diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_all_integrations/route.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_all_integrations/route.ts index 5adc103cfff7c..d1b81472f46a4 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_all_integrations/route.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_all_integrations/route.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import { transformError } from '@kbn/securitysolution-es-utils'; import { SO_SEARCH_LIMIT } from '@kbn/fleet-plugin/common/constants'; import { PREBUILT_RULES_PACKAGE_NAME } from '../../../../../../common/detection_engine/constants'; @@ -15,11 +16,13 @@ import { GET_ALL_INTEGRATIONS_URL } from '../../../../../../common/api/detection import { extractIntegrations } from './extract_integrations'; import { sortPackagesBySecurityCategory } from './sort_packages_by_security_category'; import { sortIntegrationsByStatus } from './sort_integrations_by_status'; +import { getFleetPackages } from '../../logic/get_fleet_packages'; +import { getFleetPackagePolicies } from '../../logic/get_package_policies'; /** * Returns an array of Fleet integrations and their packages */ -export const getAllIntegrationsRoute = (router: SecuritySolutionPluginRouter) => { +export const getAllIntegrationsRoute = (router: SecuritySolutionPluginRouter, logger: Logger) => { router.versioned .get({ access: 'internal', @@ -43,8 +46,8 @@ export const getAllIntegrationsRoute = (router: SecuritySolutionPluginRouter) => const fleet = ctx.securitySolution.getInternalFleetServices(); const [packages, packagePolicies] = await Promise.all([ - fleet.packages.getPackages(), - fleet.packagePolicy.list(fleet.savedObjects.createInternalScopedSoClient(), { + getFleetPackages(fleet, logger), + getFleetPackagePolicies(fleet, logger, { perPage: SO_SEARCH_LIMIT, }), ]); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_installed_integrations/route.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_installed_integrations/route.ts index 27b1c4b103ab7..001754f8c49f7 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_installed_integrations/route.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/get_installed_integrations/route.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import { transformError } from '@kbn/securitysolution-es-utils'; import { buildSiemResponse } from '../../../routes/utils'; import type { SecuritySolutionPluginRouter } from '../../../../../types'; @@ -12,11 +13,16 @@ import type { SecuritySolutionPluginRouter } from '../../../../../types'; import type { GetInstalledIntegrationsResponse } from '../../../../../../common/api/detection_engine/fleet_integrations'; import { GET_INSTALLED_INTEGRATIONS_URL } from '../../../../../../common/api/detection_engine/fleet_integrations'; import { createInstalledIntegrationSet } from './installed_integration_set'; +import { getFleetPackages } from '../../logic/get_fleet_packages'; +import { getFleetPackagePolicies } from '../../logic/get_package_policies'; /** * Returns an array of installed Fleet integrations and their packages. */ -export const getInstalledIntegrationsRoute = (router: SecuritySolutionPluginRouter) => { +export const getInstalledIntegrationsRoute = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { router.versioned .get({ access: 'internal', @@ -42,15 +48,12 @@ export const getInstalledIntegrationsRoute = (router: SecuritySolutionPluginRout // Pulls all packages into memory just like the main fleet landing page // No pagination support currently, so cannot batch this call - const allThePackages = await fleet.packages.getPackages(); + const allThePackages = await getFleetPackages(fleet, logger); allThePackages.forEach((fleetPackage) => { set.addPackage(fleetPackage); }); - const packagePolicies = await fleet.packagePolicy.list( - fleet.savedObjects.createInternalScopedSoClient(), - {} - ); + const packagePolicies = await getFleetPackagePolicies(fleet, logger); packagePolicies.items.forEach((policy) => { set.addPackagePolicy(policy); }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/register_routes.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/register_routes.ts index cd60509ca5f51..53a4d2032ad90 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/register_routes.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/api/register_routes.ts @@ -5,11 +5,15 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import type { SecuritySolutionPluginRouter } from '../../../../types'; import { getAllIntegrationsRoute } from './get_all_integrations/route'; import { getInstalledIntegrationsRoute } from './get_installed_integrations/route'; -export const registerFleetIntegrationsRoutes = (router: SecuritySolutionPluginRouter) => { - getAllIntegrationsRoute(router); - getInstalledIntegrationsRoute(router); +export const registerFleetIntegrationsRoutes = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { + getAllIntegrationsRoute(router, logger); + getInstalledIntegrationsRoute(router, logger); }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/logic/get_fleet_packages.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/logic/get_fleet_packages.ts new file mode 100644 index 0000000000000..09f5ea6d9969b --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/logic/get_fleet_packages.ts @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Logger } from '@kbn/core/server'; +import type { EndpointInternalFleetServicesInterface } from '../../../../endpoint/services/fleet'; + +export async function getFleetPackages( + fleet: EndpointInternalFleetServicesInterface, + logger: Logger +) { + try { + logger.debug('getFleetPackages: Fetching Fleet packages'); + const packages = await fleet.packages.getPackages(); + logger.debug(`getFleetPackages: Fetched Fleet packages: ${packages.length} items`); + return packages; + } catch (error) { + logger.error(`getFleetPackages: Error fetching Fleet packages`, error); + throw error; + } +} diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/logic/get_package_policies.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/logic/get_package_policies.ts new file mode 100644 index 0000000000000..f7f7cb0679120 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/fleet_integrations/logic/get_package_policies.ts @@ -0,0 +1,29 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Logger } from '@kbn/core/server'; +import type { ListWithKuery } from '@kbn/fleet-plugin/common'; +import type { EndpointInternalFleetServicesInterface } from '../../../../endpoint/services/fleet'; + +export async function getFleetPackagePolicies( + fleet: EndpointInternalFleetServicesInterface, + logger: Logger, + options: ListWithKuery & { spaceId?: string } = {} +) { + try { + logger.debug('getFleetPackagePolicies: Fetching Fleet package policies'); + const soClient = fleet.savedObjects.createInternalScopedSoClient(); + const packagePolicies = await fleet.packagePolicy.list(soClient, options); + logger.debug( + `getFleetPackagePolicies: Fetched Fleet package policies: ${packagePolicies.total} items` + ); + return packagePolicies; + } catch (error) { + logger.error(`getFleetPackagePolicies: Error fetching Fleet package policies`, error); + throw error; + } +} diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.test.ts index 3043bf3a3182b..96ed922774bb2 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.test.ts @@ -46,7 +46,7 @@ describe('bootstrap_prebuilt_rules_route', () => { ({ clients, context } = requestContextMock.createTools()); clients.productFeaturesService = createProductFeaturesServiceMock([]); - bootstrapPrebuiltRulesRoute(server.router); + bootstrapPrebuiltRulesRoute(server.router, clients.logger); }); it('returns information about installed packages', async () => { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.ts index 28c86adfe230c..fb39e0cec41b1 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.ts @@ -5,13 +5,17 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import { BOOTSTRAP_PREBUILT_RULES_URL } from '../../../../../../common/api/detection_engine/prebuilt_rules'; import type { SecuritySolutionPluginRouter } from '../../../../../types'; import { PREBUILT_RULES_OPERATION_SOCKET_TIMEOUT_MS } from '../../constants'; import { bootstrapPrebuiltRulesHandler } from './bootstrap_prebuilt_rules_handler'; import { throttleRequests } from '../../../../../utils/throttle_requests'; -export const bootstrapPrebuiltRulesRoute = (router: SecuritySolutionPluginRouter) => { +export const bootstrapPrebuiltRulesRoute = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { router.versioned .post({ access: 'internal', @@ -32,6 +36,8 @@ export const bootstrapPrebuiltRulesRoute = (router: SecuritySolutionPluginRouter version: '1', validate: {}, }, - throttleRequests(bootstrapPrebuiltRulesHandler) + throttleRequests((context, request, response) => { + return bootstrapPrebuiltRulesHandler(context, request, response, logger); + }) ); }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules_handler.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules_handler.ts index 4f598ede105d2..2112962b9971b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules_handler.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules_handler.ts @@ -5,7 +5,12 @@ * 2.0. */ -import type { IKibanaResponse, KibanaRequest, KibanaResponseFactory } from '@kbn/core/server'; +import type { + Logger, + IKibanaResponse, + KibanaRequest, + KibanaResponseFactory, +} from '@kbn/core/server'; import { ProductFeatureSecurityKey } from '@kbn/security-solution-features/keys'; import { transformError } from '@kbn/securitysolution-es-utils'; import { installSecurityAiPromptsPackage } from '../../logic/integrations/install_ai_prompts'; @@ -25,7 +30,8 @@ import { createPrebuiltRuleObjectsClient } from '../../logic/rule_objects/prebui export const bootstrapPrebuiltRulesHandler = async ( context: SecuritySolutionRequestHandlerContext, _: KibanaRequest, - response: KibanaResponseFactory + response: KibanaResponseFactory, + logger: Logger ): Promise> => { const siemResponse = buildSiemResponse(response); @@ -47,7 +53,7 @@ export const bootstrapPrebuiltRulesHandler = async ( const packageResults: PackageInstallStatus[] = []; // Install packages sequentially to avoid high memory usage - const prebuiltRulesResult = await installPrebuiltRulesPackage(securityContext); + const prebuiltRulesResult = await installPrebuiltRulesPackage(securityContext, logger); packageResults.push({ name: prebuiltRulesResult.package.name, version: prebuiltRulesResult.package.version, @@ -62,9 +68,10 @@ export const bootstrapPrebuiltRulesHandler = async ( ruleAssetsClient, ruleObjectsClient, fleetServices: securityContext.getInternalFleetServices(), + logger, }); } else { - const endpointResult = await installEndpointPackage(securityContext); + const endpointResult = await installEndpointPackage(securityContext, logger); packageResults.push({ name: endpointResult.package.name, version: endpointResult.package.version, @@ -72,7 +79,7 @@ export const bootstrapPrebuiltRulesHandler = async ( }); } - const securityAiPromptsResult = await installSecurityAiPromptsPackage(securityContext); + const securityAiPromptsResult = await installSecurityAiPromptsPackage(securityContext, logger); if (securityAiPromptsResult !== null) { packageResults.push({ diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.test.ts index 46cea2b6c7d4e..1f3033c2bd1a7 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.test.ts @@ -100,7 +100,7 @@ describe('add_prepackaged_rules_route', () => { context.core.elasticsearch.client.asCurrentUser.search.mockResolvedValue( elasticsearchClientMock.createSuccessTransportRequestPromise(getBasicEmptySearchResponse()) ); - installPrebuiltRulesAndTimelinesRoute(server.router); + installPrebuiltRulesAndTimelinesRoute(server.router, clients.logger); }); describe('status codes', () => { @@ -238,6 +238,7 @@ describe('add_prepackaged_rules_route', () => { await legacyCreatePrepackagedRules( context.securitySolution, clients.rulesClient, + clients.logger, mockExceptionsClient ); @@ -251,6 +252,7 @@ describe('add_prepackaged_rules_route', () => { await legacyCreatePrepackagedRules( context.securitySolution, clients.rulesClient, + clients.logger, mockExceptionsClient ); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.ts index 3aba40a54be09..31a2499fe7087 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import { transformError } from '@kbn/securitysolution-es-utils'; import { PREBUILT_RULES_URL } from '../../../../../../common/api/detection_engine/prebuilt_rules'; import type { SecuritySolutionPluginRouter } from '../../../../../types'; @@ -14,7 +15,10 @@ import { PREBUILT_RULES_OPERATION_SOCKET_TIMEOUT_MS } from '../../constants'; // eslint-disable-next-line no-restricted-imports import { legacyCreatePrepackagedRules } from './legacy_create_prepackaged_rules'; -export const installPrebuiltRulesAndTimelinesRoute = (router: SecuritySolutionPluginRouter) => { +export const installPrebuiltRulesAndTimelinesRoute = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { router.versioned .put({ access: 'public', @@ -44,6 +48,7 @@ export const installPrebuiltRulesAndTimelinesRoute = (router: SecuritySolutionPl const validated = await legacyCreatePrepackagedRules( await context.securitySolution, rulesClient, + logger, undefined ); return response.ok({ body: validated ?? {} }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/legacy_create_prepackaged_rules.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/legacy_create_prepackaged_rules.ts index a5a59b1ef2e61..1743f96f89262 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/legacy_create_prepackaged_rules.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/install_prebuilt_rules_and_timelines/legacy_create_prepackaged_rules.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import type { RulesClient } from '@kbn/alerting-plugin/server'; import type { ExceptionListClient } from '@kbn/lists-plugin/server'; import type { InstallPrebuiltRulesAndTimelinesResponse } from '../../../../../../common/api/detection_engine/prebuilt_rules'; @@ -35,6 +36,7 @@ export class PrepackagedRulesError extends Error { export const legacyCreatePrepackagedRules = async ( context: SecuritySolutionApiRequestHandlerContext, rulesClient: RulesClient, + logger: Logger, exceptionsClient?: ExceptionListClient ): Promise => { const savedObjectsClient = context.core.savedObjects.client; @@ -52,7 +54,11 @@ export const legacyCreatePrepackagedRules = async ( await exceptionsListClient.createEndpointList(); } - const latestPrebuiltRules = await ensureLatestRulesPackageInstalled(ruleAssetsClient, context); + const latestPrebuiltRules = await ensureLatestRulesPackageInstalled( + ruleAssetsClient, + context, + logger + ); const installedPrebuiltRules = rulesToMap(await getExistingPrepackagedRules({ rulesClient })); const rulesToInstall = getRulesToInstall(latestPrebuiltRules, installedPrebuiltRules); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_handler.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_handler.ts index 01273640c38c6..c1185f01eecb8 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_handler.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_handler.ts @@ -6,7 +6,7 @@ */ import { transformError } from '@kbn/securitysolution-es-utils'; -import type { KibanaRequest, KibanaResponseFactory } from '@kbn/core/server'; +import type { Logger, KibanaRequest, KibanaResponseFactory } from '@kbn/core/server'; import { SkipRuleInstallReason } from '../../../../../../common/api/detection_engine/prebuilt_rules'; import type { PerformRuleInstallationResponseBody, @@ -27,7 +27,8 @@ import { excludeLicenseRestrictedRules } from '../../logic/utils'; export const performRuleInstallationHandler = async ( context: SecuritySolutionRequestHandlerContext, request: KibanaRequest, - response: KibanaResponseFactory + response: KibanaResponseFactory, + logger: Logger ) => { const siemResponse = buildSiemResponse(response); @@ -48,7 +49,7 @@ export const performRuleInstallationHandler = async ( // If this API is used directly without hitting any detection engine // pages first, the rules package might be missing. - await ensureLatestRulesPackageInstalled(ruleAssetsClient, ctx.securitySolution); + await ensureLatestRulesPackageInstalled(ruleAssetsClient, ctx.securitySolution, logger); const allLatestVersions = await ruleAssetsClient.fetchLatestVersions(); const currentRuleVersions = await ruleObjectsClient.fetchInstalledRuleVersions(); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_route.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_route.ts index 1e07881b45964..269f02111373b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_route.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_installation/perform_rule_installation_route.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import { PERFORM_RULE_INSTALLATION_URL, PerformRuleInstallationRequestBody, @@ -18,7 +19,10 @@ import { import { routeLimitedConcurrencyTag } from '../../../../../utils/route_limited_concurrency_tag'; import { performRuleInstallationHandler } from './perform_rule_installation_handler'; -export const performRuleInstallationRoute = (router: SecuritySolutionPluginRouter) => { +export const performRuleInstallationRoute = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { router.versioned .post({ access: 'internal', @@ -44,6 +48,8 @@ export const performRuleInstallationRoute = (router: SecuritySolutionPluginRoute }, }, }, - performRuleInstallationHandler + (context, request, response) => { + return performRuleInstallationHandler(context, request, response, logger); + } ); }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/register_routes.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/register_routes.ts index fa39d2aa5e4c6..8fa11998ee726 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/register_routes.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/register_routes.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import type { SecuritySolutionPluginRouter } from '../../../../types'; import { getPrebuiltRulesAndTimelinesStatusRoute } from './get_prebuilt_rules_and_timelines_status/get_prebuilt_rules_and_timelines_status_route'; import { getPrebuiltRulesStatusRoute } from './get_prebuilt_rules_status/get_prebuilt_rules_status_route'; @@ -17,18 +18,21 @@ import { bootstrapPrebuiltRulesRoute } from './bootstrap_prebuilt_rules/bootstra import { getPrebuiltRuleBaseVersion } from './get_prebuilt_rule_base_version/get_prebuilt_rule_base_version_route'; import { revertPrebuiltRule } from './revert_prebuilt_rule/revert_prebuilt_rule_route'; -export const registerPrebuiltRulesRoutes = (router: SecuritySolutionPluginRouter) => { +export const registerPrebuiltRulesRoutes = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { // Legacy endpoints that we're going to deprecate getPrebuiltRulesAndTimelinesStatusRoute(router); - installPrebuiltRulesAndTimelinesRoute(router); + installPrebuiltRulesAndTimelinesRoute(router, logger); // New endpoints for the rule upgrade and installation workflows getPrebuiltRulesStatusRoute(router); - performRuleInstallationRoute(router); + performRuleInstallationRoute(router, logger); performRuleUpgradeRoute(router); reviewRuleInstallationRoute(router); reviewRuleUpgradeRoute(router); - bootstrapPrebuiltRulesRoute(router); + bootstrapPrebuiltRulesRoute(router, logger); getPrebuiltRuleBaseVersion(router); revertPrebuiltRule(router); }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/ensure_installed_package.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/ensure_installed_package.ts new file mode 100644 index 0000000000000..20d571f136198 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/ensure_installed_package.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Logger } from '@kbn/core/server'; +import type { EnsurePackageResult } from '@kbn/fleet-plugin/server/services/epm/packages/install'; +import type { SecuritySolutionApiRequestHandlerContext } from '../../../../../types'; + +export async function ensureInstalledPackage( + context: SecuritySolutionApiRequestHandlerContext, + pkgName: string, + pkgVersion: string, + logger: Logger +): Promise { + try { + logger.debug( + `ensureInstalledPackage: Ensuring Fleet package is installed: "${pkgName}" v${pkgVersion}` + ); + + const packageInstallationResult = await context + .getInternalFleetServices() + .packages.ensureInstalledPackage({ pkgName, pkgVersion }); + + logger.info( + `ensureInstalledPackage: Fleet package is ${packageInstallationResult.status}: "${pkgName}" v${pkgVersion}` + ); + + return packageInstallationResult; + } catch (error) { + logger.error( + `ensureInstalledPackage: Error ensuring Fleet package is installed: "${pkgName}" v${pkgVersion}}`, + error + ); + throw error; + } +} diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/ensure_latest_rules_package_installed.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/ensure_latest_rules_package_installed.ts index 0fd6f06183bc1..99c8872e51607 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/ensure_latest_rules_package_installed.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/ensure_latest_rules_package_installed.ts @@ -5,18 +5,20 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import type { SecuritySolutionApiRequestHandlerContext } from '../../../../../types'; import type { IPrebuiltRuleAssetsClient } from '../rule_assets/prebuilt_rule_assets_client'; import { installPrebuiltRulesPackage } from './install_prebuilt_rules_package'; export async function ensureLatestRulesPackageInstalled( ruleAssetsClient: IPrebuiltRuleAssetsClient, - securityContext: SecuritySolutionApiRequestHandlerContext + securityContext: SecuritySolutionApiRequestHandlerContext, + logger: Logger ) { let latestPrebuiltRules = await ruleAssetsClient.fetchLatestAssets(); if (latestPrebuiltRules.length === 0) { // Seems no packages with prepackaged rules were installed, try to install the default rules package - await installPrebuiltRulesPackage(securityContext); + await installPrebuiltRulesPackage(securityContext, logger); // Try to get the prepackaged rules again latestPrebuiltRules = await ruleAssetsClient.fetchLatestAssets(); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/find_latest_package_version.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/find_latest_package_version.ts index 1105503824155..508befeeedafc 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/find_latest_package_version.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/find_latest_package_version.ts @@ -5,11 +5,13 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import type { SecuritySolutionApiRequestHandlerContext } from '../../../../../types'; export async function findLatestPackageVersion( context: SecuritySolutionApiRequestHandlerContext, - packageName: string + packageName: string, + logger: Logger ) { const securityAppClient = context.getAppClient(); const packageClient = context.getInternalFleetServices().packages; @@ -20,9 +22,24 @@ export async function findLatestPackageVersion( (securityAppClient.getKibanaVersion().includes('-SNAPSHOT') || securityAppClient.getKibanaBranch() === 'main'); - const result = await packageClient.fetchFindLatestPackage(packageName, { - prerelease: isPrerelease, - }); + try { + logger.debug( + `fetchFindLatestPackage: Finding latest version of Fleet package: "${packageName}", prerelease=${isPrerelease}` + ); + const result = await packageClient.fetchFindLatestPackage(packageName, { + prerelease: isPrerelease, + }); - return result.version; + logger.debug( + `fetchFindLatestPackage: Found latest version of Fleet package: "${packageName}" v${result.version}, prerelease=${isPrerelease}` + ); + + return result.version; + } catch (error) { + logger.error( + `fetchFindLatestPackage: Error finding latest version of Fleet package: "${packageName}", prerelease=${isPrerelease}`, + error + ); + throw error; + } } diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/get_fleet_package_installation.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/get_fleet_package_installation.ts new file mode 100644 index 0000000000000..767567a239d5b --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/get_fleet_package_installation.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Logger } from '@kbn/core/server'; +import type { EndpointInternalFleetServicesInterface } from '../../../../../endpoint/services/fleet'; + +export function getFleetPackageInstallation( + fleet: EndpointInternalFleetServicesInterface, + integrationName: string, + logger: Logger +) { + try { + logger.debug( + `getFleetPackageInstallation: Fetching Fleet package installation for integration: "${integrationName}"` + ); + const packageInstallation = fleet.packages.getInstallation(integrationName); + logger.debug( + `getFleetPackageInstallation: Fetched Fleet package installation for integration: "${integrationName}"` + ); + return packageInstallation; + } catch (error) { + logger.error( + `getFleetPackageInstallation: Error fetching Fleet package installation for integration: "${integrationName}"`, + error + ); + throw error; + } +} diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_ai_prompts.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_ai_prompts.ts index a6cc7224c2394..e6776a68f95ec 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_ai_prompts.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_ai_prompts.ts @@ -5,19 +5,30 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; +import type { EnsurePackageResult } from '@kbn/fleet-plugin/server/services/epm/packages/install'; import { SECURITY_AI_PROMPTS_PACKAGE_NAME } from '../../../../../../common/detection_engine/constants'; import type { SecuritySolutionApiRequestHandlerContext } from '../../../../../types'; +import { ensureInstalledPackage } from './ensure_installed_package'; import { findLatestPackageVersion } from './find_latest_package_version'; export async function installSecurityAiPromptsPackage( - context: SecuritySolutionApiRequestHandlerContext -) { + context: SecuritySolutionApiRequestHandlerContext, + logger: Logger +): Promise { try { - const pkgVersion = await findLatestPackageVersion(context, SECURITY_AI_PROMPTS_PACKAGE_NAME); - return context.getInternalFleetServices().packages.ensureInstalledPackage({ - pkgName: SECURITY_AI_PROMPTS_PACKAGE_NAME, + const pkgVersion = await findLatestPackageVersion( + context, + SECURITY_AI_PROMPTS_PACKAGE_NAME, + logger + ); + + return await ensureInstalledPackage( + context, + SECURITY_AI_PROMPTS_PACKAGE_NAME, pkgVersion, - }); + logger + ); } catch (e) { // fail silently return null; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_package.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_package.ts index 74e1e24067c2e..a2a23ef9cda66 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_package.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_package.ts @@ -5,15 +5,18 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; +import type { EnsurePackageResult } from '@kbn/fleet-plugin/server/services/epm/packages/install'; import type { SecuritySolutionApiRequestHandlerContext } from '../../../../../types'; import { ENDPOINT_PACKAGE_NAME } from '../../../../../../common/detection_engine/constants'; import { findLatestPackageVersion } from './find_latest_package_version'; +import { ensureInstalledPackage } from './ensure_installed_package'; -export async function installEndpointPackage(context: SecuritySolutionApiRequestHandlerContext) { - const pkgVersion = await findLatestPackageVersion(context, ENDPOINT_PACKAGE_NAME); +export async function installEndpointPackage( + context: SecuritySolutionApiRequestHandlerContext, + logger: Logger +): Promise { + const pkgVersion = await findLatestPackageVersion(context, ENDPOINT_PACKAGE_NAME, logger); - return context.getInternalFleetServices().packages.ensureInstalledPackage({ - pkgName: ENDPOINT_PACKAGE_NAME, - pkgVersion, - }); + return ensureInstalledPackage(context, ENDPOINT_PACKAGE_NAME, pkgVersion, logger); } diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_security_prebuilt_rule.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_security_prebuilt_rule.ts index 34bfdc2d033d8..c507afbb63e2a 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_security_prebuilt_rule.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_endpoint_security_prebuilt_rule.ts @@ -69,7 +69,7 @@ export const installEndpointSecurityPrebuiltRule = async ({ // Make sure the latest prebuilt rules package is installed (in case the // user installs Elastic Defend integration without visiting Security // Solution first) - await ensureLatestRulesPackageInstalled(ruleAssetsClient, context); + await ensureLatestRulesPackageInstalled(ruleAssetsClient, context, logger); const latestRuleVersion = await ruleAssetsClient.fetchLatestVersions([ ELASTIC_SECURITY_RULE_ID, diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_prebuilt_rules_package.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_prebuilt_rules_package.ts index f9b61dae55091..16f410a559c20 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_prebuilt_rules_package.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_prebuilt_rules_package.ts @@ -5,9 +5,12 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; +import type { EnsurePackageResult } from '@kbn/fleet-plugin/server/services/epm/packages/install'; import type { SecuritySolutionApiRequestHandlerContext } from '../../../../../types'; import { PREBUILT_RULES_PACKAGE_NAME } from '../../../../../../common/detection_engine/constants'; import { findLatestPackageVersion } from './find_latest_package_version'; +import { ensureInstalledPackage } from './ensure_installed_package'; /** * Installs the prebuilt rules package of the config's specified or latest version. @@ -16,17 +19,18 @@ import { findLatestPackageVersion } from './find_latest_package_version'; * @param context Request handler context */ export async function installPrebuiltRulesPackage( - context: SecuritySolutionApiRequestHandlerContext -) { + context: SecuritySolutionApiRequestHandlerContext, + logger: Logger +): Promise { const config = context.getConfig(); let pkgVersion = config.prebuiltRulesPackageVersion; if (!pkgVersion) { - // Find latest package if the version isn't specified in the config - pkgVersion = await findLatestPackageVersion(context, PREBUILT_RULES_PACKAGE_NAME); + logger.debug(`installPrebuiltRulesPackage: no package version specified in config.`); + pkgVersion = await findLatestPackageVersion(context, PREBUILT_RULES_PACKAGE_NAME, logger); + } else { + logger.debug(`installPrebuiltRulesPackage: package version specified in config: ${pkgVersion}`); } - return context - .getInternalFleetServices() - .packages.ensureInstalledPackage({ pkgName: PREBUILT_RULES_PACKAGE_NAME, pkgVersion }); + return ensureInstalledPackage(context, PREBUILT_RULES_PACKAGE_NAME, pkgVersion, logger); } diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_promotion_rules.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_promotion_rules.ts index c40c2b99ac173..0d469a681d293 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_promotion_rules.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/integrations/install_promotion_rules.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import type { BulkOperationError, RulesClient } from '@kbn/alerting-plugin/server'; import { SEARCH_AI_LAKE_PACKAGES } from '@kbn/fleet-plugin/common'; import type { IDetectionRulesClient } from '../../../rule_management/logic/detection_rules_client/detection_rules_client_interface'; @@ -20,6 +21,7 @@ import { getErrorMessage } from '../../../../../utils/error_helpers'; import type { EndpointInternalFleetServicesInterface } from '../../../../../endpoint/services/fleet'; import { PROMOTION_RULE_TAGS } from '../../../../../../common/constants'; import type { PrebuiltRuleAsset } from '../../model/rule_assets/prebuilt_rule_asset'; +import { getFleetPackageInstallation } from './get_fleet_package_installation'; interface InstallPromotionRulesParams { rulesClient: RulesClient; @@ -27,6 +29,7 @@ interface InstallPromotionRulesParams { ruleAssetsClient: IPrebuiltRuleAssetsClient; ruleObjectsClient: IPrebuiltRuleObjectsClient; fleetServices: EndpointInternalFleetServicesInterface; + logger: Logger; } /** @@ -49,6 +52,7 @@ export async function installPromotionRules({ ruleAssetsClient, ruleObjectsClient, fleetServices, + logger, }: InstallPromotionRulesParams): Promise { // Get the list of installed integrations const installedIntegrations = new Set( @@ -59,7 +63,11 @@ export async function installPromotionRules({ // AI4SOC integrations are agentless (don't require setting up an // integration policy). So the fact that the corresponding package is // installed is enough. - const installation = await fleetServices.packages.getInstallation(integration); + const installation = await getFleetPackageInstallation( + fleetServices, + integration, + logger + ); return installation ? integration : []; }) ) diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts index 4d0c5f9a98b4d..86dd24f02dd5d 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts @@ -9,6 +9,7 @@ import type { AwaitedProperties } from '@kbn/utility-types'; import type { MockedKeys } from '@kbn/utility-types-jest'; import type { KibanaRequest } from '@kbn/core/server'; import { coreMock } from '@kbn/core/server/mocks'; +import { loggerMock } from '@kbn/logging-mocks'; import type { ActionsApiRequestHandlerContext } from '@kbn/actions-plugin/server'; import type { AlertingApiRequestHandlerContext } from '@kbn/alerting-plugin/server'; @@ -91,6 +92,7 @@ export const createMockClients = () => { getInferenceClient: jest.fn(), assetInventoryDataClient: AssetInventoryDataClientMock.create(), productFeaturesService: createProductFeaturesServiceMock(), + logger: loggerMock.create(), }; }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/register_routes.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/register_routes.ts index d55b69b4a3a01..5b2fef1de15d4 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/register_routes.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/register_routes.ts @@ -41,7 +41,7 @@ export const registerRuleManagementRoutes = ( // Rules export/import exportRulesRoute(router, config, logger); - importRulesRoute(router, config); + importRulesRoute(router, config, logger); // Rules search findRulesRoute(router, logger); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.test.ts index d7e732935c4e3..7ae93bb620159 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.test.ts @@ -66,7 +66,7 @@ describe.skip('Import rules route', () => { elasticsearchClientMock.createSuccessTransportRequestPromise(getBasicEmptySearchResponse()) ); mockPrebuiltRuleAssetsClient = createPrebuiltRuleAssetsClientMock(); - importRulesRoute(server.router, config); + importRulesRoute(server.router, config, clients.logger); }); describe('status codes', () => { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.ts index 7f2f163615d69..2b1296233bdd5 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.ts @@ -6,7 +6,7 @@ */ import { schema } from '@kbn/config-schema'; -import type { IKibanaResponse } from '@kbn/core/server'; +import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { transformError } from '@kbn/securitysolution-es-utils'; import { chunk, partition } from 'lodash/fp'; import { extname } from 'path'; @@ -42,7 +42,11 @@ import { createPrebuiltRuleObjectsClient } from '../../../../prebuilt_rules/logi const CHUNK_PARSED_OBJECT_SIZE = 50; -export const importRulesRoute = (router: SecuritySolutionPluginRouter, config: ConfigType) => { +export const importRulesRoute = ( + router: SecuritySolutionPluginRouter, + config: ConfigType, + logger: Logger +) => { router.versioned .post({ access: 'public', @@ -151,6 +155,7 @@ export const importRulesRoute = (router: SecuritySolutionPluginRouter, config: C context: ctx.securitySolution, prebuiltRuleAssetsClient: createPrebuiltRuleAssetsClient(savedObjectsClient), prebuiltRuleObjectsClient: createPrebuiltRuleObjectsClient(rulesClient), + logger, }); const [parsedRules, parsedRuleErrors] = partition( diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.test.ts index 0c9884ea3b4e8..d7e8144ccde3b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.test.ts @@ -19,12 +19,14 @@ describe('ruleSourceImporter', () => { let ruleAssetsClientMock: ReturnType; let ruleObjectsClientMock: ReturnType; let context: ReturnType['securitySolution']; + let { clients } = requestContextMock.createTools(); let ruleToImport: RuleToImport; let subject: ReturnType; beforeEach(() => { jest.clearAllMocks(); context = requestContextMock.create().securitySolution; + clients = requestContextMock.createTools().clients; ruleAssetsClientMock = createPrebuiltRuleAssetsClientMock(); ruleAssetsClientMock.fetchLatestAssets.mockResolvedValue([{}]); ruleAssetsClientMock.fetchLatestVersions.mockResolvedValue([]); @@ -37,6 +39,7 @@ describe('ruleSourceImporter', () => { context, prebuiltRuleAssetsClient: ruleAssetsClientMock, prebuiltRuleObjectsClient: ruleObjectsClientMock, + logger: clients.logger, }); }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.ts index 03493ba68d69d..b79f361fe2d9d 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/logic/import/rule_source_importer/rule_source_importer.ts @@ -12,6 +12,7 @@ * 2.0. */ +import type { Logger } from '@kbn/core/server'; import type { SecuritySolutionApiRequestHandlerContext } from '../../../../../../types'; import type { RuleResponse, @@ -101,19 +102,23 @@ export class RuleSourceImporter implements IRuleSourceImporter { private currentRulesById: Record = {}; private rulesToImport: RuleSpecifier[] = []; private availableRuleAssetIds: Set = new Set(); + private logger: Logger; constructor({ context, prebuiltRuleAssetsClient, prebuiltRuleObjectsClient, + logger, }: { context: SecuritySolutionApiRequestHandlerContext; prebuiltRuleAssetsClient: IPrebuiltRuleAssetsClient; prebuiltRuleObjectsClient: IPrebuiltRuleObjectsClient; + logger: Logger; }) { this.ruleAssetsClient = prebuiltRuleAssetsClient; this.ruleObjectsClient = prebuiltRuleObjectsClient; this.context = context; + this.logger = logger; } /** @@ -123,7 +128,7 @@ export class RuleSourceImporter implements IRuleSourceImporter { */ public async setup(rules: RuleToImport[]): Promise { if (!this.latestPackagesInstalled) { - await ensureLatestRulesPackageInstalled(this.ruleAssetsClient, this.context); + await ensureLatestRulesPackageInstalled(this.ruleAssetsClient, this.context, this.logger); this.latestPackagesInstalled = true; } @@ -207,14 +212,17 @@ export const createRuleSourceImporter = ({ context, prebuiltRuleAssetsClient, prebuiltRuleObjectsClient, + logger, }: { context: SecuritySolutionApiRequestHandlerContext; prebuiltRuleAssetsClient: IPrebuiltRuleAssetsClient; prebuiltRuleObjectsClient: IPrebuiltRuleObjectsClient; + logger: Logger; }): RuleSourceImporter => { return new RuleSourceImporter({ context, prebuiltRuleAssetsClient, prebuiltRuleObjectsClient, + logger, }); }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/routes/index.ts b/x-pack/solutions/security/plugins/security_solution/server/routes/index.ts index b85a7b86b9779..8dbb9a4f112d1 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/routes/index.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/routes/index.ts @@ -70,9 +70,9 @@ export const initRoutes = ( docLinks: DocLinksServiceSetup, endpointContext: EndpointAppContext ) => { - registerFleetIntegrationsRoutes(router); + registerFleetIntegrationsRoutes(router, logger); registerLegacyRuleActionsRoutes(router, logger); - registerPrebuiltRulesRoutes(router); + registerPrebuiltRulesRoutes(router, logger); registerRuleExceptionsRoutes(router); registerManageExceptionsRoutes(router); registerRuleManagementRoutes(router, config, ml, logger);