 x-pack/test/fleet_api_integration/apis/epm/update_assets.ts   | 1 +
 2 files changed, 5 insertions(+)

diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
index d1ab03ab8772a..1901e030e49e3 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
@@ -706,6 +706,10 @@ const expectAssetsInstalled = ({
           id: '313ddb31-e70a-59e8-8287-310d4652a9b7',
           type: 'epm-packages-assets',
         },
+        {
+          id: 'test-id-7',
+          type: 'epm-packages-assets',
+        },
         {
           id: 'e786cbd9-0f3b-5a0b-82a6-db25145ebf58',
           type: 'epm-packages-assets',
diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
index cc5280e1dbe23..87e68887ba73e 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
@@ -488,6 +488,7 @@ export default function (providerContext: FtrProviderContext) {
           { id: '7f4c5aca-b4f5-5f0a-95af-051da37513fc', type: 'epm-packages-assets' },
           { id: '4281a436-45a8-54ab-9724-fda6849f789d', type: 'epm-packages-assets' },
           { id: 'cb0bbdd7-e043-508b-91c0-09e4cc0f5a3c', type: 'epm-packages-assets' },
+          { id: 'test-id-8', type: 'epm-packages-assets' },
           { id: '2e56f08b-1d06-55ed-abee-4708e1ccf0aa', type: 'epm-packages-assets' },
           { id: '4035007b-9c33-5227-9803-2de8a17523b5', type: 'epm-packages-assets' },
           { id: 'e6ae7d31-6920-5408-9219-91ef1662044b', type: 'epm-packages-assets' },

From cad793c27dc2837a447ddb6fd63212b24e122591 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 13:52:08 +0200
Subject: [PATCH 11/18] add sample saved query

---
 .../sample_osquery_saved_query.json           | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.1.0/kibana/osquery_saved_query/sample_osquery_saved_query.json

diff --git a/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.1.0/kibana/osquery_saved_query/sample_osquery_saved_query.json b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.1.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
new file mode 100644
index 0000000000000..d0a647ff5e0cf
--- /dev/null
+++ b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.1.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
@@ -0,0 +1,24 @@
+{
+  "attributes": {
+    "created_at": "2021-12-21T08:54:07.802Z",
+    "created_by": "elastic",
+    "description": "Test saved query description",
+    "ecs_mapping": [
+      {
+        "key": "labels",
+        "value": {
+          "field": "hours"
+        }
+      }
+    ],
+    "id": "Saved-Query-Id",
+    "interval": "3600",
+    "query": "select * from uptime;",
+    "platform": "linux,darwin",
+    "version": 1
+  },
+  "coreMigrationVersion": "8.1.0",
+  "references": [],
+  "id": "sample_osquery_saved_query",
+  "type": "osquery-saved-query"
+}

From 6c1e8d8a9552c1b2817ba8aa37de5ffdde5cd3b1 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 14:48:47 +0200
Subject: [PATCH 12/18] change id for test, and adjust width of saved query
 columns

---
 .../public/routes/saved_queries/list/index.tsx   | 16 +++++++++++++++-
 .../apis/epm/install_remove_assets.ts            |  2 +-
 .../apis/epm/update_assets.ts                    |  2 +-
 3 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
index e742958b989f0..bac470d650f3b 100644
--- a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
@@ -14,6 +14,7 @@ import {
   EuiFlexItem,
   EuiText,
   EuiBasicTableColumn,
+  EuiToolTip,
 } from '@elastic/eui';
 import React, { useCallback, useMemo, useState } from 'react';
 import { i18n } from '@kbn/i18n';
@@ -145,6 +146,15 @@ const SavedQueriesPageComponent = () => {
     return updatedAt ? `${moment(updatedAt).fromNow()}${updatedBy}` : '-';
   }, []);
 
+  const renderDescriptionColumn = useCallback((description: string) => {
+    const content = description.length > 80 ? `${description.substring(0, 80)}...` : description;
+
+    return (
+      <EuiToolTip content={<EuiFlexItem>{description}</EuiFlexItem>}>
+        <EuiFlexItem grow={false}>{content}</EuiFlexItem>
+      </EuiToolTip>
+    );
+  }, []);
   const columns: Array<EuiBasicTableColumn<SavedQuerySO>> = useMemo(
     () => [
       {
@@ -154,19 +164,22 @@ const SavedQueriesPageComponent = () => {
         }),
         sortable: (item) => item.attributes.id.toLowerCase(),
         truncateText: true,
+        width: '15%',
       },
       {
         field: 'attributes.description',
         name: i18n.translate('xpack.osquery.savedQueries.table.descriptionColumnTitle', {
           defaultMessage: 'Description',
         }),
-        truncateText: true,
+        render: renderDescriptionColumn,
+        width: '50%',
       },
       {
         field: 'attributes.created_by',
         name: i18n.translate('xpack.osquery.savedQueries.table.createdByColumnTitle', {
           defaultMessage: 'Created by',
         }),
+        width: '15%',
         sortable: true,
         truncateText: true,
       },
@@ -175,6 +188,7 @@ const SavedQueriesPageComponent = () => {
         name: i18n.translate('xpack.osquery.savedQueries.table.updatedAtColumnTitle', {
           defaultMessage: 'Last updated at',
         }),
+        width: '10%',
         sortable: (item) =>
           item.attributes.updated_at ? Date.parse(item.attributes.updated_at) : 0,
         truncateText: true,
diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
index 1901e030e49e3..b206e584b94b3 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
@@ -707,7 +707,7 @@ const expectAssetsInstalled = ({
           type: 'epm-packages-assets',
         },
         {
-          id: 'test-id-7',
+          id: '24a74223-5fdb-52ca-9cb5-b2cdd2a42b07',
           type: 'epm-packages-assets',
         },
         {
diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
index 87e68887ba73e..4f3eee825f264 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
@@ -488,7 +488,7 @@ export default function (providerContext: FtrProviderContext) {
           { id: '7f4c5aca-b4f5-5f0a-95af-051da37513fc', type: 'epm-packages-assets' },
           { id: '4281a436-45a8-54ab-9724-fda6849f789d', type: 'epm-packages-assets' },
           { id: 'cb0bbdd7-e043-508b-91c0-09e4cc0f5a3c', type: 'epm-packages-assets' },
-          { id: 'test-id-8', type: 'epm-packages-assets' },
+          { id: '24a74223-5fdb-52ca-9cb5-b2cdd2a42b07', type: 'epm-packages-assets' },
           { id: '2e56f08b-1d06-55ed-abee-4708e1ccf0aa', type: 'epm-packages-assets' },
           { id: '4035007b-9c33-5227-9803-2de8a17523b5', type: 'epm-packages-assets' },
           { id: 'e6ae7d31-6920-5408-9219-91ef1662044b', type: 'epm-packages-assets' },

From 258f64292555b9624384bfe0d9d988b9da839ae1 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 15:02:43 +0200
Subject: [PATCH 13/18] fix usememo

---
 .../plugins/osquery/public/routes/saved_queries/list/index.tsx  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
index bac470d650f3b..d3863f57e70be 100644
--- a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
@@ -201,7 +201,7 @@ const SavedQueriesPageComponent = () => {
         actions: [{ render: renderPlayAction }, { render: renderEditAction }],
       },
     ],
-    [renderEditAction, renderPlayAction, renderUpdatedAt]
+    [renderDescriptionColumn, renderEditAction, renderPlayAction, renderUpdatedAt]
   );
 
   const onTableChange = useCallback(({ page = {}, sort = {} }) => {

From 89bb6b9168d9e9b5bdb8d48e00fddf2ef146caf9 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 16:55:16 +0200
Subject: [PATCH 14/18] add 0.2.0 so

---
 .../sample_osquery_saved_query.json           | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.2.0/kibana/osquery_saved_query/sample_osquery_saved_query.json

diff --git a/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.2.0/kibana/osquery_saved_query/sample_osquery_saved_query.json b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.2.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
new file mode 100644
index 0000000000000..d0a647ff5e0cf
--- /dev/null
+++ b/x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets/0.2.0/kibana/osquery_saved_query/sample_osquery_saved_query.json
@@ -0,0 +1,24 @@
+{
+  "attributes": {
+    "created_at": "2021-12-21T08:54:07.802Z",
+    "created_by": "elastic",
+    "description": "Test saved query description",
+    "ecs_mapping": [
+      {
+        "key": "labels",
+        "value": {
+          "field": "hours"
+        }
+      }
+    ],
+    "id": "Saved-Query-Id",
+    "interval": "3600",
+    "query": "select * from uptime;",
+    "platform": "linux,darwin",
+    "version": 1
+  },
+  "coreMigrationVersion": "8.1.0",
+  "references": [],
+  "id": "sample_osquery_saved_query",
+  "type": "osquery-saved-query"
+}

From 65812334adde19ceb956f79529b40da7754eb753 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 17:59:24 +0200
Subject: [PATCH 15/18] add console log

---
 x-pack/test/fleet_api_integration/apis/epm/update_assets.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
index 4f3eee825f264..98c8d8ccdda5f 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
@@ -361,6 +361,8 @@ export default function (providerContext: FtrProviderContext) {
         type: 'epm-packages',
         id: 'all_assets',
       });
+
+      console.log('RES:', JSON.stringify(res, null, 2));
       expect(res.attributes).eql({
         installed_kibana_space_id: 'default',
         installed_kibana: [

From fba7e5c5e373df7c44035b89fde7d0899ad21527 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 18:17:24 +0200
Subject: [PATCH 16/18] fix missing object

---
 x-pack/test/fleet_api_integration/apis/epm/update_assets.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
index 98c8d8ccdda5f..6a3c7f3a6eaf3 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
@@ -362,7 +362,6 @@ export default function (providerContext: FtrProviderContext) {
         id: 'all_assets',
       });
 
-      console.log('RES:', JSON.stringify(res, null, 2));
       expect(res.attributes).eql({
         installed_kibana_space_id: 'default',
         installed_kibana: [
@@ -489,6 +488,7 @@ export default function (providerContext: FtrProviderContext) {
           { id: 'bf3b0b65-9fdc-53c6-a9ca-e76140e56490', type: 'epm-packages-assets' },
           { id: '7f4c5aca-b4f5-5f0a-95af-051da37513fc', type: 'epm-packages-assets' },
           { id: '4281a436-45a8-54ab-9724-fda6849f789d', type: 'epm-packages-assets' },
+          { id: '6a87d1a5-adf8-5a30-82c4-4c3b8298272b', type: 'epm-packages-assets' },
           { id: 'cb0bbdd7-e043-508b-91c0-09e4cc0f5a3c', type: 'epm-packages-assets' },
           { id: '24a74223-5fdb-52ca-9cb5-b2cdd2a42b07', type: 'epm-packages-assets' },
           { id: '2e56f08b-1d06-55ed-abee-4708e1ccf0aa', type: 'epm-packages-assets' },

From caa03f5ea9f7bbf34d00a357b7ee79bc7613ee34 Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Mon, 16 May 2022 20:18:15 +0200
Subject: [PATCH 17/18] remove new id

---
 x-pack/test/fleet_api_integration/apis/epm/update_assets.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
index 6a3c7f3a6eaf3..6cbedf68da567 100644
--- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
+++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts
@@ -488,9 +488,8 @@ export default function (providerContext: FtrProviderContext) {
           { id: 'bf3b0b65-9fdc-53c6-a9ca-e76140e56490', type: 'epm-packages-assets' },
           { id: '7f4c5aca-b4f5-5f0a-95af-051da37513fc', type: 'epm-packages-assets' },
           { id: '4281a436-45a8-54ab-9724-fda6849f789d', type: 'epm-packages-assets' },
-          { id: '6a87d1a5-adf8-5a30-82c4-4c3b8298272b', type: 'epm-packages-assets' },
           { id: 'cb0bbdd7-e043-508b-91c0-09e4cc0f5a3c', type: 'epm-packages-assets' },
-          { id: '24a74223-5fdb-52ca-9cb5-b2cdd2a42b07', type: 'epm-packages-assets' },
+          { id: '6a87d1a5-adf8-5a30-82c4-4c3b8298272b', type: 'epm-packages-assets' },
           { id: '2e56f08b-1d06-55ed-abee-4708e1ccf0aa', type: 'epm-packages-assets' },
           { id: '4035007b-9c33-5227-9803-2de8a17523b5', type: 'epm-packages-assets' },
           { id: 'e6ae7d31-6920-5408-9219-91ef1662044b', type: 'epm-packages-assets' },

From 96763ba74cffbf4a9ccc9219184d24d659f747dd Mon Sep 17 00:00:00 2001
From: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Date: Tue, 17 May 2022 08:17:37 +0200
Subject: [PATCH 18/18] fix description to be optional;

---
 .../osquery/public/routes/saved_queries/list/index.tsx       | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
index d3863f57e70be..2fe33261e69d9 100644
--- a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
+++ b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx
@@ -146,8 +146,9 @@ const SavedQueriesPageComponent = () => {
     return updatedAt ? `${moment(updatedAt).fromNow()}${updatedBy}` : '-';
   }, []);
 
-  const renderDescriptionColumn = useCallback((description: string) => {
-    const content = description.length > 80 ? `${description.substring(0, 80)}...` : description;
+  const renderDescriptionColumn = useCallback((description?: string) => {
+    const content =
+      description && description.length > 80 ? `${description?.substring(0, 80)}...` : description;
 
     return (
       <EuiToolTip content={<EuiFlexItem>{description}</EuiFlexItem>}>