[ Security Solution ] One discover security context functional tests#199818
Merged
logeekal merged 17 commits intoelastic:mainfrom Dec 10, 2024
Merged
[ Security Solution ] One discover security context functional tests#199818logeekal merged 17 commits intoelastic:mainfrom
logeekal merged 17 commits intoelastic:mainfrom
Conversation
logeekal
force-pushed
the
one_discover_security_functional_tests
branch
from
b06148d to
09d04ec
Compare
Contributor
Author
|
/ci |
Contributor
Author
|
/ci |
logeekal
commented
Dec 4, 2024
|
|
||
| import { createTestConfig } from '../../config.base'; | ||
|
|
||
| export default createTestConfig({ |
Contributor
Author
There was a problem hiding this comment.
@elastic/kibana-data-discovery team, I have created a separate config for example profiles, because if example profiles are activated, they override any solution profile that may be available.
With this approach we are able to keep tests for example profiles and solution profiles separate. Let me know if you think this approach is not optimal.
Contributor
There was a problem hiding this comment.
This approach makes sense to me and is similar to what O11y did. They kept the existing config and just added their tests to their existing O11y config, but IMO Security can structure it however you'd like as long as the example tests still run.
My only minor nit would be I'd personally go with config.examples. instead of config.example. for consistency with other example tests, but just an observation and fine on my end either way.
logeekal
added
release_note:skip
Contributor
|
Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations) |
logeekal
changed the title
logeekal
changed the title
wayneseymour
suggested changes
Dec 4, 2024
Contributor
wayneseymour
left a comment
wayneseymour
left a comment
There was a problem hiding this comment.
Looks good, just some questions.
x-pack/test_serverless/functional/test_suites/security/config.example.context_awareness.ts
Show resolved
Hide resolved
...rverless/functional/test_suites/security/ftr/one_discover/context_awareness/cell_renderer.ts
Outdated
Show resolved
Hide resolved
...rverless/functional/test_suites/security/ftr/one_discover/context_awareness/cell_renderer.ts
Show resolved
Hide resolved
wayneseymour
reviewed
Dec 4, 2024
| export default createTestConfig({ | ||
| serverlessProject: 'security', | ||
| testFiles: [require.resolve('../common/discover/context_awareness')], | ||
| testFiles: [require.resolve('./ftr/one_discover/context_awareness')], |
Contributor
There was a problem hiding this comment.
Curious, what's the one_discover convention mean semantically?
Contributor
Author
There was a problem hiding this comment.
Actually, One discover is the name of the project that discover is going through it enables solutions to customize various discover elements.
I am happy to change it to discover if one_discover is confusing and need not be used in code. Will appreciate any comments from you as well @davismcphee
Contributor
There was a problem hiding this comment.
I'd probably recommend going with just discover instead. We're calling the program One Discover currently, but I imagine these tests could outlive that naming.
wayneseymour
approved these changes
Dec 4, 2024
Ikuni17
approved these changes
Dec 4, 2024
logeekal
changed the title
davismcphee
approved these changes
Dec 5, 2024
Contributor
davismcphee
left a comment
davismcphee
left a comment
There was a problem hiding this comment.
Left a couple minor comments, but it LGTM! Thanks for adding functional tests 👍
.github/CODEOWNERS
Outdated
| /x-pack/test_serverless/functional/test_suites/security/config.examples.ts @elastic/kibana-data-discovery | ||
| /x-pack/test_serverless/functional/test_suites/security/config.example.context_awareness.ts @elastic/kibana-data-discovery | ||
| /x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts @elastic/security-threat-hunting-investigations @elastic/kibana-data-discovery | ||
| /x-pack/test_serverless/functional/test_suites/security/constants.ts @elastic/kibana-data-discovery |
Contributor
There was a problem hiding this comment.
Suggested change
| /x-pack/test_serverless/functional/test_suites/security/constants.ts @elastic/kibana-data-discovery | |
| /x-pack/test_serverless/functional/test_suites/security/constants.ts @elastic/security-threat-hunting-investigations |
Should this be assigned to us or Threat Hunting Investigations?
Contributor
Author
There was a problem hiding this comment.
Fixed and changed it to Security Solution here : 618316c
| export default createTestConfig({ | ||
| serverlessProject: 'security', | ||
| testFiles: [require.resolve('../common/discover/context_awareness')], | ||
| testFiles: [require.resolve('./ftr/one_discover/context_awareness')], |
Contributor
There was a problem hiding this comment.
I'd probably recommend going with just discover instead. We're calling the program One Discover currently, but I imagine these tests could outlive that naming.
|
|
||
| import { createTestConfig } from '../../config.base'; | ||
|
|
||
| export default createTestConfig({ |
Contributor
There was a problem hiding this comment.
This approach makes sense to me and is similar to what O11y did. They kept the existing config and just added their tests to their existing O11y config, but IMO Security can structure it however you'd like as long as the example tests still run.
My only minor nit would be I'd personally go with config.examples. instead of config.example. for consistency with other example tests, but just an observation and fine on my end either way.
Contributor
💚 Build Succeeded
Metrics [docs]
History
|
CAWilson94
pushed a commit
to CAWilson94/kibana
that referenced
this pull request
Dec 12, 2024
…lastic#199818) ## Summary Fixes elastic/security-team#11112 Follow up to - elastic#199279 Adds functional test for Security Profiles in One Discover. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
logeekal
added a commit
to logeekal/kibana
that referenced
this pull request
Jun 24, 2025
…lastic#199818) ## Summary Fixes elastic/security-team#11112 Follow up to - elastic#199279 Adds functional test for Security Profiles in One Discover. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 9619d61) # Conflicts: # .github/CODEOWNERS # x-pack/test_serverless/functional/test_suites/security/constants.ts
logeekal
added a commit
that referenced
this pull request
Jun 24, 2025
…nt timeline redirection (#204756) (#224984) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Add Host/User flyout in One Discover. (#199279)](#199279) - [[ Security Solution ] One discover security context functional tests (#199818)](#199818) - [[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)](#204756) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Jatin Kathuria","email":"jatin.kathuria@elastic.co"},"sourceCommit":{"committedDate":"2024-11-29T13:04:58Z","message":"[Security Solution] Add Host/User flyout in One Discover. (#199279)\n\n## Summary\n\nHandles https://github.com/elastic/kibana/issues/191998\n\nFollow up work:\n - https://github.com/elastic/security-team/issues/11112\n - https://github.com/elastic/kibana/issues/196667\n\n\nThis PR add below entity flyouts for below entities in One Discover:\n- host.name\n- user.name\n- source.ip\n- destination.ip\n\n\nIn this PR we re-use the security solution code by making use of below\nmodel based on `discover-shared` plugin.\n\n```mermaid\nflowchart TD\n discoverShared[\"Discover Shared\"]\n securitySolution[\"Security Solution\"]\n discover[\"Discover\"]\n\n\n securitySolution -- \"registers Features\" --> discoverShared\n discover -- \"consume Features\" --> discoverShared\n\n```\n\n## How to Test\n\n>[!Note]\n>This PR adds `security-root-profile` in One discover which is currently\nin `experimental mode`. All changes below can only be tested when\nprofile is activated. Profile can activated by adding below lines in\n`config/kibana.dev.yml`\n> ```yaml\n> discover.experimental.enabledProfiles:\n> - security-root-profile\n> ```\n>\n\n1. As mentioned above, adding above experimental flag in\n`kibana.dev.yml`.\n2. Spin up Security Serverless project and add some alert Data.\n3. Navigate to Discover and add columns `host.name` and `user.name` in\ntable. Now `host` and `user` flyouts should be available on clicking\n`host.name`, `user.name`, `source.ip` & `destination.ip`.\n4. Flyout should work without any error.\n5. Below things are not working and will be tackled in followup PR :\n - Security Hover actions\n - Actions such as `Add to Timeline` or `Add to Case` \n\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c80f91efebfc783c1b8f64dbad479deeb6586d1c","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Threat Hunting:Investigations","Project:OneDiscover","backport:version","v9.1.0","v8.19.0"],"title":"[Security Solution] Add Host/User flyout in One Discover.","number":199279,"url":"https://github.com/elastic/kibana/pull/199279","mergeCommit":{"message":"[Security Solution] Add Host/User flyout in One Discover. (#199279)\n\n## Summary\n\nHandles https://github.com/elastic/kibana/issues/191998\n\nFollow up work:\n - https://github.com/elastic/security-team/issues/11112\n - https://github.com/elastic/kibana/issues/196667\n\n\nThis PR add below entity flyouts for below entities in One Discover:\n- host.name\n- user.name\n- source.ip\n- destination.ip\n\n\nIn this PR we re-use the security solution code by making use of below\nmodel based on `discover-shared` plugin.\n\n```mermaid\nflowchart TD\n discoverShared[\"Discover Shared\"]\n securitySolution[\"Security Solution\"]\n discover[\"Discover\"]\n\n\n securitySolution -- \"registers Features\" --> discoverShared\n discover -- \"consume Features\" --> discoverShared\n\n```\n\n## How to Test\n\n>[!Note]\n>This PR adds `security-root-profile` in One discover which is currently\nin `experimental mode`. All changes below can only be tested when\nprofile is activated. Profile can activated by adding below lines in\n`config/kibana.dev.yml`\n> ```yaml\n> discover.experimental.enabledProfiles:\n> - security-root-profile\n> ```\n>\n\n1. As mentioned above, adding above experimental flag in\n`kibana.dev.yml`.\n2. Spin up Security Serverless project and add some alert Data.\n3. Navigate to Discover and add columns `host.name` and `user.name` in\ntable. Now `host` and `user` flyouts should be available on clicking\n`host.name`, `user.name`, `source.ip` & `destination.ip`.\n4. Flyout should work without any error.\n5. Below things are not working and will be tackled in followup PR :\n - Security Hover actions\n - Actions such as `Add to Timeline` or `Add to Case` \n\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c80f91efebfc783c1b8f64dbad479deeb6586d1c"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199279","number":199279,"mergeCommit":{"message":"[Security Solution] Add Host/User flyout in One Discover. (#199279)\n\n## Summary\n\nHandles https://github.com/elastic/kibana/issues/191998\n\nFollow up work:\n - https://github.com/elastic/security-team/issues/11112\n - https://github.com/elastic/kibana/issues/196667\n\n\nThis PR add below entity flyouts for below entities in One Discover:\n- host.name\n- user.name\n- source.ip\n- destination.ip\n\n\nIn this PR we re-use the security solution code by making use of below\nmodel based on `discover-shared` plugin.\n\n```mermaid\nflowchart TD\n discoverShared[\"Discover Shared\"]\n securitySolution[\"Security Solution\"]\n discover[\"Discover\"]\n\n\n securitySolution -- \"registers Features\" --> discoverShared\n discover -- \"consume Features\" --> discoverShared\n\n```\n\n## How to Test\n\n>[!Note]\n>This PR adds `security-root-profile` in One discover which is currently\nin `experimental mode`. All changes below can only be tested when\nprofile is activated. Profile can activated by adding below lines in\n`config/kibana.dev.yml`\n> ```yaml\n> discover.experimental.enabledProfiles:\n> - security-root-profile\n> ```\n>\n\n1. As mentioned above, adding above experimental flag in\n`kibana.dev.yml`.\n2. Spin up Security Serverless project and add some alert Data.\n3. Navigate to Discover and add columns `host.name` and `user.name` in\ntable. Now `host` and `user` flyouts should be available on clicking\n`host.name`, `user.name`, `source.ip` & `destination.ip`.\n4. Flyout should work without any error.\n5. Below things are not working and will be tackled in followup PR :\n - Security Hover actions\n - Actions such as `Add to Timeline` or `Add to Case` \n\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"c80f91efebfc783c1b8f64dbad479deeb6586d1c"}},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]},{"author":{"name":"Jatin Kathuria","email":"jtn.kathuria@gmail.com"},"sourceCommit":{"committedDate":"2024-12-10T09:38:43Z","message":"[ Security Solution ] One discover security context functional tests (#199818)\n\n## Summary\n\nFixes https://github.com/elastic/security-team/issues/11112\n\nFollow up to \n- https://github.com/elastic/kibana/pull/199279\n\nAdds functional test for Security Profiles in One Discover.\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"9619d610d17e056564365015858011e5e41b2209","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:skip","v9.0.0","Team:Threat Hunting:Investigations","Project:OneDiscover"],"title":"[ Security Solution ] One discover security context functional tests","number":199818,"url":"https://github.com/elastic/kibana/pull/199818","mergeCommit":{"message":"[ Security Solution ] One discover security context functional tests (#199818)\n\n## Summary\n\nFixes https://github.com/elastic/security-team/issues/11112\n\nFollow up to \n- https://github.com/elastic/kibana/pull/199279\n\nAdds functional test for Security Profiles in One Discover.\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"9619d610d17e056564365015858011e5e41b2209"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199818","number":199818,"mergeCommit":{"message":"[ Security Solution ] One discover security context functional tests (#199818)\n\n## Summary\n\nFixes https://github.com/elastic/security-team/issues/11112\n\nFollow up to \n- https://github.com/elastic/kibana/pull/199279\n\nAdds functional test for Security Profiles in One Discover.\n\n\n### Checklist\n\nDelete any items that are not applicable to this PR.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"9619d610d17e056564365015858011e5e41b2209"}}]},{"author":{"name":"Jatin Kathuria","email":"jatin.kathuria@elastic.co"},"sourceCommit":{"committedDate":"2025-06-24T00:39:29Z","message":"[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)\n\n## Summary\n\nThis PR customized Discover's Security Root Profile with 3 new changes.\n\\\n\nWith this change Discover's Security profile ceases to be\n`experimental`. Below are the changes listed one in this profile.\n\n>[!Note]\n> This change also removes the Flyout changes that were added for\nsecurity solution to the Discover's security profile.\n\n\n### Row Indicators.\n\nAdds row indicators based on Alert or an event as shown in the\nscreenshot below. Note the highlights on the left of the row.\n\n`Yellow` for Alerts.\n`Gray` for Events.\n\n\n\n\n### Default list of Columns.\n\nAdds the list of default columns that should appear when security\nprofile is activated.\n\n\n\n\n### Explore in Security Flyout.\n\nAs shown the demo below, this action explores and event or an alert in\nsecurity solution as shown in the screenshot below.\n\n\n\n\nhttps://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985\n\n\n\n\n\n\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Davis McPhee <davis.mcphee@elastic.co>","sha":"fbec7db5b09133d0e2a83bc841bf7192f9b648e7","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Threat Hunting:Investigations","backport:version","v9.1.0","v8.19.0"],"title":"[Security Solution] Discover Security Profile Changes + Event timeline redirection","number":204756,"url":"https://github.com/elastic/kibana/pull/204756","mergeCommit":{"message":"[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)\n\n## Summary\n\nThis PR customized Discover's Security Root Profile with 3 new changes.\n\\\n\nWith this change Discover's Security profile ceases to be\n`experimental`. Below are the changes listed one in this profile.\n\n>[!Note]\n> This change also removes the Flyout changes that were added for\nsecurity solution to the Discover's security profile.\n\n\n### Row Indicators.\n\nAdds row indicators based on Alert or an event as shown in the\nscreenshot below. Note the highlights on the left of the row.\n\n`Yellow` for Alerts.\n`Gray` for Events.\n\n\n\n\n### Default list of Columns.\n\nAdds the list of default columns that should appear when security\nprofile is activated.\n\n\n\n\n### Explore in Security Flyout.\n\nAs shown the demo below, this action explores and event or an alert in\nsecurity solution as shown in the screenshot below.\n\n\n\n\nhttps://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985\n\n\n\n\n\n\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Davis McPhee <davis.mcphee@elastic.co>","sha":"fbec7db5b09133d0e2a83bc841bf7192f9b648e7"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/204756","number":204756,"mergeCommit":{"message":"[Security Solution] Discover Security Profile Changes + Event timeline redirection (#204756)\n\n## Summary\n\nThis PR customized Discover's Security Root Profile with 3 new changes.\n\\\n\nWith this change Discover's Security profile ceases to be\n`experimental`. Below are the changes listed one in this profile.\n\n>[!Note]\n> This change also removes the Flyout changes that were added for\nsecurity solution to the Discover's security profile.\n\n\n### Row Indicators.\n\nAdds row indicators based on Alert or an event as shown in the\nscreenshot below. Note the highlights on the left of the row.\n\n`Yellow` for Alerts.\n`Gray` for Events.\n\n\n\n\n### Default list of Columns.\n\nAdds the list of default columns that should appear when security\nprofile is activated.\n\n\n\n\n### Explore in Security Flyout.\n\nAs shown the demo below, this action explores and event or an alert in\nsecurity solution as shown in the screenshot below.\n\n\n\n\nhttps://github.com/user-attachments/assets/4c228bb1-60af-433b-8e8f-1a5d4d049985\n\n\n\n\n\n\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Davis McPhee <davis.mcphee@elastic.co>","sha":"fbec7db5b09133d0e2a83bc841bf7192f9b648e7"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes https://github.com/elastic/security-team/issues/11112
Follow up to
Adds functional test for Security Profiles in One Discover.
Checklist
Delete any items that are not applicable to this PR.