From 5596af33099646b37fda51419da890cf3475177f Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 29 Apr 2025 17:56:52 +0100 Subject: [PATCH 01/51] saved object for engine monitoring config, type started WiP --- .../monitoring_entity_source_type.ts | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts new file mode 100644 index 0000000000000..cffa55e82958b --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -0,0 +1,40 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SavedObjectsType } from '@kbn/core/server'; +import type { SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; +import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; + +export const privilegeMonitoringTypeName = 'monitoring-entity-source-status'; // does it need to be status? + +export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings'] = { + dynamic: false, + properties: { + status: { + type: 'keyword', + }, + }, +}; + +const version1: SavedObjectsModelVersion = { + changes: [ + { + type: 'mappings_addition', + addedMappings: { + status: { type: 'keyword' }, + }, + }, + ], +}; +export const privilegeMonitoringType: SavedObjectsType = { + name: privilegeMonitoringTypeName, + indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, // TODO: check if this is correct, reference OG init api ticket against the engine saved object there. + hidden: false, + namespaceType: 'multiple-isolated', + mappings: monitoringEntitySourceTypeNameMappings, + modelVersions: { 1: version1 }, +}; From 990132a0e22ccb3502c818636d474c24657ef8b4 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 30 Apr 2025 09:52:32 +0100 Subject: [PATCH 02/51] add all schema items to SOMapping for SavedObjectsTyoe --- .../monitoring_entity_source_type.ts | 38 ++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index cffa55e82958b..93c9acda4f464 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -14,9 +14,45 @@ export const privilegeMonitoringTypeName = 'monitoring-entity-source-status'; // export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings'] = { dynamic: false, properties: { - status: { + type: { type: 'keyword', }, + name: { + type: 'keyword', + }, + managed: { + type: 'boolean', + }, + indexPattern: { + type: 'keyword', + }, + detectRemovals: { + type: 'boolean', + }, + enabled: { + type: 'boolean', + }, + error: { + type: 'keyword', + }, + integrationName: { + type: 'keyword', + }, + matchers: { + type: 'nested', // TODO: check doccos for this + properties: { + field: { + type: 'keyword', + }, + value: { + type: 'keyword', + }, + }, + }, + filter: { + dynamic: false, + type: 'object', + }, }, }; From 2bc807b9115daa14e2ca59a4ebc15d957c0c79d3 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 1 May 2025 08:47:00 +0100 Subject: [PATCH 03/51] PR comments addressed: savedObjectMapping initial pass --- .../saved_object/monitoring_entity_source_type.ts | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 93c9acda4f464..5c5626de39fe2 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -9,7 +9,7 @@ import type { SavedObjectsType } from '@kbn/core/server'; import type { SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; -export const privilegeMonitoringTypeName = 'monitoring-entity-source-status'; // does it need to be status? +export const privilegeMonitoringTypeName = 'monitoring-entity-source'; export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings'] = { dynamic: false, @@ -25,6 +25,7 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, indexPattern: { type: 'keyword', + index: false, }, detectRemovals: { type: 'boolean', @@ -37,15 +38,18 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, integrationName: { type: 'keyword', + index: false, }, matchers: { - type: 'nested', // TODO: check doccos for this + type: 'object', properties: { field: { type: 'keyword', + index: false, }, value: { type: 'keyword', + index: false, }, }, }, @@ -68,7 +72,7 @@ const version1: SavedObjectsModelVersion = { }; export const privilegeMonitoringType: SavedObjectsType = { name: privilegeMonitoringTypeName, - indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, // TODO: check if this is correct, reference OG init api ticket against the engine saved object there. + indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, hidden: false, namespaceType: 'multiple-isolated', mappings: monitoringEntitySourceTypeNameMappings, From e4c53832f5f9d3b6fb316ab290804d084c184409 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 1 May 2025 09:14:00 +0100 Subject: [PATCH 04/51] matchers, dynamic false to stop uncontrolled field additions --- .../saved_object/monitoring_entity_source_type.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 5c5626de39fe2..ac83a2700def6 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -42,6 +42,7 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, matchers: { type: 'object', + dynamic: false, properties: { field: { type: 'keyword', From 25e346febc5345d1540afd7e6d3aac5aa7fa84cd Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 1 May 2025 10:35:17 +0100 Subject: [PATCH 05/51] schema for monitoring eneity source; descriptor client for savedObject --- .../monitoring_entity_source.gen.ts | 47 ++++++ .../monitoring_entity_source.schema.yaml | 144 ++++++++++++++++++ .../saved_object/monitoring_entity_source.ts | 128 ++++++++++++++++ .../monitoring_entity_source_type.ts | 4 +- 4 files changed, 321 insertions(+), 2 deletions(-) create mode 100644 x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts create mode 100644 x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml create mode 100644 x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts new file mode 100644 index 0000000000000..cbfe198041045 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Monitoring Entity Source Schema + * version: 1 + */ + +import { z } from '@kbn/zod'; + +export type MonitoringEntitySourceDescriptor = z.infer; +export const MonitoringEntitySourceDescriptor = z.object({ + type: z.string(), + name: z.string(), + managed: z.boolean().optional(), + indexPattern: z.string().optional(), + detectRemovals: z.boolean().optional(), + enabled: z.boolean().optional(), + error: z.string().optional(), + integrationName: z.string().optional(), + matchers: z + .array( + z.object({ + field: z.string(), + value: z.string(), + }) + ) + .optional(), + filter: z.object({}).optional(), +}); + +export type MonitoringEntitySourceResponse = z.infer; +export const MonitoringEntitySourceResponse = z.object({ + id: z.string().optional(), + name: z.string().optional(), + type: z.string().optional(), + indexPattern: z.string().optional(), + integrationName: z.string().optional(), +}); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml new file mode 100644 index 0000000000000..f0b5d3596007b --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml @@ -0,0 +1,144 @@ +openapi: 3.0.0 +info: + title: Monitoring Entity Source Schema + description: Schema for managing entity source configurations in the monitoring system. + version: "1" + +paths: + /api/entity_analytics/monitoring/entity_source: + post: + operationId: createEntitySource + summary: Create a new entity source configuration + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/MonitoringEntitySourceDescriptor" + responses: + "200": + description: Entity source created successfully + content: + application/json: + schema: + $ref: "#/components/schemas/MonitoringEntitySourceResponse" + + /api/entity_analytics/monitoring/entity_source/{id}: + get: + operationId: getEntitySource + summary: Get an entity source configuration by ID + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + "200": + description: Entity source details retrieved + content: + application/json: + schema: + $ref: "#/components/schemas/MonitoringEntitySourceResponse" + + put: + operationId: updateEntitySource + summary: Update an entity source configuration + parameters: + - name: id + in: path + required: true + schema: + type: string + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/MonitoringEntitySourceDescriptor" + responses: + "200": + description: Entity source updated successfully + + delete: + operationId: deleteEntitySource + summary: Delete an entity source configuration + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + "200": + description: Entity source deleted successfully + + /api/entity_analytics/monitoring/entity_source/list: + get: + operationId: listEntitySources + summary: List all entity source configurations + parameters: + - name: kql + in: query + required: false + schema: + type: string + description: KQL query to filter the list of entity sources + responses: + "200": + description: List of entity sources + content: + application/json: + schema: + type: array + items: + $ref: "#/components/schemas/MonitoringEntitySourceResponse" + +components: + schemas: + MonitoringEntitySourceDescriptor: + type: object + required: [type, name] + properties: + type: + type: string + name: + type: string + managed: + type: boolean + indexPattern: + type: string + detectRemovals: + type: boolean + enabled: + type: boolean + error: + type: string + integrationName: + type: string + matchers: + type: array + items: + type: object + required: [field, value] + properties: + field: + type: string + value: + type: string + filter: + type: object + + MonitoringEntitySourceResponse: + type: object + properties: + id: + type: string + name: + type: string + type: + type: string + indexPattern: + type: string + integrationName: + type: string \ No newline at end of file diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts new file mode 100644 index 0000000000000..4747c806942ea --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts @@ -0,0 +1,128 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import type { SavedObjectsClientContract, SavedObjectsFindResponse } from '@kbn/core/server'; +import { monitoringEntitySourceTypeName } from './monitoring_entity_source_type'; + +interface MonitoringEntitySourceDependencies { + soClient: SavedObjectsClientContract; + namespace: string; +} + +interface MonitoringEntitySourceDescriptor { + type: string; + name: string; + managed?: boolean; + indexPattern?: string; + detectRemovals?: boolean; + enabled?: boolean; + error?: string; + integrationName?: string; + matchers?: Array<{ + field: string; + value: string; + }>; + filter?: Record; +} + +export class MonitoringEntitySourceDescriptorClient { + constructor(private readonly dependencies: MonitoringEntitySourceDependencies) {} + + getSavedObjectId() { + return `monitoring-entity-source-${this.dependencies.namespace}`; + } + + async init() { + const entitySourceDescriptor = await this.find(); + if (entitySourceDescriptor.total === 1) { + return this.resetToDefaultDescriptor(entitySourceDescriptor); + } + const { attributes } = + await this.dependencies.soClient.create( + monitoringEntitySourceTypeName, + { + type: 'default', + name: 'default', + managed: true, + indexPattern: '', + detectRemovals: false, + enabled: true, + error: undefined, + integrationName: '', + matchers: [], + filter: {}, + }, + { id: this.getSavedObjectId() } + ); + return attributes; + } + + private async resetToDefaultDescriptor( + entitySourceDescriptor: SavedObjectsFindResponse + ) { + const old = entitySourceDescriptor.saved_objects[0].attributes; + const update = { + ...old, + error: undefined, + type: 'default', + name: 'default', + managed: true, + indexPattern: '', + detectRemovals: false, + enabled: true, + integrationName: '', + matchers: [], + filter: {}, + }; + await this.dependencies.soClient.update( + monitoringEntitySourceTypeName, + this.getSavedObjectId(), + update, + { refresh: 'wait_for' } + ); + return update; + } + + async update(monitoringEntitySource: Partial) { + const id = this.getSavedObjectId(); + const { attributes } = + await this.dependencies.soClient.update( + monitoringEntitySourceTypeName, + id, + monitoringEntitySource, + { refresh: 'wait_for' } + ); + return attributes; + } + + async find() { + return this.dependencies.soClient.find({ + type: monitoringEntitySourceTypeName, + namespaces: [this.dependencies.namespace], + }); + } + + async get() { + const id = this.getSavedObjectId(); + const { attributes } = await this.dependencies.soClient.get( + monitoringEntitySourceTypeName, + id + ); + return attributes; + } + + async delete() { + const id = this.getSavedObjectId(); + await this.dependencies.soClient.delete(monitoringEntitySourceTypeName, id); + } + + async list() { + return this.dependencies.soClient.find({ + type: monitoringEntitySourceTypeName, + namespaces: [this.dependencies.namespace], + }); + } +} diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index ac83a2700def6..3974b3899b11c 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -9,7 +9,7 @@ import type { SavedObjectsType } from '@kbn/core/server'; import type { SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; -export const privilegeMonitoringTypeName = 'monitoring-entity-source'; +export const monitoringEntitySourceTypeName = 'monitoring-entity-source'; export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings'] = { dynamic: false, @@ -72,7 +72,7 @@ const version1: SavedObjectsModelVersion = { ], }; export const privilegeMonitoringType: SavedObjectsType = { - name: privilegeMonitoringTypeName, + name: monitoringEntitySourceTypeName, indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, hidden: false, namespaceType: 'multiple-isolated', From 6a17bac32c86a27820da59302cfd5dcdab09c16a Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 1 May 2025 14:12:59 +0100 Subject: [PATCH 06/51] typo, add SO to saved objectsin secsol server --- .../saved_object/monitoring_entity_source_type.ts | 2 +- .../security/plugins/security_solution/server/saved_objects.ts | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 3974b3899b11c..84dff2eabd40b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -71,7 +71,7 @@ const version1: SavedObjectsModelVersion = { }, ], }; -export const privilegeMonitoringType: SavedObjectsType = { +export const monitoringEntitySourceType: SavedObjectsType = { name: monitoringEntitySourceTypeName, indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, hidden: false, diff --git a/x-pack/solutions/security/plugins/security_solution/server/saved_objects.ts b/x-pack/solutions/security/plugins/security_solution/server/saved_objects.ts index 2a45e630b1b63..ce5f7f02a42b3 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/saved_objects.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/saved_objects.ts @@ -18,6 +18,7 @@ import { manifestType, unifiedManifestType } from './endpoint/lib/artifacts/save import { riskEngineConfigurationType } from './lib/entity_analytics/risk_engine/saved_object'; import { entityEngineDescriptorType } from './lib/entity_analytics/entity_store/saved_object'; import { privilegeMonitoringType } from './lib/entity_analytics/privilege_monitoring/saved_object/privilege_monitoring_type'; +import { monitoringEntitySourceType } from './lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type'; const types = [ noteType, @@ -31,6 +32,7 @@ const types = [ riskEngineConfigurationType, entityEngineDescriptorType, privilegeMonitoringType, + monitoringEntitySourceType, protectionUpdatesNoteType, promptType, ]; From 1253a078cd113ad0612a93c17b3cd22c97de9246 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 1 May 2025 21:19:42 +0100 Subject: [PATCH 07/51] schema updated - removed detectRemovals, matcher leafs all array types; wired in get and create SO via routes and data client; added to context factory and types in secsol --- .../monitoring_entity_source.gen.ts | 9 ++ .../monitoring_entity_source.schema.yaml | 17 ++- ...nitoring_entity_source_sync_data_client.ts | 68 ++++++++++ .../routes/monitoring_entity_source_sync.ts | 122 ++++++++++++++++++ .../register_privilege_monitoring_routes.ts | 2 + .../saved_object/monitoring_entity_source.ts | 46 +++---- .../monitoring_entity_source_type.ts | 14 -- .../server/request_context_factory.ts | 11 +- .../plugins/security_solution/server/types.ts | 2 + 9 files changed, 246 insertions(+), 45 deletions(-) create mode 100644 x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.ts create mode 100644 x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts index cbfe198041045..b2993f9402f5d 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts @@ -44,4 +44,13 @@ export const MonitoringEntitySourceResponse = z.object({ type: z.string().optional(), indexPattern: z.string().optional(), integrationName: z.string().optional(), + enabled: z.boolean().optional(), + matchers: z + .array( + z.object({ + fields: z.array(z.string()).optional(), + values: z.array(z.string()).optional(), + }) + ) + .optional(), }); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml index f0b5d3596007b..6d7f0296eeef2 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml @@ -141,4 +141,19 @@ components: indexPattern: type: string integrationName: - type: string \ No newline at end of file + type: string + enabled: + type: boolean + matchers: + type: array + items: + type: object + properties: + fields: + type: array + items: + type: string + values: + type: array + items: + type: string \ No newline at end of file diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.ts new file mode 100644 index 0000000000000..d8d714323f624 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.ts @@ -0,0 +1,68 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { IScopedClusterClient, Logger, SavedObjectsClientContract } from '@kbn/core/server'; +import type { + MonitoringEntitySourceDescriptor, + MonitoringEntitySourceResponse, +} from '../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { MonitoringEntitySourceDescriptorClient } from './saved_object/monitoring_entity_source'; + +interface MonitoringEntitySourceSyncDataClientOpts { + logger: Logger; + clusterClient: IScopedClusterClient; + soClient: SavedObjectsClientContract; + namespace: string; +} + +export class MonitoringEntitySourceSyncDataClient { + private monitoringEntitySourceSyncClient: MonitoringEntitySourceDescriptorClient; + constructor(private readonly opts: MonitoringEntitySourceSyncDataClientOpts) { + this.monitoringEntitySourceSyncClient = new MonitoringEntitySourceDescriptorClient({ + soClient: this.opts.soClient, + namespace: this.opts.namespace, + }); + } + + public async init( + input: MonitoringEntitySourceDescriptor + ): Promise { + const descriptor = await this.monitoringEntitySourceSyncClient.create(input); + this.log('debug', 'Initializing MonitoringEntitySourceSyncDataClient Saved Object'); + return descriptor; + } + + public async get(): Promise { + this.log('debug', 'Getting Monitoring Entity Source Sync saved object'); + return this.monitoringEntitySourceSyncClient.get(); + } + + public async update(update: Partial) { + this.log('debug', 'Updating Monitoring Entity Source Sync saved object'); + + const sanitizedUpdate = { + ...update, + matchers: update.matchers?.map((matcher) => ({ + fields: matcher.fields ?? [], + values: matcher.values ?? [], + })), + }; + + return this.monitoringEntitySourceSyncClient.update(sanitizedUpdate); + } + + public async delete() { + this.log('debug', 'Deleting Monitoring Entity Source Sync saved object'); + return this.monitoringEntitySourceSyncClient.delete(); + } + + private log(level: Exclude, msg: string) { + this.opts.logger[level]( + `[Monitoring Entity Source Sync][namespace: ${this.opts.namespace}] ${msg}` + ); + } +} diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts new file mode 100644 index 0000000000000..c362872588f28 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts @@ -0,0 +1,122 @@ +/* eslint-disable @kbn/eslint/require-license-header */ + +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; +import { transformError } from '@kbn/securitysolution-es-utils'; +import type { IKibanaResponse, Logger } from '@kbn/core/server'; + +import type { MonitoringEntitySourceResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { API_VERSIONS, APP_ID } from '../../../../../common/constants'; +import type { EntityAnalyticsRoutesDeps } from '../../types'; +import { MonitoringEntitySourceSyncDataClient } from '../monitoring_entity_source_sync_data_client'; +import { MonitoringEntitySourceDescriptor } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; + +export const monitoringEntitySourceSyncRoute = ( + router: EntityAnalyticsRoutesDeps['router'], + logger: Logger, + config: EntityAnalyticsRoutesDeps['config'] +) => { + router.versioned + .post({ + access: 'public', + path: '/api/entity_analytics/monitoring/entity_source', + security: { + authz: { + requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], + }, + }, + }) + .addVersion( + { + version: API_VERSIONS.public.v1, + validate: { + request: { + body: MonitoringEntitySourceDescriptor, + }, + }, + }, + async ( + context, + request, + response + ): Promise> => { + const siemResponse = buildSiemResponse(response); + + try { + const coreContext = await context.core; + const soClient = coreContext.savedObjects.client; + const clusterClient = coreContext.elasticsearch.client; + + const dataClient = new MonitoringEntitySourceSyncDataClient({ + soClient, + clusterClient, + logger, + namespace: 'default', + }); + + const result = await dataClient.init(request.body); + + return response.ok({ body: result }); + } catch (e) { + const error = transformError(e); + logger.error(`Error creating monitoring entity source sync config: ${error.message}`); + return siemResponse.error({ + statusCode: error.statusCode, + body: error.message, + }); + } + } + ); + router.versioned + .get({ + access: 'public', + path: '/api/entity_analytics/monitoring/entity_source', + security: { + authz: { + requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], + }, + }, + }) + .addVersion( + { + version: API_VERSIONS.public.v1, + validate: {}, + }, + async ( + context, + request, + response + ): Promise> => { + const siemResponse = buildSiemResponse(response); + + try { + const coreContext = await context.core; + const soClient = coreContext.savedObjects.client; + const clusterClient = coreContext.elasticsearch.client; + + const dataClient = new MonitoringEntitySourceSyncDataClient({ + soClient, + clusterClient, + logger, + namespace: 'default', + }); + + const result = await dataClient.get(); + return response.ok({ body: result }); + } catch (e) { + const error = transformError(e); + logger.error(`Error getting monitoring entity source sync config: ${error.message}`); + return siemResponse.error({ + statusCode: error.statusCode, + body: error.message, + }); + } + } + ); +}; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts index 60b8706ff530e..34987915e69b9 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts @@ -8,6 +8,7 @@ import type { EntityAnalyticsRoutesDeps } from '../../types'; import { healthCheckPrivilegeMonitoringRoute } from './health'; import { initPrivilegeMonitoringEngineRoute } from './init'; +import { monitoringEntitySourceSyncRoute } from './monitoring_entity_source_sync'; import { searchPrivilegeMonitoringIndicesRoute } from './search_indices'; export const registerPrivilegeMonitoringRoutes = ({ @@ -19,4 +20,5 @@ export const registerPrivilegeMonitoringRoutes = ({ initPrivilegeMonitoringEngineRoute(router, logger, config); healthCheckPrivilegeMonitoringRoute(router, logger, config); searchPrivilegeMonitoringIndicesRoute(router, logger, config); + monitoringEntitySourceSyncRoute(router, logger, config); }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts index 4747c806942ea..93706796a670b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts @@ -17,13 +17,12 @@ interface MonitoringEntitySourceDescriptor { name: string; managed?: boolean; indexPattern?: string; - detectRemovals?: boolean; enabled?: boolean; error?: string; integrationName?: string; matchers?: Array<{ - field: string; - value: string; + fields: string[]; + values: string[]; }>; filter?: Record; } @@ -32,32 +31,31 @@ export class MonitoringEntitySourceDescriptorClient { constructor(private readonly dependencies: MonitoringEntitySourceDependencies) {} getSavedObjectId() { - return `monitoring-entity-source-${this.dependencies.namespace}`; + return `monitoring-entity-source-sync-${this.dependencies.namespace}`; } - async init() { + async create(attributes: MonitoringEntitySourceDescriptor) { const entitySourceDescriptor = await this.find(); + if (entitySourceDescriptor.total === 1) { - return this.resetToDefaultDescriptor(entitySourceDescriptor); + const { attributes: updated } = + await this.dependencies.soClient.update( + monitoringEntitySourceTypeName, + this.getSavedObjectId(), + attributes, + { refresh: 'wait_for' } + ); + return updated; } - const { attributes } = + + const { attributes: created } = await this.dependencies.soClient.create( monitoringEntitySourceTypeName, - { - type: 'default', - name: 'default', - managed: true, - indexPattern: '', - detectRemovals: false, - enabled: true, - error: undefined, - integrationName: '', - matchers: [], - filter: {}, - }, + attributes, { id: this.getSavedObjectId() } ); - return attributes; + + return created; } private async resetToDefaultDescriptor( @@ -71,7 +69,6 @@ export class MonitoringEntitySourceDescriptorClient { name: 'default', managed: true, indexPattern: '', - detectRemovals: false, enabled: true, integrationName: '', matchers: [], @@ -118,11 +115,4 @@ export class MonitoringEntitySourceDescriptorClient { const id = this.getSavedObjectId(); await this.dependencies.soClient.delete(monitoringEntitySourceTypeName, id); } - - async list() { - return this.dependencies.soClient.find({ - type: monitoringEntitySourceTypeName, - namespaces: [this.dependencies.namespace], - }); - } } diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 84dff2eabd40b..eaac094991794 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -27,9 +27,6 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' type: 'keyword', index: false, }, - detectRemovals: { - type: 'boolean', - }, enabled: { type: 'boolean', }, @@ -61,21 +58,10 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, }; -const version1: SavedObjectsModelVersion = { - changes: [ - { - type: 'mappings_addition', - addedMappings: { - status: { type: 'keyword' }, - }, - }, - ], -}; export const monitoringEntitySourceType: SavedObjectsType = { name: monitoringEntitySourceTypeName, indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, hidden: false, namespaceType: 'multiple-isolated', mappings: monitoringEntitySourceTypeNameMappings, - modelVersions: { 1: version1 }, }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts b/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts index 240c41d5f1de6..ffbc83791a7aa 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts @@ -11,6 +11,7 @@ import type { KibanaRequest, Logger, RequestHandlerContext } from '@kbn/core/ser import type { BuildFlavor } from '@kbn/config'; import { EntityDiscoveryApiKeyType } from '@kbn/entityManager-plugin/server/saved_objects'; +import { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client'; import { DEFAULT_SPACE_ID } from '../common/constants'; import type { Immutable } from '../common/endpoint/types'; import type { EndpointAuthz } from '../common/endpoint/types/authz'; @@ -253,7 +254,6 @@ export class RequestContextFactory implements IRequestContextFactory { }) ), getPrivilegeMonitoringDataClient: memoize(() => { - // TODO:add soClient with ApiKeyType as with getEntityStoreDataClient return new PrivilegeMonitoringDataClient({ logger: options.logger, clusterClient: coreContext.elasticsearch.client, @@ -263,7 +263,14 @@ export class RequestContextFactory implements IRequestContextFactory { auditLogger: getAuditLogger(), kibanaVersion: options.kibanaVersion, telemetry: core.analytics, - // TODO: add apiKeyManager + }); + }), + getMonitoringEntitySourceDataClient: memoize(() => { + return new MonitoringEntitySourceSyncDataClient({ + logger: options.logger, + clusterClient: coreContext.elasticsearch.client, + namespace: getSpaceId(), + soClient: coreContext.savedObjects.client, }); }), getEntityStoreDataClient: memoize(() => { diff --git a/x-pack/solutions/security/plugins/security_solution/server/types.ts b/x-pack/solutions/security/plugins/security_solution/server/types.ts index fa90313959067..1f4d0959d3042 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/types.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/types.ts @@ -42,6 +42,7 @@ import type { AssetInventoryDataClient } from './lib/asset_inventory/asset_inven import type { PrivilegeMonitoringDataClient } from './lib/entity_analytics/privilege_monitoring/privilege_monitoring_data_client'; import type { ApiKeyManager } from './lib/entity_analytics/entity_store/auth/api_key'; import type { ProductFeaturesService } from './lib/product_features_service'; +import type { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client'; export { AppClient }; export interface SecuritySolutionApiRequestHandlerContext { @@ -67,6 +68,7 @@ export interface SecuritySolutionApiRequestHandlerContext { getAssetCriticalityDataClient: () => AssetCriticalityDataClient; getEntityStoreDataClient: () => EntityStoreDataClient; getPrivilegeMonitoringDataClient: () => PrivilegeMonitoringDataClient; + getMonitoringEntitySourceDataClient: () => MonitoringEntitySourceSyncDataClient; getSiemRuleMigrationsClient: () => SiemRuleMigrationsClient; getInferenceClient: () => InferenceClient; getAssetInventoryClient: () => AssetInventoryDataClient; From 4771fde278172af17706a9dae4d2da26e8596033 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 1 May 2025 21:22:29 +0100 Subject: [PATCH 08/51] remove list endpoint, not required --- .../monitoring_entity_source.schema.yaml | 21 - .../services/security_solution_api.gen.ts | 635 +++++++++++++++--- 2 files changed, 544 insertions(+), 112 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml index 6d7f0296eeef2..f7f4aa32eb9db 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml @@ -73,27 +73,6 @@ paths: "200": description: Entity source deleted successfully - /api/entity_analytics/monitoring/entity_source/list: - get: - operationId: listEntitySources - summary: List all entity source configurations - parameters: - - name: kql - in: query - required: false - schema: - type: string - description: KQL query to filter the list of entity sources - responses: - "200": - description: List of entity sources - content: - application/json: - schema: - type: array - items: - $ref: "#/components/schemas/MonitoringEntitySourceResponse" - components: schemas: MonitoringEntitySourceDescriptor: diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts index 8252b1a050748..3c95e8f95a03d 100644 --- a/x-pack/test/api_integration/services/security_solution_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_api.gen.ts @@ -19,152 +19,605 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST, } from '@kbn/core-http-common'; import { replaceParams } from '@kbn/openapi-common/shared'; +import { FtrProviderContext } from 'x-pack/test/api_integration/ftr_provider_context'; -import { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; -import { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; -import { CleanDraftTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; -import { ConfigureRiskEngineSavedObjectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; -import { CopyTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/copy_timeline/copy_timeline_route.gen'; -import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; -import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; -import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; +import { routeWithNamespace } from 'x-pack/test/common/utils/security_solution'; + +import { + AlertsMigrationCleanupRequestQueryInput, + AlertsMigrationCleanupRequestParamsInput, + AlertsMigrationCleanupRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; +import { + ApplyEntityEngineDataviewIndicesRequestQueryInput, + ApplyEntityEngineDataviewIndicesRequestParamsInput, + ApplyEntityEngineDataviewIndicesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/apply_dataview_indices.gen'; +import { + AssetCriticalityGetPrivilegesRequestQueryInput, + AssetCriticalityGetPrivilegesRequestParamsInput, + AssetCriticalityGetPrivilegesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality_privileges.gen'; +import { + BootstrapPrebuiltRulesRequestQueryInput, + BootstrapPrebuiltRulesRequestParamsInput, + BootstrapPrebuiltRulesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/prebuilt_rules/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.gen'; +import { + BulkUpsertAssetCriticalityRecordsRequestQueryInput, + BulkUpsertAssetCriticalityRecordsRequestParamsInput, + BulkUpsertAssetCriticalityRecordsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; +import { + CleanDraftTimelinesRequestQueryInput, + CleanDraftTimelinesRequestParamsInput, + CleanDraftTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; +import { + CleanUpRiskEngineRequestQueryInput, + CleanUpRiskEngineRequestParamsInput, + CleanUpRiskEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.gen'; +import { + ConfigureRiskEngineSavedObjectRequestQueryInput, + ConfigureRiskEngineSavedObjectRequestParamsInput, + ConfigureRiskEngineSavedObjectRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; +import { + CopyTimelineRequestQueryInput, + CopyTimelineRequestParamsInput, + CopyTimelineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/copy_timeline/copy_timeline_route.gen'; +import { + CreateAlertsIndexRequestQueryInput, + CreateAlertsIndexRequestParamsInput, + CreateAlertsIndexRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/create_index/create_index.gen'; +import { + CreateAlertsMigrationRequestQueryInput, + CreateAlertsMigrationRequestParamsInput, + CreateAlertsMigrationRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; +import { + CreateAssetCriticalityRecordRequestQueryInput, + CreateAssetCriticalityRecordRequestParamsInput, + CreateAssetCriticalityRecordRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; import { + CreateRuleRequestQueryInput, + CreateRuleRequestParamsInput, + CreateRuleRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; +import { + CreateRuleMigrationRequestQueryInput, CreateRuleMigrationRequestParamsInput, CreateRuleMigrationRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + CreateTimelinesRequestQueryInput, + CreateTimelinesRequestParamsInput, + CreateTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/create_timelines/create_timelines_route.gen'; import { + CreateUpdateProtectionUpdatesNoteRequestQueryInput, CreateUpdateProtectionUpdatesNoteRequestParamsInput, CreateUpdateProtectionUpdatesNoteRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; -import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { + DeleteAlertsIndexRequestQueryInput, + DeleteAlertsIndexRequestParamsInput, + DeleteAlertsIndexRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/delete_index/delete_index.gen'; +import { + DeleteAssetCriticalityRecordRequestQueryInput, + DeleteAssetCriticalityRecordRequestParamsInput, + DeleteAssetCriticalityRecordRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; import { DeleteEntityEngineRequestQueryInput, DeleteEntityEngineRequestParamsInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; -import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; -import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; -import { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; -import { DeprecatedTriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; -import { EndpointExecuteActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/execute/execute.gen'; -import { EndpointFileDownloadRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_download/file_download.gen'; -import { EndpointFileInfoRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_info/file_info.gen'; -import { EndpointGetActionsDetailsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/details/details.gen'; -import { EndpointGetActionsListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/list/list.gen'; -import { EndpointGetActionsStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/status/status.gen'; -import { EndpointGetFileActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; -import { EndpointGetProcessesActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; -import { EndpointIsolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; -import { EndpointKillProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; -import { EndpointScanActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/scan/scan.gen'; -import { EndpointSuspendProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; -import { EndpointUnisolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; + DeleteEntityEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/delete.gen'; +import { + DeleteNoteRequestQueryInput, + DeleteNoteRequestParamsInput, + DeleteNoteRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/delete_note/delete_note_route.gen'; +import { + DeleteRuleRequestQueryInput, + DeleteRuleRequestParamsInput, + DeleteRuleRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; +import { + DeleteTimelinesRequestQueryInput, + DeleteTimelinesRequestParamsInput, + DeleteTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/delete_timelines/delete_timelines_route.gen'; +import { + DeprecatedTriggerRiskScoreCalculationRequestQueryInput, + DeprecatedTriggerRiskScoreCalculationRequestParamsInput, + DeprecatedTriggerRiskScoreCalculationRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { + DisableRiskEngineRequestQueryInput, + DisableRiskEngineRequestParamsInput, + DisableRiskEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_disable_route.gen'; +import { + EnableRiskEngineRequestQueryInput, + EnableRiskEngineRequestParamsInput, + EnableRiskEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_enable_route.gen'; +import { + EndpointExecuteActionRequestQueryInput, + EndpointExecuteActionRequestParamsInput, + EndpointExecuteActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/execute/execute.gen'; +import { + EndpointFileDownloadRequestQueryInput, + EndpointFileDownloadRequestParamsInput, + EndpointFileDownloadRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/file_download/file_download.gen'; +import { + EndpointFileInfoRequestQueryInput, + EndpointFileInfoRequestParamsInput, + EndpointFileInfoRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/file_info/file_info.gen'; +import { + EndpointGetActionsDetailsRequestQueryInput, + EndpointGetActionsDetailsRequestParamsInput, + EndpointGetActionsDetailsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/details/details.gen'; +import { + EndpointGetActionsListRequestQueryInput, + EndpointGetActionsListRequestParamsInput, + EndpointGetActionsListRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/list/list.gen'; +import { + EndpointGetActionsStateRequestQueryInput, + EndpointGetActionsStateRequestParamsInput, + EndpointGetActionsStateRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/state/state.gen'; +import { + EndpointGetActionsStatusRequestQueryInput, + EndpointGetActionsStatusRequestParamsInput, + EndpointGetActionsStatusRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/status/status.gen'; +import { + EndpointGetFileActionRequestQueryInput, + EndpointGetFileActionRequestParamsInput, + EndpointGetFileActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; +import { + EndpointGetProcessesActionRequestQueryInput, + EndpointGetProcessesActionRequestParamsInput, + EndpointGetProcessesActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; +import { + EndpointIsolateActionRequestQueryInput, + EndpointIsolateActionRequestParamsInput, + EndpointIsolateActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; +import { + EndpointKillProcessActionRequestQueryInput, + EndpointKillProcessActionRequestParamsInput, + EndpointKillProcessActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; +import { + EndpointScanActionRequestQueryInput, + EndpointScanActionRequestParamsInput, + EndpointScanActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/scan/scan.gen'; +import { + EndpointSuspendProcessActionRequestQueryInput, + EndpointSuspendProcessActionRequestParamsInput, + EndpointSuspendProcessActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; +import { + EndpointUnisolateActionRequestQueryInput, + EndpointUnisolateActionRequestParamsInput, + EndpointUnisolateActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; +import { + EndpointUploadActionRequestQueryInput, + EndpointUploadActionRequestParamsInput, + EndpointUploadActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/upload/upload.gen'; +import { + EntityStoreGetPrivilegesRequestQueryInput, + EntityStoreGetPrivilegesRequestParamsInput, + EntityStoreGetPrivilegesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/get_privileges.gen'; import { ExportRulesRequestQueryInput, + ExportRulesRequestParamsInput, ExportRulesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; import { ExportTimelinesRequestQueryInput, + ExportTimelinesRequestParamsInput, ExportTimelinesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/timeline/export_timelines/export_timelines_route.gen'; -import { FinalizeAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; -import { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; -import { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; -import { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; -import { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; -import { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/export_timelines/export_timelines_route.gen'; import { + FinalizeAlertsMigrationRequestQueryInput, + FinalizeAlertsMigrationRequestParamsInput, + FinalizeAlertsMigrationRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; +import { + FindAssetCriticalityRecordsRequestQueryInput, + FindAssetCriticalityRecordsRequestParamsInput, + FindAssetCriticalityRecordsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; +import { + FindRulesRequestQueryInput, + FindRulesRequestParamsInput, + FindRulesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; +import { + GetAllStatsRuleMigrationRequestQueryInput, + GetAllStatsRuleMigrationRequestParamsInput, + GetAllStatsRuleMigrationRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetAssetCriticalityRecordRequestQueryInput, + GetAssetCriticalityRecordRequestParamsInput, + GetAssetCriticalityRecordRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; +import { + GetAssetCriticalityStatusRequestQueryInput, + GetAssetCriticalityStatusRequestParamsInput, + GetAssetCriticalityStatusRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality_status.gen'; +import { + GetDraftTimelinesRequestQueryInput, + GetDraftTimelinesRequestParamsInput, + GetDraftTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; +import { + GetEndpointMetadataListRequestQueryInput, + GetEndpointMetadataListRequestParamsInput, + GetEndpointMetadataListRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/metadata/get_metadata.gen'; +import { + GetEndpointSuggestionsRequestQueryInput, GetEndpointSuggestionsRequestParamsInput, GetEndpointSuggestionsRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; -import { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; -import { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; -import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; -import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; -import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/suggestions/get_suggestions.gen'; +import { + GetEntityEngineRequestQueryInput, + GetEntityEngineRequestParamsInput, + GetEntityEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/get.gen'; +import { + GetEntityStoreStatusRequestQueryInput, + GetEntityStoreStatusRequestParamsInput, + GetEntityStoreStatusRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/status.gen'; +import { + GetNotesRequestQueryInput, + GetNotesRequestParamsInput, + GetNotesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_notes/get_notes_route.gen'; +import { + GetPolicyResponseRequestQueryInput, + GetPolicyResponseRequestParamsInput, + GetPolicyResponseRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/policy/policy_response.gen'; +import { + GetProtectionUpdatesNoteRequestQueryInput, + GetProtectionUpdatesNoteRequestParamsInput, + GetProtectionUpdatesNoteRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { + GetRiskEngineStatusRequestQueryInput, + GetRiskEngineStatusRequestParamsInput, + GetRiskEngineStatusRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_status_route.gen'; import { GetRuleExecutionEventsRequestQueryInput, GetRuleExecutionEventsRequestParamsInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; + GetRuleExecutionEventsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; import { GetRuleExecutionResultsRequestQueryInput, GetRuleExecutionResultsRequestParamsInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; + GetRuleExecutionResultsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; import { GetRuleMigrationRequestQueryInput, GetRuleMigrationRequestParamsInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationPrebuiltRulesRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; + GetRuleMigrationRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationIntegrationsRequestQueryInput, + GetRuleMigrationIntegrationsRequestParamsInput, + GetRuleMigrationIntegrationsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationPrebuiltRulesRequestQueryInput, + GetRuleMigrationPrebuiltRulesRequestParamsInput, + GetRuleMigrationPrebuiltRulesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationPrivilegesRequestQueryInput, + GetRuleMigrationPrivilegesRequestParamsInput, + GetRuleMigrationPrivilegesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; import { GetRuleMigrationResourcesRequestQueryInput, GetRuleMigrationResourcesRequestParamsInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationTranslationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timeline/get_timeline_route.gen'; -import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timelines/get_timelines_route.gen'; -import { GetWorkflowInsightsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; -import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; -import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen'; + GetRuleMigrationResourcesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationResourcesMissingRequestQueryInput, + GetRuleMigrationResourcesMissingRequestParamsInput, + GetRuleMigrationResourcesMissingRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationStatsRequestQueryInput, + GetRuleMigrationStatsRequestParamsInput, + GetRuleMigrationStatsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationTranslationStatsRequestQueryInput, + GetRuleMigrationTranslationStatsRequestParamsInput, + GetRuleMigrationTranslationStatsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetTimelineRequestQueryInput, + GetTimelineRequestParamsInput, + GetTimelineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_timeline/get_timeline_route.gen'; +import { + GetTimelinesRequestQueryInput, + GetTimelinesRequestParamsInput, + GetTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_timelines/get_timelines_route.gen'; +import { + GetWorkflowInsightsRequestQueryInput, + GetWorkflowInsightsRequestParamsInput, + GetWorkflowInsightsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { + ImportRulesRequestQueryInput, + ImportRulesRequestParamsInput, + ImportRulesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; +import { + ImportTimelinesRequestQueryInput, + ImportTimelinesRequestParamsInput, + ImportTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/import_timelines/import_timelines_route.gen'; import { + InitEntityEngineRequestQueryInput, InitEntityEngineRequestParamsInput, InitEntityEngineRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/init.gen'; -import { InitEntityStoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/enable.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.gen'; import { + InitEntityStoreRequestQueryInput, + InitEntityStoreRequestParamsInput, + InitEntityStoreRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.gen'; +import { + InitMonitoringEngineRequestQueryInput, + InitMonitoringEngineRequestParamsInput, + InitMonitoringEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/init.gen'; +import { + InitRiskEngineRequestQueryInput, + InitRiskEngineRequestParamsInput, + InitRiskEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_init_route.gen'; +import { + InstallMigrationRulesRequestQueryInput, InstallMigrationRulesRequestParamsInput, InstallMigrationRulesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; -import { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; -import { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; -import { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + InstallPrebuiltRulesAndTimelinesRequestQueryInput, + InstallPrebuiltRulesAndTimelinesRequestParamsInput, + InstallPrebuiltRulesAndTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/prebuilt_rules/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.gen'; +import { + InstallPrepackedTimelinesRequestQueryInput, + InstallPrepackedTimelinesRequestParamsInput, + InstallPrepackedTimelinesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; +import { + InternalUploadAssetCriticalityRecordsRequestQueryInput, + InternalUploadAssetCriticalityRecordsRequestParamsInput, + InternalUploadAssetCriticalityRecordsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/upload_asset_criticality_csv.gen'; +import { + ListEntitiesRequestQueryInput, + ListEntitiesRequestParamsInput, + ListEntitiesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/entities/list_entities.gen'; +import { + ListEntityEnginesRequestQueryInput, + ListEntityEnginesRequestParamsInput, + ListEntityEnginesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/list.gen'; +import { + PatchRuleRequestQueryInput, + PatchRuleRequestParamsInput, + PatchRuleRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; +import { + PatchTimelineRequestQueryInput, + PatchTimelineRequestParamsInput, + PatchTimelineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/patch_timelines/patch_timeline_route.gen'; import { PerformRulesBulkActionRequestQueryInput, + PerformRulesBulkActionRequestParamsInput, PerformRulesBulkActionRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; -import { PersistFavoriteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_favorite/persist_favorite_route.gen'; -import { PersistNoteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_note/persist_note_route.gen'; -import { PersistPinnedEventRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/pinned_events/pinned_events_route.gen'; -import { PreviewRiskScoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/preview_route.gen'; -import { ReadAlertsMigrationStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; -import { ReadRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; -import { ResolveTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; +import { + PersistFavoriteRouteRequestQueryInput, + PersistFavoriteRouteRequestParamsInput, + PersistFavoriteRouteRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/persist_favorite/persist_favorite_route.gen'; +import { + PersistNoteRouteRequestQueryInput, + PersistNoteRouteRequestParamsInput, + PersistNoteRouteRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/persist_note/persist_note_route.gen'; +import { + PersistPinnedEventRouteRequestQueryInput, + PersistPinnedEventRouteRequestParamsInput, + PersistPinnedEventRouteRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/pinned_events/pinned_events_route.gen'; +import { + PreviewRiskScoreRequestQueryInput, + PreviewRiskScoreRequestParamsInput, + PreviewRiskScoreRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/preview_route.gen'; +import { + PrivMonHealthRequestQueryInput, + PrivMonHealthRequestParamsInput, + PrivMonHealthRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/health.gen'; +import { + ReadAlertsIndexRequestQueryInput, + ReadAlertsIndexRequestParamsInput, + ReadAlertsIndexRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_index/read_index.gen'; +import { + ReadAlertsMigrationStatusRequestQueryInput, + ReadAlertsMigrationStatusRequestParamsInput, + ReadAlertsMigrationStatusRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; +import { + ReadPrebuiltRulesAndTimelinesStatusRequestQueryInput, + ReadPrebuiltRulesAndTimelinesStatusRequestParamsInput, + ReadPrebuiltRulesAndTimelinesStatusRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/prebuilt_rules/read_prebuilt_rules_and_timelines_status/read_prebuilt_rules_and_timelines_status_route.gen'; +import { + ReadPrivilegesRequestQueryInput, + ReadPrivilegesRequestParamsInput, + ReadPrivilegesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_privileges/read_privileges.gen'; +import { + ReadRiskEngineSettingsRequestQueryInput, + ReadRiskEngineSettingsRequestParamsInput, + ReadRiskEngineSettingsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_settings_route.gen'; +import { + ReadRuleRequestQueryInput, + ReadRuleRequestParamsInput, + ReadRuleRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; +import { + ReadTagsRequestQueryInput, + ReadTagsRequestParamsInput, + ReadTagsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/read_tags/read_tags_route.gen'; +import { + ResolveTimelineRequestQueryInput, + ResolveTimelineRequestParamsInput, + ResolveTimelineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; +import { + RiskEngineGetPrivilegesRequestQueryInput, + RiskEngineGetPrivilegesRequestParamsInput, + RiskEngineGetPrivilegesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/get_risk_engine_privileges.gen'; import { RulePreviewRequestQueryInput, + RulePreviewRequestParamsInput, RulePreviewRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_preview/rule_preview.gen'; -import { RunScriptActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; -import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; -import { SearchPrivilegesIndicesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/search_indices.gen'; -import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; -import { SetAlertsStatusRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; -import { SetAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; -import { StartEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_preview/rule_preview.gen'; +import { + RunScriptActionRequestQueryInput, + RunScriptActionRequestParamsInput, + RunScriptActionRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; +import { + ScheduleRiskEngineNowRequestQueryInput, + ScheduleRiskEngineNowRequestParamsInput, + ScheduleRiskEngineNowRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_schedule_now_route.gen'; import { + SearchAlertsRequestQueryInput, + SearchAlertsRequestParamsInput, + SearchAlertsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; +import { + SearchPrivilegesIndicesRequestQueryInput, + SearchPrivilegesIndicesRequestParamsInput, + SearchPrivilegesIndicesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/search_indices.gen'; +import { + SetAlertAssigneesRequestQueryInput, + SetAlertAssigneesRequestParamsInput, + SetAlertAssigneesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; +import { + SetAlertsStatusRequestQueryInput, + SetAlertsStatusRequestParamsInput, + SetAlertsStatusRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; +import { + SetAlertTagsRequestQueryInput, + SetAlertTagsRequestParamsInput, + SetAlertTagsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; +import { + StartEntityEngineRequestQueryInput, + StartEntityEngineRequestParamsInput, + StartEntityEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/start.gen'; +import { + StartRuleMigrationRequestQueryInput, StartRuleMigrationRequestParamsInput, StartRuleMigrationRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { StopEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen'; -import { StopRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { SuggestUserProfilesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/users/suggest_user_profiles_route.gen'; -import { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; -import { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; import { + StopEntityEngineRequestQueryInput, + StopEntityEngineRequestParamsInput, + StopEntityEngineRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/stop.gen'; +import { + StopRuleMigrationRequestQueryInput, + StopRuleMigrationRequestParamsInput, + StopRuleMigrationRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + SuggestUserProfilesRequestQueryInput, + SuggestUserProfilesRequestParamsInput, + SuggestUserProfilesRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/users/suggest_user_profiles_route.gen'; +import { + TriggerRiskScoreCalculationRequestQueryInput, + TriggerRiskScoreCalculationRequestParamsInput, + TriggerRiskScoreCalculationRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { + UpdateRuleRequestQueryInput, + UpdateRuleRequestParamsInput, + UpdateRuleRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; +import { + UpdateRuleMigrationRequestQueryInput, UpdateRuleMigrationRequestParamsInput, UpdateRuleMigrationRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; import { + UpdateWorkflowInsightRequestQueryInput, UpdateWorkflowInsightRequestParamsInput, UpdateWorkflowInsightRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { + UploadAssetCriticalityRecordsRequestQueryInput, + UploadAssetCriticalityRecordsRequestParamsInput, + UploadAssetCriticalityRecordsRequestBodyInput, +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/upload_asset_criticality_csv.gen'; import { + UpsertRuleMigrationResourcesRequestQueryInput, UpsertRuleMigrationResourcesRequestParamsInput, UpsertRuleMigrationResourcesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { routeWithNamespace } from '../../common/utils/security_solution'; -import { FtrProviderContext } from '../ftr_provider_context'; +} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { const supertest = getService('supertest'); From 6bd8d77925505a0b0188f0b0b237591549c939da Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Fri, 2 May 2025 11:31:11 +0100 Subject: [PATCH 09/51] fields and values string to arrays --- .../monitoring_entity_source.gen.ts | 4 +- .../monitoring_entity_source.schema.yaml | 13 +- .../common/experimental_features.ts | 2 +- .../services/security_solution_api.gen.ts | 635 +++--------------- 4 files changed, 103 insertions(+), 551 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts index b2993f9402f5d..9f93a05b997e6 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts @@ -29,8 +29,8 @@ export const MonitoringEntitySourceDescriptor = z.object({ matchers: z .array( z.object({ - field: z.string(), - value: z.string(), + fields: z.array(z.string()).optional(), + values: z.array(z.string()).optional(), }) ) .optional(), diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml index f7f4aa32eb9db..045f3422e48f6 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml @@ -101,10 +101,14 @@ components: type: object required: [field, value] properties: - field: - type: string - value: - type: string + fields: + type: array + items: + type: string + values: + type: array + items: + type: string filter: type: object @@ -125,6 +129,7 @@ components: type: boolean matchers: type: array + required: [field, value] items: type: object properties: diff --git a/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts b/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts index 49adb405ab3be..1d30d53625ea3 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts @@ -217,7 +217,7 @@ export const allowedExperimentalValues = Object.freeze({ /** * Enables Privilege Monitoring */ - privilegeMonitoringEnabled: false, + privilegeMonitoringEnabled: true, /** * Disables the siem migrations feature diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts index 3c95e8f95a03d..8252b1a050748 100644 --- a/x-pack/test/api_integration/services/security_solution_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_api.gen.ts @@ -19,605 +19,152 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST, } from '@kbn/core-http-common'; import { replaceParams } from '@kbn/openapi-common/shared'; -import { FtrProviderContext } from 'x-pack/test/api_integration/ftr_provider_context'; -import { routeWithNamespace } from 'x-pack/test/common/utils/security_solution'; - -import { - AlertsMigrationCleanupRequestQueryInput, - AlertsMigrationCleanupRequestParamsInput, - AlertsMigrationCleanupRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; -import { - ApplyEntityEngineDataviewIndicesRequestQueryInput, - ApplyEntityEngineDataviewIndicesRequestParamsInput, - ApplyEntityEngineDataviewIndicesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/apply_dataview_indices.gen'; -import { - AssetCriticalityGetPrivilegesRequestQueryInput, - AssetCriticalityGetPrivilegesRequestParamsInput, - AssetCriticalityGetPrivilegesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality_privileges.gen'; -import { - BootstrapPrebuiltRulesRequestQueryInput, - BootstrapPrebuiltRulesRequestParamsInput, - BootstrapPrebuiltRulesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/prebuilt_rules/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.gen'; -import { - BulkUpsertAssetCriticalityRecordsRequestQueryInput, - BulkUpsertAssetCriticalityRecordsRequestParamsInput, - BulkUpsertAssetCriticalityRecordsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; -import { - CleanDraftTimelinesRequestQueryInput, - CleanDraftTimelinesRequestParamsInput, - CleanDraftTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; -import { - CleanUpRiskEngineRequestQueryInput, - CleanUpRiskEngineRequestParamsInput, - CleanUpRiskEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_cleanup_route.gen'; -import { - ConfigureRiskEngineSavedObjectRequestQueryInput, - ConfigureRiskEngineSavedObjectRequestParamsInput, - ConfigureRiskEngineSavedObjectRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; -import { - CopyTimelineRequestQueryInput, - CopyTimelineRequestParamsInput, - CopyTimelineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/copy_timeline/copy_timeline_route.gen'; -import { - CreateAlertsIndexRequestQueryInput, - CreateAlertsIndexRequestParamsInput, - CreateAlertsIndexRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/create_index/create_index.gen'; -import { - CreateAlertsMigrationRequestQueryInput, - CreateAlertsMigrationRequestParamsInput, - CreateAlertsMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; -import { - CreateAssetCriticalityRecordRequestQueryInput, - CreateAssetCriticalityRecordRequestParamsInput, - CreateAssetCriticalityRecordRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; +import { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; +import { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; +import { CleanDraftTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; +import { ConfigureRiskEngineSavedObjectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; +import { CopyTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/copy_timeline/copy_timeline_route.gen'; +import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; +import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; +import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; import { - CreateRuleRequestQueryInput, - CreateRuleRequestParamsInput, - CreateRuleRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; -import { - CreateRuleMigrationRequestQueryInput, CreateRuleMigrationRequestParamsInput, CreateRuleMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - CreateTimelinesRequestQueryInput, - CreateTimelinesRequestParamsInput, - CreateTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/create_timelines/create_timelines_route.gen'; +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen'; import { - CreateUpdateProtectionUpdatesNoteRequestQueryInput, CreateUpdateProtectionUpdatesNoteRequestParamsInput, CreateUpdateProtectionUpdatesNoteRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; -import { - DeleteAlertsIndexRequestQueryInput, - DeleteAlertsIndexRequestParamsInput, - DeleteAlertsIndexRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/delete_index/delete_index.gen'; -import { - DeleteAssetCriticalityRecordRequestQueryInput, - DeleteAssetCriticalityRecordRequestParamsInput, - DeleteAssetCriticalityRecordRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; +} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; import { DeleteEntityEngineRequestQueryInput, DeleteEntityEngineRequestParamsInput, - DeleteEntityEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/delete.gen'; -import { - DeleteNoteRequestQueryInput, - DeleteNoteRequestParamsInput, - DeleteNoteRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/delete_note/delete_note_route.gen'; -import { - DeleteRuleRequestQueryInput, - DeleteRuleRequestParamsInput, - DeleteRuleRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; -import { - DeleteTimelinesRequestQueryInput, - DeleteTimelinesRequestParamsInput, - DeleteTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/delete_timelines/delete_timelines_route.gen'; -import { - DeprecatedTriggerRiskScoreCalculationRequestQueryInput, - DeprecatedTriggerRiskScoreCalculationRequestParamsInput, - DeprecatedTriggerRiskScoreCalculationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; -import { - DisableRiskEngineRequestQueryInput, - DisableRiskEngineRequestParamsInput, - DisableRiskEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_disable_route.gen'; -import { - EnableRiskEngineRequestQueryInput, - EnableRiskEngineRequestParamsInput, - EnableRiskEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_enable_route.gen'; -import { - EndpointExecuteActionRequestQueryInput, - EndpointExecuteActionRequestParamsInput, - EndpointExecuteActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/execute/execute.gen'; -import { - EndpointFileDownloadRequestQueryInput, - EndpointFileDownloadRequestParamsInput, - EndpointFileDownloadRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/file_download/file_download.gen'; -import { - EndpointFileInfoRequestQueryInput, - EndpointFileInfoRequestParamsInput, - EndpointFileInfoRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/file_info/file_info.gen'; -import { - EndpointGetActionsDetailsRequestQueryInput, - EndpointGetActionsDetailsRequestParamsInput, - EndpointGetActionsDetailsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/details/details.gen'; -import { - EndpointGetActionsListRequestQueryInput, - EndpointGetActionsListRequestParamsInput, - EndpointGetActionsListRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/list/list.gen'; -import { - EndpointGetActionsStateRequestQueryInput, - EndpointGetActionsStateRequestParamsInput, - EndpointGetActionsStateRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/state/state.gen'; -import { - EndpointGetActionsStatusRequestQueryInput, - EndpointGetActionsStatusRequestParamsInput, - EndpointGetActionsStatusRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/status/status.gen'; -import { - EndpointGetFileActionRequestQueryInput, - EndpointGetFileActionRequestParamsInput, - EndpointGetFileActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; -import { - EndpointGetProcessesActionRequestQueryInput, - EndpointGetProcessesActionRequestParamsInput, - EndpointGetProcessesActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; -import { - EndpointIsolateActionRequestQueryInput, - EndpointIsolateActionRequestParamsInput, - EndpointIsolateActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; -import { - EndpointKillProcessActionRequestQueryInput, - EndpointKillProcessActionRequestParamsInput, - EndpointKillProcessActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; -import { - EndpointScanActionRequestQueryInput, - EndpointScanActionRequestParamsInput, - EndpointScanActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/scan/scan.gen'; -import { - EndpointSuspendProcessActionRequestQueryInput, - EndpointSuspendProcessActionRequestParamsInput, - EndpointSuspendProcessActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; -import { - EndpointUnisolateActionRequestQueryInput, - EndpointUnisolateActionRequestParamsInput, - EndpointUnisolateActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; -import { - EndpointUploadActionRequestQueryInput, - EndpointUploadActionRequestParamsInput, - EndpointUploadActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/upload/upload.gen'; -import { - EntityStoreGetPrivilegesRequestQueryInput, - EntityStoreGetPrivilegesRequestParamsInput, - EntityStoreGetPrivilegesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/get_privileges.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; +import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; +import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; +import { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; +import { DeprecatedTriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { EndpointExecuteActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/execute/execute.gen'; +import { EndpointFileDownloadRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_download/file_download.gen'; +import { EndpointFileInfoRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_info/file_info.gen'; +import { EndpointGetActionsDetailsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/details/details.gen'; +import { EndpointGetActionsListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/list/list.gen'; +import { EndpointGetActionsStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/status/status.gen'; +import { EndpointGetFileActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; +import { EndpointGetProcessesActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; +import { EndpointIsolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; +import { EndpointKillProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; +import { EndpointScanActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/scan/scan.gen'; +import { EndpointSuspendProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; +import { EndpointUnisolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; import { ExportRulesRequestQueryInput, - ExportRulesRequestParamsInput, ExportRulesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; import { ExportTimelinesRequestQueryInput, - ExportTimelinesRequestParamsInput, ExportTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/export_timelines/export_timelines_route.gen'; +} from '@kbn/security-solution-plugin/common/api/timeline/export_timelines/export_timelines_route.gen'; +import { FinalizeAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; +import { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; +import { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; +import { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; +import { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; +import { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; import { - FinalizeAlertsMigrationRequestQueryInput, - FinalizeAlertsMigrationRequestParamsInput, - FinalizeAlertsMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; -import { - FindAssetCriticalityRecordsRequestQueryInput, - FindAssetCriticalityRecordsRequestParamsInput, - FindAssetCriticalityRecordsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; -import { - FindRulesRequestQueryInput, - FindRulesRequestParamsInput, - FindRulesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; -import { - GetAllStatsRuleMigrationRequestQueryInput, - GetAllStatsRuleMigrationRequestParamsInput, - GetAllStatsRuleMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetAssetCriticalityRecordRequestQueryInput, - GetAssetCriticalityRecordRequestParamsInput, - GetAssetCriticalityRecordRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; -import { - GetAssetCriticalityStatusRequestQueryInput, - GetAssetCriticalityStatusRequestParamsInput, - GetAssetCriticalityStatusRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality_status.gen'; -import { - GetDraftTimelinesRequestQueryInput, - GetDraftTimelinesRequestParamsInput, - GetDraftTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; -import { - GetEndpointMetadataListRequestQueryInput, - GetEndpointMetadataListRequestParamsInput, - GetEndpointMetadataListRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/metadata/get_metadata.gen'; -import { - GetEndpointSuggestionsRequestQueryInput, GetEndpointSuggestionsRequestParamsInput, GetEndpointSuggestionsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/suggestions/get_suggestions.gen'; -import { - GetEntityEngineRequestQueryInput, - GetEntityEngineRequestParamsInput, - GetEntityEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/get.gen'; -import { - GetEntityStoreStatusRequestQueryInput, - GetEntityStoreStatusRequestParamsInput, - GetEntityStoreStatusRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/status.gen'; -import { - GetNotesRequestQueryInput, - GetNotesRequestParamsInput, - GetNotesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_notes/get_notes_route.gen'; -import { - GetPolicyResponseRequestQueryInput, - GetPolicyResponseRequestParamsInput, - GetPolicyResponseRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/policy/policy_response.gen'; -import { - GetProtectionUpdatesNoteRequestQueryInput, - GetProtectionUpdatesNoteRequestParamsInput, - GetProtectionUpdatesNoteRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; -import { - GetRiskEngineStatusRequestQueryInput, - GetRiskEngineStatusRequestParamsInput, - GetRiskEngineStatusRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_status_route.gen'; +} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; +import { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; +import { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; +import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; +import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; +import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; import { GetRuleExecutionEventsRequestQueryInput, GetRuleExecutionEventsRequestParamsInput, - GetRuleExecutionEventsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; import { GetRuleExecutionResultsRequestQueryInput, GetRuleExecutionResultsRequestParamsInput, - GetRuleExecutionResultsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; import { GetRuleMigrationRequestQueryInput, GetRuleMigrationRequestParamsInput, - GetRuleMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationIntegrationsRequestQueryInput, - GetRuleMigrationIntegrationsRequestParamsInput, - GetRuleMigrationIntegrationsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationPrebuiltRulesRequestQueryInput, - GetRuleMigrationPrebuiltRulesRequestParamsInput, - GetRuleMigrationPrebuiltRulesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationPrivilegesRequestQueryInput, - GetRuleMigrationPrivilegesRequestParamsInput, - GetRuleMigrationPrivilegesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationPrebuiltRulesRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import { GetRuleMigrationResourcesRequestQueryInput, GetRuleMigrationResourcesRequestParamsInput, - GetRuleMigrationResourcesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationResourcesMissingRequestQueryInput, - GetRuleMigrationResourcesMissingRequestParamsInput, - GetRuleMigrationResourcesMissingRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationStatsRequestQueryInput, - GetRuleMigrationStatsRequestParamsInput, - GetRuleMigrationStatsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationTranslationStatsRequestQueryInput, - GetRuleMigrationTranslationStatsRequestParamsInput, - GetRuleMigrationTranslationStatsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetTimelineRequestQueryInput, - GetTimelineRequestParamsInput, - GetTimelineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_timeline/get_timeline_route.gen'; -import { - GetTimelinesRequestQueryInput, - GetTimelinesRequestParamsInput, - GetTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/get_timelines/get_timelines_route.gen'; -import { - GetWorkflowInsightsRequestQueryInput, - GetWorkflowInsightsRequestParamsInput, - GetWorkflowInsightsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/workflow_insights/workflow_insights.gen'; -import { - ImportRulesRequestQueryInput, - ImportRulesRequestParamsInput, - ImportRulesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; -import { - ImportTimelinesRequestQueryInput, - ImportTimelinesRequestParamsInput, - ImportTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/import_timelines/import_timelines_route.gen'; +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationTranslationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timeline/get_timeline_route.gen'; +import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timelines/get_timelines_route.gen'; +import { GetWorkflowInsightsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; +import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen'; import { - InitEntityEngineRequestQueryInput, InitEntityEngineRequestParamsInput, InitEntityEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/init.gen'; +import { InitEntityStoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/enable.gen'; import { - InitEntityStoreRequestQueryInput, - InitEntityStoreRequestParamsInput, - InitEntityStoreRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.gen'; -import { - InitMonitoringEngineRequestQueryInput, - InitMonitoringEngineRequestParamsInput, - InitMonitoringEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/init.gen'; -import { - InitRiskEngineRequestQueryInput, - InitRiskEngineRequestParamsInput, - InitRiskEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_init_route.gen'; -import { - InstallMigrationRulesRequestQueryInput, InstallMigrationRulesRequestParamsInput, InstallMigrationRulesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - InstallPrebuiltRulesAndTimelinesRequestQueryInput, - InstallPrebuiltRulesAndTimelinesRequestParamsInput, - InstallPrebuiltRulesAndTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/prebuilt_rules/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.gen'; -import { - InstallPrepackedTimelinesRequestQueryInput, - InstallPrepackedTimelinesRequestParamsInput, - InstallPrepackedTimelinesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; -import { - InternalUploadAssetCriticalityRecordsRequestQueryInput, - InternalUploadAssetCriticalityRecordsRequestParamsInput, - InternalUploadAssetCriticalityRecordsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/upload_asset_criticality_csv.gen'; -import { - ListEntitiesRequestQueryInput, - ListEntitiesRequestParamsInput, - ListEntitiesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/entities/list_entities.gen'; -import { - ListEntityEnginesRequestQueryInput, - ListEntityEnginesRequestParamsInput, - ListEntityEnginesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/list.gen'; -import { - PatchRuleRequestQueryInput, - PatchRuleRequestParamsInput, - PatchRuleRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; -import { - PatchTimelineRequestQueryInput, - PatchTimelineRequestParamsInput, - PatchTimelineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/patch_timelines/patch_timeline_route.gen'; +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; +import { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; +import { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; +import { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; import { PerformRulesBulkActionRequestQueryInput, - PerformRulesBulkActionRequestParamsInput, PerformRulesBulkActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; -import { - PersistFavoriteRouteRequestQueryInput, - PersistFavoriteRouteRequestParamsInput, - PersistFavoriteRouteRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/persist_favorite/persist_favorite_route.gen'; -import { - PersistNoteRouteRequestQueryInput, - PersistNoteRouteRequestParamsInput, - PersistNoteRouteRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/persist_note/persist_note_route.gen'; -import { - PersistPinnedEventRouteRequestQueryInput, - PersistPinnedEventRouteRequestParamsInput, - PersistPinnedEventRouteRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/pinned_events/pinned_events_route.gen'; -import { - PreviewRiskScoreRequestQueryInput, - PreviewRiskScoreRequestParamsInput, - PreviewRiskScoreRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/preview_route.gen'; -import { - PrivMonHealthRequestQueryInput, - PrivMonHealthRequestParamsInput, - PrivMonHealthRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/health.gen'; -import { - ReadAlertsIndexRequestQueryInput, - ReadAlertsIndexRequestParamsInput, - ReadAlertsIndexRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_index/read_index.gen'; -import { - ReadAlertsMigrationStatusRequestQueryInput, - ReadAlertsMigrationStatusRequestParamsInput, - ReadAlertsMigrationStatusRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; -import { - ReadPrebuiltRulesAndTimelinesStatusRequestQueryInput, - ReadPrebuiltRulesAndTimelinesStatusRequestParamsInput, - ReadPrebuiltRulesAndTimelinesStatusRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/prebuilt_rules/read_prebuilt_rules_and_timelines_status/read_prebuilt_rules_and_timelines_status_route.gen'; -import { - ReadPrivilegesRequestQueryInput, - ReadPrivilegesRequestParamsInput, - ReadPrivilegesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_privileges/read_privileges.gen'; -import { - ReadRiskEngineSettingsRequestQueryInput, - ReadRiskEngineSettingsRequestParamsInput, - ReadRiskEngineSettingsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_settings_route.gen'; -import { - ReadRuleRequestQueryInput, - ReadRuleRequestParamsInput, - ReadRuleRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; -import { - ReadTagsRequestQueryInput, - ReadTagsRequestParamsInput, - ReadTagsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/read_tags/read_tags_route.gen'; -import { - ResolveTimelineRequestQueryInput, - ResolveTimelineRequestParamsInput, - ResolveTimelineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; -import { - RiskEngineGetPrivilegesRequestQueryInput, - RiskEngineGetPrivilegesRequestParamsInput, - RiskEngineGetPrivilegesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/get_risk_engine_privileges.gen'; +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; +import { PersistFavoriteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_favorite/persist_favorite_route.gen'; +import { PersistNoteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_note/persist_note_route.gen'; +import { PersistPinnedEventRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/pinned_events/pinned_events_route.gen'; +import { PreviewRiskScoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/preview_route.gen'; +import { ReadAlertsMigrationStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; +import { ReadRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; +import { ResolveTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; import { RulePreviewRequestQueryInput, - RulePreviewRequestParamsInput, RulePreviewRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_preview/rule_preview.gen'; -import { - RunScriptActionRequestQueryInput, - RunScriptActionRequestParamsInput, - RunScriptActionRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; -import { - ScheduleRiskEngineNowRequestQueryInput, - ScheduleRiskEngineNowRequestParamsInput, - ScheduleRiskEngineNowRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_schedule_now_route.gen'; +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_preview/rule_preview.gen'; +import { RunScriptActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; +import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; +import { SearchPrivilegesIndicesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/search_indices.gen'; +import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; +import { SetAlertsStatusRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; +import { SetAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; +import { StartEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen'; import { - SearchAlertsRequestQueryInput, - SearchAlertsRequestParamsInput, - SearchAlertsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; -import { - SearchPrivilegesIndicesRequestQueryInput, - SearchPrivilegesIndicesRequestParamsInput, - SearchPrivilegesIndicesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/search_indices.gen'; -import { - SetAlertAssigneesRequestQueryInput, - SetAlertAssigneesRequestParamsInput, - SetAlertAssigneesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; -import { - SetAlertsStatusRequestQueryInput, - SetAlertsStatusRequestParamsInput, - SetAlertsStatusRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; -import { - SetAlertTagsRequestQueryInput, - SetAlertTagsRequestParamsInput, - SetAlertTagsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; -import { - StartEntityEngineRequestQueryInput, - StartEntityEngineRequestParamsInput, - StartEntityEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/start.gen'; -import { - StartRuleMigrationRequestQueryInput, StartRuleMigrationRequestParamsInput, StartRuleMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { StopEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen'; +import { StopRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { SuggestUserProfilesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/users/suggest_user_profiles_route.gen'; +import { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; import { - StopEntityEngineRequestQueryInput, - StopEntityEngineRequestParamsInput, - StopEntityEngineRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/stop.gen'; -import { - StopRuleMigrationRequestQueryInput, - StopRuleMigrationRequestParamsInput, - StopRuleMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - SuggestUserProfilesRequestQueryInput, - SuggestUserProfilesRequestParamsInput, - SuggestUserProfilesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/users/suggest_user_profiles_route.gen'; -import { - TriggerRiskScoreCalculationRequestQueryInput, - TriggerRiskScoreCalculationRequestParamsInput, - TriggerRiskScoreCalculationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; -import { - UpdateRuleRequestQueryInput, - UpdateRuleRequestParamsInput, - UpdateRuleRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; -import { - UpdateRuleMigrationRequestQueryInput, UpdateRuleMigrationRequestParamsInput, UpdateRuleMigrationRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import { - UpdateWorkflowInsightRequestQueryInput, UpdateWorkflowInsightRequestParamsInput, UpdateWorkflowInsightRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/workflow_insights/workflow_insights.gen'; -import { - UploadAssetCriticalityRecordsRequestQueryInput, - UploadAssetCriticalityRecordsRequestParamsInput, - UploadAssetCriticalityRecordsRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/upload_asset_criticality_csv.gen'; +} from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; import { - UpsertRuleMigrationResourcesRequestQueryInput, UpsertRuleMigrationResourcesRequestParamsInput, UpsertRuleMigrationResourcesRequestBodyInput, -} from '/Users/charlottealexandrawilson/Public/kibana/kibana-fork/kibana/x-pack/solutions/security/plugins/security_solution/common/siem_migrations/model/api/rules/rule_migration.gen'; +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { routeWithNamespace } from '../../common/utils/security_solution'; +import { FtrProviderContext } from '../ftr_provider_context'; export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { const supertest = getService('supertest'); From 44c176fd327f5f18db89c3f3d35a7696bd33b2ea Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 7 May 2025 14:13:41 +0100 Subject: [PATCH 10/51] data client jest test - WiP issues with joi locally, testing buildkite to move blockers while debugging joi issues --- .../monitoring_entity_source.gen.ts | 8 +- .../monitoring_entity_source.schema.yaml | 12 ++- ...ing_entity_source_sync_data_client.test.ts | 80 +++++++++++++++++++ 3 files changed, 92 insertions(+), 8 deletions(-) create mode 100644 x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts index 9f93a05b997e6..06fb1e82b6be3 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts @@ -29,8 +29,8 @@ export const MonitoringEntitySourceDescriptor = z.object({ matchers: z .array( z.object({ - fields: z.array(z.string()).optional(), - values: z.array(z.string()).optional(), + fields: z.array(z.string()), + values: z.array(z.string()), }) ) .optional(), @@ -48,8 +48,8 @@ export const MonitoringEntitySourceResponse = z.object({ matchers: z .array( z.object({ - fields: z.array(z.string()).optional(), - values: z.array(z.string()).optional(), + fields: z.array(z.string()), + values: z.array(z.string()), }) ) .optional(), diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml index 045f3422e48f6..7772238b508a5 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml @@ -99,12 +99,14 @@ components: type: array items: type: object - required: [field, value] + required: + - fields + - values properties: fields: type: array items: - type: string + type: string values: type: array items: @@ -129,14 +131,16 @@ components: type: boolean matchers: type: array - required: [field, value] items: type: object + required: + - fields + - values properties: fields: type: array items: - type: string + type: string values: type: array items: diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts new file mode 100644 index 0000000000000..b092f94766054 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts @@ -0,0 +1,80 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { MonitoringEntitySourceSyncDataClient } from './monitoring_entity_source_sync_data_client'; +import { + savedObjectsClientMock, + elasticsearchServiceMock, + loggingSystemMock, +} from '@kbn/core/server/mocks'; + +describe('MonitoringEntitySourceSyncDataClient', () => { + const mockSavedObjectClient = savedObjectsClientMock.create(); + const clusterClientMock = elasticsearchServiceMock.createScopedClusterClient(); + const loggerMock = loggingSystemMock.createLogger(); + loggerMock.debug = jest.fn(); + + const defaultOpts = { + logger: loggerMock, + clusterClient: clusterClientMock, + namespace: 'default', + soClient: mockSavedObjectClient, + kibanaVersion: '8.0.0', + }; + + const testDescriptor = { + type: 'test-type', + name: 'Test Source', + matchers: [ + { + fields: ['user.role'], + values: ['admin'], + }, + ], + filter: {}, + }; + + let dataClient: MonitoringEntitySourceSyncDataClient; + beforeEach(() => { + jest.clearAllMocks(); + dataClient = new MonitoringEntitySourceSyncDataClient(defaultOpts); + }); + + describe('init', () => { + it('should initialize Monitoring Entity Source Sync Config Successfully', async () => { + const result = await dataClient.init(testDescriptor); + expect(result).toEqual(testDescriptor); + }); + }); + + describe('get', () => { + it('should get Monitoring Entity Source Sync Config Successfully', async () => { + const result = await dataClient.get(); + expect(result).toEqual(testDescriptor); + }); + }); + + describe('update', () => { + it('should update Monitoring Entity Source Sync Config Successfully', async () => { + const updatedDescriptor = { ...testDescriptor, name: 'Updated Source' }; + const result = await dataClient.update(updatedDescriptor); + expect(result).toEqual(updatedDescriptor); + }); + }); + + describe('delete', () => { + it('should delete Monitoring Entity Source Sync Config Successfully', async () => { + await dataClient.delete(); + expect(mockSavedObjectClient.delete).toHaveBeenCalledWith( + 'monitoring-entity-source-sync', + 'default' + ); + }); + } + ); + +}); From ea6ed202c3a0fa5452be463d29a99d7031e58595 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 7 May 2025 13:31:00 +0000 Subject: [PATCH 11/51] [CI] Auto-commit changed files from 'node scripts/check_mappings_update --fix' --- .../current_fields.json | 13 ++++++ .../current_mappings.json | 46 +++++++++++++++++++ 2 files changed, 59 insertions(+) diff --git a/packages/kbn-check-mappings-update-cli/current_fields.json b/packages/kbn-check-mappings-update-cli/current_fields.json index fa63eee1e8430..4d4a2d80074cb 100644 --- a/packages/kbn-check-mappings-update-cli/current_fields.json +++ b/packages/kbn-check-mappings-update-cli/current_fields.json @@ -814,6 +814,19 @@ "job.job_id", "model_id" ], + "monitoring-entity-source": [ + "enabled", + "error", + "filter", + "indexPattern", + "integrationName", + "managed", + "matchers", + "matchers.field", + "matchers.value", + "name", + "type" + ], "monitoring-telemetry": [ "reportedClusterUuids" ], diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 063f0e3f6f854..f60c87e9c8e30 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -2738,6 +2738,52 @@ } } }, + "monitoring-entity-source": { + "dynamic": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "error": { + "type": "keyword" + }, + "filter": { + "dynamic": false, + "type": "object" + }, + "indexPattern": { + "index": false, + "type": "keyword" + }, + "integrationName": { + "index": false, + "type": "keyword" + }, + "managed": { + "type": "boolean" + }, + "matchers": { + "dynamic": false, + "properties": { + "field": { + "index": false, + "type": "keyword" + }, + "value": { + "index": false, + "type": "keyword" + } + }, + "type": "object" + }, + "name": { + "type": "keyword" + }, + "type": { + "type": "keyword" + } + } + }, "monitoring-telemetry": { "properties": { "reportedClusterUuids": { From 9f61b4af1d761e8555a1fef8acc082370ab55bd3 Mon Sep 17 00:00:00 2001 From: Charlotte Alexandra Wilson Date: Wed, 7 May 2025 14:34:08 +0100 Subject: [PATCH 12/51] Update x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts update matchers inline with api Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .../saved_object/monitoring_entity_source_type.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index eaac094991794..4210e20c3997b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -41,11 +41,11 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' type: 'object', dynamic: false, properties: { - field: { + fields: { type: 'keyword', index: false, }, - value: { + values: { type: 'keyword', index: false, }, From 681d3f58b69175638836ae669905c2652e00826d Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 7 May 2025 13:58:45 +0000 Subject: [PATCH 13/51] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- ...ing_entity_source_sync_data_client.test.ts | 112 +++++++++--------- .../monitoring_entity_source_type.ts | 1 - 2 files changed, 55 insertions(+), 58 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts index b092f94766054..38ba45d367ec1 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts @@ -7,74 +7,72 @@ import { MonitoringEntitySourceSyncDataClient } from './monitoring_entity_source_sync_data_client'; import { - savedObjectsClientMock, - elasticsearchServiceMock, - loggingSystemMock, + savedObjectsClientMock, + elasticsearchServiceMock, + loggingSystemMock, } from '@kbn/core/server/mocks'; describe('MonitoringEntitySourceSyncDataClient', () => { - const mockSavedObjectClient = savedObjectsClientMock.create(); - const clusterClientMock = elasticsearchServiceMock.createScopedClusterClient(); - const loggerMock = loggingSystemMock.createLogger(); - loggerMock.debug = jest.fn(); + const mockSavedObjectClient = savedObjectsClientMock.create(); + const clusterClientMock = elasticsearchServiceMock.createScopedClusterClient(); + const loggerMock = loggingSystemMock.createLogger(); + loggerMock.debug = jest.fn(); - const defaultOpts = { - logger: loggerMock, - clusterClient: clusterClientMock, - namespace: 'default', - soClient: mockSavedObjectClient, - kibanaVersion: '8.0.0', - }; + const defaultOpts = { + logger: loggerMock, + clusterClient: clusterClientMock, + namespace: 'default', + soClient: mockSavedObjectClient, + kibanaVersion: '8.0.0', + }; - const testDescriptor = { - type: 'test-type', - name: 'Test Source', - matchers: [ - { - fields: ['user.role'], - values: ['admin'], - }, - ], - filter: {}, - }; + const testDescriptor = { + type: 'test-type', + name: 'Test Source', + matchers: [ + { + fields: ['user.role'], + values: ['admin'], + }, + ], + filter: {}, + }; - let dataClient: MonitoringEntitySourceSyncDataClient; - beforeEach(() => { - jest.clearAllMocks(); - dataClient = new MonitoringEntitySourceSyncDataClient(defaultOpts); - }); + let dataClient: MonitoringEntitySourceSyncDataClient; + beforeEach(() => { + jest.clearAllMocks(); + dataClient = new MonitoringEntitySourceSyncDataClient(defaultOpts); + }); - describe('init', () => { - it('should initialize Monitoring Entity Source Sync Config Successfully', async () => { - const result = await dataClient.init(testDescriptor); - expect(result).toEqual(testDescriptor); - }); + describe('init', () => { + it('should initialize Monitoring Entity Source Sync Config Successfully', async () => { + const result = await dataClient.init(testDescriptor); + expect(result).toEqual(testDescriptor); }); + }); - describe('get', () => { - it('should get Monitoring Entity Source Sync Config Successfully', async () => { - const result = await dataClient.get(); - expect(result).toEqual(testDescriptor); - }); + describe('get', () => { + it('should get Monitoring Entity Source Sync Config Successfully', async () => { + const result = await dataClient.get(); + expect(result).toEqual(testDescriptor); }); + }); - describe('update', () => { - it('should update Monitoring Entity Source Sync Config Successfully', async () => { - const updatedDescriptor = { ...testDescriptor, name: 'Updated Source' }; - const result = await dataClient.update(updatedDescriptor); - expect(result).toEqual(updatedDescriptor); - }); + describe('update', () => { + it('should update Monitoring Entity Source Sync Config Successfully', async () => { + const updatedDescriptor = { ...testDescriptor, name: 'Updated Source' }; + const result = await dataClient.update(updatedDescriptor); + expect(result).toEqual(updatedDescriptor); }); + }); - describe('delete', () => { - it('should delete Monitoring Entity Source Sync Config Successfully', async () => { - await dataClient.delete(); - expect(mockSavedObjectClient.delete).toHaveBeenCalledWith( - 'monitoring-entity-source-sync', - 'default' - ); - }); - } - ); - + describe('delete', () => { + it('should delete Monitoring Entity Source Sync Config Successfully', async () => { + await dataClient.delete(); + expect(mockSavedObjectClient.delete).toHaveBeenCalledWith( + 'monitoring-entity-source-sync', + 'default' + ); + }); + }); }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 4210e20c3997b..4edddaba144fc 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -6,7 +6,6 @@ */ import type { SavedObjectsType } from '@kbn/core/server'; -import type { SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; export const monitoringEntitySourceTypeName = 'monitoring-entity-source'; From a2a72ab42157c89847df72e504cb628c33b0d4b2 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 10:41:31 +0100 Subject: [PATCH 14/51] monitoring entity source data client tests (unit) updated, all passing) --- ...ing_entity_source_sync_data_client.test.ts | 67 +++++++++++++++++-- 1 file changed, 62 insertions(+), 5 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts index 38ba45d367ec1..4365e8f43b456 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts @@ -11,17 +11,20 @@ import { elasticsearchServiceMock, loggingSystemMock, } from '@kbn/core/server/mocks'; +import { monitoringEntitySourceTypeName } from './saved_object/monitoring_entity_source_type'; +import { SavedObject, SavedObjectsFindResponse } from '@kbn/core/server'; describe('MonitoringEntitySourceSyncDataClient', () => { const mockSavedObjectClient = savedObjectsClientMock.create(); const clusterClientMock = elasticsearchServiceMock.createScopedClusterClient(); const loggerMock = loggingSystemMock.createLogger(); + const namespace = 'test-namespace'; loggerMock.debug = jest.fn(); const defaultOpts = { logger: loggerMock, clusterClient: clusterClientMock, - namespace: 'default', + namespace: 'test-namespace', soClient: mockSavedObjectClient, kibanaVersion: '8.0.0', }; @@ -46,22 +49,76 @@ describe('MonitoringEntitySourceSyncDataClient', () => { describe('init', () => { it('should initialize Monitoring Entity Source Sync Config Successfully', async () => { + defaultOpts.soClient.find.mockResolvedValue({ + total: 0, + saved_objects: [], + } as unknown as SavedObjectsFindResponse); + + defaultOpts.soClient.create.mockResolvedValue({ + id: `monitoring-entity-source-sync-${namespace}`, + type: monitoringEntitySourceTypeName, + attributes: testDescriptor, + references: [], + }); + const result = await dataClient.init(testDescriptor); + + expect(defaultOpts.soClient.create).toHaveBeenCalledWith( + monitoringEntitySourceTypeName, + testDescriptor, + { id: `monitoring-entity-source-sync-${namespace}` } + ); + expect(result).toEqual(testDescriptor); }); }); describe('get', () => { it('should get Monitoring Entity Source Sync Config Successfully', async () => { + const getResponse = { + id: `monitoring-entity-source-sync-${namespace}`, + type: monitoringEntitySourceTypeName, + attributes: testDescriptor, + references: [], + }; + defaultOpts.soClient.get.mockResolvedValue(getResponse as unknown as SavedObject); const result = await dataClient.get(); - expect(result).toEqual(testDescriptor); + expect(defaultOpts.soClient.get).toHaveBeenCalledWith( + monitoringEntitySourceTypeName, + `monitoring-entity-source-sync-${namespace}` + ); + expect(result).toEqual(getResponse.attributes); }); }); describe('update', () => { it('should update Monitoring Entity Source Sync Config Successfully', async () => { + const existingDescriptor = { + total: 1, + saved_objects: [{ attributes: testDescriptor }], + } as unknown as SavedObjectsFindResponse; + + defaultOpts.soClient.find.mockResolvedValue( + existingDescriptor as unknown as SavedObjectsFindResponse + ); + + defaultOpts.soClient.update.mockResolvedValue({ + id: `monitoring-entity-source-sync-${namespace}`, + type: monitoringEntitySourceTypeName, + attributes: { ...testDescriptor, name: 'Updated Source' }, + references: [], + }); + const updatedDescriptor = { ...testDescriptor, name: 'Updated Source' }; - const result = await dataClient.update(updatedDescriptor); + const result = await dataClient.init(testDescriptor); + + expect(defaultOpts.soClient.update).toHaveBeenCalledWith( + monitoringEntitySourceTypeName, + `monitoring-entity-source-sync-${namespace}`, + testDescriptor, + { refresh: 'wait_for' } + ); + expect(result).toEqual(updatedDescriptor); }); }); @@ -70,8 +127,8 @@ describe('MonitoringEntitySourceSyncDataClient', () => { it('should delete Monitoring Entity Source Sync Config Successfully', async () => { await dataClient.delete(); expect(mockSavedObjectClient.delete).toHaveBeenCalledWith( - 'monitoring-entity-source-sync', - 'default' + monitoringEntitySourceTypeName, + `monitoring-entity-source-sync-${namespace}` ); }); }); From 99a9843835efb734516bc36bd85d7a99c92998a3 Mon Sep 17 00:00:00 2001 From: Charlotte Alexandra Wilson Date: Tue, 20 May 2025 11:18:43 +0100 Subject: [PATCH 15/51] Update packages/kbn-check-mappings-update-cli/current_mappings.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- packages/kbn-check-mappings-update-cli/current_mappings.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 15d1bed743546..4327e7eb46764 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -2765,11 +2765,11 @@ "matchers": { "dynamic": false, "properties": { - "field": { + "fields": { "index": false, "type": "keyword" }, - "value": { + "values": { "index": false, "type": "keyword" } From 9d21e44a13e2acdc0a81563aad2d539c25e5bf47 Mon Sep 17 00:00:00 2001 From: Charlotte Alexandra Wilson Date: Tue, 20 May 2025 11:18:50 +0100 Subject: [PATCH 16/51] Update packages/kbn-check-mappings-update-cli/current_fields.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- packages/kbn-check-mappings-update-cli/current_fields.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/kbn-check-mappings-update-cli/current_fields.json b/packages/kbn-check-mappings-update-cli/current_fields.json index 4d4a2d80074cb..c08da19399e48 100644 --- a/packages/kbn-check-mappings-update-cli/current_fields.json +++ b/packages/kbn-check-mappings-update-cli/current_fields.json @@ -822,8 +822,8 @@ "integrationName", "managed", "matchers", - "matchers.field", - "matchers.value", + "matchers.fields", + "matchers.values", "name", "type" ], From dc02b6e80ea66aaaab382892118cae908405c90c Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 20 May 2025 11:01:08 +0000 Subject: [PATCH 17/51] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- .../monitoring_entity_source_sync_data_client.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts index 4365e8f43b456..48589230b7a39 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts @@ -12,7 +12,7 @@ import { loggingSystemMock, } from '@kbn/core/server/mocks'; import { monitoringEntitySourceTypeName } from './saved_object/monitoring_entity_source_type'; -import { SavedObject, SavedObjectsFindResponse } from '@kbn/core/server'; +import type { SavedObject, SavedObjectsFindResponse } from '@kbn/core/server'; describe('MonitoringEntitySourceSyncDataClient', () => { const mockSavedObjectClient = savedObjectsClientMock.create(); From b954470a736eedb1d23280079775ab561816819b Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 12:06:21 +0100 Subject: [PATCH 18/51] update typename to match doc spec --- .../current_fields.json | 13 +++++++++++++ ...nitoring_entity_source_sync_data_client.test.ts | 14 +++++++------- .../saved_object/monitoring_entity_source.ts | 2 +- .../saved_object/monitoring_entity_source_type.ts | 2 +- 4 files changed, 22 insertions(+), 9 deletions(-) diff --git a/packages/kbn-check-mappings-update-cli/current_fields.json b/packages/kbn-check-mappings-update-cli/current_fields.json index c08da19399e48..626c3aa4eca8c 100644 --- a/packages/kbn-check-mappings-update-cli/current_fields.json +++ b/packages/kbn-check-mappings-update-cli/current_fields.json @@ -302,6 +302,19 @@ "schemaVersion" ], "enterprise_search_telemetry": [], + "entity-analytics-monitoring-entity-source": [ + "enabled", + "error", + "filter", + "indexPattern", + "integrationName", + "managed", + "matchers", + "matchers.fields", + "matchers.values", + "name", + "type" + ], "entity-definition": [ "description", "filter", diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts index 48589230b7a39..a6bc3341f8078 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts @@ -55,7 +55,7 @@ describe('MonitoringEntitySourceSyncDataClient', () => { } as unknown as SavedObjectsFindResponse); defaultOpts.soClient.create.mockResolvedValue({ - id: `monitoring-entity-source-sync-${namespace}`, + id: `entity-analytics-monitoring-entity-source-${namespace}`, type: monitoringEntitySourceTypeName, attributes: testDescriptor, references: [], @@ -66,7 +66,7 @@ describe('MonitoringEntitySourceSyncDataClient', () => { expect(defaultOpts.soClient.create).toHaveBeenCalledWith( monitoringEntitySourceTypeName, testDescriptor, - { id: `monitoring-entity-source-sync-${namespace}` } + { id: `entity-analytics-monitoring-entity-source-${namespace}` } ); expect(result).toEqual(testDescriptor); @@ -76,7 +76,7 @@ describe('MonitoringEntitySourceSyncDataClient', () => { describe('get', () => { it('should get Monitoring Entity Source Sync Config Successfully', async () => { const getResponse = { - id: `monitoring-entity-source-sync-${namespace}`, + id: `entity-analytics-monitoring-entity-source-${namespace}`, type: monitoringEntitySourceTypeName, attributes: testDescriptor, references: [], @@ -85,7 +85,7 @@ describe('MonitoringEntitySourceSyncDataClient', () => { const result = await dataClient.get(); expect(defaultOpts.soClient.get).toHaveBeenCalledWith( monitoringEntitySourceTypeName, - `monitoring-entity-source-sync-${namespace}` + `entity-analytics-monitoring-entity-source-${namespace}` ); expect(result).toEqual(getResponse.attributes); }); @@ -103,7 +103,7 @@ describe('MonitoringEntitySourceSyncDataClient', () => { ); defaultOpts.soClient.update.mockResolvedValue({ - id: `monitoring-entity-source-sync-${namespace}`, + id: `entity-analytics-monitoring-entity-source-${namespace}`, type: monitoringEntitySourceTypeName, attributes: { ...testDescriptor, name: 'Updated Source' }, references: [], @@ -114,7 +114,7 @@ describe('MonitoringEntitySourceSyncDataClient', () => { expect(defaultOpts.soClient.update).toHaveBeenCalledWith( monitoringEntitySourceTypeName, - `monitoring-entity-source-sync-${namespace}`, + `entity-analytics-monitoring-entity-source-${namespace}`, testDescriptor, { refresh: 'wait_for' } ); @@ -128,7 +128,7 @@ describe('MonitoringEntitySourceSyncDataClient', () => { await dataClient.delete(); expect(mockSavedObjectClient.delete).toHaveBeenCalledWith( monitoringEntitySourceTypeName, - `monitoring-entity-source-sync-${namespace}` + `entity-analytics-monitoring-entity-source-${namespace}` ); }); }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts index 93706796a670b..f9a05e16ecff0 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts @@ -31,7 +31,7 @@ export class MonitoringEntitySourceDescriptorClient { constructor(private readonly dependencies: MonitoringEntitySourceDependencies) {} getSavedObjectId() { - return `monitoring-entity-source-sync-${this.dependencies.namespace}`; + return `entity-analytics-monitoring-entity-source-${this.dependencies.namespace}`; } async create(attributes: MonitoringEntitySourceDescriptor) { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 4edddaba144fc..5d269bae44a8c 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -8,7 +8,7 @@ import type { SavedObjectsType } from '@kbn/core/server'; import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; -export const monitoringEntitySourceTypeName = 'monitoring-entity-source'; +export const monitoringEntitySourceTypeName = 'entity-analytics-monitoring-entity-source'; export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings'] = { dynamic: false, From 72d9ec4096f0f330aff2b661255656319f563391 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 12:08:14 +0100 Subject: [PATCH 19/51] update monitoring entity source sync to just source - naming data client --- ...itoring_entity_source_data_client.test.ts} | 8 ++++---- ...> monitoring_entity_source_data_client.ts} | 20 +++++++++---------- 2 files changed, 14 insertions(+), 14 deletions(-) rename x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/{monitoring_entity_source_sync_data_client.test.ts => monitoring_entity_source_data_client.test.ts} (93%) rename x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/{monitoring_entity_source_sync_data_client.ts => monitoring_entity_source_data_client.ts} (71%) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.test.ts similarity index 93% rename from x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts rename to x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.test.ts index a6bc3341f8078..83f85cbcdaa7a 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.test.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { MonitoringEntitySourceSyncDataClient } from './monitoring_entity_source_sync_data_client'; +import { MonitoringEntitySourceDataClient } from './monitoring_entity_source_sync_data_client'; import { savedObjectsClientMock, elasticsearchServiceMock, @@ -14,7 +14,7 @@ import { import { monitoringEntitySourceTypeName } from './saved_object/monitoring_entity_source_type'; import type { SavedObject, SavedObjectsFindResponse } from '@kbn/core/server'; -describe('MonitoringEntitySourceSyncDataClient', () => { +describe('MonitoringEntitySourceDataClient', () => { const mockSavedObjectClient = savedObjectsClientMock.create(); const clusterClientMock = elasticsearchServiceMock.createScopedClusterClient(); const loggerMock = loggingSystemMock.createLogger(); @@ -41,10 +41,10 @@ describe('MonitoringEntitySourceSyncDataClient', () => { filter: {}, }; - let dataClient: MonitoringEntitySourceSyncDataClient; + let dataClient: MonitoringEntitySourceDataClient; beforeEach(() => { jest.clearAllMocks(); - dataClient = new MonitoringEntitySourceSyncDataClient(defaultOpts); + dataClient = new MonitoringEntitySourceDataClient(defaultOpts); }); describe('init', () => { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.ts similarity index 71% rename from x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.ts rename to x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.ts index d8d714323f624..1b106825c1ca2 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.ts @@ -12,17 +12,17 @@ import type { } from '../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import { MonitoringEntitySourceDescriptorClient } from './saved_object/monitoring_entity_source'; -interface MonitoringEntitySourceSyncDataClientOpts { +interface MonitoringEntitySourceDataClientOpts { logger: Logger; clusterClient: IScopedClusterClient; soClient: SavedObjectsClientContract; namespace: string; } -export class MonitoringEntitySourceSyncDataClient { - private monitoringEntitySourceSyncClient: MonitoringEntitySourceDescriptorClient; - constructor(private readonly opts: MonitoringEntitySourceSyncDataClientOpts) { - this.monitoringEntitySourceSyncClient = new MonitoringEntitySourceDescriptorClient({ +export class MonitoringEntitySourceDataClient { + private monitoringEntitySourceClient: MonitoringEntitySourceDescriptorClient; + constructor(private readonly opts: MonitoringEntitySourceDataClientOpts) { + this.monitoringEntitySourceClient = new MonitoringEntitySourceDescriptorClient({ soClient: this.opts.soClient, namespace: this.opts.namespace, }); @@ -31,14 +31,14 @@ export class MonitoringEntitySourceSyncDataClient { public async init( input: MonitoringEntitySourceDescriptor ): Promise { - const descriptor = await this.monitoringEntitySourceSyncClient.create(input); - this.log('debug', 'Initializing MonitoringEntitySourceSyncDataClient Saved Object'); + const descriptor = await this.monitoringEntitySourceClient.create(input); + this.log('debug', 'Initializing MonitoringEntitySourceDataClient Saved Object'); return descriptor; } public async get(): Promise { this.log('debug', 'Getting Monitoring Entity Source Sync saved object'); - return this.monitoringEntitySourceSyncClient.get(); + return this.monitoringEntitySourceClient.get(); } public async update(update: Partial) { @@ -52,12 +52,12 @@ export class MonitoringEntitySourceSyncDataClient { })), }; - return this.monitoringEntitySourceSyncClient.update(sanitizedUpdate); + return this.monitoringEntitySourceClient.update(sanitizedUpdate); } public async delete() { this.log('debug', 'Deleting Monitoring Entity Source Sync saved object'); - return this.monitoringEntitySourceSyncClient.delete(); + return this.monitoringEntitySourceClient.delete(); } private log(level: Exclude, msg: string) { From aa4e5a7c4a49e0646e180d18c8e5a66e5c8bf186 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 12:10:17 +0100 Subject: [PATCH 20/51] update import --- .../monitoring_entity_source_data_client.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.test.ts index 83f85cbcdaa7a..f95aa247786ee 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client.test.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { MonitoringEntitySourceDataClient } from './monitoring_entity_source_sync_data_client'; +import { MonitoringEntitySourceDataClient } from './monitoring_entity_source_data_client'; import { savedObjectsClientMock, elasticsearchServiceMock, From fa605a2ba46b3a05091829ef4e07eac8d927bce7 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 12:15:54 +0100 Subject: [PATCH 21/51] update naming --- .../routes/monitoring_entity_source_sync.ts | 2 +- .../plugins/security_solution/server/request_context_factory.ts | 2 +- .../security/plugins/security_solution/server/types.ts | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts index c362872588f28..be42720f14742 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts @@ -14,7 +14,7 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import type { MonitoringEntitySourceResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import { API_VERSIONS, APP_ID } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; -import { MonitoringEntitySourceSyncDataClient } from '../monitoring_entity_source_sync_data_client'; +import { MonitoringEntitySourceSyncDataClient } from '../monitoring_entity_source_data_client'; import { MonitoringEntitySourceDescriptor } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; export const monitoringEntitySourceSyncRoute = ( diff --git a/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts b/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts index f0b907e8fe4a4..91548cfbf9f07 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts @@ -11,7 +11,7 @@ import type { KibanaRequest, Logger, RequestHandlerContext } from '@kbn/core/ser import type { BuildFlavor } from '@kbn/config'; import { EntityDiscoveryApiKeyType } from '@kbn/entityManager-plugin/server/saved_objects'; -import { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client'; +import { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client'; import { DEFAULT_SPACE_ID } from '../common/constants'; import type { Immutable } from '../common/endpoint/types'; import type { EndpointAuthz } from '../common/endpoint/types/authz'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/types.ts b/x-pack/solutions/security/plugins/security_solution/server/types.ts index 72900da1ade84..6fb94ea19122d 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/types.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/types.ts @@ -43,7 +43,7 @@ import type { AssetInventoryDataClient } from './lib/asset_inventory/asset_inven import type { PrivilegeMonitoringDataClient } from './lib/entity_analytics/privilege_monitoring/privilege_monitoring_data_client'; import type { ApiKeyManager } from './lib/entity_analytics/entity_store/auth/api_key'; import type { ProductFeaturesService } from './lib/product_features_service'; -import type { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_sync_data_client'; +import type { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client'; export { AppClient }; export interface SecuritySolutionApiRequestHandlerContext { From d47399d5c1aa2bfbc931f27e7a2e5cf9f4036ee3 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 14:10:57 +0100 Subject: [PATCH 22/51] fix naming from sync - entity source only --- ..._entity_source_sync.ts => monitoring_entity_source.ts} | 8 ++++---- .../routes/register_privilege_monitoring_routes.ts | 4 ++-- .../security_solution/server/request_context_factory.ts | 4 ++-- .../security/plugins/security_solution/server/types.ts | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) rename x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/{monitoring_entity_source_sync.ts => monitoring_entity_source.ts} (92%) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts similarity index 92% rename from x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts rename to x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts index be42720f14742..b6df24252e4a2 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source_sync.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts @@ -14,10 +14,10 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import type { MonitoringEntitySourceResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import { API_VERSIONS, APP_ID } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; -import { MonitoringEntitySourceSyncDataClient } from '../monitoring_entity_source_data_client'; +import { MonitoringEntitySourceDataClient } from '../monitoring_entity_source_data_client'; import { MonitoringEntitySourceDescriptor } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -export const monitoringEntitySourceSyncRoute = ( +export const monitoringEntitySourceRoute = ( router: EntityAnalyticsRoutesDeps['router'], logger: Logger, config: EntityAnalyticsRoutesDeps['config'] @@ -53,7 +53,7 @@ export const monitoringEntitySourceSyncRoute = ( const soClient = coreContext.savedObjects.client; const clusterClient = coreContext.elasticsearch.client; - const dataClient = new MonitoringEntitySourceSyncDataClient({ + const dataClient = new MonitoringEntitySourceDataClient({ soClient, clusterClient, logger, @@ -100,7 +100,7 @@ export const monitoringEntitySourceSyncRoute = ( const soClient = coreContext.savedObjects.client; const clusterClient = coreContext.elasticsearch.client; - const dataClient = new MonitoringEntitySourceSyncDataClient({ + const dataClient = new MonitoringEntitySourceDataClient({ soClient, clusterClient, logger, diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts index 06edb5b290ad9..9f8d6b52d94de 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts @@ -8,7 +8,7 @@ import type { EntityAnalyticsRoutesDeps } from '../../types'; import { healthCheckPrivilegeMonitoringRoute } from './health'; import { initPrivilegeMonitoringEngineRoute } from './init'; -import { monitoringEntitySourceSyncRoute } from './monitoring_entity_source_sync'; +import { monitoringEntitySourceRoute } from './monitoring_entity_source'; import { searchPrivilegeMonitoringIndicesRoute } from './search_indices'; import { @@ -29,7 +29,7 @@ export const registerPrivilegeMonitoringRoutes = ({ initPrivilegeMonitoringEngineRoute(router, logger, config); healthCheckPrivilegeMonitoringRoute(router, logger, config); searchPrivilegeMonitoringIndicesRoute(router, logger, config); - monitoringEntitySourceSyncRoute(router, logger, config); + monitoringEntitySourceRoute(router, logger, config); getUserRoute(router, logger); createUserRoute(router, logger); deleteUserRoute(router, logger); diff --git a/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts b/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts index 91548cfbf9f07..507aea2e6371d 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/request_context_factory.ts @@ -11,7 +11,7 @@ import type { KibanaRequest, Logger, RequestHandlerContext } from '@kbn/core/ser import type { BuildFlavor } from '@kbn/config'; import { EntityDiscoveryApiKeyType } from '@kbn/entityManager-plugin/server/saved_objects'; -import { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client'; +import { MonitoringEntitySourceDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client'; import { DEFAULT_SPACE_ID } from '../common/constants'; import type { Immutable } from '../common/endpoint/types'; import type { EndpointAuthz } from '../common/endpoint/types/authz'; @@ -268,7 +268,7 @@ export class RequestContextFactory implements IRequestContextFactory { }); }), getMonitoringEntitySourceDataClient: memoize(() => { - return new MonitoringEntitySourceSyncDataClient({ + return new MonitoringEntitySourceDataClient({ logger: options.logger, clusterClient: coreContext.elasticsearch.client, namespace: getSpaceId(), diff --git a/x-pack/solutions/security/plugins/security_solution/server/types.ts b/x-pack/solutions/security/plugins/security_solution/server/types.ts index 6fb94ea19122d..3c82d736bd98f 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/types.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/types.ts @@ -43,7 +43,7 @@ import type { AssetInventoryDataClient } from './lib/asset_inventory/asset_inven import type { PrivilegeMonitoringDataClient } from './lib/entity_analytics/privilege_monitoring/privilege_monitoring_data_client'; import type { ApiKeyManager } from './lib/entity_analytics/entity_store/auth/api_key'; import type { ProductFeaturesService } from './lib/product_features_service'; -import type { MonitoringEntitySourceSyncDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client'; +import type { MonitoringEntitySourceDataClient } from './lib/entity_analytics/privilege_monitoring/monitoring_entity_source_data_client'; export { AppClient }; export interface SecuritySolutionApiRequestHandlerContext { @@ -70,7 +70,7 @@ export interface SecuritySolutionApiRequestHandlerContext { getAssetCriticalityDataClient: () => AssetCriticalityDataClient; getEntityStoreDataClient: () => EntityStoreDataClient; getPrivilegeMonitoringDataClient: () => PrivilegeMonitoringDataClient; - getMonitoringEntitySourceDataClient: () => MonitoringEntitySourceSyncDataClient; + getMonitoringEntitySourceDataClient: () => MonitoringEntitySourceDataClient; getSiemRuleMigrationsClient: () => SiemRuleMigrationsClient; getInferenceClient: () => InferenceClient; getAssetInventoryClient: () => AssetInventoryDataClient; From 51d3a70d56a3a0696303fedb8d10be012e7de80b Mon Sep 17 00:00:00 2001 From: Charlotte Alexandra Wilson Date: Tue, 20 May 2025 15:06:04 +0100 Subject: [PATCH 23/51] Update packages/kbn-check-mappings-update-cli/current_mappings.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- packages/kbn-check-mappings-update-cli/current_mappings.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 4327e7eb46764..850baf2007ba7 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -2738,7 +2738,7 @@ } } }, - "monitoring-entity-source": { + "entity-analytics-monitoring-entity-source": { "dynamic": false, "properties": { "enabled": { From 1c21320c47da4ee49c9d388cc339659ab9af5ccb Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 15:08:28 +0100 Subject: [PATCH 24/51] remove unused function --- .../saved_object/monitoring_entity_source.ts | 25 ------------------- 1 file changed, 25 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts index f9a05e16ecff0..0e8649d354bd3 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts @@ -58,31 +58,6 @@ export class MonitoringEntitySourceDescriptorClient { return created; } - private async resetToDefaultDescriptor( - entitySourceDescriptor: SavedObjectsFindResponse - ) { - const old = entitySourceDescriptor.saved_objects[0].attributes; - const update = { - ...old, - error: undefined, - type: 'default', - name: 'default', - managed: true, - indexPattern: '', - enabled: true, - integrationName: '', - matchers: [], - filter: {}, - }; - await this.dependencies.soClient.update( - monitoringEntitySourceTypeName, - this.getSavedObjectId(), - update, - { refresh: 'wait_for' } - ); - return update; - } - async update(monitoringEntitySource: Partial) { const id = this.getSavedObjectId(); const { attributes } = From 3f4cf818e57a193d4d105aaed884525d51cffb35 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 20 May 2025 14:33:10 +0000 Subject: [PATCH 25/51] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- .../saved_object/monitoring_entity_source.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts index 0e8649d354bd3..42c6e2485bb34 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts @@ -4,7 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import type { SavedObjectsClientContract, SavedObjectsFindResponse } from '@kbn/core/server'; +import type { SavedObjectsClientContract } from '@kbn/core/server'; import { monitoringEntitySourceTypeName } from './monitoring_entity_source_type'; interface MonitoringEntitySourceDependencies { From e55d0870baa46baa309e29e9333a2d808a00b0d5 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 20 May 2025 16:14:00 +0100 Subject: [PATCH 26/51] Update monitoring routes to use Security Solution context instead of instantiating data client directly --- .../routes/monitoring_entity_source.ts | 34 +++++-------------- 1 file changed, 8 insertions(+), 26 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts index b6df24252e4a2..579886a717116 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts @@ -49,20 +49,11 @@ export const monitoringEntitySourceRoute = ( const siemResponse = buildSiemResponse(response); try { - const coreContext = await context.core; - const soClient = coreContext.savedObjects.client; - const clusterClient = coreContext.elasticsearch.client; + const secSol = await context.securitySolution; + const client = secSol.getMonitoringEntitySourceDataClient(); + const body = await client.init(request.body); - const dataClient = new MonitoringEntitySourceDataClient({ - soClient, - clusterClient, - logger, - namespace: 'default', - }); - - const result = await dataClient.init(request.body); - - return response.ok({ body: result }); + return response.ok({ body }); } catch (e) { const error = transformError(e); logger.error(`Error creating monitoring entity source sync config: ${error.message}`); @@ -96,19 +87,10 @@ export const monitoringEntitySourceRoute = ( const siemResponse = buildSiemResponse(response); try { - const coreContext = await context.core; - const soClient = coreContext.savedObjects.client; - const clusterClient = coreContext.elasticsearch.client; - - const dataClient = new MonitoringEntitySourceDataClient({ - soClient, - clusterClient, - logger, - namespace: 'default', - }); - - const result = await dataClient.get(); - return response.ok({ body: result }); + const secSol = await context.securitySolution; + const client = secSol.getMonitoringEntitySourceDataClient(); + const body = await client.get(); + return response.ok({ body }); } catch (e) { const error = transformError(e); logger.error(`Error getting monitoring entity source sync config: ${error.message}`); From 0a3ce14f0e9c86c1719c6d0db728fafcca01e178 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 20 May 2025 15:41:37 +0000 Subject: [PATCH 27/51] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- .../privilege_monitoring/routes/monitoring_entity_source.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts index 579886a717116..239f7a09a9ea2 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source.ts @@ -14,7 +14,6 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import type { MonitoringEntitySourceResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import { API_VERSIONS, APP_ID } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; -import { MonitoringEntitySourceDataClient } from '../monitoring_entity_source_data_client'; import { MonitoringEntitySourceDescriptor } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; export const monitoringEntitySourceRoute = ( From bb346213d78492368144bc110acb418370898e33 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 21 May 2025 10:40:42 +0100 Subject: [PATCH 28/51] Increment saved object types counter --- .../saved-objects/server-internal/src/object_types/index.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts index eaca99d1dd089..5bc4f2cc2fd54 100644 --- a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts +++ b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts @@ -10,5 +10,5 @@ export { registerCoreObjectTypes } from './registration'; // set minimum number of registered saved objects to ensure no object types are removed after 8.8 -// declared in internal implementation exclicilty to prevent unintended changes. -export const SAVED_OBJECT_TYPES_COUNT = 130 as const; +// declared in internal implementation explicitly to prevent unintended changes. +export const SAVED_OBJECT_TYPES_COUNT = 131 as const; From dd1fc6b0acd217cec5055107a7b8741c2e23297a Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 21 May 2025 10:55:40 +0100 Subject: [PATCH 29/51] add monitoringDataClient to request_context --- .../lib/detection_engine/routes/__mocks__/request_context.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts index 9de652ee44f4c..18d7d7ea35bb9 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts @@ -191,6 +191,7 @@ const createSecuritySolutionRequestContextMock = ( getEntityStoreApiKeyManager: jest.fn(), getEntityStoreDataClient: jest.fn(() => clients.entityStoreDataClient), getPrivilegeMonitoringDataClient: jest.fn(() => clients.privilegeMonitorDataClient), + getMonitoringEntitySourceDataClient: jest.fn(), getSiemRuleMigrationsClient: jest.fn(() => clients.siemRuleMigrationsClient), getInferenceClient: jest.fn(() => clients.getInferenceClient()), getAssetInventoryClient: jest.fn(() => clients.assetInventoryDataClient), From 82640da221a994433c6e4d49011fb4b5c4d1e57b Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 21 May 2025 10:16:31 +0000 Subject: [PATCH 30/51] [CI] Auto-commit changed files from 'node scripts/jest_integration -u src/core/server/integration_tests/ci_checks' --- .../ci_checks/saved_objects/check_registered_types.test.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts index 6a3ae074b918f..74257623743f8 100644 --- a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts +++ b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts @@ -95,6 +95,7 @@ describe('checking migration metadata changes on all registered SO types', () => "endpoint:unified-user-artifact-manifest": "71c7fcb52c658b21ea2800a6b6a76972ae1c776e", "endpoint:user-artifact-manifest": "1c3533161811a58772e30cdc77bac4631da3ef2b", "enterprise_search_telemetry": "9ac912e1417fc8681e0cd383775382117c9e3d3d", + "entity-analytics-monitoring-entity-source": "1157caf02a417454bdd093236f4cf68f437cbe5b", "entity-definition": "1c6bff35c423d5dc5650bc806cf2899e4706a0bc", "entity-discovery-api-key": "c267a65c69171d1804362155c1378365f5acef88", "entity-engine-status": "09f6a617020708e4f638137e5ef35bd9534133be", From f5ff787f56871c12c82cecd59d646034bb272fd1 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 21 May 2025 12:28:21 +0100 Subject: [PATCH 31/51] update exported member of interface --- .../saved_object/monitoring_entity_source.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts index 42c6e2485bb34..8e82dec5efc5d 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts @@ -7,7 +7,7 @@ import type { SavedObjectsClientContract } from '@kbn/core/server'; import { monitoringEntitySourceTypeName } from './monitoring_entity_source_type'; -interface MonitoringEntitySourceDependencies { +export interface MonitoringEntitySourceDependencies { soClient: SavedObjectsClientContract; namespace: string; } From 299e469bc2e7ee371bd22c7e6b4729170469ae1a Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 21 May 2025 14:13:45 +0100 Subject: [PATCH 32/51] export interface for monitoringEntitySourceDescriptor --- .../saved_object/monitoring_entity_source.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts index 8e82dec5efc5d..70555be470419 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source.ts @@ -12,7 +12,7 @@ export interface MonitoringEntitySourceDependencies { namespace: string; } -interface MonitoringEntitySourceDescriptor { +export interface MonitoringEntitySourceDescriptor { type: string; name: string; managed?: boolean; From c9ad81fd45a89c0f16115bfd41c4346d8cafddd8 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 21 May 2025 17:04:11 +0100 Subject: [PATCH 33/51] add registered type to so registration test --- .../saved_objects/registration/type_registrations.test.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/core/server/integration_tests/saved_objects/registration/type_registrations.test.ts b/src/core/server/integration_tests/saved_objects/registration/type_registrations.test.ts index 47254ed205309..2fe87b675474d 100644 --- a/src/core/server/integration_tests/saved_objects/registration/type_registrations.test.ts +++ b/src/core/server/integration_tests/saved_objects/registration/type_registrations.test.ts @@ -55,6 +55,7 @@ const previouslyRegisteredTypes = [ 'endpoint:user-artifact-manifest', 'endpoint:unified-user-artifact-manifest', 'enterprise_search_telemetry', + 'entity-analytics-monitoring-entity-source', 'entity-definition', 'entity-discovery-api-key', 'epm-packages', From 08c50e85ccb1c79818dad9428c2676d1722be516 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 22 May 2025 10:57:17 +0100 Subject: [PATCH 34/51] update auth snapshot testing for FTR --- .../platform_security/authorization.ts | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts b/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts index 05f6dfd91841e..69fd0d9d54fb5 100644 --- a/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts +++ b/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts @@ -386,6 +386,18 @@ export default function ({ getService }: FtrProviderContext) { "saved_object:privilege-monitoring-status/delete", "saved_object:privilege-monitoring-status/bulk_delete", "saved_object:privilege-monitoring-status/share_to_space", + "saved_object:entity-analytics-monitoring-entity-source/bulk_get", + "saved_object:entity-analytics-monitoring-entity-source/get", + "saved_object:entity-analytics-monitoring-entity-source/find", + "saved_object:entity-analytics-monitoring-entity-source/open_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/close_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/create", + "saved_object:entity-analytics-monitoring-entity-source/bulk_create", + "saved_object:entity-analytics-monitoring-entity-source/update", + "saved_object:entity-analytics-monitoring-entity-source/bulk_update", + "saved_object:entity-analytics-monitoring-entity-source/delete", + "saved_object:entity-analytics-monitoring-entity-source/bulk_delete", + "saved_object:entity-analytics-monitoring-entity-source/share_to_space", "saved_object:policy-settings-protection-updates-note/bulk_get", "saved_object:policy-settings-protection-updates-note/get", "saved_object:policy-settings-protection-updates-note/find", @@ -1242,6 +1254,18 @@ export default function ({ getService }: FtrProviderContext) { "saved_object:privilege-monitoring-status/delete", "saved_object:privilege-monitoring-status/bulk_delete", "saved_object:privilege-monitoring-status/share_to_space", + "saved_object:entity-analytics-monitoring-entity-source/bulk_get", + "saved_object:entity-analytics-monitoring-entity-source/get", + "saved_object:entity-analytics-monitoring-entity-source/find", + "saved_object:entity-analytics-monitoring-entity-source/open_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/close_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/create", + "saved_object:entity-analytics-monitoring-entity-source/bulk_create", + "saved_object:entity-analytics-monitoring-entity-source/update", + "saved_object:entity-analytics-monitoring-entity-source/bulk_update", + "saved_object:entity-analytics-monitoring-entity-source/delete", + "saved_object:entity-analytics-monitoring-entity-source/bulk_delete", + "saved_object:entity-analytics-monitoring-entity-source/share_to_space", "saved_object:policy-settings-protection-updates-note/bulk_get", "saved_object:policy-settings-protection-updates-note/get", "saved_object:policy-settings-protection-updates-note/find", @@ -1869,6 +1893,11 @@ export default function ({ getService }: FtrProviderContext) { "saved_object:privilege-monitoring-status/find", "saved_object:privilege-monitoring-status/open_point_in_time", "saved_object:privilege-monitoring-status/close_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/bulk_get", + "saved_object:entity-analytics-monitoring-entity-source/get", + "saved_object:entity-analytics-monitoring-entity-source/find", + "saved_object:entity-analytics-monitoring-entity-source/open_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/close_point_in_time", "saved_object:policy-settings-protection-updates-note/bulk_get", "saved_object:policy-settings-protection-updates-note/get", "saved_object:policy-settings-protection-updates-note/find", @@ -2243,6 +2272,11 @@ export default function ({ getService }: FtrProviderContext) { "saved_object:privilege-monitoring-status/find", "saved_object:privilege-monitoring-status/open_point_in_time", "saved_object:privilege-monitoring-status/close_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/bulk_get", + "saved_object:entity-analytics-monitoring-entity-source/get", + "saved_object:entity-analytics-monitoring-entity-source/find", + "saved_object:entity-analytics-monitoring-entity-source/open_point_in_time", + "saved_object:entity-analytics-monitoring-entity-source/close_point_in_time", "saved_object:policy-settings-protection-updates-note/bulk_get", "saved_object:policy-settings-protection-updates-note/get", "saved_object:policy-settings-protection-updates-note/find", From 2734e42cac999a1abc39e1c87f7ff1d31ccb993d Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 29 May 2025 10:41:51 +0100 Subject: [PATCH 35/51] reverted experimental features mistaken update; integrationName now searchable --- .../plugins/security_solution/common/experimental_features.ts | 2 +- .../saved_object/monitoring_entity_source_type.ts | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts b/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts index 2efc1b881a471..76b4b79117d25 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts @@ -217,7 +217,7 @@ export const allowedExperimentalValues = Object.freeze({ /** * Enables Privilege Monitoring */ - privilegeMonitoringEnabled: true, + privilegeMonitoringEnabled: false, /** * Disables the siem migrations feature diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 5d269bae44a8c..49fabac228881 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -34,7 +34,6 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, integrationName: { type: 'keyword', - index: false, }, matchers: { type: 'object', From f4e2146516b3c59a7c142f1394bef4220ebe264d Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 29 May 2025 10:52:04 +0100 Subject: [PATCH 36/51] remove the detectRemovals mapping in schema - updated on design spec --- .../monitoring_entity_source/monitoring_entity_source.gen.ts | 1 - .../monitoring_entity_source.schema.yaml | 2 -- 2 files changed, 3 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts index 06fb1e82b6be3..14f90de1cc715 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts @@ -22,7 +22,6 @@ export const MonitoringEntitySourceDescriptor = z.object({ name: z.string(), managed: z.boolean().optional(), indexPattern: z.string().optional(), - detectRemovals: z.boolean().optional(), enabled: z.boolean().optional(), error: z.string().optional(), integrationName: z.string().optional(), diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml index 7772238b508a5..4e1c209a6da35 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml @@ -87,8 +87,6 @@ components: type: boolean indexPattern: type: string - detectRemovals: - type: boolean enabled: type: boolean error: From bd56ba72d1ae3f328db02dda727404b9ea779ce0 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 29 May 2025 10:18:07 +0000 Subject: [PATCH 37/51] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- .../saved-objects/server-internal/src/object_types/index.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts index 104a269e8cca1..19d8cfc1c1267 100644 --- a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts +++ b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts @@ -12,4 +12,3 @@ export { registerCoreObjectTypes } from './registration'; // set minimum number of registered saved objects to ensure no object types are removed after 8.8 // declared in internal implementation exclicilty to prevent unintended changes. export const SAVED_OBJECT_TYPES_COUNT = 132 as const; - From cfe73c0c33e141e6155d140c810072dcd55a556f Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 29 May 2025 14:17:19 +0100 Subject: [PATCH 38/51] update mappings version for saved object: changing integrationName to searchable --- .../monitoring_entity_source_type.ts | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 49fabac228881..8e73847fafdaf 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -6,7 +6,7 @@ */ import type { SavedObjectsType } from '@kbn/core/server'; -import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; +import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX, SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; export const monitoringEntitySourceTypeName = 'entity-analytics-monitoring-entity-source'; @@ -56,10 +56,24 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, }; +const version1: SavedObjectsModelVersion = { + changes: [ + { + type: 'mappings_addition', + addedMappings: { + integrationName: { + type: 'keyword', + }, + }, + }, + ], +}; + export const monitoringEntitySourceType: SavedObjectsType = { name: monitoringEntitySourceTypeName, indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, hidden: false, namespaceType: 'multiple-isolated', mappings: monitoringEntitySourceTypeNameMappings, + modelVersions: { 1: version1 }, }; From f0f126d9b697bb21f850ed64b556244068376a66 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 29 May 2025 14:18:22 +0100 Subject: [PATCH 39/51] formatting --- .../saved_object/monitoring_entity_source_type.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 8e73847fafdaf..c82b18ca7082e 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -6,7 +6,8 @@ */ import type { SavedObjectsType } from '@kbn/core/server'; -import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX, SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; +import type { SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; +import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; export const monitoringEntitySourceTypeName = 'entity-analytics-monitoring-entity-source'; From f9701e7158a990856769f529ca32f55470fce11c Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Fri, 30 May 2025 15:23:32 +0100 Subject: [PATCH 40/51] mappings changed index to dynamic for objects, removed index under matchers, relying on parent for non searchable. WiP testing this works as expected --- .../current_mappings.json | 81 ++++++++----------- .../monitoring_entity_source_type.ts | 12 +-- 2 files changed, 36 insertions(+), 57 deletions(-) diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index cb91e976bb3fb..b109cccfc2103 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -1038,6 +1038,41 @@ "dynamic": false, "properties": {} }, + "entity-analytics-monitoring-entity-source": { + "dynamic": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "error": { + "type": "keyword" + }, + "filter": { + "dynamic": false, + "type": "object" + }, + "indexPattern": { + "index": false, + "type": "keyword" + }, + "integrationName": { + "type": "keyword" + }, + "managed": { + "type": "boolean" + }, + "matchers": { + "dynamic": false, + "type": "object" + }, + "name": { + "type": "keyword" + }, + "type": { + "type": "keyword" + } + } + }, "entity-definition": { "dynamic": false, "properties": { @@ -2759,52 +2794,6 @@ } } }, - "entity-analytics-monitoring-entity-source": { - "dynamic": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "error": { - "type": "keyword" - }, - "filter": { - "dynamic": false, - "type": "object" - }, - "indexPattern": { - "index": false, - "type": "keyword" - }, - "integrationName": { - "index": false, - "type": "keyword" - }, - "managed": { - "type": "boolean" - }, - "matchers": { - "dynamic": false, - "properties": { - "fields": { - "index": false, - "type": "keyword" - }, - "values": { - "index": false, - "type": "keyword" - } - }, - "type": "object" - }, - "name": { - "type": "keyword" - }, - "type": { - "type": "keyword" - } - } - }, "monitoring-telemetry": { "properties": { "reportedClusterUuids": { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index c82b18ca7082e..8d75028341475 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -25,7 +25,7 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, indexPattern: { type: 'keyword', - index: false, + index: false, // Not ideal, cannot change to searchable later. Double check before we merge. }, enabled: { type: 'boolean', @@ -39,16 +39,6 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' matchers: { type: 'object', dynamic: false, - properties: { - fields: { - type: 'keyword', - index: false, - }, - values: { - type: 'keyword', - index: false, - }, - }, }, filter: { dynamic: false, From fd524075f4f342befcec5f06a7684dee38627960 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Mon, 2 Jun 2025 10:28:33 +0100 Subject: [PATCH 41/51] update saved objects count --- .../saved-objects/server-internal/src/object_types/index.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts index 19d8cfc1c1267..bd6525e54d66e 100644 --- a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts +++ b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts @@ -10,5 +10,5 @@ export { registerCoreObjectTypes } from './registration'; // set minimum number of registered saved objects to ensure no object types are removed after 8.8 -// declared in internal implementation exclicilty to prevent unintended changes. -export const SAVED_OBJECT_TYPES_COUNT = 132 as const; +// declared in internal implementation explicitly to prevent unintended changes. +export const SAVED_OBJECT_TYPES_COUNT = 133 as const; From f00f4d0b87e5c15a4468972a890eae99504e5574 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Mon, 2 Jun 2025 09:52:03 +0000 Subject: [PATCH 42/51] [CI] Auto-commit changed files from 'node scripts/jest_integration -u src/core/server/integration_tests/ci_checks' --- .../ci_checks/saved_objects/check_registered_types.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts index e2aaeb58d4de6..46ff2a8cf37e4 100644 --- a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts +++ b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts @@ -95,7 +95,7 @@ describe('checking migration metadata changes on all registered SO types', () => "endpoint:unified-user-artifact-manifest": "71c7fcb52c658b21ea2800a6b6a76972ae1c776e", "endpoint:user-artifact-manifest": "1c3533161811a58772e30cdc77bac4631da3ef2b", "enterprise_search_telemetry": "9ac912e1417fc8681e0cd383775382117c9e3d3d", - "entity-analytics-monitoring-entity-source": "1157caf02a417454bdd093236f4cf68f437cbe5b", + "entity-analytics-monitoring-entity-source": "b03076de526f9f71a89c15a431f6a31d2c5dd5de", "entity-definition": "1c6bff35c423d5dc5650bc806cf2899e4706a0bc", "entity-discovery-api-key": "c267a65c69171d1804362155c1378365f5acef88", "entity-engine-status": "09f6a617020708e4f638137e5ef35bd9534133be", From 1dc32cac50452b8cffbac401dbe1032de64947ef Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 3 Jun 2025 13:55:50 +0100 Subject: [PATCH 43/51] matchers reverted to specific properties --- .../current_mappings.json | 12 +++++++++++- .../saved_object/monitoring_entity_source_type.ts | 10 ++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index c6d6fb4a0192f..76e13a2f19f64 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -1065,8 +1065,18 @@ "managed": { "type": "boolean" }, - "matchers": { + "matchers": { "dynamic": false, + "properties": { + "fields": { + "index": false, + "type": "keyword" + }, + "values": { + "index": false, + "type": "keyword" + } + }, "type": "object" }, "name": { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 8d75028341475..ed70dc51cce15 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -39,6 +39,16 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' matchers: { type: 'object', dynamic: false, + properties: { + fields: { + type: 'keyword', + index: false, + }, + values: { + type: 'keyword', + index: false, + }, + }, }, filter: { dynamic: false, From 5313ebb7b1fe8c339938ed4244dd4100147701ae Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Tue, 3 Jun 2025 14:16:07 +0100 Subject: [PATCH 44/51] remove unused mappings addition --- .../saved_object/monitoring_entity_source_type.ts | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index ed70dc51cce15..ca06984336c2e 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -57,18 +57,6 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, }; -const version1: SavedObjectsModelVersion = { - changes: [ - { - type: 'mappings_addition', - addedMappings: { - integrationName: { - type: 'keyword', - }, - }, - }, - ], -}; export const monitoringEntitySourceType: SavedObjectsType = { name: monitoringEntitySourceTypeName, @@ -76,5 +64,4 @@ export const monitoringEntitySourceType: SavedObjectsType = { hidden: false, namespaceType: 'multiple-isolated', mappings: monitoringEntitySourceTypeNameMappings, - modelVersions: { 1: version1 }, }; From 63322104680e6fca7d1e2e66e20cec82156b53a7 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 3 Jun 2025 13:37:53 +0000 Subject: [PATCH 45/51] [CI] Auto-commit changed files from 'node scripts/jest_integration -u src/core/server/integration_tests/ci_checks' --- .../ci_checks/saved_objects/check_registered_types.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts index 46ff2a8cf37e4..36750e23bc6fd 100644 --- a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts +++ b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts @@ -95,7 +95,7 @@ describe('checking migration metadata changes on all registered SO types', () => "endpoint:unified-user-artifact-manifest": "71c7fcb52c658b21ea2800a6b6a76972ae1c776e", "endpoint:user-artifact-manifest": "1c3533161811a58772e30cdc77bac4631da3ef2b", "enterprise_search_telemetry": "9ac912e1417fc8681e0cd383775382117c9e3d3d", - "entity-analytics-monitoring-entity-source": "b03076de526f9f71a89c15a431f6a31d2c5dd5de", + "entity-analytics-monitoring-entity-source": "5fb252f8ff6d5023d793da807638de6c84801ae1", "entity-definition": "1c6bff35c423d5dc5650bc806cf2899e4706a0bc", "entity-discovery-api-key": "c267a65c69171d1804362155c1378365f5acef88", "entity-engine-status": "09f6a617020708e4f638137e5ef35bd9534133be", From ba4646d06e9c08bdfd8f78b00e8c4e263b69ebab Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 3 Jun 2025 14:02:39 +0000 Subject: [PATCH 46/51] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- .../saved_object/monitoring_entity_source_type.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index ca06984336c2e..46206e2c3a3bb 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -6,7 +6,6 @@ */ import type { SavedObjectsType } from '@kbn/core/server'; -import type { SavedObjectsModelVersion } from '@kbn/core-saved-objects-server'; import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; export const monitoringEntitySourceTypeName = 'entity-analytics-monitoring-entity-source'; @@ -57,7 +56,6 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, }; - export const monitoringEntitySourceType: SavedObjectsType = { name: monitoringEntitySourceTypeName, indexPattern: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, From 25e005c0be61c8fd44780da9e313df1583f3c363 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Wed, 4 Jun 2025 14:15:41 +0100 Subject: [PATCH 47/51] dynamic false added - index false out --- packages/kbn-check-mappings-update-cli/current_mappings.json | 4 +--- .../saved_object/monitoring_entity_source_type.ts | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 76e13a2f19f64..4249d78df673c 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -1056,7 +1056,7 @@ "type": "object" }, "indexPattern": { - "index": false, + "dynamic": false, "type": "keyword" }, "integrationName": { @@ -1069,11 +1069,9 @@ "dynamic": false, "properties": { "fields": { - "index": false, "type": "keyword" }, "values": { - "index": false, "type": "keyword" } }, diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 46206e2c3a3bb..4f24b7847f4ad 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -24,7 +24,7 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' }, indexPattern: { type: 'keyword', - index: false, // Not ideal, cannot change to searchable later. Double check before we merge. + dynamic: false, }, enabled: { type: 'boolean', @@ -41,11 +41,9 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' properties: { fields: { type: 'keyword', - index: false, }, values: { type: 'keyword', - index: false, }, }, }, From a364ec8b4f873bfdf2cb3e3f8a4aaf6f9f2f7447 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 5 Jun 2025 10:37:38 +0100 Subject: [PATCH 48/51] Remove index pattern - don't need to query this. --- packages/kbn-check-mappings-update-cli/current_mappings.json | 4 ---- .../saved_object/monitoring_entity_source_type.ts | 4 ---- 2 files changed, 8 deletions(-) diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 4249d78df673c..30f13a26b5182 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -1055,10 +1055,6 @@ "dynamic": false, "type": "object" }, - "indexPattern": { - "dynamic": false, - "type": "keyword" - }, "integrationName": { "type": "keyword" }, diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 4f24b7847f4ad..02f4c86f68d4f 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -22,10 +22,6 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' managed: { type: 'boolean', }, - indexPattern: { - type: 'keyword', - dynamic: false, - }, enabled: { type: 'boolean', }, From 6cdf28c39b8f68540605a77b94650e5aae3358f5 Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 5 Jun 2025 11:24:51 +0100 Subject: [PATCH 49/51] Updated matchers for non searchable with kibana core guidance --- .../kbn-check-mappings-update-cli/current_mappings.json | 8 -------- .../saved_object/monitoring_entity_source_type.ts | 8 -------- 2 files changed, 16 deletions(-) diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 8740cb037a07d..a49b1f4ff9f1b 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -1080,14 +1080,6 @@ }, "matchers": { "dynamic": false, - "properties": { - "fields": { - "type": "keyword" - }, - "values": { - "type": "keyword" - } - }, "type": "object" }, "name": { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts index 02f4c86f68d4f..7718fbb82f438 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_object/monitoring_entity_source_type.ts @@ -34,14 +34,6 @@ export const monitoringEntitySourceTypeNameMappings: SavedObjectsType['mappings' matchers: { type: 'object', dynamic: false, - properties: { - fields: { - type: 'keyword', - }, - values: { - type: 'keyword', - }, - }, }, filter: { dynamic: false, From 616ff789ce16a43b09c6483b599c9974e7659bbb Mon Sep 17 00:00:00 2001 From: CAWilson94 Date: Thu, 5 Jun 2025 14:59:14 +0100 Subject: [PATCH 50/51] saved objects count update --- .../saved-objects/server-internal/src/object_types/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts index bd6525e54d66e..a82bbddb1cb60 100644 --- a/src/core/packages/saved-objects/server-internal/src/object_types/index.ts +++ b/src/core/packages/saved-objects/server-internal/src/object_types/index.ts @@ -11,4 +11,4 @@ export { registerCoreObjectTypes } from './registration'; // set minimum number of registered saved objects to ensure no object types are removed after 8.8 // declared in internal implementation explicitly to prevent unintended changes. -export const SAVED_OBJECT_TYPES_COUNT = 133 as const; +export const SAVED_OBJECT_TYPES_COUNT = 134 as const; From 7d11fa7b5d4503b1104b6440089bb48259ff77f1 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 5 Jun 2025 14:20:14 +0000 Subject: [PATCH 51/51] [CI] Auto-commit changed files from 'node scripts/jest_integration -u src/core/server/integration_tests/ci_checks' --- .../ci_checks/saved_objects/check_registered_types.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts index c93904fe76d05..8848ae7a78aaf 100644 --- a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts +++ b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts @@ -96,7 +96,7 @@ describe('checking migration metadata changes on all registered SO types', () => "endpoint:unified-user-artifact-manifest": "71c7fcb52c658b21ea2800a6b6a76972ae1c776e", "endpoint:user-artifact-manifest": "1c3533161811a58772e30cdc77bac4631da3ef2b", "enterprise_search_telemetry": "9ac912e1417fc8681e0cd383775382117c9e3d3d", - "entity-analytics-monitoring-entity-source": "5fb252f8ff6d5023d793da807638de6c84801ae1", + "entity-analytics-monitoring-entity-source": "207ca6f7ed3a04ebe33d81675a09e253446fe897", "entity-definition": "1c6bff35c423d5dc5650bc806cf2899e4706a0bc", "entity-discovery-api-key": "c267a65c69171d1804362155c1378365f5acef88", "entity-engine-status": "09f6a617020708e4f638137e5ef35bd9534133be",