From b1451c61446892c3c5ae59f27bb30de49c847548 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 11:50:53 +0200 Subject: [PATCH 01/42] [ska] security_solution_* dirs with ftr tests --- .../ftr_security_serverless_configs.yml | 186 +- .buildkite/ftr_security_stateful_configs.yml | 184 +- .../security_solution/gen_ai_evals.yml | 4 +- .../security_solution/gen_ai_evals.yml | 8 +- .../api_integration/api-integration-tests.sh | 2 +- .eslintrc.js | 4 +- .github/CODEOWNERS | 44 +- .../observability/helpers/refresh_index.ts | 2 +- .../observability/helpers/retry.ts | 2 +- .../plugins/security_solution/README.md | 12 +- .../validators/blocklists_validator.test.ts | 2 +- .../endpoint_exceptions_validator.test.ts | 2 +- .../validators/event_filter_validator.test.ts | 2 +- ...ost_isolation_exceptions_validator.test.ts | 2 +- .../validators/trusted_app_validator.test.ts | 2 +- .../nlp_cleanup_task/nlp_cleanup_task.ts | 2 +- .../services/es_supertest_without_auth.js | 26 + .../test/api_integration/services/index.ts | 7 + .../services/security_solution_api.gen.ts | 2451 +++++++++++++++++ ...ty_solution_endpoint_exceptions_api.gen.ts | 116 + .../security_solution_exceptions_api.gen.ts | 299 ++ .../security_solution_lists_api.gen.ts | 295 ++ .../security_solution_osquery_api.gen.ts | 391 +++ .../es_archives/rule_keyword_family/README.md | 21 +- .../es_archives/security_solution/README.md | 4 +- .../.gitignore | 0 .../README.md | 55 +- .../config/ess/config.base.basic.ts | 0 .../ess/config.base.edr_workflows.trial.ts | 0 .../config/ess/config.base.edr_workflows.ts | 0 .../config/ess/config.base.frozen.trial.ts | 0 .../config/ess/config.base.trial.ts | 0 .../config/ess/config.base.ts | 0 .../config/ess/services.ts | 0 .../config/ess/services_edr_workflows.ts | 0 .../config/privileges/roles.ts | 0 .../config/privileges/users.ts | 0 .../config/serverless/config.base.ai4dsoc.ts | 2 +- .../serverless/config.base.edr_workflows.ts | 2 +- .../serverless/config.base.essentials.ts | 2 +- .../config/serverless/config.base.ts | 2 +- .../config/serverless/services.ts | 9 +- .../serverless/services_edr_workflows.ts | 4 +- .../common/endpoint_data_stream_helpers.ts | 0 .../common/endpoint_registry_helpers.ts | 0 .../fixtures/package_registry_config.yml | 0 .../config/services/common/index.ts | 0 .../services/common/roles_users_utils.ts | 0 .../alerts/create_alerts_index.ts | 0 .../alerts/delete_all_alerts.ts | 0 .../alerts/get_alerts_by_id.ts | 0 .../alerts/get_alerts_by_ids.ts | 0 .../alerts/get_query_alert_ids.ts | 0 .../alerts/get_query_alerts_ids.ts | 0 .../detections_response/alerts/index.ts | 0 .../alerts/search_alerts.ts | 0 .../alerts/wait_for_alerts_to_be_present.ts | 0 .../detections_response/count_down_test.ts | 0 .../delete_all_anomalies.ts | 0 .../services/detections_response/index.ts | 0 .../route_with_namespace.ts | 0 .../detections_response/rules/create_rule.ts | 0 .../rules/delete_all_rules.ts | 0 .../detections_response/rules/delete_rule.ts | 0 .../rules/get_gaps_by_rule_id.ts | 0 .../rules/get_rule_for_alert_testing.ts | 0 .../detections_response/rules/index.ts | 0 .../detections_response/rules/manual_run.ts | 0 .../rules/wait_for_rule_status.ts | 0 .../services/detections_response/spaces.ts | 0 .../detections_response/tasks/index.ts | 0 .../tasks/indices_metadata.ts | 0 .../detections_response/tasks/task_manager.ts | 0 .../services/detections_response/wait_for.ts | 0 .../config/services/search_secure.ts | 111 + ...ecurity_solution_edr_workflows_metadata.ts | 0 ...ecurity_solution_edr_workflows_resolver.ts | 0 ...rity_solution_edr_workflows_roles_users.ts | 0 .../services/security_solution_ess_utils.ts | 0 ...ity_solution_serverless_bsearch_creator.ts | 0 .../security_solution_serverless_supertest.ts | 0 .../security_solution_serverless_utils.ts | 4 +- .../config/services/spaces.ts | 0 .../config/services/spaces_service.ts | 0 .../config/services/types.ts | 2 +- .../config/shared.ts | 0 .../es_archive/endpoint/metrics/data.json | 0 .../es_archive/endpoint/metrics/mappings.json | 0 .../serverless/auditbeat/hosts/data.json.gz | Bin .../serverless/auditbeat/hosts/mappings.json | 0 .../filebeat/threat_intel/data.json | 0 .../filebeat/threat_intel/mappings.json | 0 .../packetbeat/default/data.json.gz | Bin .../packetbeat/default/mappings.json | 0 .../es_archive_path_builder/constants.ts | 2 +- .../es_archive_path_builder/index.ts | 0 .../ftr_provider_context.d.ts | 0 .../ftr_provider_context_edr_workflows.d.ts | 0 .../ftr_provider_context_with_spaces.d.ts | 0 .../package.json | 0 .../scripts/api_configs.json | 0 .../scripts/genai/vault/get_command.js | 0 .../scripts/genai/vault/manage_secrets.ts | 2 +- .../scripts/genai/vault/retrieve_secrets.js | 0 .../scripts/genai/vault/upload_secrets.js | 0 .../scripts/index.js | 0 .../scripts/mki_api_ftr_execution.ts | 0 .../scripts/mki_start_api_ftr_execution.js | 2 +- .../configs/serverless.config.ts | 0 .../cases/search_ai_lake_tier/dummy_test.ts | 0 .../cases/search_ai_lake_tier/index.ts | 0 .../configs/serverless.config.ts | 0 .../search_ai_lake_tier/index.ts | 0 .../search_ai_lake_tier/task_execution.ts | 0 .../add_actions.ts | 0 .../check_privileges.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/migrations.ts | 0 .../trial_license_complete_tier/throttle.ts | 0 .../update_actions.ts | 0 .../alert_status/alert_status.ts | 0 .../alert_status/alert_status_ess.ts | 0 .../alert_status/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../alerts_compatibility.ts | 0 .../ess_specific_index_logic/create_index.ts | 0 .../ess_specific_index_logic/index.ts | 0 .../migrations/create_alerts_migrations.ts | 0 .../migrations/delete_alerts_migrations.ts | 0 .../migrations/deprecations.ts | 0 .../migrations/finalize_alerts_migrations.ts | 0 .../migrations/get_alerts_migration_status.ts | 0 .../migrations/index.ts | 0 .../query_alerts_backword_compatibility.ts | 0 .../field_aliases.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../query_alerts.ts | 0 .../set_alert_tags.ts | 0 .../assignments/assignments.ts | 0 .../assignments/assignments_ess.ts | 0 .../assignments/assignments_serverless.ts | 0 .../assignments/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../document_level_security.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/date.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/double.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/float.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../basic_license_essentials_tier/integer.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../ips/basic_license_essentials_tier/ip.ts | 0 .../basic_license_essentials_tier/ip_array.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../basic_license_essentials_tier/keyword.ts | 0 .../keyword_array.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../basic_license_essentials_tier/long.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../basic_license_essentials_tier/text.ts | 0 .../text_array.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../create_endpoint_exceptions.ts | 0 .../create_rule_exceptions.ts | 0 .../create_rule_exceptions_ess.ts | 0 .../exception_comments_ess.ts | 0 .../exception_comments_serverless.ts | 0 .../exceptions_data_integrity.ts | 0 .../find_rule_exception_references.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../prebuilt_rules.ts | 0 .../rule_exceptions_execution.ts | 0 .../rule_execution_logic/README.md | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../eql/trial_license_complete_tier/eql.ts | 0 .../eql_alert_suppression.ts | 0 .../eql/trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../esql/trial_license_complete_tier/esql.ts | 0 .../esql_suppression.ts | 0 .../esql/trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../frozen_indices_handling.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../ecs_field_duplication.ts | 0 .../ignore_fields.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../keyword_family/README.md | 0 .../keyword_family/const_keyword.ts | 0 .../keyword_family/index.ts | 0 .../keyword_family/keyword.ts | 0 .../keyword_mixed_with_const.ts | 0 .../non_ecs_fields.ts | 0 .../basic_license_essentials_tier/runtime.ts | 0 .../timestamps.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../synthetic_source.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../indicator_match.ts | 0 .../indicator_match_alert_suppression.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../machine_learning.ts | 0 .../machine_learning_alert_suppression.ts | 0 .../machine_learning_manual_run.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/new_terms.ts | 0 .../new_terms_alert_suppression.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../custom_query.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../saved_query.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/threshold.ts | 0 .../threshold_alert_suppression.ts | 0 .../rule_execution_logic/utils.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../manual_rule_run.ts | 0 .../configs/ess_trial_license.config.ts | 0 .../serverless_complete_tier.config.ts | 0 .../detection_engine/rule_preview/index.ts | 0 .../rule_preview/preview_rules.ts | 0 .../rules_management/configs/constants.ts | 0 .../ess/rules_management.basic.config.ts | 0 .../ess/rules_management.trial.config.ts | 0 .../rules_management.complete.config.ts | 0 .../rules_management.essentials.config.ts | 0 .../prebuilt_rules/common/README.md | 0 ...apped_with_bundled_large_package.config.ts | 0 ...air_gapped_with_bundled_packages.config.ts | 0 .../edge_cases/ess_trial_license.config.ts | 0 .../configs/ess_basic_license.config.ts | 0 .../serverless_essentials_tier.config.ts | 0 .../import_export/export_prebuilt_rules.ts | 0 .../import_multiple_prebuilt_rules.ts | 0 .../import_outdated_prebuilt_rules.ts | 0 .../import_single_prebuilt_rule.ts | 0 .../import_with_installing_package.ts | 0 .../import_with_missing_base_version.ts | 0 .../import_with_missing_fields.ts | 0 .../common/import_export/index.ts | 0 .../prebuilt_rules/common/index.ts | 0 .../common/install_prebuilt_rules/index.ts | 0 .../install_mocked_prebuilt_rule_assets.ts | 0 .../air_gapped/bootstrap_prebuilt_rules.ts | 0 .../air_gapped/index.ts | 0 .../air_gapped/install_bundled_package.ts | 2 +- .../install_large_bundled_package.ts | 0 .../air_gapped/prerelease_packages.ts | 0 .../common/prebuilt_rules_package/index.ts | 0 .../install_package_from_epr.ts | 0 .../prebuilt_rules_package/update_package.ts | 0 .../get_prebuilt_rule_base_version.ts | 0 .../common/revert_prebuilt_rules/index.ts | 0 .../revert_prebuilt_rules.ts | 0 .../status/get_prebuilt_rules_status.ts | 0 .../prebuilt_rules/common/status/index.ts | 0 .../legacy/get_prebuilt_timelines_status.ts | 0 .../configs/ess_basic_license.config.ts | 0 .../serverless_essentials_tier.config.ts | 0 .../customization/calculate_is_customized.ts | 0 .../customize_via_bulk_editing.ts | 0 .../customization/index.ts | 0 .../customization_disabled/index.ts | 0 .../upgrade_prebuilt_rules/index.ts | 0 .../upgrade_prebuilt_rules.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../customization/calculate_is_customized.ts | 0 .../customization/customize_prebuilt_rules.ts | 0 .../customize_via_bulk_editing.ts | 0 .../customization/index.ts | 0 .../customization_enabled/index.ts | 0 .../get_prebuilt_rules_status.ts | 0 .../upgrade_notifications/index.ts | 0 .../bulk_upgrade_all_prebuilt_rules.ts | 0 .../bulk_upgrade_selected_prebuilt_rules.ts | 0 .../common_fields/alert_suppression.ts | 0 .../common_fields/building_block.ts | 0 .../common_fields/configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../common_fields/data_source.ts | 0 .../common_fields/description.ts | 0 .../common_fields/false_positives.ts | 0 .../common_fields/index.ts | 0 .../common_fields/investigation_fields.ts | 0 .../common_fields/max_signals.ts | 0 .../common_fields/name.ts | 0 .../common_fields/note.ts | 0 .../common_fields/references.ts | 0 .../common_fields/related_integrations.ts | 0 .../common_fields/required_fields.ts | 0 .../common_fields/risk_score.ts | 0 .../common_fields/risk_score_mapping.ts | 0 .../common_fields/rule_name_override.ts | 0 .../common_fields/rule_schedule.ts | 0 .../common_fields/setup.ts | 0 .../common_fields/severity.ts | 0 .../common_fields/severity_mapping.ts | 0 .../common_fields/tags.ts | 0 .../common_fields/threat.ts | 0 .../common_fields/timeline_template.ts | 0 .../common_fields/timestamp_override.ts | 0 .../diffable_rule_fields/test_helpers.ts | 0 .../type_specific_fields/anomaly_threshold.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../type_specific_fields/eql_query.ts | 0 .../type_specific_fields/esql_query.ts | 0 .../history_window_start.ts | 0 .../type_specific_fields/index.ts | 0 .../kql_query.inline_query.ts | 0 .../kql_query.saved_query.ts | 0 .../machine_learning_job_id.ts | 0 .../type_specific_fields/new_terms_fields.ts | 0 .../type_specific_fields/threat_index.ts | 0 .../threat_indicator_path.ts | 0 .../type_specific_fields/threat_mapping.ts | 0 .../type_specific_fields/threat_query.ts | 0 .../type_specific_fields/threshold.ts | 0 .../upgrade_prebuilt_rules/index.ts | 0 .../review_prebuilt_rules_upgrade.ts | 0 .../upgrade_single_prebuilt_rule.ts | 0 .../configs/ess_basic_license.config.ts | 0 .../serverless_essentials_tier.config.ts | 0 .../prebuilt_rules/ml_disabled/index.ts | 0 .../ml_disabled/perform_installation/index.ts | 0 .../perform_installation.ts | 0 .../ml_disabled/perform_upgrade/index.ts | 0 .../perform_upgrade/perform_upgrade.ts | 0 .../ml_disabled/review_installation/index.ts | 0 .../review_installation.ts | 0 .../ml_disabled/review_upgrade/index.ts | 0 .../review_upgrade/review_upgrade.ts | 0 .../ml_disabled/status/index.ts | 0 .../ml_disabled/status/status.ts | 0 .../prebuilt_rules/ml_disabled/utils.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../perform_bulk_action.ts | 0 .../perform_bulk_action_dry_run.ts | 0 .../perform_bulk_action_dry_run_ess.ts | 0 .../perform_bulk_action_ess.ts | 0 .../perform_bulk_action_suppression.ts | 0 .../perform_bulk_enable_disable.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../create_ml_rules_privileges.ts | 0 .../create_rules.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../create_new_terms.ts | 0 .../create_rules.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../delete_rules.ts | 0 .../delete_rules_bulk.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../delete_rules.ts | 0 .../delete_rules_bulk.ts | 0 .../delete_rules_bulk_legacy.ts | 0 .../delete_rules_ess.ts | 0 .../delete_rules_legacy.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../export_rules.ts | 0 .../import_rules.ts | 0 .../import_rules_with_overwrite.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../export_rules.ts | 0 .../export_rules_ess.ts | 0 .../import_connectors.ts | 4 +- .../import_export_rules.ts | 0 .../import_rules.ts | 0 .../import_rules_ess.ts | 0 .../import_rules_with_overwrite.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../coverage_overview.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../get_rule_execution_results.ts | 0 .../get_rule_management_filters.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../template_data/execution_events.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../patch_rules.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../patch_rules.ts | 0 .../patch_rules_ess.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../find_rules.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../read_rules.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/find_rules.ts | 0 .../find_rules_ess.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/read_rules.ts | 0 .../read_rules_ess.ts | 0 .../resolve_read_rules.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../update_rules.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../update_rules.ts | 0 .../update_rules_ess.ts | 0 .../detections_response/telemetry/README.md | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../task_based/all_types.ts | 0 .../task_based/detection_rules.ts | 0 .../task_based/security_lists.ts | 0 .../usage_collector/all_types.ts | 0 .../usage_collector/detection_rule_status.ts | 0 .../detection_rule_upgrade_status.ts | 0 .../usage_collector/detection_rules.ts | 0 .../detection_rules_legacy_action.ts | 0 .../usage_collector/exceptions_metrics.ts | 0 .../usage_collector/value_list_metrics.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../read_privileges.ts | 0 .../actions/create_new_webhook_action.ts | 0 .../utils/actions/get_slack_action.ts | 0 .../utils/actions/get_web_hook_action.ts | 0 .../utils/actions/index.ts | 0 ...et_legacy_action_notifications_so_by_id.ts | 0 .../legacy_actions/get_legacy_action_so.ts | 0 .../get_legacy_actions_so_by_id.ts | 0 .../utils/actions/legacy_actions/index.ts | 0 .../utils/actions/remove_uuid_from_actions.ts | 0 .../utils/alerts/alert_assignees.ts | 0 .../utils/alerts/get_alert_status.ts | 0 .../alerts/get_alert_status_empty_response.ts | 0 .../utils/alerts/get_alerts.ts | 0 .../utils/alerts/get_open_alerts.ts | 0 .../utils/alerts/get_preview_alerts.ts | 0 .../detections_response/utils/alerts/index.ts | 0 .../alerts/migrations/delete_migrations.ts | 0 .../migrations/finalize_alerts_migration.ts | 0 .../utils/alerts/migrations/index.ts | 0 .../migrations/start_alerts_migration.ts | 0 ...ove_random_valued_properties_from_alert.ts | 0 .../utils/alerts/set_alert_status.ts | 0 .../utils/alerts/set_alert_tags.ts | 0 .../alerts/wait_for_alert_to_complete.ts | 0 .../utils/binary_to_string.ts | 0 .../detections_response/utils/cases.ts | 0 .../utils/combine_to_ndjson.ts | 0 .../utils/connectors/create_connector.ts | 0 .../utils/connectors/delete_connector.ts | 0 .../utils/connectors/get_connector.ts | 0 .../get_web_hook_connector_params.ts | 0 .../utils/connectors/index.ts | 0 .../utils/count_down_es.ts | 0 .../utils/data_generator/README.md | 0 .../data_generator/data_generator_factory.ts | 0 .../utils/data_generator/enhance_document.ts | 0 .../utils/data_generator/enhance_documents.ts | 0 .../data_generator/generate_documents.ts | 0 .../get_kql_query_from_documents_list.ts | 0 .../utils/data_generator/get_timestamp.ts | 0 .../utils/data_generator/index.ts | 0 .../utils/data_generator/index_documents.ts | 0 .../utils/data_generator/types.ts | 0 .../delete_all_event_log_execution_events.ts | 0 .../utils/event_log/delete_all_gaps.ts | 0 .../utils/event_log/generate_gaps_for_rule.ts | 0 .../get_event_log_execute_complete_by_id.ts | 0 .../utils/event_log/index.ts | 0 .../index_event_log_execution_events.ts | 0 .../wait_for_event_log_execute_complete.ts | 0 .../utils/exception_list_and_item/index.ts | 0 .../item/create_exception_list_item.ts | 0 .../create_container_with_endpoint_entries.ts | 0 .../list/create_container_with_entries.ts | 0 .../list/create_exception_list.ts | 0 .../list/delete_exception_list.ts | 0 .../utils/frozen_data_tier/index.ts | 0 .../move_index_to_frozen_data_tier.ts | 0 .../utils/get_detection_metrics_from_body.ts | 0 .../utils/get_exception_metrics_from_body.ts | 0 .../utils/get_exception_metrics_stats.ts | 0 .../utils/get_index_name_from_load.ts | 0 .../detections_response/utils/get_stats.ts | 0 .../utils/get_stats_url.ts | 0 .../utils/get_value_list_metrics_from_body.ts | 0 .../utils/get_value_list_metrics_stats.ts | 0 .../detections_response/utils/index.ts | 0 .../utils/machine_learning/index.ts | 0 .../machine_learning_setup.ts | 0 .../utils/refresh_index.ts | 0 .../utils/retry_delete_by_query_conflicts.ts | 0 .../rules/check_investigation_field_in_so.ts | 0 .../utils/rules/create_legacy_rule_action.ts | 0 .../utils/rules/create_non_security_rule.ts | 0 .../utils/rules/create_rule_saved_object.ts | 0 .../utils/rules/create_rule_with_auth.ts | 0 .../create_rule_with_exception_entries.ts | 0 .../utils/rules/downgrade_immutable_rule.ts | 0 .../utils/rules/fetch_rule.ts | 0 .../utils/rules/find_immutable_rule_by_id.ts | 0 .../utils/rules/generate_event.ts | 0 .../utils/rules/get_complex_rule.ts | 0 .../utils/rules/get_complex_rule_output.ts | 0 .../utils/rules/get_coverage_overview.ts | 0 .../rules/get_eql_rule_for_alert_testing.ts | 0 .../utils/rules/get_rule_actions.ts | 0 ...r_alert_testing_with_timestamp_override.ts | 0 .../get_custom_query_rule_params.ts | 0 .../get_rule_params/get_ml_rule_params.ts | 0 .../get_saved_query_rule_params.ts | 0 .../get_threshold_rule_params.ts | 0 .../utils/rules/get_rule_params/index.ts | 0 .../utils/rules/get_rule_params/types.ts | 0 .../utils/rules/get_rule_so_by_id.ts | 0 ...t_rule_with_legacy_investigation_fields.ts | 0 .../rules/get_rule_with_web_hook_action.ts | 0 .../get_saved_query_rule_for_alert_testing.ts | 0 .../utils/rules/get_simple_ml_rule.ts | 0 .../utils/rules/get_simple_ml_rule_output.ts | 0 .../utils/rules/get_simple_ml_rule_update.ts | 0 .../utils/rules/get_simple_preview_rule.ts | 0 .../utils/rules/get_simple_rule.ts | 0 .../utils/rules/get_simple_rule_as_ndjson.ts | 0 .../utils/rules/get_simple_rule_output.ts | 0 ...simple_rule_output_with_web_hook_action.ts | 0 .../get_simple_rule_output_without_rule_id.ts | 0 .../rules/get_simple_rule_preview_output.ts | 0 .../utils/rules/get_simple_rule_update.ts | 0 .../rules/get_simple_rule_without_rule_id.ts | 0 .../rules/get_simple_saved_query_rule.ts | 0 .../utils/rules/get_simple_threat_match.ts | 0 ...get_threat_match_rule_for_alert_testing.ts | 0 .../get_threshold_rule_for_alert_testing.ts | 0 .../utils/rules/import_rules.ts | 0 .../detections_response/utils/rules/index.ts | 0 .../utils/rules/patch_rule.ts | 0 .../create_prebuilt_rule_saved_objects.ts | 0 .../create_prebuilt_rules_package.ts | 0 .../delete_all_prebuilt_rule_assets.ts | 0 .../prebuilt_rules/delete_all_timelines.ts | 0 .../prebuilt_rules/delete_fleet_packages.ts | 0 .../prebuilt_rules/get_installed_rules.ts | 0 .../get_prebuilt_rule_base_version.ts | 0 ...get_prebuilt_rules_and_timelines_status.ts | 0 .../get_prebuilt_rules_fleet_package.ts | 0 .../get_prebuilt_rules_status.ts | 0 .../utils/rules/prebuilt_rules/index.ts | 0 .../prebuilt_rules/install_fleet_package.ts | 0 .../install_mock_prebuilt_rules.ts | 0 .../prebuilt_rules/install_prebuilt_rules.ts | 0 .../install_prebuilt_rules_and_timelines.ts | 0 .../install_prebuilt_rules_fleet_package.ts | 0 .../perform_upgrade_prebuilt_rules.ts | 0 .../prebuilt_rules/revert_prebuilt_rule.ts | 0 .../review_install_prebuilt_rules.ts | 0 .../review_upgrade_prebuilt_rules.ts | 0 .../prebuilt_rules/set_up_rule_upgrade.ts | 0 .../utils/rules/preview_rule.ts | 0 .../preview_rule_with_exception_entries.ts | 0 .../remove_server_generated_properties.ts | 0 ..._generated_properties_including_rule_id.ts | 0 .../utils/rules/rule_gaps.ts | 0 .../utils/rules/rule_to_ndjson.ts | 0 .../utils/rules/rule_to_update_schema.ts | 0 .../utils/rules/run_soon_rule.ts | 0 .../detections_response/utils/rules/types.ts | 0 .../utils/rules/update_rule.ts | 0 .../detections_response/utils/runtime.ts | 0 .../utils/set_advanced_settings.ts | 0 .../utils/telemetry/check_rule_type_usage.ts | 0 .../telemetry/get_security_telemetry_stats.ts | 0 .../utils/telemetry/index.ts | 0 ...remove_time_fields_from_telemetry_stats.ts | 0 .../utils/update_username.ts | 0 .../utils/wait_for_index_to_populate.ts | 0 .../trial_license_complete_tier/blocklists.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../event_filters.ts | 0 .../host_isolation_exceptions.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trusted_apps.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../endpoint_authz.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/metadata.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/package.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../datastream_index_creation.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../policy_response.ts | 0 .../trial_license_complete_tier/common.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/entity.ts | 0 .../trial_license_complete_tier/entity_id.ts | 0 .../trial_license_complete_tier/events.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/tree.ts | 0 .../agent_type_support.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/execute.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../configs/serverless.config.ts | 0 .../search_ai_lake_tier/index.ts | 0 .../siem_v3_global_artifact_management.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../siem_v3_global_artifact_management.ts | 0 .../trial_license_complete_tier/artifacts.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../response_actions.ts | 0 .../role_backwards_compatibility.ts | 0 .../space_awareness.ts | 0 .../test_suites/edr_workflows/utils/index.ts | 0 .../utils/supertest_error_logger.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../entities_list.ts | 0 .../entity_store.ts | 0 .../entity_store_nondefault_spaces.ts | 0 .../field_retention_operators.ts | 0 .../host_transform.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../entity_store/utils/ingest.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/engine.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../privilege_monitoring_privileges_check.ts | 0 .../pad_installation.ts | 0 .../privileged_users/api.ts | 0 .../privileged_users/utils.ts | 0 .../trial_license_complete_tier/role_utils.ts | 0 .../search_indices.ts | 0 .../api_feature_access.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../asset_criticality.ts | 0 .../asset_criticality_csv_upload.ts | 0 .../asset_criticality_privileges.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../init_and_status_apis.ts | 0 .../trial_license_complete_tier/migrations.ts | 0 .../risk_engine_cleanup_api.ts | 0 .../risk_engine_privileges.ts | 0 .../risk_engine_schedule_now.ts | 0 .../risk_engine_so_config.ts | 0 .../risk_score_entity_calculation.ts | 0 .../risk_score_preview.ts | 0 .../risk_scoring_task/task_execution.ts | 0 .../task_execution_nondefault_spaces.ts | 0 .../telemetry_usage.ts | 0 .../utils/asset_criticality.ts | 0 .../entity_analytics/utils/data_view.ts | 0 .../utils/elastic_asset_checker.ts | 0 .../utils/entity_analytics.ts | 0 .../entity_analytics/utils/entity_store.ts | 0 .../get_risk_engine_metrics_from_body.ts | 0 .../utils/get_risk_engine_stats.ts | 0 .../entity_analytics/utils/index.ts | 0 .../utils/move_index_to_slow_data_tier.ts | 0 .../utils/privilege_monitoring.ts | 0 .../utils/privmon_advanced_settings.ts | 0 .../entity_analytics/utils/risk_engine.ts | 0 .../entity_analytics/utils/users_and_roles.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../mocks/host_details.ts | 0 .../tests/host_details.ts | 0 .../tests/hosts.ts | 0 .../tests/index.ts | 0 .../tests/uncommon_processes.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../tests/index.ts | 0 .../tests/network_details.ts | 0 .../tests/network_dns.ts | 0 .../tests/network_top_n_flow.ts | 0 .../trial_license_complete_tier/tests/tls.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../tests/index.ts | 0 .../tests/overview_host.ts | 0 .../tests/overview_network.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../tests/authentications.ts | 0 .../tests/index.ts | 0 .../tests/users.ts | 0 .../common.ess.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../attack_discovery/schedules/mocks/index.ts | 0 .../schedules/mocks/schedules.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../create/create.ts | 0 .../create/create_ess.ts | 0 .../create/create_serverless.ts | 0 .../create/index.ts | 0 .../delete/delete.ts | 0 .../delete/delete_ess.ts | 0 .../delete/delete_serverless.ts | 0 .../delete/index.ts | 0 .../disable/disable.ts | 0 .../disable/disable_ess.ts | 0 .../disable/disable_serverless.ts | 0 .../disable/index.ts | 0 .../enable/enable.ts | 0 .../enable/enable_ess.ts | 0 .../enable/enable_serverless.ts | 0 .../enable/index.ts | 0 .../trial_license_complete_tier/find/find.ts | 0 .../find/find_ess.ts | 0 .../find/find_serverless.ts | 0 .../trial_license_complete_tier/find/index.ts | 0 .../trial_license_complete_tier/get/get.ts | 0 .../get/get_ess.ts | 0 .../get/get_serverless.ts | 0 .../trial_license_complete_tier/get/index.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../update/index.ts | 0 .../update/update.ts | 0 .../update/update_ess.ts | 0 .../update/update_serverless.ts | 0 .../attack_discovery/schedules/utils/apis.ts | 0 .../utils/check_schedule_disabled.ts | 0 .../utils/check_schedule_does_not_exist.ts | 0 .../schedules/utils/check_schedule_enabled.ts | 0 .../schedules/utils/check_schedule_exists.ts | 0 .../schedules/utils/helpers.ts | 0 .../test_suites/genai/evaluations/README.md | 20 +- .../genai/evaluations/data/kb_entries.ts | 0 .../configs/ess.config.ts | 0 .../evaluations.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/utils.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/entries.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../mocks/entries.ts | 0 .../semantic_text_indices.ts | 0 .../entries/utils/bulk_actions_entry.ts | 0 .../entries/utils/create_entry.ts | 0 .../entries/utils/delete_entry.ts | 0 .../entries/utils/find_entry.ts | 0 .../knowledge_base/entries/utils/get_entry.ts | 0 .../knowledge_base/entries/utils/helpers.ts | 0 .../remove_server_generated_properties.ts | 0 .../entries/utils/update_entry.ts | 0 .../configs/serverless.config.ts | 0 .../basic_license_essentials_tier/index.ts | 0 .../task_execution.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../task_execution.ts | 0 .../test_suites/genai/utils/auth/index.ts | 0 .../test_suites/genai/utils/auth/roles.ts | 0 .../test_suites/genai/utils/auth/spaces.ts | 0 .../test_suites/genai/utils/auth/types.ts | 0 .../test_suites/genai/utils/auth/users.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../saved_objects/tests/draft_timeline.ts | 0 .../saved_objects/tests/index.ts | 0 .../saved_objects/tests/notes.ts | 0 .../saved_objects/tests/pinned_events.ts | 0 .../saved_objects/tests/timeline.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../timeline/mocks/timeline_details.ts | 0 .../investigation/timeline/tests/events.ts | 0 .../timeline/tests/import_timelines.ts | 0 .../investigation/timeline/tests/index.ts | 0 .../tests/install_prepackaged_timelines.ts | 0 .../timeline/tests/notes_privileges.ts | 0 .../investigation/timeline/tests/timeline.ts | 0 .../timeline/tests/timeline_details.ts | 0 .../timeline/tests/timeline_migrations.ts | 0 .../timeline/tests/timeline_privileges.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../test_suites/investigation/utils/notes.ts | 0 .../investigation/utils/timelines.ts | 0 .../test_suites/investigation/utils/types.ts | 0 .../investigation/utils/wait_for.ts | 0 .../common/essentials_tier/admin.ts | 0 .../configs/serverless.config.ts | 0 .../common/essentials_tier/editor.ts | 0 .../endpoint_operations_analyst.ts | 0 .../endpoint_policy_manager.ts | 0 .../common/essentials_tier/index.ts | 0 .../essentials_tier/platform_engineer.ts | 0 .../common/essentials_tier/rule_author.ts | 0 .../common/essentials_tier/soc_manager.ts | 0 .../essentials_tier/threat_intel_analyst.ts | 0 .../common/essentials_tier/tier_1_analyst.ts | 0 .../common/essentials_tier/tier_2_analyst.ts | 0 .../common/essentials_tier/tier_3_analyst.ts | 0 .../common/essentials_tier/viewer.ts | 0 .../exceptions/items/essentials_tier/admin.ts | 0 .../configs/serverless.config.ts | 0 .../items/essentials_tier/editor.ts | 0 .../endpoint_operations_analyst.ts | 0 .../endpoint_policy_manager.ts | 0 .../exceptions/items/essentials_tier/index.ts | 0 .../essentials_tier/platform_engineer.ts | 0 .../items/essentials_tier/rule_author.ts | 0 .../items/essentials_tier/soc_manager.ts | 0 .../essentials_tier/threat_intel_analyst.ts | 0 .../items/essentials_tier/tier_1_analyst.ts | 0 .../items/essentials_tier/tier_2_analyst.ts | 0 .../items/essentials_tier/tier_3_analyst.ts | 0 .../items/essentials_tier/viewer.ts | 0 .../exceptions/lists/essentials_tier/admin.ts | 0 .../configs/serverless.config.ts | 0 .../lists/essentials_tier/editor.ts | 0 .../endpoint_operations_analyst.ts | 0 .../endpoint_policy_manager.ts | 0 .../exceptions/lists/essentials_tier/index.ts | 0 .../essentials_tier/platform_engineer.ts | 0 .../lists/essentials_tier/rule_author.ts | 0 .../lists/essentials_tier/soc_manager.ts | 0 .../essentials_tier/threat_intel_analyst.ts | 0 .../lists/essentials_tier/tier_1_analyst.ts | 0 .../lists/essentials_tier/tier_2_analyst.ts | 0 .../lists/essentials_tier/tier_3_analyst.ts | 0 .../lists/essentials_tier/viewer.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../items/create_exception_list_items.ts | 0 .../items/delete_exception_list_items.ts | 0 .../items/find_exception_list_items.ts | 0 .../items/index.ts | 0 .../items/read_exception_list_items.ts | 0 .../items/update_exception_list_items.ts | 0 .../lists/create_exception_lists.ts | 0 .../lists/delete_exception_lists.ts | 0 .../lists/duplicate_exception_list.ts | 0 .../lists/export_exception_list.ts | 0 .../lists/find_exception_lists.ts | 0 .../lists/get_exception_filter.ts | 0 .../lists/import_exceptions.ts | 0 .../lists/index.ts | 0 .../lists/read_exception_lists.ts | 0 .../lists/summary_exception_lists.ts | 0 .../lists/update_exception_lists.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../items/create_list_items.ts | 0 .../items/delete_list_items.ts | 0 .../items/export_list_items.ts | 0 .../items/find_list_items.ts | 0 .../items/import_list_items.ts | 0 .../items/import_list_items_migrations.ts | 0 .../items/index.ts | 0 .../items/patch_list_items.ts | 0 .../items/patch_list_items_migrations.ts | 0 .../items/read_list_items.ts | 0 .../items/update_list_items.ts | 0 .../items/update_list_items_migrations.ts | 0 .../lists/create_lists.ts | 0 .../lists/create_lists_index.ts | 0 .../lists/create_lists_index_migrations.ts | 0 .../lists/delete_lists.ts | 0 .../lists/find_lists.ts | 0 .../lists/find_lists_by_size.ts | 0 .../lists/index.ts | 0 .../lists/patch_lists.ts | 0 .../lists/patch_lists_migrations.ts | 0 .../lists/read_list_privileges.ts | 0 .../lists/read_lists.ts | 0 .../lists/update_lists.ts | 0 .../lists/update_lists_migrations.ts | 0 .../lists_and_exception_lists/utils.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../dashboard_migrations/create.ts | 0 .../dashboard_migrations/dashboards/create.ts | 0 .../dashboard_migrations/get.ts | 0 .../dashboard_migrations/index.ts | 0 .../dashboard_migrations/stats.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../rule_migrations/create.ts | 0 .../rule_migrations/delete.ts | 0 .../rule_migrations/get.ts | 0 .../rule_migrations/get_integrations.ts | 0 .../rule_migrations/get_prebuilt_rules.ts | 0 .../rule_migrations/index.ts | 0 .../rule_migrations/install.ts | 0 .../rule_migrations/integrations_stats.ts | 0 .../rule_migrations/rules/create.ts | 0 .../rule_migrations/rules/get.ts | 0 .../rule_migrations/rules/update.ts | 0 .../rule_migrations/start.ts | 0 .../rule_migrations/stats.ts | 0 .../rule_migrations/stop.ts | 0 .../rule_migrations/update.ts | 0 .../siem_migrations/utils/asserts.ts | 0 .../siem_migrations/utils/dashboard_mocks.ts | 0 .../siem_migrations/utils/dashboards.ts | 0 .../siem_migrations/utils/es_queries.ts | 0 .../utils/es_queries_dashboards.ts | 0 .../siem_migrations/utils/index.ts | 0 .../siem_migrations/utils/mocks.ts | 0 .../siem_migrations/utils/resources.ts | 0 .../siem_migrations/utils/rules.ts | 0 .../siem_migrations/utils/types.ts | 0 .../configs/ess.config.ts | 0 .../configs/serverless.config.ts | 0 .../trial_license_complete_tier/index.ts | 0 .../trial_license_complete_tier/sources.ts | 0 .../telemetry/configs/ess.config.ts | 0 .../telemetry/configs/serverless.config.ts | 0 .../test_suites/telemetry/index.ts | 0 .../test_suites/telemetry/tasks/endpoint.ts | 13 +- .../telemetry/tasks/indices_metadata.ts | 0 .../telemetry/tasks/ingest_pipeline_stats.ts | 0 .../test_suites/utils.ts | 0 .../tsconfig.json | 10 +- .../apps/endpoint/endpoint_list.ts | 0 .../apps/endpoint/endpoint_permissions.ts | 0 .../endpoint_solution_integrations.ts | 0 .../apps/endpoint/endpoint_telemetry.ts | 0 .../apps/endpoint/endpoint_transform.ts | 0 .../apps/endpoint/index.ts | 0 .../integrations/artifact_entries_list.ts | 0 .../apps/integrations/endpoint_exceptions.ts | 0 .../apps/integrations/fleet_integrations.ts | 0 .../apps/integrations/index.ts | 0 .../apps/integrations/mocks.ts | 0 .../apps/integrations/policy_details.ts | 0 .../apps/integrations/policy_list.ts | 0 .../apps/integrations/trusted_apps_list.ts | 0 .../configs/config.base.ts | 2 +- .../configs/endpoint.config.ts | 3 +- .../configs/ftr_provider_context.d.ts | 0 .../configs/integrations.config.ts | 3 +- .../configs/serverless.endpoint.config.ts | 3 +- .../configs/serverless.integrations.config.ts | 3 +- .../artifact_entries_list_page.ts | 0 .../page_objects/endpoint_page.ts | 0 .../page_objects/endpoint_responder.ts | 0 .../page_objects/fleet_integrations_page.ts | 0 .../page_objects/index.ts | 0 ...gest_manager_create_package_policy_page.ts | 0 .../page_objects/page_utils.ts | 0 .../page_objects/policy_page.ts | 0 .../page_objects/trusted_apps_page.ts | 0 .../services/endpoint.ts | 0 .../services/endpoint_artifacts.ts | 0 .../services/endpoint_data_stream_helpers.ts | 0 .../services/endpoint_policy.ts | 0 .../services/endpoint_registry_helpers.ts | 0 .../services/endpoint_telemetry.ts | 0 .../fixtures/package_registry_config.yml | 0 .../services/index.ts | 2 +- .../services/roles_users_utils.ts | 0 .../services/supertest_with_cert.ts | 0 .../security_solution_endpoint/target_tags.ts | 0 .../security_solution_endpoint/tsconfig.json | 7 +- .../ftr_provider_context.ts | 14 + .../page_objects/detections/index.ts | 0 .../page_objects/hosts/index.ts | 2 +- .../page_objects/index.ts | 12 + .../page_objects/timeline/index.ts | 2 +- .../services/detections/index.ts | 2 +- .../security_solution_ftr/services/index.ts | 12 + .../services/timeline/index.ts | 2 +- 1058 files changed, 4070 insertions(+), 317 deletions(-) create mode 100644 x-pack/solutions/security/test/api_integration/services/es_supertest_without_auth.js create mode 100644 x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts create mode 100644 x-pack/solutions/security/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts create mode 100644 x-pack/solutions/security/test/api_integration/services/security_solution_exceptions_api.gen.ts create mode 100644 x-pack/solutions/security/test/api_integration/services/security_solution_lists_api.gen.ts create mode 100644 x-pack/solutions/security/test/api_integration/services/security_solution_osquery_api.gen.ts rename x-pack/{ => solutions/security}/test/security_solution_api_integration/.gitignore (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/README.md (76%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/config.base.basic.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/config.base.edr_workflows.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/config.base.frozen.trial.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/config.base.trial.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/config.base.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/services.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/ess/services_edr_workflows.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/privileges/roles.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/privileges/users.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts (95%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts (90%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/serverless/config.base.essentials.ts (97%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/serverless/config.base.ts (97%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/serverless/services.ts (63%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/serverless/services_edr_workflows.ts (81%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/common/endpoint_data_stream_helpers.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/common/endpoint_registry_helpers.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/common/fixtures/package_registry_config.yml (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/common/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/common/roles_users_utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/create_alerts_index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/delete_all_alerts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_ids.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alert_ids.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alerts_ids.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/search_alerts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/alerts/wait_for_alerts_to_be_present.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/count_down_test.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/delete_all_anomalies.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/route_with_namespace.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/create_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/delete_all_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/delete_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/get_gaps_by_rule_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/get_rule_for_alert_testing.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/manual_run.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/rules/wait_for_rule_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/spaces.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/tasks/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/tasks/indices_metadata.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/tasks/task_manager.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/detections_response/wait_for.ts (100%) create mode 100644 x-pack/solutions/security/test/security_solution_api_integration/config/services/search_secure.ts rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/security_solution_edr_workflows_metadata.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/security_solution_edr_workflows_resolver.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/security_solution_edr_workflows_roles_users.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/security_solution_ess_utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/security_solution_serverless_bsearch_creator.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/security_solution_serverless_supertest.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts (95%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/spaces.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/spaces_service.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/services/types.ts (95%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/config/shared.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/endpoint/metrics/data.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/endpoint/metrics/mappings.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/data.json.gz (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/mappings.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/data.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/mappings.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/data.json.gz (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/mappings.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive_path_builder/constants.ts (80%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/es_archive_path_builder/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/ftr_provider_context.d.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/ftr_provider_context_edr_workflows.d.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/ftr_provider_context_with_spaces.d.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/package.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/api_configs.json (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/genai/vault/get_command.js (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/genai/vault/manage_secrets.ts (98%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/genai/vault/retrieve_secrets.js (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/genai/vault/upload_secrets.js (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/index.js (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/mki_api_ftr_execution.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/scripts/mki_start_api_ftr_execution.js (85%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/dummy_test.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/task_execution.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/alerts_compatibility.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/create_index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/create_alerts_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/delete_alerts_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/deprecations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/finalize_alerts_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/get_alerts_migration_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/query_alerts_backword_compatibility.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/field_aliases.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/set_alert_tags.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/document_level_security.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/date.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/double.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/float.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/integer.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip_array.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword_array.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/long.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text_array.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_endpoint_exceptions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exceptions_data_integrity.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/find_rule_exception_references.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/rule_exceptions_execution.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/README.md (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql_alert_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ecs_field_duplication.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ignore_fields.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/README.md (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/const_keyword.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword_mixed_with_const.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/non_ecs_fields.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/runtime.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/timestamps.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/synthetic_source.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match_alert_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_alert_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_manual_run.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms_alert_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/custom_query.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/saved_query.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold_alert_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/manual_rule_run.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/ess_trial_license.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/serverless_complete_tier.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/preview_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/constants.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.basic.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.trial.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.complete.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.essentials.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/README.md (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_large_package.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_packages.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_trial_license.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_basic_license.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/serverless_essentials_tier.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_multiple_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_outdated_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_single_prebuilt_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_installing_package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_base_version.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_fields.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/install_mocked_prebuilt_rule_assets.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/bootstrap_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_bundled_package.ts (94%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_large_bundled_package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/prerelease_packages.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/install_package_from_epr.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/update_package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/get_prebuilt_rule_base_version.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/revert_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/get_prebuilt_rules_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/legacy/get_prebuilt_timelines_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/ess_basic_license.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/serverless_essentials_tier.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/calculate_is_customized.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/customize_via_bulk_editing.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/upgrade_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/calculate_is_customized.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_via_bulk_editing.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/get_prebuilt_rules_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_all_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_selected_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/alert_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/building_block.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/data_source.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/description.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/false_positives.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/investigation_fields.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/max_signals.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/name.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/note.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/references.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/related_integrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/required_fields.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score_mapping.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_name_override.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_schedule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/setup.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity_mapping.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/tags.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/threat.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timeline_template.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timestamp_override.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/test_helpers.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/anomaly_threshold.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/eql_query.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/esql_query.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/history_window_start.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.inline_query.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.saved_query.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/machine_learning_job_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/new_terms_fields.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_indicator_path.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_mapping.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_query.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threshold.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/review_prebuilt_rules_upgrade.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/upgrade_single_prebuilt_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/ess_basic_license.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/serverless_essentials_tier.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/perform_installation.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/perform_upgrade.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/review_installation.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/review_upgrade.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_suppression.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules_with_overwrite.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_connectors.ts (98%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_with_overwrite.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/template_data/execution_events.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/README.md (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_upgrade_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/exceptions_metrics.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/value_list_metrics.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/read_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_webhook_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_slack_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_web_hook_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_notifications_so_by_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_actions_so_by_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/actions/remove_uuid_from_actions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/alert_assignees.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status_empty_response.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_preview_alerts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/delete_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/finalize_alerts_migration.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/start_alerts_migration.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/remove_random_valued_properties_from_alert.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_tags.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/binary_to_string.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/cases.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/combine_to_ndjson.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/create_connector.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/delete_connector.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_connector.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_web_hook_connector_params.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/README.md (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/data_generator_factory.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_document.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_documents.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/generate_documents.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_kql_query_from_documents_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_timestamp.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index_documents.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_event_log_execution_events.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_gaps.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/generate_gaps_for_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/get_event_log_execute_complete_by_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index_event_log_execution_events.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/item/create_exception_list_item.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_exception_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/delete_exception_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/move_index_to_frozen_data_tier.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_detection_metrics_from_body.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_from_body.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_index_name_from_load.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats_url.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_from_body.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/machine_learning_setup.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/refresh_index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/retry_delete_by_query_conflicts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/check_investigation_field_in_so.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_legacy_rule_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_non_security_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_saved_object.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_auth.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/downgrade_immutable_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/fetch_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/find_immutable_rule_by_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/generate_event.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule_output.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_coverage_overview.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_actions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_for_alert_testing_with_timestamp_override.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_custom_query_rule_params.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_ml_rule_params.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_saved_query_rule_params.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_threshold_rule_params.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_so_by_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_legacy_investigation_fields.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_web_hook_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_output.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_update.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_preview_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_as_ndjson.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_with_web_hook_action.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_without_rule_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_preview_output.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_update.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_without_rule_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_saved_query_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_threat_match.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/import_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/patch_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rule_saved_objects.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rules_package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_prebuilt_rule_assets.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_timelines.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_fleet_packages.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_installed_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rule_base_version.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_and_timelines_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_fleet_package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_status.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_fleet_package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_mock_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_and_timelines.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_fleet_package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/perform_upgrade_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/revert_prebuilt_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_install_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_upgrade_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/set_up_rule_upgrade.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule_with_exception_entries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties_including_rule_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_gaps.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_ndjson.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_update_schema.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/run_soon_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/rules/update_rule.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/runtime.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/set_advanced_settings.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/check_rule_type_usage.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/get_security_telemetry_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/remove_time_fields_from_telemetry_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/update_username.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/blocklists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/event_filters.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/host_isolation_exceptions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/trusted_apps.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/endpoint_authz.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/metadata.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/package.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/datastream_index_creation.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/policy_response.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/common.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity_id.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/events.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/tree.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/agent_type_support.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/execute.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/siem_v3_global_artifact_management.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/siem_v3_global_artifact_management.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/artifacts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/response_actions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/role_backwards_compatibility.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/space_awareness.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/utils/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/edr_workflows/utils/supertest_error_logger.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entities_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store_nondefault_spaces.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/field_retention_operators.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/host_transform.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/utils/ingest.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/engine.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privilege_monitoring_privileges_check.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_access_detection/pad_installation.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/role_utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/search_indices.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/api_feature_access.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_csv_upload.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_cleanup_api.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_schedule_now.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_so_config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_entity_calculation.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/data_view.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/elastic_asset_checker.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_analytics.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_metrics_from_body.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/move_index_to_slow_data_tier.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/privmon_advanced_settings.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/entity_analytics/utils/users_and_roles.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/mocks/host_details.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/host_details.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/hosts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/uncommon_processes.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_details.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_dns.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_top_n_flow.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/tls.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_host.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_network.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/authentications.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/users.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/common.ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/schedules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_ess.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_serverless.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/apis.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_disabled.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_does_not_exist.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_enabled.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_exists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/helpers.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/evaluations/README.md (79%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/evaluations/data/kb_entries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/evaluations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/mocks/entries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/delete_entry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/find_entry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/get_entry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/helpers.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/remove_server_generated_properties.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/update_entry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/task_execution.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/task_execution.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/utils/auth/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/utils/auth/roles.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/utils/auth/spaces.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/utils/auth/types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/genai/utils/auth/users.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/notes_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/utils/notes.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/utils/timelines.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/utils/types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/investigation/utils/wait_for.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/create_exception_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/delete_exception_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/find_exception_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/read_exception_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/update_exception_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/create_exception_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/delete_exception_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/export_exception_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/find_exception_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/get_exception_filter.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/import_exceptions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/read_exception_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/summary_exception_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/update_exception_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/create_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/delete_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/export_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/find_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/read_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/delete_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists_by_size.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_list_privileges.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists_migrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/create.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/dashboards/create.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/get.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/create.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/delete.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_integrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_prebuilt_rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/install.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/integrations_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/create.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/get.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/update.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/start.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stop.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/update.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/asserts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboard_mocks.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboards.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries_dashboards.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/mocks.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/resources.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/rules.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/siem_migrations/utils/types.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/telemetry/configs/ess.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/telemetry/configs/serverless.config.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/telemetry/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/telemetry/tasks/endpoint.ts (92%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/telemetry/tasks/indices_metadata.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/telemetry/tasks/ingest_pipeline_stats.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/test_suites/utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_api_integration/tsconfig.json (81%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/endpoint/endpoint_permissions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/endpoint/endpoint_solution_integrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/endpoint/endpoint_telemetry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/endpoint/endpoint_transform.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/endpoint/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/artifact_entries_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/fleet_integrations.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/mocks.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/policy_details.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/policy_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/apps/integrations/trusted_apps_list.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/configs/config.base.ts (98%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/configs/endpoint.config.ts (89%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/configs/ftr_provider_context.d.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/configs/integrations.config.ts (91%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/configs/serverless.endpoint.config.ts (89%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/configs/serverless.integrations.config.ts (90%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/artifact_entries_list_page.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/endpoint_page.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/endpoint_responder.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/fleet_integrations_page.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/ingest_manager_create_package_policy_page.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/page_utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/policy_page.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/page_objects/trusted_apps_page.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/endpoint.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/endpoint_artifacts.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/endpoint_data_stream_helpers.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/endpoint_policy.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/endpoint_registry_helpers.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/endpoint_telemetry.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/fixtures/package_registry_config.yml (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/index.ts (94%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/roles_users_utils.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/services/supertest_with_cert.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/target_tags.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_endpoint/tsconfig.json (78%) create mode 100644 x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts rename x-pack/{ => solutions/security}/test/security_solution_ftr/page_objects/detections/index.ts (100%) rename x-pack/{ => solutions/security}/test/security_solution_ftr/page_objects/hosts/index.ts (96%) create mode 100644 x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts rename x-pack/{ => solutions/security}/test/security_solution_ftr/page_objects/timeline/index.ts (98%) rename x-pack/{ => solutions/security}/test/security_solution_ftr/services/detections/index.ts (98%) create mode 100644 x-pack/solutions/security/test/security_solution_ftr/services/index.ts rename x-pack/{ => solutions/security}/test/security_solution_ftr/services/timeline/index.ts (98%) diff --git a/.buildkite/ftr_security_serverless_configs.yml b/.buildkite/ftr_security_serverless_configs.yml index 7012b29052335..0cc1807fb0b7d 100644 --- a/.buildkite/ftr_security_serverless_configs.yml +++ b/.buildkite/ftr_security_serverless_configs.yml @@ -1,9 +1,9 @@ disabled: # Base config files, only necessary to inform config finding script - - x-pack/test/security_solution_api_integration/config/serverless/config.base.ts - - x-pack/test/security_solution_api_integration/config/serverless/config.base.essentials.ts - - x-pack/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts - - x-pack/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.essentials.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts - x-pack/solutions/security/test/defend_workflows_cypress/serverless_config.base.ts - x-pack/solutions/security/test/osquery_cypress/serverless_config.base.ts - x-pack/platform/test/serverless/functional/config.security.base.ts @@ -21,8 +21,8 @@ disabled: - x-pack/test_serverless/functional/test_suites/security/config.mki_only.ts # Detection Rules Management base configs - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.essentials.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.complete.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.essentials.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.complete.config.ts defaultQueue: 'n2-4-spot' enabled: @@ -53,93 +53,93 @@ enabled: - x-pack/platform/test/serverless/functional/configs/security/config.group10.ts - x-pack/platform/test/serverless/functional/configs/security/config.group11.ts - x-pack/platform/test/serverless/functional/configs/security/config.group12.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/serverless_complete_tier.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/serverless_essentials_tier.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/serverless_essentials_tier.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/serverless_essentials_tier.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/telemetry/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_endpoint/configs/serverless.endpoint.config.ts - - x-pack/test/security_solution_endpoint/configs/serverless.integrations.config.ts - - x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/serverless_complete_tier.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/serverless_essentials_tier.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/serverless_essentials_tier.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/serverless_essentials_tier.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.endpoint.config.ts + - x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.integrations.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/configs/serverless.config.ts # serverless config files that run deployment-agnostic tests - x-pack/platform/test/spaces_api_integration/deployment_agnostic/security_and_spaces/serverless.config.ts - x-pack/platform/test/spaces_api_integration/deployment_agnostic/security_and_spaces/serverless.copy_to_space.config.ts diff --git a/.buildkite/ftr_security_stateful_configs.yml b/.buildkite/ftr_security_stateful_configs.yml index 8a722c416f1d4..285e896790551 100644 --- a/.buildkite/ftr_security_stateful_configs.yml +++ b/.buildkite/ftr_security_stateful_configs.yml @@ -1,13 +1,13 @@ disabled: # Base config files, only necessary to inform config finding script - - x-pack/test/security_solution_api_integration/config/ess/config.base.ts - - x-pack/test/security_solution_api_integration/config/ess/config.base.basic.ts - - x-pack/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts - - x-pack/test/security_solution_api_integration/config/ess/config.base.edr_workflows.ts - - x-pack/test/security_solution_api_integration/config/ess/config.base.trial.ts - - x-pack/test/security_solution_api_integration/config/ess/config.base.frozen.trial.ts - - x-pack/test/security_solution_endpoint/configs/config.base.ts - - x-pack/test/security_solution_endpoint/config.base.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.basic.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.trial.ts + - x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.frozen.trial.ts + - x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts + - x-pack/solutions/security/test/security_solution_endpoint/config.base.ts - x-pack/test/security_solution_endpoint_api_int/config.base.ts - x-pack/solutions/security/test/api_integration/config.ts - x-pack/solutions/security/test/functional/config.base.ts @@ -31,95 +31,95 @@ disabled: - x-pack/solutions/security/test/security_solution_playwright/playwright.config.ts # Gen AI Evals run weekly via their own pipeline - - x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts # Detection Rules Management base configs - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.basic.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.trial.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.basic.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.trial.config.ts defaultQueue: 'n2-4-spot' enabled: - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/ess_trial_license.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_basic_license.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_packages.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_large_package.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/ess_basic_license.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_trial_license.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/ess_basic_license.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/telemetry/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_endpoint/configs/endpoint.config.ts - - x-pack/test/security_solution_endpoint/configs/integrations.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/ess_trial_license.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_basic_license.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_packages.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_large_package.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/ess_basic_license.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_trial_license.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/ess_basic_license.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts + - x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts + - x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts - x-pack/solutions/security/test/api_integration/apis/cloud_security_posture/config.ts - x-pack/solutions/security/test/cloud_security_posture_api/config.ts - x-pack/solutions/security/test/cloud_security_posture_functional/config.ts diff --git a/.buildkite/pipelines/pull_request/security_solution/gen_ai_evals.yml b/.buildkite/pipelines/pull_request/security_solution/gen_ai_evals.yml index 34b45baf1aa0a..66681dfa72561 100644 --- a/.buildkite/pipelines/pull_request/security_solution/gen_ai_evals.yml +++ b/.buildkite/pipelines/pull_request/security_solution/gen_ai_evals.yml @@ -12,9 +12,9 @@ steps: steps: - command: .buildkite/scripts/steps/test/ftr_configs.sh env: - FTR_CONFIG: "x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts" + FTR_CONFIG: 'x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts' FTR_CONFIG_GROUP_KEY: 'ftr-security-solution-gen-ai-evaluations' - FTR_SECURITY_GEN_AI: "1" + FTR_SECURITY_GEN_AI: '1' label: Security Solution Gen AI Evaluations key: security-solution-gen-ai-evaluations timeout_in_minutes: 50 diff --git a/.buildkite/pipelines/security_solution/gen_ai_evals.yml b/.buildkite/pipelines/security_solution/gen_ai_evals.yml index 5cfad414726df..c2cc62ebfc3f9 100644 --- a/.buildkite/pipelines/security_solution/gen_ai_evals.yml +++ b/.buildkite/pipelines/security_solution/gen_ai_evals.yml @@ -1,5 +1,5 @@ env: - FTR_SECURITY_GEN_AI: "1" + FTR_SECURITY_GEN_AI: '1' steps: - label: '👨‍🔧 Pre-Build' command: .buildkite/scripts/lifecycle/pre_build.sh @@ -25,9 +25,9 @@ steps: - command: .buildkite/scripts/steps/test/ftr_configs.sh env: - FTR_CONFIG: "x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts" + FTR_CONFIG: 'x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts' FTR_CONFIG_GROUP_KEY: 'ftr-security-solution-gen-ai-evaluations' - FTR_SECURITY_GEN_AI: "1" + FTR_SECURITY_GEN_AI: '1' label: Security Solution Gen AI Evaluations key: ftr-security-solution-gen-ai-evaluations timeout_in_minutes: 50 @@ -44,5 +44,3 @@ steps: limit: 3 - exit_status: '*' limit: 1 - - diff --git a/.buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh b/.buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh index 1aede759481a5..6c59d41e14b5c 100755 --- a/.buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh +++ b/.buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh @@ -16,7 +16,7 @@ source .buildkite/scripts/pipelines/security_solution_quality_gate/prepare_vault echo "--- Running test script $1" -cd x-pack/test/security_solution_api_integration +cd x-pack/solutions/security/test/security_solution_api_integration set +e TARGET_SCRIPT=$1 node ./scripts/mki_start_api_ftr_execution diff --git a/.eslintrc.js b/.eslintrc.js index 2dbe1cf0e1197..b8836feaa0813 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -798,8 +798,8 @@ module.exports = { 'x-pack/platform/test/serverless/*/configs/**/*', 'x-pack/test_serverless/*/test_suites/**/*', 'x-pack/test/profiling_api_integration/**/*.ts', - 'x-pack/test/security_solution_api_integration/*/test_suites/**/*', - 'x-pack/test/security_solution_api_integration/**/config*.ts', + 'x-pack/solutions/security/test/security_solution_api_integration/*/test_suites/**/*', + 'x-pack/solutions/security/test/security_solution_api_integration/**/config*.ts', '**/playwright.config.ts', ], rules: { diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 704b7db011926..4439a41e62224 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2421,9 +2421,9 @@ x-pack/platform/test/functional/page_objects/search_profiler_page.ts @elastic/se #CC# /x-pack/plugins/cross_cluster_replication/ @elastic/kibana-management # Security Solution -/x-pack/solutions/security/test/fixtures/kbn_archives/timelines/7.15.0_space @elastic/security-solution # Assigned per only use: https://github.com/elastic/kibana/blob/main/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts#L58 +/x-pack/solutions/security/test/fixtures/kbn_archives/timelines/7.15.0_space @elastic/security-solution # Assigned per only use: https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts#L58 /x-pack/solutions/security/test/fixtures/es_archives/packetbeat @elastic/security-solution -/x-pack/test/security_solution_ftr @elastic/security-solution +/x-pack/solutions/security/test/security_solution_ftr @elastic/security-solution /x-pack/solutions/security/test/fixtures/es_archives/security_solution @elastic/security-solution /x-pack/solutions/security/test/fixtures/es_archives/rule_exceptions @elastic/security-solution # Assigned per https://github.com/elastic/kibana/pull/199795/files/ae80bb252bc71f787c122849fcb9b01e386fc5e9#r1840233040 /x-pack/solutions/security/test/functional/ @elastic/security-solution @@ -2431,12 +2431,12 @@ x-pack/platform/test/functional/page_objects/search_profiler_page.ts @elastic/se /x-pack/test/common/utils/security_solution/index.ts @elastic/security-solution /x-pack/test/common/utils/security_solution/spaces.ts @elastic/security-detection-rule-management /x-pack/solutions/security/test/plugin_functional/ @elastic/security-solution -/x-pack/test/common/services/security_solution @elastic/security-solution +/x-pack/solutions/security/test/api_integration/services @elastic/security-solution /x-pack/test/api_integration/services/security_solution_*.gen.ts @elastic/security-solution /x-pack/solutions/security/test/accessibility/ @elastic/security-solution /x-pack/solutions/security/test/fixtures/es_archives/endpoint/ @elastic/security-solution /x-pack/platform/test/plugin_functional/test_suites/resolver/ @elastic/security-solution -/x-pack/test/security_solution_api_integration @elastic/security-solution +/x-pack/solutions/security/test/security_solution_api_integration @elastic/security-solution /x-pack/test/api_integration/apis/security_solution @elastic/security-solution /x-pack/platform/test/fixtures/es_archives/auditbeat/default @elastic/security-solution @@ -2479,7 +2479,7 @@ x-pack/platform/test/functional/page_objects/search_profiler_page.ts @elastic/se # AI4DSOC in Security Solution /x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/ai4dsoc @elastic/security-engineering-productivity /x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/ai4dsoc/privileges @elastic/security-generative-ai -/x-pack/test/security_solution_api_integration/test_suites/ai4dsoc @elastic/security-engineering-productivity +/x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc @elastic/security-engineering-productivity # Security Solution cross teams ownership /x-pack/solutions/security/test/security_solution_cypress/cypress/fixtures @elastic/security-detections-response @elastic/security-threat-hunting @@ -2499,11 +2499,11 @@ x-pack/platform/test/functional/page_objects/search_profiler_page.ts @elastic/se /x-pack/solutions/security/plugins/security_solution/server/routes @elastic/security-detections-response @elastic/security-threat-hunting /x-pack/solutions/security/plugins/security_solution/server/utils @elastic/security-detections-response @elastic/security-threat-hunting -x-pack/test/security_solution_api_integration/test_suites/detections_response/utils @elastic/security-detections-response -x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry @elastic/security-detections-response -x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles @elastic/security-detections-response -x-pack/test/security_solution_api_integration/test_suites/sources @elastic/security-detections-response -/x-pack/test/security_solution_api_integration/config/services/detections_response/ @elastic/security-detections-response +x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils @elastic/security-detections-response +x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry @elastic/security-detections-response +x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles @elastic/security-detections-response +x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources @elastic/security-detections-response +/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/ @elastic/security-detections-response /x-pack/solutions/security/test/fixtures/es_archives/signals @elastic/security-detections-response /x-pack/solutions/security/test/fixtures/es_archives/rule_keyword_family @elastic/security-detections-response @@ -2530,7 +2530,7 @@ x-pack/platform/plugins/shared/entity_manager/server/lib/entities @elastic/entit x-pack/platform/plugins/shared/entity_manager/server/lib/auth @elastic/entity-store x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store @elastic/entity-store x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store @elastic/entity-store -x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/ @elastic/entity-store +x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/ @elastic/entity-store ## Security Solution sub teams - Threat Hunting @@ -2543,7 +2543,7 @@ x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entit /x-pack/solutions/security/plugins/security_solution/public/siem_migrations @elastic/security-threat-hunting /x-pack/solutions/security/plugins/security_solution/server/lib/siem_migrations @elastic/security-threat-hunting -x-pack/test/security_solution_api_integration/test_suites/siem_migrations @elastic/security-threat-hunting +x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations @elastic/security-threat-hunting /x-pack/test_serverless/functional/test_suites/security/ftr/discover @elastic/security-threat-hunting x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts @elastic/security-threat-hunting @@ -2639,7 +2639,7 @@ x-pack/test_serverless/functional/test_suites/security/config.context_awareness. /x-pack/platform/test/fixtures/es_archives/auditbeat/overview @elastic/security-threat-hunting-investigations -x-pack/test/security_solution_api_integration/test_suites/investigations @elastic/security-threat-hunting-investigations +x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigations @elastic/security-threat-hunting-investigations /x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts @elastic/security-threat-hunting-investigations @@ -2700,7 +2700,7 @@ x-pack/platform/plugins/shared/actions/server/lib/token_tracking @elastic/securi /x-pack/solutions/security/plugins/security_solution/docs/rfcs/detection_response @elastic/security-detection-rule-management @elastic/security-detection-engine /x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules @elastic/security-detection-rule-management /x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/rule_management @elastic/security-detection-rule-management -/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management @elastic/security-detection-rule-management +/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management @elastic/security-detection-rule-management /x-pack/solutions/security/plugins/security_solution/public/common/components/health_truncate_text @elastic/security-detection-rule-management /x-pack/solutions/security/plugins/security_solution/public/common/components/links_to_docs @elastic/security-detection-rule-management @@ -2761,9 +2761,9 @@ x-pack/platform/plugins/shared/actions/server/lib/token_tracking @elastic/securi /x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine @elastic/security-detection-engine -/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine @elastic/security-detection-engine -/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_gaps.ts @elastic/security-detection-engine -/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists @elastic/security-detection-engine +/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine @elastic/security-detection-engine +/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_gaps.ts @elastic/security-detection-engine +/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists @elastic/security-detection-engine /x-pack/solutions/security/test/fixtures/es_archives/asset_criticality @elastic/security-detection-engine /x-pack/solutions/security/plugins/security_solution/server/usage/exceptions @elastic/security-detection-engine /x-pack/solutions/security/plugins/security_solution/server/usage/value_lists @elastic/security-detection-engine @@ -2788,8 +2788,8 @@ x-pack/solutions/security/plugins/security_solution/server/assistant/tools/defen /x-pack/solutions/security/plugins/security_solution/server/lib/license/ @elastic/security-defend-workflows /x-pack/solutions/security/plugins/security_solution/server/fleet_integration/ @elastic/security-defend-workflows /x-pack/solutions/security/plugins/security_solution/scripts/endpoint/ @elastic/security-defend-workflows -/x-pack/test/security_solution_endpoint/ @elastic/security-defend-workflows -/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/ @elastic/security-defend-workflows +/x-pack/solutions/security/test/security_solution_endpoint/ @elastic/security-defend-workflows +/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/ @elastic/security-defend-workflows /x-pack/solutions/security/plugins/security_solution_serverless/public/upselling/sections/endpoint_management @elastic/security-defend-workflows /x-pack/solutions/security/plugins/security_solution_serverless/public/upselling/pages/endpoint_management @elastic/security-defend-workflows /x-pack/solutions/security/plugins/security_solution_serverless/server/endpoint @elastic/security-defend-workflows @@ -2842,11 +2842,11 @@ x-pack/solutions/security/test/security_solution_cypress/cypress/tasks/users @el x-pack/platform/test/fixtures/es_archives/auditbeat/hosts @elastic/security-entity-analytics x-pack/platform/test/fixtures/es_archives/auditbeat/uncommon_processes @elastic/security-entity-analytics x-pack/platform/test/fixtures/es_archives/auditbeat/users @elastic/security-entity-analytics -x-pack/test/security_solution_api_integration/test_suites/entity_analytics @elastic/security-entity-analytics -x-pack/test/security_solution_api_integration/test_suites/explore @elastic/security-entity-analytics +x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics @elastic/security-entity-analytics +x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore @elastic/security-entity-analytics ## Security Solution sub teams - GenAI -x-pack/test/security_solution_api_integration/test_suites/genai @elastic/security-generative-ai +x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai @elastic/security-generative-ai ## Security Solution sub teams - Automatic Import x-pack/platform/test/automatic_import_api_integration @elastic/security-scalability diff --git a/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/refresh_index.ts b/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/refresh_index.ts index 2933779ea8969..3002fca562c79 100644 --- a/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/refresh_index.ts +++ b/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/refresh_index.ts @@ -9,7 +9,7 @@ import type { Client } from '@elastic/elasticsearch'; import { ALL_SAVED_OBJECT_INDICES } from '@kbn/core-saved-objects-server'; /** - * Copied from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/refresh_index.ts + * Copied from x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/refresh_index.ts * * Refresh an index, making changes available to search. * Reusable utility which refreshes all saved object indices, to make them available for search, especially diff --git a/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/retry.ts b/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/retry.ts index 74755064cdf01..e1995f0d44603 100644 --- a/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/retry.ts +++ b/x-pack/solutions/observability/test/alerting_api_integration/observability/helpers/retry.ts @@ -9,7 +9,7 @@ import type { RetryService } from '@kbn/ftr-common-functional-services'; import type { ToolingLog } from '@kbn/tooling-log'; /** - * Copied from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/retry.ts + * Copied from x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/retry.ts * * Retry wrapper for async supertests, with a maximum number of retries. * You can pass in a function that executes a supertest test, and make assertions diff --git a/x-pack/solutions/security/plugins/security_solution/README.md b/x-pack/solutions/security/plugins/security_solution/README.md index 34d94cbb99283..a6c337c205d33 100644 --- a/x-pack/solutions/security/plugins/security_solution/README.md +++ b/x-pack/solutions/security/plugins/security_solution/README.md @@ -51,13 +51,13 @@ FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:runner --config x-pack/test/secu In one terminal, run: ```bash -FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:server --config x-pack/test/security_solution_endpoint/config.ts +FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:server --config x-pack/solutions/security/test/security_solution_endpoint/config.ts ``` In another terminal, run: ```bash -FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:runner --config x-pack/test/security_solution_endpoint/config.ts +FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:runner --config x-pack/solutions/security/test/security_solution_endpoint/config.ts ``` ### Running your own package registry @@ -86,13 +86,13 @@ PACKAGE_REGISTRY_URL_OVERRIDE= yarn test:ftr:server --config x-pack/test/security_solution_endpoint/config.ts +PACKAGE_REGISTRY_URL_OVERRIDE= yarn test:ftr:server --config x-pack/solutions/security/test/security_solution_endpoint/config.ts ``` In another terminal, run: ```bash -PACKAGE_REGISTRY_URL_OVERRIDE= yarn test:ftr:runner --config x-pack/test/security_solution_endpoint/config.ts +PACKAGE_REGISTRY_URL_OVERRIDE= yarn test:ftr:runner --config x-pack/solutions/security/test/security_solution_endpoint/config.ts ``` ### Using the default public registry @@ -120,13 +120,13 @@ yarn test:ftr:runner --config x-pack/test/security_solution_endpoint_api_int/con In one terminal, run: ```bash -yarn test:ftr:server --config x-pack/test/security_solution_endpoint/config.ts +yarn test:ftr:server --config x-pack/solutions/security/test/security_solution_endpoint/config.ts ``` In another terminal, run: ```bash -yarn test:ftr:runner --config x-pack/test/security_solution_endpoint/config.ts +yarn test:ftr:runner --config x-pack/solutions/security/test/security_solution_endpoint/config.ts ``` #### Generate huge amount of indices with huge amount of fields diff --git a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/blocklists_validator.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/blocklists_validator.test.ts index fe66987d8aa78..8c28666e60f7b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/blocklists_validator.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/blocklists_validator.test.ts @@ -23,7 +23,7 @@ describe('Blocklists API validations', () => { // API TESTS FOR THIS ARTIFACT TYPE SHOULD BE COVERED WITH INTEGRATION TESTS. // ADD THEM HERE: // - // `x-pack/test/security_solution_api_integration/test_suites/edr_workflows` + // `x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows` // // ----------------------------------------------------------------------------- }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/endpoint_exceptions_validator.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/endpoint_exceptions_validator.test.ts index 3fa62472acffd..22110d4b0b930 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/endpoint_exceptions_validator.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/endpoint_exceptions_validator.test.ts @@ -23,7 +23,7 @@ describe('Endpoint Exceptions API validations', () => { // API TESTS FOR THIS ARTIFACT TYPE SHOULD BE COVERED WITH INTEGRATION TESTS. // ADD THEM HERE: // - // `x-pack/test/security_solution_api_integration/test_suites/edr_workflows` + // `x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows` // // ----------------------------------------------------------------------------- }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/event_filter_validator.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/event_filter_validator.test.ts index 9b86c85aec60f..dc8681f02861f 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/event_filter_validator.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/event_filter_validator.test.ts @@ -23,7 +23,7 @@ describe('Endpoint Exceptions API validations', () => { // API TESTS FOR THIS ARTIFACT TYPE SHOULD BE COVERED WITH INTEGRATION TESTS. // ADD THEM HERE: // - // `x-pack/test/security_solution_api_integration/test_suites/edr_workflows` + // `x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows` // // ----------------------------------------------------------------------------- }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/host_isolation_exceptions_validator.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/host_isolation_exceptions_validator.test.ts index 3447f49e1375a..64b090295df0a 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/host_isolation_exceptions_validator.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/host_isolation_exceptions_validator.test.ts @@ -23,7 +23,7 @@ describe('Endpoint Exceptions API validations', () => { // API TESTS FOR THIS ARTIFACT TYPE SHOULD BE COVERED WITH INTEGRATION TESTS. // ADD THEM HERE: // - // `x-pack/test/security_solution_api_integration/test_suites/edr_workflows` + // `x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows` // // ----------------------------------------------------------------------------- }); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/trusted_app_validator.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/trusted_app_validator.test.ts index 6038d6435fc92..d4998332afad5 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/trusted_app_validator.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lists_integration/endpoint/validators/trusted_app_validator.test.ts @@ -23,7 +23,7 @@ describe('Endpoint Exceptions API validations', () => { // API TESTS FOR THIS ARTIFACT TYPE SHOULD BE COVERED WITH INTEGRATION TESTS. // ADD THEM HERE: // - // `x-pack/test/security_solution_api_integration/test_suites/edr_workflows` + // `x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows` // // ----------------------------------------------------------------------------- }); diff --git a/x-pack/solutions/security/plugins/security_solution_serverless/server/task_manager/nlp_cleanup_task/nlp_cleanup_task.ts b/x-pack/solutions/security/plugins/security_solution_serverless/server/task_manager/nlp_cleanup_task/nlp_cleanup_task.ts index 17c058a0b9677..3914cd73919aa 100644 --- a/x-pack/solutions/security/plugins/security_solution_serverless/server/task_manager/nlp_cleanup_task/nlp_cleanup_task.ts +++ b/x-pack/solutions/security/plugins/security_solution_serverless/server/task_manager/nlp_cleanup_task/nlp_cleanup_task.ts @@ -53,7 +53,7 @@ export interface NLPCleanupTaskStartContract { * Task Details: after discussion with ResponseOps, it is preferred for the task to always be registered regardless of * the productTier, and to only schedule it if the productTier is `complete` or `searchAiLake`. * - * See `x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task` for API integration tests. + * See `x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task` for API integration tests. */ export class NLPCleanupTask { private logger: Logger; diff --git a/x-pack/solutions/security/test/api_integration/services/es_supertest_without_auth.js b/x-pack/solutions/security/test/api_integration/services/es_supertest_without_auth.js new file mode 100644 index 0000000000000..71ec058be46ab --- /dev/null +++ b/x-pack/solutions/security/test/api_integration/services/es_supertest_without_auth.js @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { format as formatUrl } from 'url'; + +import supertest from 'supertest'; + +/** + * Supertest provider that doesn't include user credentials into base URL that is passed + * to the supertest. + */ +export function EsSupertestWithoutAuthProvider({ getService }) { + const config = getService('config'); + const elasticsearchServerConfig = config.get('servers.elasticsearch'); + + return supertest( + formatUrl({ + ...elasticsearchServerConfig, + auth: false, + }) + ); +} diff --git a/x-pack/solutions/security/test/api_integration/services/index.ts b/x-pack/solutions/security/test/api_integration/services/index.ts index 6b5e6f8a2dbf2..82ea8315c32f6 100644 --- a/x-pack/solutions/security/test/api_integration/services/index.ts +++ b/x-pack/solutions/security/test/api_integration/services/index.ts @@ -6,7 +6,14 @@ */ import { services as platformServices } from '@kbn/test-suites-xpack-platform/api_integration/services'; +// @ts-ignore not ts yet +import { EsSupertestWithoutAuthProvider } from './es_supertest_without_auth'; +import { SecuritySolutionApiProvider } from './security_solution_api.gen'; +import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from './security_solution_exceptions_api.gen'; export const services = { ...platformServices, + esSupertestWithoutAuth: EsSupertestWithoutAuthProvider, + securitySolutionApi: SecuritySolutionApiProvider, + securitySolutionExceptionsApi: SecuritySolutionExceptionsApiProvider, }; diff --git a/x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts b/x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts new file mode 100644 index 0000000000000..b26d1f0c25a63 --- /dev/null +++ b/x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts @@ -0,0 +1,2451 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; +import { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; +import { CleanDraftTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; +import { ConfigureRiskEngineSavedObjectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; +import { CopyTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/copy_timeline/copy_timeline_route.gen'; +import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; +import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; +import { CreateDashboardMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { + CreateDashboardMigrationDashboardsRequestParamsInput, + CreateDashboardMigrationDashboardsRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { CreatePrivilegesImportIndexRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/create_index.gen'; +import { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/create.gen'; +import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; +import { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + CreateRuleMigrationRulesRequestParamsInput, + CreateRuleMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen'; +import { + CreateUpdateProtectionUpdatesNoteRequestParamsInput, + CreateUpdateProtectionUpdatesNoteRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; +import { + DeleteEntityEngineRequestQueryInput, + DeleteEntityEngineRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; +import { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; +import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; +import { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/delete.gen'; +import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; +import { DeleteRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; +import { DeprecatedTriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { EndpointExecuteActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/execute/execute.gen'; +import { EndpointFileDownloadRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_download/file_download.gen'; +import { EndpointFileInfoRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_info/file_info.gen'; +import { EndpointGetActionsDetailsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/details/details.gen'; +import { EndpointGetActionsListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/list/list.gen'; +import { EndpointGetActionsStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/status/status.gen'; +import { EndpointGetFileActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; +import { EndpointGetProcessesActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; +import { EndpointIsolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; +import { EndpointKillProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; +import { EndpointScanActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/scan/scan.gen'; +import { EndpointSuspendProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; +import { EndpointUnisolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; +import { + ExportRulesRequestQueryInput, + ExportRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; +import { + ExportTimelinesRequestQueryInput, + ExportTimelinesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/timeline/export_timelines/export_timelines_route.gen'; +import { FinalizeAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; +import { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; +import { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; +import { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; +import { GetDashboardMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { GetDashboardMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; +import { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; +import { + GetEndpointSuggestionsRequestParamsInput, + GetEndpointSuggestionsRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; +import { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; +import { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; +import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; +import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; +import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { + GetRuleExecutionEventsRequestQueryInput, + GetRuleExecutionEventsRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; +import { + GetRuleExecutionResultsRequestQueryInput, + GetRuleExecutionResultsRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; +import { GetRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationPrebuiltRulesRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationResourcesRequestQueryInput, + GetRuleMigrationResourcesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationRulesRequestQueryInput, + GetRuleMigrationRulesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationTranslationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timeline/get_timeline_route.gen'; +import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timelines/get_timelines_route.gen'; +import { GetWorkflowInsightsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; +import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen'; +import { + InitEntityEngineRequestParamsInput, + InitEntityEngineRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/init.gen'; +import { InitEntityStoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/enable.gen'; +import { + InstallMigrationRulesRequestParamsInput, + InstallMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; +import { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; +import { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; +import { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; +import { + PerformRulesBulkActionRequestQueryInput, + PerformRulesBulkActionRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; +import { PersistFavoriteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_favorite/persist_favorite_route.gen'; +import { PersistNoteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_note/persist_note_route.gen'; +import { PersistPinnedEventRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/pinned_events/pinned_events_route.gen'; +import { PreviewRiskScoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/preview_route.gen'; +import { ReadAlertsMigrationStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; +import { ReadRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; +import { ResolveTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; +import { + RulePreviewRequestQueryInput, + RulePreviewRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_preview/rule_preview.gen'; +import { RunScriptActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; +import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; +import { SearchPrivilegesIndicesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/search_indices.gen'; +import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; +import { SetAlertsStatusRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; +import { SetAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; +import { StartEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen'; +import { + StartRuleMigrationRequestParamsInput, + StartRuleMigrationRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { StopEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen'; +import { StopRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { SuggestUserProfilesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/users/suggest_user_profiles_route.gen'; +import { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { + UpdateEntitySourceRequestParamsInput, + UpdateEntitySourceRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { + UpdatePrivMonUserRequestParamsInput, + UpdatePrivMonUserRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/update.gen'; +import { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; +import { + UpdateRuleMigrationRequestParamsInput, + UpdateRuleMigrationRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateRuleMigrationIndexPatternRequestParamsInput, + UpdateRuleMigrationIndexPatternRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateRuleMigrationRulesRequestParamsInput, + UpdateRuleMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateWorkflowInsightRequestParamsInput, + UpdateWorkflowInsightRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { + UpsertRuleMigrationResourcesRequestParamsInput, + UpsertRuleMigrationResourcesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * Migrations favor data integrity over shard size. Consequently, unused or orphaned indices are artifacts of +the migration process. A successful migration will result in both the old and new indices being present. +As such, the old, orphaned index can (and likely should) be deleted. + +While you can delete these indices manually, +the endpoint accomplishes this task by applying a deletion policy to the relevant index, causing it to be deleted +after 30 days. It also deletes other artifacts specific to the migration implementation. + + */ + alertsMigrationCleanup(props: AlertsMigrationCleanupProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + applyEntityEngineDataviewIndices(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_store/engines/apply_dataview_indices', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + assetCriticalityGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/asset_criticality/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Ensures that the packages needed for prebuilt detection rules to work are installed and up to date + */ + bootstrapPrebuiltRules(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace('/internal/detection_engine/prebuilt_rules/_bootstrap', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Bulk upsert up to 1000 asset criticality records. + +If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created. + + */ + bulkUpsertAssetCriticalityRecords( + props: BulkUpsertAssetCriticalityRecordsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality/bulk', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a clean draft Timeline or Timeline template for the current user. +> info +> If the user already has a draft Timeline, the existing draft Timeline is cleared and returned. + + */ + cleanDraftTimelines(props: CleanDraftTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Cleaning up the the Risk Engine by removing the indices, mapping and transforms + */ + cleanUpRiskEngine(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/risk_score/engine/dangerously_delete_data', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Configuring the Risk Engine Saved Object + */ + configureRiskEngineSavedObject( + props: ConfigureRiskEngineSavedObjectProps, + kibanaSpace: string = 'default' + ) { + return supertest + .patch(getRouteUrlForSpace('/api/risk_score/engine/saved_object/configure', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Copies and returns a timeline or timeline template. + + */ + copyTimeline(props: CopyTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/_copy', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Initiate a migration of detection alerts. +Migrations are initiated per index. While the process is neither destructive nor interferes with existing data, it may be resource-intensive. As such, it is recommended that you plan your migrations accordingly. + + */ + createAlertsMigration(props: CreateAlertsMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create or update an asset criticality record for a specific entity. + +If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created. + + */ + createAssetCriticalityRecord( + props: CreateAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Creates a new dashboard migration and returns the corresponding migration_id + */ + createDashboardMigration( + props: CreateDashboardMigrationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .put(getRouteUrlForSpace('/internal/siem_migrations/dashboards', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Adds dashboards to an alreayd existing dashboard migration + */ + createDashboardMigrationDashboards( + props: CreateDashboardMigrationDashboardsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/dashboards', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createEntitySource(props: CreateEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createPrivilegesImportIndex( + props: CreatePrivilegesImportIndexProps, + kibanaSpace: string = 'default' + ) { + return supertest + .put( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createPrivMonUser(props: CreatePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a new detection rule. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + +You can create the following types of rules: + +* **Custom query**: Searches the defined indices and creates an alert when a document matches the rule's KQL query. +* **Event correlation**: Searches the defined indices and creates an alert when results match an [Event Query Language (EQL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/eql.html) query. +* **Threshold**: Searches the defined indices and creates an alert when the number of times the specified field's value meets the threshold during a single execution. When there are multiple values that meet the threshold, an alert is generated for each value. + For example, if the threshold `field` is `source.ip` and its `value` is `10`, an alert is generated for every source IP address that appears in at least 10 of the rule's search results. If you're interested, see [Terms Aggregation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket-terms-aggregation.html) for more information. +* **Indicator match**: Creates an alert when fields match values defined in the specified [Elasticsearch index](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html). For example, you can create an index for IP addresses and use this index to create an alert whenever an event's `destination.ip` equals a value in the index. The index's field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/current/ecs-reference.html). +* **New terms**: Generates an alert for each new term detected in source documents within a specified time range. +* **ES|QL**: Uses [Elasticsearch Query Language (ES|QL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/esql.html) to find events and aggregate search results. +* **Machine learning rules**: Creates an alert when a machine learning job discovers an anomaly above the defined threshold. +> info +> To create machine learning rules, you must have the [appropriate license](https://www.elastic.co/subscriptions) or use a [cloud deployment](https://cloud.elastic.co/registration). Additionally, for the machine learning rule to function correctly, the associated machine learning job must be running. + +To retrieve machine learning job IDs, which are required to create machine learning jobs, call the [Elasticsearch Get jobs API](https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-job.html). Machine learning jobs that contain `siem` in the `groups` field can be used to create rules: + +```json +... +"job_id": "linux_anomalous_network_activity_ecs", +"job_type": "anomaly_detector", +"job_version": "7.7.0", +"groups": [ + "auditbeat", + "process", + "siem" +], +... +``` + +Additionally, you can set up notifications for when rules create alerts. The notifications use the [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html). Each action type requires a connector. Connectors store the information required to send notifications via external systems. The following connector types are supported for rule notifications: + +* Slack +* Email +* PagerDuty +* Webhook +* Microsoft Teams +* IBM Resilient +* Jira +* ServiceNow ITSM +> info +> For more information on PagerDuty fields, see [Send a v2 Event](https://developer.pagerduty.com/docs/events-api-v2/trigger-events/). + +To retrieve connector IDs, which are required to configure rule notifications, call the [Find objects API](https://www.elastic.co/guide/en/kibana/current/saved-objects-api-find.html) with `"type": "action"` in the request payload. + +For detailed information on Kibana actions and alerting, and additional API calls, see: + +* [Alerting API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-alerting) +* [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html) +* [Connectors API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-connectors) + + */ + createRule(props: CreateRuleProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Creates a new rule migration and returns the corresponding migration_id + */ + createRuleMigration(props: CreateRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/internal/siem_migrations/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Adds original vendor rules to an already existing migration. Can be called multiple times to add more rules + */ + createRuleMigrationRules( + props: CreateRuleMigrationRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a new Timeline or Timeline template. + */ + createTimelines(props: CreateTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createUpdateProtectionUpdatesNote( + props: CreateUpdateProtectionUpdatesNoteProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/api/endpoint/protection_updates_note/{package_policy_id}', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + deleteAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete the asset criticality record for a specific entity. + */ + deleteAssetCriticalityRecord( + props: DeleteAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .delete(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + deleteEntityEngine(props: DeleteEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + deleteEntitySource(props: DeleteEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + deleteMonitoringEngine(props: DeleteMonitoringEngineProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/delete', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete a note from a Timeline using the note ID. + */ + deleteNote(props: DeleteNoteProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + deletePrivMonUser(props: DeletePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete a detection rule using the `rule_id` or `id` field. + +The URL query must include one of the following: + +* `id` - `DELETE /api/detection_engine/rules?id=` +* `rule_id`- `DELETE /api/detection_engine/rules?rule_id=` + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. + + */ + deleteRule(props: DeleteRuleProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Deletes a rule migration document stored in the system given the rule migration id + */ + deleteRuleMigration(props: DeleteRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete one or more Timelines or Timeline templates. + */ + deleteTimelines(props: DeleteTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Calculates and persists Risk Scores for an entity, returning the calculated risk score. + */ + deprecatedTriggerRiskScoreCalculation( + props: DeprecatedTriggerRiskScoreCalculationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/risk_scores/calculation/entity', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + disableMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/disable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + disableRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/disable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + enableRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/enable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Run a shell command on an endpoint. + */ + endpointExecuteAction(props: EndpointExecuteActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/execute', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Download a file from an endpoint. + */ + endpointFileDownload(props: EndpointFileDownloadProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}/file/{file_id}/download', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get information for the specified file using the file ID. + */ + endpointFileInfo(props: EndpointFileInfoProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}/file/{file_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of a response action using the action ID. + */ + endpointGetActionsDetails( + props: EndpointGetActionsDetailsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get a list of all response actions. + */ + endpointGetActionsList(props: EndpointGetActionsListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a response actions state, which reports whether encryption is enabled. + */ + endpointGetActionsState(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action/state', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the status of response actions for the specified agent IDs. + */ + endpointGetActionsStatus( + props: EndpointGetActionsStatusProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a file from an endpoint. + */ + endpointGetFileAction(props: EndpointGetFileActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/get_file', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Get a list of all processes running on an endpoint. + */ + endpointGetProcessesAction( + props: EndpointGetProcessesActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/running_procs', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Isolate an endpoint from the network. The endpoint remains isolated until it's released. + */ + endpointIsolateAction(props: EndpointIsolateActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/isolate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Terminate a running process on an endpoint. + */ + endpointKillProcessAction( + props: EndpointKillProcessActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/kill_process', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Scan a specific file or directory on an endpoint for malware. + */ + endpointScanAction(props: EndpointScanActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/scan', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Suspend a running process on an endpoint. + */ + endpointSuspendProcessAction( + props: EndpointSuspendProcessActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/suspend_process', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Release an isolated endpoint, allowing it to rejoin a network. + */ + endpointUnisolateAction(props: EndpointUnisolateActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/unisolate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Upload a file to an endpoint. + */ + endpointUploadAction(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/upload', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + entityStoreGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/entity_store/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Export detection rules to an `.ndjson` file. The following configuration items are also included in the `.ndjson` file: +- Actions +- Exception lists +> info +> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. + +> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. + +> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. + + */ + exportRules(props: ExportRulesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Export Timelines as an NDJSON file. + */ + exportTimelines(props: ExportTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Finalize successful migrations of detection alerts. This replaces the original index's alias with the successfully migrated index's alias. +The endpoint is idempotent; therefore, it can safely be used to poll a given migration and, upon completion, +finalize it. + + */ + finalizeAlertsMigration(props: FinalizeAlertsMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/finalize_migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * List asset criticality records, paging, sorting and filtering as needed. + */ + findAssetCriticalityRecords( + props: FindAssetCriticalityRecordsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/asset_criticality/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieve a paginated list of detection rules. By default, the first page is returned, with 20 results per page. + */ + findRules(props: FindRulesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the rule migrations stats for all migrations stored in the system + */ + getAllStatsRuleMigration(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/stats', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the asset criticality record for a specific entity. + */ + getAssetCriticalityRecord( + props: GetAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getAssetCriticalityStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/asset_criticality/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the dashboard migration document stored in the system given the dashboard migration id + */ + getDashboardMigration(props: GetDashboardMigrationProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/dashboards/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the dashboard migrations stats for given migrations stored in the system + */ + getDashboardMigrationStats( + props: GetDashboardMigrationStatsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/stats', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of the draft Timeline or Timeline template for the current user. If the user doesn't have a draft Timeline, an empty Timeline is returned. + */ + getDraftTimelines(props: GetDraftTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getEndpointMetadataList(props: GetEndpointMetadataListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/metadata', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getEndpointSuggestions(props: GetEndpointSuggestionsProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/api/endpoint/suggestions/{suggestion_type}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + getEntityEngine(props: GetEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getEntitySource(props: GetEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getEntityStoreStatus(props: GetEntityStoreStatusProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get all notes for a given document. + */ + getNotes(props: GetNotesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getPolicyResponse(props: GetPolicyResponseProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/policy_response', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getPrivilegedAccessDetectionPackageStatus(kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + '/api/entity_analytics/privileged_user_monitoring/pad/status', + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getProtectionUpdatesNote( + props: GetProtectionUpdatesNoteProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/api/endpoint/protection_updates_note/{package_policy_id}', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Returns the status of both the legacy transform-based risk engine, as well as the new risk engine + */ + getRiskEngineStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_score/engine/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getRuleExecutionEvents(props: GetRuleExecutionEventsProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams( + '/internal/detection_engine/rules/{ruleId}/execution/events', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getRuleExecutionResults(props: GetRuleExecutionResultsProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams( + '/internal/detection_engine/rules/{ruleId}/execution/results', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the rule migration document stored in the system given the rule migration id + */ + getRuleMigration(props: GetRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves all related integrations + */ + getRuleMigrationIntegrations(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the stats of all the integrations for all the rule migrations, including the number of rules associated with the integration + */ + getRuleMigrationIntegrationsStats(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations/stats', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves all available prebuilt rules (installed and installable) + */ + getRuleMigrationPrebuiltRules( + props: GetRuleMigrationPrebuiltRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/prebuilt_rules', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Identifies the privileges required for a SIEM rules migration and returns the missing privileges + */ + getRuleMigrationPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/missing_privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves resources for an existing SIEM rules migration + */ + getRuleMigrationResources( + props: GetRuleMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Identifies missing resources from all the rules of an existing SIEM rules migration + */ + getRuleMigrationResourcesMissing( + props: GetRuleMigrationResourcesMissingProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/resources/missing', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the the list of rules included in a migration given the migration id + */ + getRuleMigrationRules(props: GetRuleMigrationRulesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the stats of a SIEM rules migration using the migration id provided + */ + getRuleMigrationStats(props: GetRuleMigrationStatsProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/stats', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the translation stats of a SIEM rules migration using the migration id provided + */ + getRuleMigrationTranslationStats( + props: GetRuleMigrationTranslationStatsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/translation_stats', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of an existing saved Timeline or Timeline template. + */ + getTimeline(props: GetTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all saved Timelines or Timeline templates. + */ + getTimelines(props: GetTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timelines', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getWorkflowInsights(props: GetWorkflowInsightsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/api/endpoint/workflow_insights', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import detection rules from an `.ndjson` file, including actions and exception lists. The request must include: +- The `Content-Type: multipart/form-data` HTTP header. +- A link to the `.ndjson` file containing the rules. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. +> info +> To import rules with actions, you need at least Read privileges for the Action and Connectors feature. To overwrite or add new connectors, you need All privileges for the Actions and Connectors feature. To import rules without actions, you don’t need Actions and Connectors privileges. Refer to [Enable and access detections](https://www.elastic.co/guide/en/security/current/detections-permissions-section.html#enable-detections-ui) for more information. + +> info +> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. + +> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. + +> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. + + */ + importRules(props: ImportRulesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import Timelines. + */ + importTimelines(props: ImportTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initEntityEngine(props: InitEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/init', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initEntityStore(props: InitEntityStoreProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_store/enable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/init', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Initializes the Risk Engine by creating the necessary indices and mappings, removing old transforms, and starting the new risk engine + */ + initRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/init', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Installs migration rules + */ + installMigrationRules(props: InstallMigrationRulesProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/install', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Install and update all Elastic prebuilt detection rules and Timelines. + +This endpoint allows you to install and update prebuilt detection rules and Timelines provided by Elastic. +When you call this endpoint, it will: +- Install any new prebuilt detection rules that are not currently installed in your system. +- Update any existing prebuilt detection rules that have been modified or improved by Elastic. +- Install any new prebuilt Timelines that are not currently installed in your system. +- Update any existing prebuilt Timelines that have been modified or improved by Elastic. + +This ensures that your detection engine is always up-to-date with the latest rules and Timelines, +providing you with the most current and effective threat detection capabilities. + + */ + installPrebuiltRulesAndTimelines(kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Install or update prepackaged Timelines. + */ + installPrepackedTimelines( + props: InstallPrepackedTimelinesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_prepackaged', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + installPrivilegedAccessDetectionPackage(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + '/api/entity_analytics/privileged_user_monitoring/pad/install', + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + internalUploadAssetCriticalityRecords(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/asset_criticality/upload_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * List entities records, paging, sorting and filtering as needed. + */ + listEntities(props: ListEntitiesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/entities/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + listEntityEngines(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/engines', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + listEntitySources(props: ListEntitySourcesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source/list', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + listPrivMonUsers(props: ListPrivMonUsersProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update specific fields of an existing detection rule using the `rule_id` or `id` field. + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + patchRule(props: PatchRuleProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update an existing Timeline. You can update the title, description, date range, pinned events, pinned queries, and/or pinned saved queries of an existing Timeline. + */ + patchTimeline(props: PatchTimelineProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Apply a bulk action, such as bulk edit, duplicate, or delete, to multiple detection rules. The bulk action is applied to all rules that match the query or to the rules listed by their IDs. + +The edit action allows you to add, delete, or set tags, index patterns, investigation fields, rule actions and schedules for multiple rules at once. +The edit action is idempotent, meaning that if you add a tag to a rule that already has that tag, no changes are made. The same is true for other edit actions, for example removing an index pattern that is not specified in a rule will not result in any changes. The only exception is the `add_rule_actions` and `set_rule_actions` action, which is non-idempotent. This means that if you add or set a rule action to a rule that already has that action, a new action is created with a new unique ID. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + performRulesBulkAction(props: PerformRulesBulkActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_bulk_action', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Favorite a Timeline or Timeline template for the current user. + */ + persistFavoriteRoute(props: PersistFavoriteRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/timeline/_favorite', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Add a note to a Timeline or update an existing note. + */ + persistNoteRoute(props: PersistNoteRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Pin/unpin an event to/from an existing Timeline. + */ + persistPinnedEventRoute(props: PersistPinnedEventRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/pinned_event', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Calculates and returns a list of Risk Scores, sorted by identifier_type and risk score. + */ + previewRiskScore(props: PreviewRiskScoreProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/preview', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + privmonBulkUploadUsersCsv(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + privMonHealth(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/health', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Check if the current user has all required permissions for Privilege Monitoring + */ + privMonPrivileges(kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/privileges', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieve indices that contain detection alerts of a particular age, along with migration information for each of those indices. + */ + readAlertsMigrationStatus( + props: ReadAlertsMigrationStatusProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/signals/migration_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieve the status of all Elastic prebuilt detection rules and Timelines. + +This endpoint provides detailed information about the number of custom rules, installed prebuilt rules, available prebuilt rules that are not installed, outdated prebuilt rules, installed prebuilt timelines, available prebuilt timelines that are not installed, and outdated prebuilt timelines. + + */ + readPrebuiltRulesAndTimelinesStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged/_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves whether or not the user is authenticated, and the user's Kibana +space and index privileges, which determine if the user can create an +index for the Elastic Security alerts generated by +detection engine rules. + + */ + readPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readRiskEngineSettings(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_score/engine/settings', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieve a detection rule using the `rule_id` or `id` field. + +The URL query must include one of the following: + +* `id` - `GET /api/detection_engine/rules?id=` +* `rule_id` - `GET /api/detection_engine/rules?rule_id=` + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. + + */ + readRule(props: ReadRuleProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * List all unique tags from all detection rules. + */ + readTags(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/tags', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + resolveTimeline(props: ResolveTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/resolve', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + riskEngineGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_engine/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + rulePreview(props: RulePreviewProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/preview', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + runEntityAnalyticsMigrations(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/entity_analytics/migrations/run', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Run a shell command on an endpoint. + */ + runScriptAction(props: RunScriptActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/runscript', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. + */ + scheduleRiskEngineNow(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/risk_score/engine/schedule_now', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Find and/or aggregate detection alerts that match the given query. + */ + searchAlerts(props: SearchAlertsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/search', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + searchPrivilegesIndices(props: SearchPrivilegesIndicesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Assign users to detection alerts, and unassign them from alerts. +> info +> You cannot add and remove the same assignee in the same request. + + */ + setAlertAssignees(props: SetAlertAssigneesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/assignees', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Set the status of one or more detection alerts. + */ + setAlertsStatus(props: SetAlertsStatusProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * And tags to detection alerts, and remove them from alerts. +> info +> You cannot add and remove the same alert tag in the same request. + + */ + setAlertTags(props: SetAlertTagsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/tags', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + startEntityEngine(props: StartEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/start', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Starts a SIEM rules migration using the migration id provided + */ + startRuleMigration(props: StartRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/start', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + stopEntityEngine(props: StopEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/stop', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Stops a running SIEM rules migration using the migration id provided + */ + stopRuleMigration(props: StopRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/stop', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Suggests user profiles. + */ + suggestUserProfiles(props: SuggestUserProfilesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/detection_engine/users/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Calculates and persists Risk Scores for an entity, returning the calculated risk score. + */ + triggerRiskScoreCalculation( + props: TriggerRiskScoreCalculationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/calculation/entity', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updateEntitySource(props: UpdateEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updatePrivMonUser(props: UpdatePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update a detection rule using the `rule_id` or `id` field. The original rule is replaced, and all unspecified fields are deleted. + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + updateRule(props: UpdateRuleProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates rules migrations data + */ + updateRuleMigration(props: UpdateRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .patch( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates the index pattern for eligible and/or selected rules of a migration + */ + updateRuleMigrationIndexPattern( + props: UpdateRuleMigrationIndexPatternProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/update_index_pattern', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates rules migrations attributes + */ + updateRuleMigrationRules( + props: UpdateRuleMigrationRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .patch( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updateWorkflowInsight(props: UpdateWorkflowInsightProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/internal/api/endpoint/workflow_insights/{insightId}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + uploadAssetCriticalityRecords(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality/upload_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Creates or updates resources for an existing SIEM rules migration + */ + upsertRuleMigrationResources( + props: UpsertRuleMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface AlertsMigrationCleanupProps { + body: AlertsMigrationCleanupRequestBodyInput; +} +export interface BulkUpsertAssetCriticalityRecordsProps { + body: BulkUpsertAssetCriticalityRecordsRequestBodyInput; +} +export interface CleanDraftTimelinesProps { + body: CleanDraftTimelinesRequestBodyInput; +} +export interface ConfigureRiskEngineSavedObjectProps { + body: ConfigureRiskEngineSavedObjectRequestBodyInput; +} +export interface CopyTimelineProps { + body: CopyTimelineRequestBodyInput; +} +export interface CreateAlertsMigrationProps { + body: CreateAlertsMigrationRequestBodyInput; +} +export interface CreateAssetCriticalityRecordProps { + body: CreateAssetCriticalityRecordRequestBodyInput; +} +export interface CreateDashboardMigrationProps { + body: CreateDashboardMigrationRequestBodyInput; +} +export interface CreateDashboardMigrationDashboardsProps { + params: CreateDashboardMigrationDashboardsRequestParamsInput; + body: CreateDashboardMigrationDashboardsRequestBodyInput; +} +export interface CreateEntitySourceProps { + body: CreateEntitySourceRequestBodyInput; +} +export interface CreatePrivilegesImportIndexProps { + body: CreatePrivilegesImportIndexRequestBodyInput; +} +export interface CreatePrivMonUserProps { + body: CreatePrivMonUserRequestBodyInput; +} +export interface CreateRuleProps { + body: CreateRuleRequestBodyInput; +} +export interface CreateRuleMigrationProps { + body: CreateRuleMigrationRequestBodyInput; +} +export interface CreateRuleMigrationRulesProps { + params: CreateRuleMigrationRulesRequestParamsInput; + body: CreateRuleMigrationRulesRequestBodyInput; +} +export interface CreateTimelinesProps { + body: CreateTimelinesRequestBodyInput; +} +export interface CreateUpdateProtectionUpdatesNoteProps { + params: CreateUpdateProtectionUpdatesNoteRequestParamsInput; + body: CreateUpdateProtectionUpdatesNoteRequestBodyInput; +} +export interface DeleteAssetCriticalityRecordProps { + query: DeleteAssetCriticalityRecordRequestQueryInput; +} +export interface DeleteEntityEngineProps { + query: DeleteEntityEngineRequestQueryInput; + params: DeleteEntityEngineRequestParamsInput; +} +export interface DeleteEntitySourceProps { + params: DeleteEntitySourceRequestParamsInput; +} +export interface DeleteMonitoringEngineProps { + query: DeleteMonitoringEngineRequestQueryInput; +} +export interface DeleteNoteProps { + body: DeleteNoteRequestBodyInput; +} +export interface DeletePrivMonUserProps { + params: DeletePrivMonUserRequestParamsInput; +} +export interface DeleteRuleProps { + query: DeleteRuleRequestQueryInput; +} +export interface DeleteRuleMigrationProps { + params: DeleteRuleMigrationRequestParamsInput; +} +export interface DeleteTimelinesProps { + body: DeleteTimelinesRequestBodyInput; +} +export interface DeprecatedTriggerRiskScoreCalculationProps { + body: DeprecatedTriggerRiskScoreCalculationRequestBodyInput; +} +export interface EndpointExecuteActionProps { + body: EndpointExecuteActionRequestBodyInput; +} +export interface EndpointFileDownloadProps { + params: EndpointFileDownloadRequestParamsInput; +} +export interface EndpointFileInfoProps { + params: EndpointFileInfoRequestParamsInput; +} +export interface EndpointGetActionsDetailsProps { + params: EndpointGetActionsDetailsRequestParamsInput; +} +export interface EndpointGetActionsListProps { + query: EndpointGetActionsListRequestQueryInput; +} +export interface EndpointGetActionsStatusProps { + query: EndpointGetActionsStatusRequestQueryInput; +} +export interface EndpointGetFileActionProps { + body: EndpointGetFileActionRequestBodyInput; +} +export interface EndpointGetProcessesActionProps { + body: EndpointGetProcessesActionRequestBodyInput; +} +export interface EndpointIsolateActionProps { + body: EndpointIsolateActionRequestBodyInput; +} +export interface EndpointKillProcessActionProps { + body: EndpointKillProcessActionRequestBodyInput; +} +export interface EndpointScanActionProps { + body: EndpointScanActionRequestBodyInput; +} +export interface EndpointSuspendProcessActionProps { + body: EndpointSuspendProcessActionRequestBodyInput; +} +export interface EndpointUnisolateActionProps { + body: EndpointUnisolateActionRequestBodyInput; +} +export interface ExportRulesProps { + query: ExportRulesRequestQueryInput; + body: ExportRulesRequestBodyInput; +} +export interface ExportTimelinesProps { + query: ExportTimelinesRequestQueryInput; + body: ExportTimelinesRequestBodyInput; +} +export interface FinalizeAlertsMigrationProps { + body: FinalizeAlertsMigrationRequestBodyInput; +} +export interface FindAssetCriticalityRecordsProps { + query: FindAssetCriticalityRecordsRequestQueryInput; +} +export interface FindRulesProps { + query: FindRulesRequestQueryInput; +} +export interface GetAssetCriticalityRecordProps { + query: GetAssetCriticalityRecordRequestQueryInput; +} +export interface GetDashboardMigrationProps { + params: GetDashboardMigrationRequestParamsInput; +} +export interface GetDashboardMigrationStatsProps { + params: GetDashboardMigrationStatsRequestParamsInput; +} +export interface GetDraftTimelinesProps { + query: GetDraftTimelinesRequestQueryInput; +} +export interface GetEndpointMetadataListProps { + query: GetEndpointMetadataListRequestQueryInput; +} +export interface GetEndpointSuggestionsProps { + params: GetEndpointSuggestionsRequestParamsInput; + body: GetEndpointSuggestionsRequestBodyInput; +} +export interface GetEntityEngineProps { + params: GetEntityEngineRequestParamsInput; +} +export interface GetEntitySourceProps { + params: GetEntitySourceRequestParamsInput; +} +export interface GetEntityStoreStatusProps { + query: GetEntityStoreStatusRequestQueryInput; +} +export interface GetNotesProps { + query: GetNotesRequestQueryInput; +} +export interface GetPolicyResponseProps { + query: GetPolicyResponseRequestQueryInput; +} +export interface GetProtectionUpdatesNoteProps { + params: GetProtectionUpdatesNoteRequestParamsInput; +} +export interface GetRuleExecutionEventsProps { + query: GetRuleExecutionEventsRequestQueryInput; + params: GetRuleExecutionEventsRequestParamsInput; +} +export interface GetRuleExecutionResultsProps { + query: GetRuleExecutionResultsRequestQueryInput; + params: GetRuleExecutionResultsRequestParamsInput; +} +export interface GetRuleMigrationProps { + params: GetRuleMigrationRequestParamsInput; +} +export interface GetRuleMigrationPrebuiltRulesProps { + params: GetRuleMigrationPrebuiltRulesRequestParamsInput; +} +export interface GetRuleMigrationResourcesProps { + query: GetRuleMigrationResourcesRequestQueryInput; + params: GetRuleMigrationResourcesRequestParamsInput; +} +export interface GetRuleMigrationResourcesMissingProps { + params: GetRuleMigrationResourcesMissingRequestParamsInput; +} +export interface GetRuleMigrationRulesProps { + query: GetRuleMigrationRulesRequestQueryInput; + params: GetRuleMigrationRulesRequestParamsInput; +} +export interface GetRuleMigrationStatsProps { + params: GetRuleMigrationStatsRequestParamsInput; +} +export interface GetRuleMigrationTranslationStatsProps { + params: GetRuleMigrationTranslationStatsRequestParamsInput; +} +export interface GetTimelineProps { + query: GetTimelineRequestQueryInput; +} +export interface GetTimelinesProps { + query: GetTimelinesRequestQueryInput; +} +export interface GetWorkflowInsightsProps { + query: GetWorkflowInsightsRequestQueryInput; +} +export interface ImportRulesProps { + query: ImportRulesRequestQueryInput; +} +export interface ImportTimelinesProps { + body: ImportTimelinesRequestBodyInput; +} +export interface InitEntityEngineProps { + params: InitEntityEngineRequestParamsInput; + body: InitEntityEngineRequestBodyInput; +} +export interface InitEntityStoreProps { + body: InitEntityStoreRequestBodyInput; +} +export interface InstallMigrationRulesProps { + params: InstallMigrationRulesRequestParamsInput; + body: InstallMigrationRulesRequestBodyInput; +} +export interface InstallPrepackedTimelinesProps { + body: InstallPrepackedTimelinesRequestBodyInput; +} +export interface ListEntitiesProps { + query: ListEntitiesRequestQueryInput; +} +export interface ListEntitySourcesProps { + query: ListEntitySourcesRequestQueryInput; +} +export interface ListPrivMonUsersProps { + query: ListPrivMonUsersRequestQueryInput; +} +export interface PatchRuleProps { + body: PatchRuleRequestBodyInput; +} +export interface PatchTimelineProps { + body: PatchTimelineRequestBodyInput; +} +export interface PerformRulesBulkActionProps { + query: PerformRulesBulkActionRequestQueryInput; + body: PerformRulesBulkActionRequestBodyInput; +} +export interface PersistFavoriteRouteProps { + body: PersistFavoriteRouteRequestBodyInput; +} +export interface PersistNoteRouteProps { + body: PersistNoteRouteRequestBodyInput; +} +export interface PersistPinnedEventRouteProps { + body: PersistPinnedEventRouteRequestBodyInput; +} +export interface PreviewRiskScoreProps { + body: PreviewRiskScoreRequestBodyInput; +} +export interface ReadAlertsMigrationStatusProps { + query: ReadAlertsMigrationStatusRequestQueryInput; +} +export interface ReadRuleProps { + query: ReadRuleRequestQueryInput; +} +export interface ResolveTimelineProps { + query: ResolveTimelineRequestQueryInput; +} +export interface RulePreviewProps { + query: RulePreviewRequestQueryInput; + body: RulePreviewRequestBodyInput; +} +export interface RunScriptActionProps { + body: RunScriptActionRequestBodyInput; +} +export interface SearchAlertsProps { + body: SearchAlertsRequestBodyInput; +} +export interface SearchPrivilegesIndicesProps { + query: SearchPrivilegesIndicesRequestQueryInput; +} +export interface SetAlertAssigneesProps { + body: SetAlertAssigneesRequestBodyInput; +} +export interface SetAlertsStatusProps { + body: SetAlertsStatusRequestBodyInput; +} +export interface SetAlertTagsProps { + body: SetAlertTagsRequestBodyInput; +} +export interface StartEntityEngineProps { + params: StartEntityEngineRequestParamsInput; +} +export interface StartRuleMigrationProps { + params: StartRuleMigrationRequestParamsInput; + body: StartRuleMigrationRequestBodyInput; +} +export interface StopEntityEngineProps { + params: StopEntityEngineRequestParamsInput; +} +export interface StopRuleMigrationProps { + params: StopRuleMigrationRequestParamsInput; +} +export interface SuggestUserProfilesProps { + query: SuggestUserProfilesRequestQueryInput; +} +export interface TriggerRiskScoreCalculationProps { + body: TriggerRiskScoreCalculationRequestBodyInput; +} +export interface UpdateEntitySourceProps { + params: UpdateEntitySourceRequestParamsInput; + body: UpdateEntitySourceRequestBodyInput; +} +export interface UpdatePrivMonUserProps { + params: UpdatePrivMonUserRequestParamsInput; + body: UpdatePrivMonUserRequestBodyInput; +} +export interface UpdateRuleProps { + body: UpdateRuleRequestBodyInput; +} +export interface UpdateRuleMigrationProps { + params: UpdateRuleMigrationRequestParamsInput; + body: UpdateRuleMigrationRequestBodyInput; +} +export interface UpdateRuleMigrationIndexPatternProps { + params: UpdateRuleMigrationIndexPatternRequestParamsInput; + body: UpdateRuleMigrationIndexPatternRequestBodyInput; +} +export interface UpdateRuleMigrationRulesProps { + params: UpdateRuleMigrationRulesRequestParamsInput; + body: UpdateRuleMigrationRulesRequestBodyInput; +} +export interface UpdateWorkflowInsightProps { + params: UpdateWorkflowInsightRequestParamsInput; + body: UpdateWorkflowInsightRequestBodyInput; +} +export interface UpsertRuleMigrationResourcesProps { + params: UpsertRuleMigrationResourcesRequestParamsInput; + body: UpsertRuleMigrationResourcesRequestBodyInput; +} diff --git a/x-pack/solutions/security/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts b/x-pack/solutions/security/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts new file mode 100644 index 0000000000000..a72af9e4c0bb6 --- /dev/null +++ b/x-pack/solutions/security/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts @@ -0,0 +1,116 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Endpoint Exceptions API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { CreateEndpointListItemRequestBodyInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.gen'; +import { DeleteEndpointListItemRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.gen'; +import { FindEndpointListItemsRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.gen'; +import { ReadEndpointListItemRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.gen'; +import { UpdateEndpointListItemRequestBodyInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. + */ + createEndpointList(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint_list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. + */ + createEndpointListItem(props: CreateEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. + */ + deleteEndpointListItem(props: DeleteEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all Elastic Endpoint exception list items. + */ + findEndpointListItems(props: FindEndpointListItemsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint_list/items/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. + */ + readEndpointListItem(props: ReadEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. + */ + updateEndpointListItem(props: UpdateEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface CreateEndpointListItemProps { + body: CreateEndpointListItemRequestBodyInput; +} +export interface DeleteEndpointListItemProps { + query: DeleteEndpointListItemRequestQueryInput; +} +export interface FindEndpointListItemsProps { + query: FindEndpointListItemsRequestQueryInput; +} +export interface ReadEndpointListItemProps { + query: ReadEndpointListItemRequestQueryInput; +} +export interface UpdateEndpointListItemProps { + body: UpdateEndpointListItemRequestBodyInput; +} diff --git a/x-pack/solutions/security/test/api_integration/services/security_solution_exceptions_api.gen.ts b/x-pack/solutions/security/test/api_integration/services/security_solution_exceptions_api.gen.ts new file mode 100644 index 0000000000000..b195f6731c643 --- /dev/null +++ b/x-pack/solutions/security/test/api_integration/services/security_solution_exceptions_api.gen.ts @@ -0,0 +1,299 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Exceptions API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { CreateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list/create_exception_list.gen'; +import { CreateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list_item/create_exception_list_item.gen'; +import { + CreateRuleExceptionListItemsRequestParamsInput, + CreateRuleExceptionListItemsRequestBodyInput, +} from '@kbn/securitysolution-exceptions-common/api/create_rule_exceptions/create_rule_exceptions.gen'; +import { CreateSharedExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_shared_exceptions_list/create_shared_exceptions_list.gen'; +import { DeleteExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list/delete_exception_list.gen'; +import { DeleteExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list_item/delete_exception_list_item.gen'; +import { DuplicateExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/duplicate_exception_list/duplicate_exception_list.gen'; +import { ExportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/export_exception_list/export_exception_list.gen'; +import { FindExceptionListItemsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_list_items/find_exception_list_items.gen'; +import { FindExceptionListsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_lists/find_exception_lists.gen'; +import { ImportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/import_exceptions/import_exceptions.gen'; +import { ReadExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list/read_exception_list.gen'; +import { ReadExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_item/read_exception_list_item.gen'; +import { ReadExceptionListSummaryRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_summary/read_exception_list_summary.gen'; +import { UpdateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list/update_exception_list.gen'; +import { UpdateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list_item/update_exception_list_item.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * An exception list groups exception items and can be associated with detection rules. You can assign exception lists to multiple detection rules. +> info +> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. + + */ + createExceptionList(props: CreateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create an exception item and associate it with the specified exception list. +> info +> Before creating exception items, you must create an exception list. + + */ + createExceptionListItem(props: CreateExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create exception items that apply to a single detection rule. + */ + createRuleExceptionListItems( + props: CreateRuleExceptionListItemsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/detection_engine/rules/{id}/exceptions', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * An exception list groups exception items and can be associated with detection rules. A shared exception list can apply to multiple detection rules. +> info +> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. + + */ + createSharedExceptionList( + props: CreateSharedExceptionListProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/exceptions/shared', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete an exception list using the `id` or `list_id` field. + */ + deleteExceptionList(props: DeleteExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete an exception list item using the `id` or `item_id` field. + */ + deleteExceptionListItem(props: DeleteExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Duplicate an existing exception list. + */ + duplicateExceptionList(props: DuplicateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_duplicate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Export an exception list and its associated items to an NDJSON file. + */ + exportExceptionList(props: ExportExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all exception list items in the specified list. + */ + findExceptionListItems(props: FindExceptionListItemsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/items/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all exception list containers. + */ + findExceptionLists(props: FindExceptionListsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import an exception list and its associated items from an NDJSON file. + */ + importExceptionList(props: ImportExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an exception list using the `id` or `list_id` field. + */ + readExceptionList(props: ReadExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an exception list item using the `id` or `item_id` field. + */ + readExceptionListItem(props: ReadExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a summary of the specified exception list. + */ + readExceptionListSummary( + props: ReadExceptionListSummaryProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/summary', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update an exception list using the `id` or `list_id` field. + */ + updateExceptionList(props: UpdateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update an exception list item using the `id` or `item_id` field. + */ + updateExceptionListItem(props: UpdateExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface CreateExceptionListProps { + body: CreateExceptionListRequestBodyInput; +} +export interface CreateExceptionListItemProps { + body: CreateExceptionListItemRequestBodyInput; +} +export interface CreateRuleExceptionListItemsProps { + params: CreateRuleExceptionListItemsRequestParamsInput; + body: CreateRuleExceptionListItemsRequestBodyInput; +} +export interface CreateSharedExceptionListProps { + body: CreateSharedExceptionListRequestBodyInput; +} +export interface DeleteExceptionListProps { + query: DeleteExceptionListRequestQueryInput; +} +export interface DeleteExceptionListItemProps { + query: DeleteExceptionListItemRequestQueryInput; +} +export interface DuplicateExceptionListProps { + query: DuplicateExceptionListRequestQueryInput; +} +export interface ExportExceptionListProps { + query: ExportExceptionListRequestQueryInput; +} +export interface FindExceptionListItemsProps { + query: FindExceptionListItemsRequestQueryInput; +} +export interface FindExceptionListsProps { + query: FindExceptionListsRequestQueryInput; +} +export interface ImportExceptionListProps { + query: ImportExceptionListRequestQueryInput; +} +export interface ReadExceptionListProps { + query: ReadExceptionListRequestQueryInput; +} +export interface ReadExceptionListItemProps { + query: ReadExceptionListItemRequestQueryInput; +} +export interface ReadExceptionListSummaryProps { + query: ReadExceptionListSummaryRequestQueryInput; +} +export interface UpdateExceptionListProps { + body: UpdateExceptionListRequestBodyInput; +} +export interface UpdateExceptionListItemProps { + body: UpdateExceptionListItemRequestBodyInput; +} diff --git a/x-pack/solutions/security/test/api_integration/services/security_solution_lists_api.gen.ts b/x-pack/solutions/security/test/api_integration/services/security_solution_lists_api.gen.ts new file mode 100644 index 0000000000000..64de6940d77eb --- /dev/null +++ b/x-pack/solutions/security/test/api_integration/services/security_solution_lists_api.gen.ts @@ -0,0 +1,295 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Lists API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { CreateListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/create_list/create_list.gen'; +import { CreateListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/create_list_item/create_list_item.gen'; +import { DeleteListRequestQueryInput } from '@kbn/securitysolution-lists-common/api/delete_list/delete_list.gen'; +import { DeleteListItemRequestQueryInput } from '@kbn/securitysolution-lists-common/api/delete_list_item/delete_list_item.gen'; +import { ExportListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/export_list_items/export_list_items.gen'; +import { FindListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/find_list_items/find_list_items.gen'; +import { FindListsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/find_lists/find_lists.gen'; +import { ImportListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/import_list_items/import_list_items.gen'; +import { PatchListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/patch_list/patch_list.gen'; +import { PatchListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/patch_list_item/patch_list_item.gen'; +import { ReadListRequestQueryInput } from '@kbn/securitysolution-lists-common/api/read_list/read_list.gen'; +import { ReadListItemRequestQueryInput } from '@kbn/securitysolution-lists-common/api/read_list_item/read_list_item.gen'; +import { UpdateListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/update_list/update_list.gen'; +import { UpdateListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/update_list_item/update_list_item.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * Create a new value list. + */ + createList(props: CreateListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create `.lists` and `.items` data streams in the relevant space. + */ + createListIndex(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Create a value list item and associate it with the specified value list. + +All value list items in the same list must be the same type. For example, each list item in an `ip` list must define a specific IP address. +> info +> Before creating a list item, you must create a list. + + */ + createListItem(props: CreateListItemProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete a value list using the list ID. +> info +> When you delete a list, all of its list items are also deleted. + + */ + deleteList(props: DeleteListProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete the `.lists` and `.items` data streams. + */ + deleteListIndex(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete a value list item using its `id`, or its `list_id` and `value` fields. + */ + deleteListItem(props: DeleteListItemProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Export list item values from the specified value list. + */ + exportListItems(props: ExportListItemsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/items/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get all value list items in the specified list. + */ + findListItems(props: FindListItemsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/items/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a paginated subset of value lists. By default, the first page is returned, with 20 results per page. + */ + findLists(props: FindListsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import value list items from a TXT or CSV file. The maximum file size is 9 million bytes. + +You can import items to a new or existing list. + + */ + importListItems(props: ImportListItemsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/items/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update specific fields of an existing list using the list `id`. + */ + patchList(props: PatchListProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update specific fields of an existing value list item using the item `id`. + */ + patchListItem(props: PatchListItemProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Get the details of a value list using the list ID. + */ + readList(props: ReadListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Verify that `.lists` and `.items` data streams exist. + */ + readListIndex(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of a value list item. + */ + readListItem(props: ReadListItemProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + readListPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Update a value list using the list `id`. The original list is replaced, and all unspecified fields are deleted. +> info +> You cannot modify the `id` value. + + */ + updateList(props: UpdateListProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update a value list item using the list item ID. The original list item is replaced, and all unspecified fields are deleted. +> info +> You cannot modify the `id` value. + + */ + updateListItem(props: UpdateListItemProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface CreateListProps { + body: CreateListRequestBodyInput; +} +export interface CreateListItemProps { + body: CreateListItemRequestBodyInput; +} +export interface DeleteListProps { + query: DeleteListRequestQueryInput; +} +export interface DeleteListItemProps { + query: DeleteListItemRequestQueryInput; +} +export interface ExportListItemsProps { + query: ExportListItemsRequestQueryInput; +} +export interface FindListItemsProps { + query: FindListItemsRequestQueryInput; +} +export interface FindListsProps { + query: FindListsRequestQueryInput; +} +export interface ImportListItemsProps { + query: ImportListItemsRequestQueryInput; +} +export interface PatchListProps { + body: PatchListRequestBodyInput; +} +export interface PatchListItemProps { + body: PatchListItemRequestBodyInput; +} +export interface ReadListProps { + query: ReadListRequestQueryInput; +} +export interface ReadListItemProps { + query: ReadListItemRequestQueryInput; +} +export interface UpdateListProps { + body: UpdateListRequestBodyInput; +} +export interface UpdateListItemProps { + body: UpdateListItemRequestBodyInput; +} diff --git a/x-pack/solutions/security/test/api_integration/services/security_solution_osquery_api.gen.ts b/x-pack/solutions/security/test/api_integration/services/security_solution_osquery_api.gen.ts new file mode 100644 index 0000000000000..2a71f7065b835 --- /dev/null +++ b/x-pack/solutions/security/test/api_integration/services/security_solution_osquery_api.gen.ts @@ -0,0 +1,391 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { GetAgentDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; +import { GetAgentPolicyRequestParamsInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; +import { GetAgentsRequestQueryInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; +import { OsqueryCreateLiveQueryRequestBodyInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { OsqueryCreatePacksRequestBodyInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryCreateSavedQueryRequestBodyInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { OsqueryDeletePacksRequestParamsInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryDeleteSavedQueryRequestParamsInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { OsqueryFindLiveQueriesRequestQueryInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { OsqueryFindPacksRequestQueryInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryFindSavedQueriesRequestQueryInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { OsqueryGetLiveQueryDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { + OsqueryGetLiveQueryResultsRequestQueryInput, + OsqueryGetLiveQueryResultsRequestParamsInput, +} from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { OsqueryGetPacksDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryGetSavedQueryDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { + OsqueryUpdatePacksRequestParamsInput, + OsqueryUpdatePacksRequestBodyInput, +} from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { + OsqueryUpdateSavedQueryRequestParamsInput, + OsqueryUpdateSavedQueryRequestBodyInput, +} from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { ReadAssetsStatusRequestQueryInput } from '@kbn/osquery-plugin/common/api/asset/assets.gen'; +import { UpdateAssetsStatusRequestQueryInput } from '@kbn/osquery-plugin/common/api/asset/assets.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + getAgentDetails(props: GetAgentDetailsProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/osquery/fleet_wrapper/agents/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgentPackagePolicies(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/package_policies', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgentPolicies(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/agent_policies', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgentPolicy(props: GetAgentPolicyProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/osquery/fleet_wrapper/agent_policies/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgents(props: GetAgentsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/agents', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Create and run a live query. + */ + osqueryCreateLiveQuery(props: OsqueryCreateLiveQueryProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/osquery/live_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a query pack. + */ + osqueryCreatePacks(props: OsqueryCreatePacksProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/osquery/packs', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create and run a saved query. + */ + osqueryCreateSavedQuery(props: OsqueryCreateSavedQueryProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/osquery/saved_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete a query pack using the pack ID. + */ + osqueryDeletePacks(props: OsqueryDeletePacksProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete a saved query using the query ID. + */ + osqueryDeleteSavedQuery(props: OsqueryDeleteSavedQueryProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/osquery/saved_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get a list of all live queries. + */ + osqueryFindLiveQueries(props: OsqueryFindLiveQueriesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/osquery/live_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all query packs. + */ + osqueryFindPacks(props: OsqueryFindPacksProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/osquery/packs', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all saved queries. + */ + osqueryFindSavedQueries(props: OsqueryFindSavedQueriesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/osquery/saved_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of a live query using the query ID. + */ + osqueryGetLiveQueryDetails( + props: OsqueryGetLiveQueryDetailsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/osquery/live_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the results of a live query using the query action ID. + */ + osqueryGetLiveQueryResults( + props: OsqueryGetLiveQueryResultsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/osquery/live_queries/{id}/results/{actionId}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of a query pack using the pack ID. + */ + osqueryGetPacksDetails(props: OsqueryGetPacksDetailsProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of a saved query using the query ID. + */ + osqueryGetSavedQueryDetails( + props: OsqueryGetSavedQueryDetailsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/osquery/saved_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Update a query pack using the pack ID. +> info +> You cannot update a prebuilt pack. + + */ + osqueryUpdatePacks(props: OsqueryUpdatePacksProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update a saved query using the query ID. +> info +> You cannot update a prebuilt saved query. + + */ + osqueryUpdateSavedQuery(props: OsqueryUpdateSavedQueryProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/osquery/saved_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + readAssetsStatus(props: ReadAssetsStatusProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/assets', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + readInstallationStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readPrivilegesCheck(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/privileges_check', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + updateAssetsStatus(props: UpdateAssetsStatusProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/osquery/assets/update', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + }; +} + +export interface GetAgentDetailsProps { + params: GetAgentDetailsRequestParamsInput; +} +export interface GetAgentPolicyProps { + params: GetAgentPolicyRequestParamsInput; +} +export interface GetAgentsProps { + query: GetAgentsRequestQueryInput; +} +export interface OsqueryCreateLiveQueryProps { + body: OsqueryCreateLiveQueryRequestBodyInput; +} +export interface OsqueryCreatePacksProps { + body: OsqueryCreatePacksRequestBodyInput; +} +export interface OsqueryCreateSavedQueryProps { + body: OsqueryCreateSavedQueryRequestBodyInput; +} +export interface OsqueryDeletePacksProps { + params: OsqueryDeletePacksRequestParamsInput; +} +export interface OsqueryDeleteSavedQueryProps { + params: OsqueryDeleteSavedQueryRequestParamsInput; +} +export interface OsqueryFindLiveQueriesProps { + query: OsqueryFindLiveQueriesRequestQueryInput; +} +export interface OsqueryFindPacksProps { + query: OsqueryFindPacksRequestQueryInput; +} +export interface OsqueryFindSavedQueriesProps { + query: OsqueryFindSavedQueriesRequestQueryInput; +} +export interface OsqueryGetLiveQueryDetailsProps { + params: OsqueryGetLiveQueryDetailsRequestParamsInput; +} +export interface OsqueryGetLiveQueryResultsProps { + query: OsqueryGetLiveQueryResultsRequestQueryInput; + params: OsqueryGetLiveQueryResultsRequestParamsInput; +} +export interface OsqueryGetPacksDetailsProps { + params: OsqueryGetPacksDetailsRequestParamsInput; +} +export interface OsqueryGetSavedQueryDetailsProps { + params: OsqueryGetSavedQueryDetailsRequestParamsInput; +} +export interface OsqueryUpdatePacksProps { + params: OsqueryUpdatePacksRequestParamsInput; + body: OsqueryUpdatePacksRequestBodyInput; +} +export interface OsqueryUpdateSavedQueryProps { + params: OsqueryUpdateSavedQueryRequestParamsInput; + body: OsqueryUpdateSavedQueryRequestBodyInput; +} +export interface ReadAssetsStatusProps { + query: ReadAssetsStatusRequestQueryInput; +} +export interface UpdateAssetsStatusProps { + query: UpdateAssetsStatusRequestQueryInput; +} diff --git a/x-pack/solutions/security/test/fixtures/es_archives/rule_keyword_family/README.md b/x-pack/solutions/security/test/fixtures/es_archives/rule_keyword_family/README.md index 945620015d6e1..12ec7b569bfc0 100644 --- a/x-pack/solutions/security/test/fixtures/es_archives/rule_keyword_family/README.md +++ b/x-pack/solutions/security/test/fixtures/es_archives/rule_keyword_family/README.md @@ -1,20 +1,31 @@ Within this folder is input test data for tests within the folder: ```ts -x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family +x - + pack / + solutions / + security / + test / + security_solution_api_integration / + test_suites / + detections_response / + detection_engine / + rule_execution_logic / + trial_license_complete_tier / + keyword_family; ``` where these are small ECS compliant input indexes that try to express tests that exercise different parts of -the detection engine around creating and validating that the keyword family and field aliases all will work +the detection engine around creating and validating that the keyword family and field aliases all will work with the detection engine. These indexes might contain extra fields or different fields but should not directly clash with ECS or minimally clash. Nothing is stopping anyone from being ECS strict and not having additional extra fields but the extra fields and mappings are to just try and keep these tests simple and small. Most of these tests center around the two fields of: -* event.module -* event.dataset + +- event.module +- event.dataset To ensure that if mix and match between `keyword`, `const keyword` and field aliases within them, everything should still be ok. It is alright if other use cases are added here if they fit within the `keyword` family as described here: https://www.elastic.co/guide/en/elasticsearch/reference/7.12/keyword.html - diff --git a/x-pack/solutions/security/test/fixtures/es_archives/security_solution/README.md b/x-pack/solutions/security/test/fixtures/es_archives/security_solution/README.md index 5b1cbcbbcf8e7..44914bb0de6fd 100644 --- a/x-pack/solutions/security/test/fixtures/es_archives/security_solution/README.md +++ b/x-pack/solutions/security/test/fixtures/es_archives/security_solution/README.md @@ -1,7 +1,7 @@ Collection of data sets for use within various tests. Most of the tests to these live in either: ``` -x-pack/test/security_solution_api_integration/test_suites/ +x-pack/solutions/security/test/security_solution_api_integration/test_suites/ ``` or @@ -10,4 +10,4 @@ or x-pack/test/api_integration/apis/security_solution ``` -- Folder `telemetry` is for the tests underneath `x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry`. +- Folder `telemetry` is for the tests underneath `x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry`. diff --git a/x-pack/test/security_solution_api_integration/.gitignore b/x-pack/solutions/security/test/security_solution_api_integration/.gitignore similarity index 100% rename from x-pack/test/security_solution_api_integration/.gitignore rename to x-pack/solutions/security/test/security_solution_api_integration/.gitignore diff --git a/x-pack/test/security_solution_api_integration/README.md b/x-pack/solutions/security/test/security_solution_api_integration/README.md similarity index 76% rename from x-pack/test/security_solution_api_integration/README.md rename to x-pack/solutions/security/test/security_solution_api_integration/README.md index e2ffcb8ac79dc..f7910fd7a9f97 100644 --- a/x-pack/test/security_solution_api_integration/README.md +++ b/x-pack/solutions/security/test/security_solution_api_integration/README.md @@ -3,6 +3,7 @@ This directory serves as a centralized location to place the security solution tests that run in Serverless and ESS environments. ## Subdirectories + - `config` stores base configurations specific to both the Serverless and ESS environments, These configurations build upon the base configuration provided by `xpack/test_serverless` and `x-pack-api_integrations`, incorporating additional settings such as environment variables and tagging options. - `es_archive` and `es_archive_path_builder` directories contain the data that can be used by the tests - `scripts` directory contains various scripts used to run the tests @@ -11,17 +12,19 @@ This directory serves as a centralized location to place the security solution t ## Overview Test suites and cases are prefixed with specific tags to determine their execution in particular environments or to exclude them from specific environments: -* `@ess`: Runs in an ESS environment (on-prem installation) as part of the CI validation on PRs. -* `@serverless`: Runs in an simulated serverless environment as part of the CI validation on PRs and in the periodic pipeline. +- `@ess`: Runs in an ESS environment (on-prem installation) as part of the CI validation on PRs. + +- `@serverless`: Runs in an simulated serverless environment as part of the CI validation on PRs and in the periodic pipeline. -* `@serverlessQA`: Runs in the Kibana QA quality gate. +- `@serverlessQA`: Runs in the Kibana QA quality gate. -* `@skipInEss`: Skipped for ESS environment. -* `@skipInServerless`: Skipped for all quality gates and periodic pipeline. -* `@skipInServerlessMKI`: Skipped from being executed in any MKI environment (periodic pipeline and Kibana QA quality gate), but executed as part of the first quality gate if the `@serverless` tag is present. +- `@skipInEss`: Skipped for ESS environment. +- `@skipInServerless`: Skipped for all quality gates and periodic pipeline. +- `@skipInServerlessMKI`: Skipped from being executed in any MKI environment (periodic pipeline and Kibana QA quality gate), but executed as part of the first quality gate if the `@serverless` tag is present. For example: + ```typescript // tests in this suite will run in both Ess and Serverless on every PRs as well as on the first quality gate and the periodic pipeline describe('@serverless @ess create_rules', () => { @@ -35,7 +38,7 @@ describe('@serverless @ess create_rules', () => { it('another test', async () => { ... }); }); }); -``` +``` # Adding new security area's tests @@ -46,14 +49,14 @@ describe('@serverless @ess create_rules', () => { ## Adding tests for MKI which rely onto NON default project configuration -The default project type configuration in Serverless is complete. If for the needs of a test suite a different configuration is required, e.g. [PLI - Essentials](https://github.com/elastic/kibana/blob/36578e82fa0a0440c1657a0ca688106c895d5e4e/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts#L13), the already mentioned configuration in the permalink **does not work** for MKI. The override is needed to be added in the `./scripts/api_configs.json` file under the key with exact same name as the one of the script in `package.json` file which is running. +The default project type configuration in Serverless is complete. If for the needs of a test suite a different configuration is required, e.g. [PLI - Essentials](https://github.com/elastic/kibana/blob/36578e82fa0a0440c1657a0ca688106c895d5e4e/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts#L13), the already mentioned configuration in the permalink **does not work** for MKI. The override is needed to be added in the `./scripts/api_configs.json` file under the key with exact same name as the one of the script in `package.json` file which is running. -There are already configurations in the `./scripts/api_configs.json` which you can follow in order to add yours when it is needed. The currently supported configuration, allows **ONLY** the PLIs to be configured. Thus, experimental feature flags **are not yet supported** and the test should be skipped until further notice. +There are already configurations in the `./scripts/api_configs.json` which you can follow in order to add yours when it is needed. The currently supported configuration, allows **ONLY** the PLIs to be configured. Thus, experimental feature flags **are not yet supported** and the test should be skipped until further notice. > **Note:** ->If a target script living in `package.json` file, does not require any further configuration, then the entry in `./scripts/api_configs.json` file, **can be omitted!** +> If a target script living in `package.json` file, does not require any further configuration, then the entry in `./scripts/api_configs.json` file, **can be omitted!** -# Testing locally +# Testing locally In the `package.json` file, you'll find commands to configure the server for each environment and to run tests against that specific environment. These commands adhere to the Mocha tagging system, allowing for the inclusion and exclusion of tags, mirroring the setup of the CI pipeline. @@ -62,8 +65,9 @@ In the `package.json` file, you'll find commands to configure the server for eac In this project, you can run various commands to execute tests and workflows, each of which can be customized by specifying different parameters. Below, how to define the commands based on the parameters and their order. 1. Server Initialization and running tests for ex: (Detections Response - Default License): - + The command structure follows this pattern + - `` can be either "server" or "runner," allowing you to either set up the server or execute the tests against the designated server. - ``: The area the test is defined under, such as "detection_engine, entity_analytics,.." - ``: The license folder the test is defined under such as "default_license, basic_license,..." @@ -72,24 +76,24 @@ In this project, you can run various commands to execute tests and workflows, ea - Command: `node ./scripts/index.js server detections_response default_license` - Description: Initiates the server for the Detections Response area with the default license. + #### `run-tests:dr:default` - Command: `node ./scripts/index.js runner detections_response default_license` - Description: Runs the tests for the Detections Response area with the default license. - -2. Executes particular sets of test suites linked to the designated environment and license: +2. Executes particular sets of test suites linked to the designated environment and license: The command structure follows this pattern: - - ``: The test folder or workflow you want to run. - - ``: The type of project to pick the relevant configurations, either "serverless" or "ess." - - "serverless" and "ess" help determine the configuration specific to the chosen test. - - ``: The testing environment, such as "serverlessEnv," "essEnv," or "qaEnv." - - When using "serverlessEnv,.." in the script, it appends the correct grep command for filtering tests in the serverless testing environment. - - "serverlessEnv,..." is used to customize the test execution based on the serverless environment. + - ``: The test folder or workflow you want to run. + - ``: The type of project to pick the relevant configurations, either "serverless" or "ess." + - "serverless" and "ess" help determine the configuration specific to the chosen test. + - ``: The testing environment, such as "serverlessEnv," "essEnv," or "qaEnv." + - When using "serverlessEnv,.." in the script, it appends the correct grep command for filtering tests in the serverless testing environment. + - "serverlessEnv,..." is used to customize the test execution based on the serverless environment. - Here are some command examples for "exceptions" which defined under the "detection_engine" area using the default license: +Here are some command examples for "exceptions" which defined under the "detection_engine" area using the default license: - Run the server for "exception_workflows" in the "serverlessEnv" environment: ```shell @@ -120,7 +124,7 @@ The `securitySolutionUtils` helper exports the `createSuperTest` function, which You need to call `createSuperTest` from a lifecycle hook and wait for it to return the `supertest` instance. All API calls using the returned instance will inject the required auth headers. -**On ESS, `createSuperTest` returns a basic `supertest` instance without headers.* +\*_On ESS, `createSuperTest` returns a basic `supertest` instance without headers._ ```typescript import TestAgent from 'supertest/lib/agent'; @@ -140,11 +144,12 @@ export default ({ getService }: FtrProviderContext) => { ``` If you need to use multiple roles in a single test, you can instantiate multiple `supertest` versions. + ```typescript before(async () => { - adminSupertest = await utils.createSuperTest('admin'); - viewerSupertest = await utils.createSuperTest('viewer'); + adminSupertest = await utils.createSuperTest('admin'); + viewerSupertest = await utils.createSuperTest('viewer'); }); ``` -The helper keeps track of only one active session per role. So, if you instantiate `supertest` twice for the same role, the first instance will have an invalid API key. \ No newline at end of file +The helper keeps track of only one active session per role. So, if you instantiate `supertest` twice for the same role, the first instance will have an invalid API key. diff --git a/x-pack/test/security_solution_api_integration/config/ess/config.base.basic.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.basic.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/config.base.basic.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.basic.ts diff --git a/x-pack/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts diff --git a/x-pack/test/security_solution_api_integration/config/ess/config.base.edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/config.base.edr_workflows.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.ts diff --git a/x-pack/test/security_solution_api_integration/config/ess/config.base.frozen.trial.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.frozen.trial.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/config.base.frozen.trial.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.frozen.trial.ts diff --git a/x-pack/test/security_solution_api_integration/config/ess/config.base.trial.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.trial.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/config.base.trial.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.trial.ts diff --git a/x-pack/test/security_solution_api_integration/config/ess/config.base.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/config.base.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts diff --git a/x-pack/test/security_solution_api_integration/config/ess/services.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/services.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts diff --git a/x-pack/test/security_solution_api_integration/config/ess/services_edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/ess/services_edr_workflows.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts diff --git a/x-pack/test/security_solution_api_integration/config/privileges/roles.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/privileges/roles.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/privileges/roles.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/privileges/roles.ts diff --git a/x-pack/test/security_solution_api_integration/config/privileges/users.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/privileges/users.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/privileges/users.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/privileges/users.ts diff --git a/x-pack/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts similarity index 95% rename from x-pack/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts index d557cb3bf76c9..7f7825158ceac 100644 --- a/x-pack/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ai4dsoc.ts @@ -18,7 +18,7 @@ import { services } from './services'; export function createTestConfig(options: CreateTestConfigOptions) { return async ({ readConfigFile }: FtrConfigProviderContext) => { const svlSharedConfig = await readConfigFile( - require.resolve('@kbn/test-suites-serverless/shared/config.base') + require.resolve('@kbn/test-suites-xpack-platform/serverless/shared/config.base') ); return { ...svlSharedConfig.getAll(), diff --git a/x-pack/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts similarity index 90% rename from x-pack/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts index 92262da41937b..35d2f4bdb1250 100644 --- a/x-pack/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts @@ -10,7 +10,7 @@ import { generateConfig } from '../ess/config.base.edr_workflows'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const serverlessTestsConfig = await readConfigFile( - require.resolve('@kbn/test-suites-serverless/shared/config.base') + require.resolve('@kbn/test-suites-xpack-platform/serverless/shared/config.base') ); return generateConfig({ diff --git a/x-pack/test/security_solution_api_integration/config/serverless/config.base.essentials.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.essentials.ts similarity index 97% rename from x-pack/test/security_solution_api_integration/config/serverless/config.base.essentials.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.essentials.ts index 18e3f0e035c9a..fc4cef60cb9ca 100644 --- a/x-pack/test/security_solution_api_integration/config/serverless/config.base.essentials.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.essentials.ts @@ -26,7 +26,7 @@ export interface CreateTestConfigOptions { export function createTestConfig(options: CreateTestConfigOptions) { return async ({ readConfigFile }: FtrConfigProviderContext) => { const svlSharedConfig = await readConfigFile( - require.resolve('@kbn/test-suites-serverless/shared/config.base') + require.resolve('@kbn/test-suites-xpack-platform/serverless/shared/config.base') ); return { ...svlSharedConfig.getAll(), diff --git a/x-pack/test/security_solution_api_integration/config/serverless/config.base.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts similarity index 97% rename from x-pack/test/security_solution_api_integration/config/serverless/config.base.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts index 02204b1b9145c..e103692fcdff5 100644 --- a/x-pack/test/security_solution_api_integration/config/serverless/config.base.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts @@ -30,7 +30,7 @@ export interface CreateTestConfigOptions { export function createTestConfig(options: CreateTestConfigOptions) { return async ({ readConfigFile }: FtrConfigProviderContext) => { const svlSharedConfig = await readConfigFile( - require.resolve('@kbn/test-suites-serverless/shared/config.base') + require.resolve('@kbn/test-suites-xpack-platform/serverless/shared/config.base') ); return { ...svlSharedConfig.getAll(), diff --git a/x-pack/test/security_solution_api_integration/config/serverless/services.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts similarity index 63% rename from x-pack/test/security_solution_api_integration/config/serverless/services.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts index 8c5e491bc8b9b..02778cd51189e 100644 --- a/x-pack/test/security_solution_api_integration/config/serverless/services.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts @@ -5,12 +5,15 @@ * 2.0. */ -import { SearchSecureService } from '@kbn/test-suites-serverless/shared/services/search_secure'; -import { services as serverlessServices } from '@kbn/test-suites-serverless/api_integration/services'; +// some services might be missing ... +import { services as serverlessServices } from '@kbn/test-suites-xpack-platform/serverless/api_integration/services'; import { KibanaEBTServerProvider } from '@kbn/test-suites-src/analytics/services/kibana_ebt'; +import { SearchSecureService } from '../services/search_secure'; import { SpacesServiceProvider } from '../services/spaces_service'; import { SecuritySolutionServerlessUtils } from '../services/security_solution_serverless_utils'; import { SecuritySolutionServerlessSuperTest } from '../services/security_solution_serverless_supertest'; +import { SecuritySolutionApiProvider } from '../../../api_integration/services/security_solution_api.gen'; +import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from '../../../api_integration/services/security_solution_exceptions_api.gen'; export const services = { ...serverlessServices, @@ -19,4 +22,6 @@ export const services = { securitySolutionUtils: SecuritySolutionServerlessUtils, supertest: SecuritySolutionServerlessSuperTest, kibana_ebt_server: KibanaEBTServerProvider, + securitySolutionApi: SecuritySolutionApiProvider, + securitySolutionExceptionsApi: SecuritySolutionExceptionsApiProvider, }; diff --git a/x-pack/test/security_solution_api_integration/config/serverless/services_edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services_edr_workflows.ts similarity index 81% rename from x-pack/test/security_solution_api_integration/config/serverless/services_edr_workflows.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services_edr_workflows.ts index dc12389487d66..d355e0305e5b7 100644 --- a/x-pack/test/security_solution_api_integration/config/serverless/services_edr_workflows.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services_edr_workflows.ts @@ -6,8 +6,8 @@ */ import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; -import { SvlCommonApiServiceProvider } from '@kbn/test-suites-serverless/shared/services/svl_common_api'; -import { SearchSecureService } from '@kbn/test-suites-serverless/shared/services/search_secure'; +import { SvlCommonApiServiceProvider } from '@kbn/test-suites-xpack-platform/serverless/shared/services/svl_common_api'; +import { SearchSecureService } from '../services/search_secure'; import { services as essServices } from '../ess/services_edr_workflows'; import { SecuritySolutionServerlessSuperTest } from '../services/security_solution_serverless_supertest'; import { SecuritySolutionServerlessUtils } from '../services/security_solution_serverless_utils'; diff --git a/x-pack/test/security_solution_api_integration/config/services/common/endpoint_data_stream_helpers.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/common/endpoint_data_stream_helpers.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/common/endpoint_data_stream_helpers.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/common/endpoint_data_stream_helpers.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/common/endpoint_registry_helpers.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/common/endpoint_registry_helpers.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/common/endpoint_registry_helpers.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/common/endpoint_registry_helpers.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/common/fixtures/package_registry_config.yml b/x-pack/solutions/security/test/security_solution_api_integration/config/services/common/fixtures/package_registry_config.yml similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/common/fixtures/package_registry_config.yml rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/common/fixtures/package_registry_config.yml diff --git a/x-pack/test/security_solution_api_integration/config/services/common/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/common/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/common/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/common/index.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/common/roles_users_utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/common/roles_users_utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/common/roles_users_utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/common/roles_users_utils.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/create_alerts_index.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/create_alerts_index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/create_alerts_index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/create_alerts_index.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/delete_all_alerts.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/delete_all_alerts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/delete_all_alerts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/delete_all_alerts.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_ids.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_ids.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_ids.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_alerts_by_ids.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alert_ids.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alert_ids.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alert_ids.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alert_ids.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alerts_ids.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alerts_ids.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alerts_ids.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/get_query_alerts_ids.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/index.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/search_alerts.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/search_alerts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/search_alerts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/search_alerts.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/wait_for_alerts_to_be_present.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/wait_for_alerts_to_be_present.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/alerts/wait_for_alerts_to_be_present.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/alerts/wait_for_alerts_to_be_present.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/count_down_test.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/count_down_test.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/count_down_test.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/count_down_test.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/delete_all_anomalies.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/delete_all_anomalies.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/delete_all_anomalies.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/delete_all_anomalies.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/index.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/route_with_namespace.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/route_with_namespace.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/route_with_namespace.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/route_with_namespace.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/create_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/create_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/create_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/create_rule.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/delete_all_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/delete_all_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/delete_all_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/delete_all_rules.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/delete_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/delete_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/delete_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/delete_rule.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/get_gaps_by_rule_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/get_gaps_by_rule_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/get_gaps_by_rule_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/get_gaps_by_rule_id.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/get_rule_for_alert_testing.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/get_rule_for_alert_testing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/get_rule_for_alert_testing.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/get_rule_for_alert_testing.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/index.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/manual_run.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/manual_run.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/manual_run.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/manual_run.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/rules/wait_for_rule_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/wait_for_rule_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/rules/wait_for_rule_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/rules/wait_for_rule_status.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/spaces.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/spaces.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/spaces.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/spaces.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/tasks/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/tasks/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/tasks/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/tasks/index.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/tasks/indices_metadata.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/tasks/indices_metadata.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/tasks/indices_metadata.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/tasks/indices_metadata.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/tasks/task_manager.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/tasks/task_manager.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/tasks/task_manager.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/tasks/task_manager.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/detections_response/wait_for.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/wait_for.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/detections_response/wait_for.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/detections_response/wait_for.ts diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/services/search_secure.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/search_secure.ts new file mode 100644 index 0000000000000..723468e8ab66a --- /dev/null +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/services/search_secure.ts @@ -0,0 +1,111 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +// NOTE: This is pretty much a copy/paste from src/platform/packages/shared/kbn-ftr-common-functional-services/services/bsearch.ts +// but with the ability to provide custom auth + +import expect from '@kbn/expect'; +import { GenericFtrService } from '@kbn/test'; +import type { IEsSearchResponse } from '@kbn/search-types'; +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { SupertestWithoutAuthProviderType } from '@kbn/ftr-common-functional-services'; +import { FtrProviderContext } from '../../ftr_provider_context'; + +export interface SendOptions { + supertestWithoutAuth: SupertestWithoutAuthProviderType; + apiKeyHeader: { Authorization: string }; + referer?: string; + kibanaVersion?: string; + options: object; + strategy: string; + space?: string; + internalOrigin: string; +} + +export class SearchSecureService extends GenericFtrService { + private readonly retry = this.ctx.getService('retry'); + + async send({ + supertestWithoutAuth, + apiKeyHeader, + referer, + kibanaVersion, + internalOrigin, + options, + strategy, + space, + }: SendOptions) { + const { body } = await this.retry.try(async () => { + let result; + const url = `/internal/search/${strategy}`; + if (referer && kibanaVersion) { + result = await supertestWithoutAuth + .post(url) + .set(apiKeyHeader) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set('referer', referer) + .set('kbn-version', kibanaVersion) + .set('kbn-xsrf', 'true') + .send(options); + } else if (referer) { + result = await supertestWithoutAuth + .post(url) + .set(apiKeyHeader) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set('referer', referer) + .set('kbn-xsrf', 'true') + .send(options); + } else if (kibanaVersion) { + result = await supertestWithoutAuth + .post(url) + .set(apiKeyHeader) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set('kbn-version', kibanaVersion) + .set('kbn-xsrf', 'true') + .send(options); + } else if (internalOrigin) { + result = await supertestWithoutAuth + .post(url) + .set(apiKeyHeader) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set('x-elastic-internal-origin', internalOrigin) + .set('kbn-xsrf', 'true') + .send(options); + } else { + result = await supertestWithoutAuth + .post(url) + .set(apiKeyHeader) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set('kbn-xsrf', 'true') + .send(options); + } + if ((result.status === 500 || result.status === 200) && result.body) { + return result; + } + throw new Error('try again'); + }); + + if (!body.isRunning) { + return body as T; + } + + const result = await this.retry.try(async () => { + const resp = await supertestWithoutAuth + .post(`/internal/search/${strategy}/${body.id}`) + .set(apiKeyHeader) + .set('kbn-xsrf', 'true') + .set('x-elastic-internal-origin', 'Kibana') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .send(options) + .expect(200); + expect(resp.body.isRunning).equal(false); + return resp.body; + }); + + return result as T; + } +} diff --git a/x-pack/test/security_solution_api_integration/config/services/security_solution_edr_workflows_metadata.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_edr_workflows_metadata.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/security_solution_edr_workflows_metadata.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_edr_workflows_metadata.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/security_solution_edr_workflows_resolver.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_edr_workflows_resolver.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/security_solution_edr_workflows_resolver.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_edr_workflows_resolver.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/security_solution_edr_workflows_roles_users.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_edr_workflows_roles_users.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/security_solution_edr_workflows_roles_users.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_edr_workflows_roles_users.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/security_solution_ess_utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_ess_utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/security_solution_ess_utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_ess_utils.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_bsearch_creator.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_serverless_bsearch_creator.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_bsearch_creator.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_serverless_bsearch_creator.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_supertest.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_serverless_supertest.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_supertest.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_serverless_supertest.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts similarity index 95% rename from x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts index 7b47eaceccd54..08f3e1367b3b4 100644 --- a/x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts @@ -8,9 +8,9 @@ import supertest from 'supertest'; import { format as formatUrl } from 'url'; import { IEsSearchResponse } from '@kbn/search-types'; -import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services'; +import { RoleCredentials } from '@kbn/test-suites-xpack-platform/serverless/shared/services'; import type { SendOptions } from '@kbn/ftr-common-functional-services'; -import type { SendOptions as SecureSearchSendOptions } from '@kbn/test-suites-serverless/shared/services/search_secure'; +import type { SendOptions as SecureSearchSendOptions } from './search_secure'; import type { FtrProviderContext } from '../../ftr_provider_context'; import type { SecuritySolutionUtilsInterface, Role, User } from './types'; import { roles } from '../privileges/roles'; diff --git a/x-pack/test/security_solution_api_integration/config/services/spaces.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/spaces.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/spaces.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/spaces.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/spaces_service.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/spaces_service.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/services/spaces_service.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/spaces_service.ts diff --git a/x-pack/test/security_solution_api_integration/config/services/types.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/types.ts similarity index 95% rename from x-pack/test/security_solution_api_integration/config/services/types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/services/types.ts index 1b9feeaeab70d..6af5a61b18441 100644 --- a/x-pack/test/security_solution_api_integration/config/services/types.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/services/types.ts @@ -8,8 +8,8 @@ import TestAgent from 'supertest/lib/agent'; import type { IEsSearchResponse } from '@kbn/search-types'; -import type { SearchSecureService } from '@kbn/test-suites-serverless/shared/services/search_secure'; import type { SearchService, SendOptions } from '@kbn/ftr-common-functional-services'; +import type { SearchSecureService } from './search_secure'; export interface SecuritySolutionServerlessSearch extends Omit { send: (options: SendOptions) => Promise; diff --git a/x-pack/test/security_solution_api_integration/config/shared.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/shared.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/config/shared.ts rename to x-pack/solutions/security/test/security_solution_api_integration/config/shared.ts diff --git a/x-pack/test/security_solution_api_integration/es_archive/endpoint/metrics/data.json b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/endpoint/metrics/data.json similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/endpoint/metrics/data.json rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/endpoint/metrics/data.json diff --git a/x-pack/test/security_solution_api_integration/es_archive/endpoint/metrics/mappings.json b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/endpoint/metrics/mappings.json similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/endpoint/metrics/mappings.json rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/endpoint/metrics/mappings.json diff --git a/x-pack/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/data.json.gz b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/data.json.gz similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/data.json.gz rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/data.json.gz diff --git a/x-pack/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/mappings.json b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/mappings.json similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/mappings.json rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/auditbeat/hosts/mappings.json diff --git a/x-pack/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/data.json b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/data.json similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/data.json rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/data.json diff --git a/x-pack/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/mappings.json b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/mappings.json similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/mappings.json rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/filebeat/threat_intel/mappings.json diff --git a/x-pack/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/data.json.gz b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/data.json.gz similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/data.json.gz rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/data.json.gz diff --git a/x-pack/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/mappings.json b/x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/mappings.json similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/mappings.json rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless/packetbeat/default/mappings.json diff --git a/x-pack/test/security_solution_api_integration/es_archive_path_builder/constants.ts b/x-pack/solutions/security/test/security_solution_api_integration/es_archive_path_builder/constants.ts similarity index 80% rename from x-pack/test/security_solution_api_integration/es_archive_path_builder/constants.ts rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive_path_builder/constants.ts index e01be70f6cd7f..9bbbf7330f621 100644 --- a/x-pack/test/security_solution_api_integration/es_archive_path_builder/constants.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/es_archive_path_builder/constants.ts @@ -6,6 +6,6 @@ */ export const SERVERLESS_ES_ARCHIVE_PATH = - 'x-pack/test/security_solution_api_integration/es_archive/serverless'; + 'x-pack/solutions/security/test/security_solution_api_integration/es_archive/serverless'; export const ESS_ES_ARCHIVE_PATH = 'x-pack/solutions/security/test/fixtures/es_archives'; diff --git a/x-pack/test/security_solution_api_integration/es_archive_path_builder/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/es_archive_path_builder/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/es_archive_path_builder/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/es_archive_path_builder/index.ts diff --git a/x-pack/test/security_solution_api_integration/ftr_provider_context.d.ts b/x-pack/solutions/security/test/security_solution_api_integration/ftr_provider_context.d.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/ftr_provider_context.d.ts rename to x-pack/solutions/security/test/security_solution_api_integration/ftr_provider_context.d.ts diff --git a/x-pack/test/security_solution_api_integration/ftr_provider_context_edr_workflows.d.ts b/x-pack/solutions/security/test/security_solution_api_integration/ftr_provider_context_edr_workflows.d.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/ftr_provider_context_edr_workflows.d.ts rename to x-pack/solutions/security/test/security_solution_api_integration/ftr_provider_context_edr_workflows.d.ts diff --git a/x-pack/test/security_solution_api_integration/ftr_provider_context_with_spaces.d.ts b/x-pack/solutions/security/test/security_solution_api_integration/ftr_provider_context_with_spaces.d.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/ftr_provider_context_with_spaces.d.ts rename to x-pack/solutions/security/test/security_solution_api_integration/ftr_provider_context_with_spaces.d.ts diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/solutions/security/test/security_solution_api_integration/package.json similarity index 100% rename from x-pack/test/security_solution_api_integration/package.json rename to x-pack/solutions/security/test/security_solution_api_integration/package.json diff --git a/x-pack/test/security_solution_api_integration/scripts/api_configs.json b/x-pack/solutions/security/test/security_solution_api_integration/scripts/api_configs.json similarity index 100% rename from x-pack/test/security_solution_api_integration/scripts/api_configs.json rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/api_configs.json diff --git a/x-pack/test/security_solution_api_integration/scripts/genai/vault/get_command.js b/x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/get_command.js similarity index 100% rename from x-pack/test/security_solution_api_integration/scripts/genai/vault/get_command.js rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/get_command.js diff --git a/x-pack/test/security_solution_api_integration/scripts/genai/vault/manage_secrets.ts b/x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/manage_secrets.ts similarity index 98% rename from x-pack/test/security_solution_api_integration/scripts/genai/vault/manage_secrets.ts rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/manage_secrets.ts index e0e7409342941..d2255a1171b59 100644 --- a/x-pack/test/security_solution_api_integration/scripts/genai/vault/manage_secrets.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/manage_secrets.ts @@ -31,7 +31,7 @@ const getVaultPath = (vault: VaultType = 'siem-team') => { const SECURITY_GEN_AI_CONFIG_FIELD = 'config'; const SECURITY_GEN_AI_CONFIG_FILE = Path.join( REPO_ROOT, - 'x-pack/test/security_solution_api_integration/scripts/genai/vault/config.json' + 'x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/config.json' ); const configSchema = schema.object({ diff --git a/x-pack/test/security_solution_api_integration/scripts/genai/vault/retrieve_secrets.js b/x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/retrieve_secrets.js similarity index 100% rename from x-pack/test/security_solution_api_integration/scripts/genai/vault/retrieve_secrets.js rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/retrieve_secrets.js diff --git a/x-pack/test/security_solution_api_integration/scripts/genai/vault/upload_secrets.js b/x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/upload_secrets.js similarity index 100% rename from x-pack/test/security_solution_api_integration/scripts/genai/vault/upload_secrets.js rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/upload_secrets.js diff --git a/x-pack/test/security_solution_api_integration/scripts/index.js b/x-pack/solutions/security/test/security_solution_api_integration/scripts/index.js similarity index 100% rename from x-pack/test/security_solution_api_integration/scripts/index.js rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/index.js diff --git a/x-pack/test/security_solution_api_integration/scripts/mki_api_ftr_execution.ts b/x-pack/solutions/security/test/security_solution_api_integration/scripts/mki_api_ftr_execution.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/scripts/mki_api_ftr_execution.ts rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/mki_api_ftr_execution.ts diff --git a/x-pack/test/security_solution_api_integration/scripts/mki_start_api_ftr_execution.js b/x-pack/solutions/security/test/security_solution_api_integration/scripts/mki_start_api_ftr_execution.js similarity index 85% rename from x-pack/test/security_solution_api_integration/scripts/mki_start_api_ftr_execution.js rename to x-pack/solutions/security/test/security_solution_api_integration/scripts/mki_start_api_ftr_execution.js index 587ce8e13f0b6..a32319fe56493 100644 --- a/x-pack/test/security_solution_api_integration/scripts/mki_start_api_ftr_execution.js +++ b/x-pack/solutions/security/test/security_solution_api_integration/scripts/mki_start_api_ftr_execution.js @@ -5,5 +5,5 @@ * 2.0. */ -require('../../../../src/setup_node_env'); +require('../../../../../../src/setup_node_env'); require('./mki_api_ftr_execution').cli(); diff --git a/x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/dummy_test.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/dummy_test.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/dummy_test.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/dummy_test.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/cases/search_ai_lake_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/task_execution.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/task_execution.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/task_execution.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/ai4dsoc/nlp_cleanup_task/search_ai_lake_tier/task_execution.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/alert_status_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/alert_status/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/alerts_compatibility.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/alerts_compatibility.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/alerts_compatibility.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/alerts_compatibility.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/create_index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/create_index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/create_index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/create_index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/create_alerts_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/create_alerts_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/create_alerts_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/create_alerts_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/delete_alerts_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/delete_alerts_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/delete_alerts_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/delete_alerts_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/deprecations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/deprecations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/deprecations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/deprecations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/finalize_alerts_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/finalize_alerts_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/finalize_alerts_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/finalize_alerts_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/get_alerts_migration_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/get_alerts_migration_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/get_alerts_migration_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/get_alerts_migration_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/migrations/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/query_alerts_backword_compatibility.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/query_alerts_backword_compatibility.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/query_alerts_backword_compatibility.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/ess_specific_index_logic/query_alerts_backword_compatibility.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/field_aliases.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/field_aliases.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/field_aliases.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/field_aliases.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/set_alert_tags.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/set_alert_tags.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/set_alert_tags.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/set_alert_tags.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/document_level_security.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/document_level_security.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/document_level_security.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/document_level_security.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/date.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/date.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/date.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/date.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/double.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/double.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/double.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/double.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/float.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/float.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/float.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/float.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/integer.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/integer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/integer.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/integer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip_array.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip_array.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip_array.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/ip_array.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword_array.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword_array.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword_array.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/keyword_array.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/long.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/long.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/long.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/long.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text_array.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text_array.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text_array.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/text_array.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_endpoint_exceptions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_endpoint_exceptions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_endpoint_exceptions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_endpoint_exceptions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/create_rule_exceptions_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exception_comments_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exceptions_data_integrity.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exceptions_data_integrity.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exceptions_data_integrity.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/exceptions_data_integrity.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/find_rule_exception_references.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/find_rule_exception_references.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/find_rule_exception_references.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/find_rule_exception_references.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/rule_exceptions_execution.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/rule_exceptions_execution.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/rule_exceptions_execution.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/rule_exceptions_execution.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/README.md b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/README.md similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/README.md rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/README.md diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql_alert_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql_alert_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ecs_field_duplication.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ecs_field_duplication.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ecs_field_duplication.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ecs_field_duplication.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ignore_fields.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ignore_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ignore_fields.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/ignore_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/README.md b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/README.md similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/README.md rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/README.md diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/const_keyword.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/const_keyword.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/const_keyword.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/const_keyword.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword_mixed_with_const.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword_mixed_with_const.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword_mixed_with_const.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/keyword_family/keyword_mixed_with_const.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/non_ecs_fields.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/non_ecs_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/non_ecs_fields.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/non_ecs_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/runtime.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/runtime.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/runtime.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/runtime.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/timestamps.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/timestamps.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/timestamps.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/basic_license_essentials_tier/timestamps.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/synthetic_source.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/synthetic_source.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/synthetic_source.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/synthetic_source.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match_alert_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match_alert_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_alert_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_alert_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_manual_run.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_manual_run.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_manual_run.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_manual_run.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms_alert_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms_alert_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/custom_query.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/custom_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/custom_query.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/custom_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/saved_query.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/saved_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/saved_query.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/saved_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold_alert_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold_alert_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/utils.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/manual_rule_run.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/manual_rule_run.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/manual_rule_run.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/manual_rule_run.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/ess_trial_license.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/ess_trial_license.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/ess_trial_license.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/ess_trial_license.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/serverless_complete_tier.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/serverless_complete_tier.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/serverless_complete_tier.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/configs/serverless_complete_tier.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/preview_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/preview_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/preview_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_preview/preview_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/constants.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/constants.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/constants.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/constants.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.basic.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.basic.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.basic.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.basic.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.trial.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.trial.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.trial.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/ess/rules_management.trial.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.complete.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.complete.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.complete.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.complete.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.essentials.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.essentials.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.essentials.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/configs/serverless/rules_management.essentials.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/README.md b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/README.md similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/README.md rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/README.md diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_large_package.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_large_package.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_large_package.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_large_package.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_packages.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_packages.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_packages.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_air_gapped_with_bundled_packages.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_trial_license.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_trial_license.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_trial_license.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/edge_cases/ess_trial_license.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_basic_license.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_basic_license.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_basic_license.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_basic_license.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/serverless_essentials_tier.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/serverless_essentials_tier.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/serverless_essentials_tier.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/serverless_essentials_tier.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_multiple_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_multiple_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_multiple_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_multiple_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_outdated_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_outdated_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_outdated_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_outdated_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_single_prebuilt_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_single_prebuilt_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_single_prebuilt_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_single_prebuilt_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_installing_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_installing_package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_installing_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_installing_package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_base_version.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_base_version.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_base_version.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_base_version.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_fields.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_fields.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/import_with_missing_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/import_export/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/install_mocked_prebuilt_rule_assets.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/install_mocked_prebuilt_rule_assets.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/install_mocked_prebuilt_rule_assets.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/install_prebuilt_rules/install_mocked_prebuilt_rule_assets.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/bootstrap_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/bootstrap_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/bootstrap_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/bootstrap_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_bundled_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_bundled_package.ts similarity index 94% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_bundled_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_bundled_package.ts index 5e96113db77cd..1e65a5803d6d4 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_bundled_package.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_bundled_package.ts @@ -68,7 +68,7 @@ export default ({ getService }: FtrProviderContext): void => { expect(bundledInstallResponse._meta.install_source).toBe('bundled'); // Refresh ES indices to avoid race conditions between write and reading of indices - // See implementation utility function at x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_fleet_package.ts + // See implementation utility function at x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_fleet_package.ts await es.indices.refresh({ index: ALL_SAVED_OBJECT_INDICES, ignore_unavailable: true }); // Verify that status is updated after package installation diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_large_bundled_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_large_bundled_package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_large_bundled_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/install_large_bundled_package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/prerelease_packages.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/prerelease_packages.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/prerelease_packages.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/air_gapped/prerelease_packages.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/install_package_from_epr.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/install_package_from_epr.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/install_package_from_epr.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/install_package_from_epr.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/update_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/update_package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/update_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/prebuilt_rules_package/update_package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/get_prebuilt_rule_base_version.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/get_prebuilt_rule_base_version.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/get_prebuilt_rule_base_version.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/get_prebuilt_rule_base_version.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/revert_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/revert_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/revert_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/revert_prebuilt_rules/revert_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/get_prebuilt_rules_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/get_prebuilt_rules_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/get_prebuilt_rules_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/get_prebuilt_rules_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/legacy/get_prebuilt_timelines_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/legacy/get_prebuilt_timelines_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/legacy/get_prebuilt_timelines_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/status/legacy/get_prebuilt_timelines_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/ess_basic_license.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/ess_basic_license.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/ess_basic_license.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/ess_basic_license.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/serverless_essentials_tier.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/serverless_essentials_tier.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/serverless_essentials_tier.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/configs/serverless_essentials_tier.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/calculate_is_customized.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/calculate_is_customized.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/calculate_is_customized.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/calculate_is_customized.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/customize_via_bulk_editing.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/customize_via_bulk_editing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/customize_via_bulk_editing.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/customize_via_bulk_editing.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/customization/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/upgrade_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/upgrade_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/upgrade_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_disabled/upgrade_prebuilt_rules/upgrade_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/calculate_is_customized.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/calculate_is_customized.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/calculate_is_customized.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/calculate_is_customized.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_via_bulk_editing.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_via_bulk_editing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_via_bulk_editing.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/customize_via_bulk_editing.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/customization/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/get_prebuilt_rules_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/get_prebuilt_rules_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/get_prebuilt_rules_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/get_prebuilt_rules_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_notifications/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_all_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_all_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_all_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_all_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_selected_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_selected_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_selected_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/bulk_upgrade_selected_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/alert_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/alert_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/building_block.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/building_block.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/building_block.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/building_block.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/data_source.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/data_source.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/data_source.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/data_source.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/description.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/description.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/description.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/description.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/false_positives.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/false_positives.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/false_positives.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/false_positives.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/investigation_fields.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/investigation_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/investigation_fields.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/investigation_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/max_signals.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/max_signals.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/max_signals.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/max_signals.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/name.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/name.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/name.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/name.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/note.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/note.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/note.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/note.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/references.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/references.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/references.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/references.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/related_integrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/related_integrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/related_integrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/related_integrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/required_fields.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/required_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/required_fields.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/required_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score_mapping.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score_mapping.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score_mapping.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/risk_score_mapping.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_name_override.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_name_override.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_name_override.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_name_override.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_schedule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_schedule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_schedule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/rule_schedule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/setup.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/setup.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/setup.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/setup.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity_mapping.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity_mapping.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity_mapping.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/severity_mapping.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/tags.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/tags.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/tags.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/tags.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/threat.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/threat.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/threat.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/threat.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timeline_template.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timeline_template.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timeline_template.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timeline_template.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timestamp_override.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timestamp_override.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timestamp_override.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/common_fields/timestamp_override.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/test_helpers.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/test_helpers.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/test_helpers.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/test_helpers.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/anomaly_threshold.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/anomaly_threshold.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/anomaly_threshold.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/anomaly_threshold.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/eql_query.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/eql_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/eql_query.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/eql_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/esql_query.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/esql_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/esql_query.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/esql_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/history_window_start.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/history_window_start.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/history_window_start.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/history_window_start.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.inline_query.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.inline_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.inline_query.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.inline_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.saved_query.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.saved_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.saved_query.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/kql_query.saved_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/machine_learning_job_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/machine_learning_job_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/machine_learning_job_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/machine_learning_job_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/new_terms_fields.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/new_terms_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/new_terms_fields.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/new_terms_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_indicator_path.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_indicator_path.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_indicator_path.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_indicator_path.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_mapping.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_mapping.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_mapping.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_mapping.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_query.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_query.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threat_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threshold.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threshold.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threshold.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/diffable_rule_fields/type_specific_fields/threshold.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/review_prebuilt_rules_upgrade.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/review_prebuilt_rules_upgrade.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/review_prebuilt_rules_upgrade.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/review_prebuilt_rules_upgrade.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/upgrade_single_prebuilt_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/upgrade_single_prebuilt_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/upgrade_single_prebuilt_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/upgrade_prebuilt_rules/upgrade_single_prebuilt_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/ess_basic_license.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/ess_basic_license.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/ess_basic_license.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/ess_basic_license.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/serverless_essentials_tier.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/serverless_essentials_tier.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/serverless_essentials_tier.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/configs/serverless_essentials_tier.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/perform_installation.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/perform_installation.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/perform_installation.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_installation/perform_installation.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/perform_upgrade.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/perform_upgrade.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/perform_upgrade.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/perform_upgrade/perform_upgrade.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/review_installation.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/review_installation.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/review_installation.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_installation/review_installation.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/review_upgrade.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/review_upgrade.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/review_upgrade.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/review_upgrade/review_upgrade.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/status/status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/ml_disabled/utils.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_suppression.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_suppression.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules_with_overwrite.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules_with_overwrite.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules_with_overwrite.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules_with_overwrite.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_connectors.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_connectors.ts similarity index 98% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_connectors.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_connectors.ts index b79b9b344ef0b..9a94bf4df237c 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_connectors.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_connectors.ts @@ -154,7 +154,7 @@ export default ({ getService }: FtrProviderContext): void => { connector_type_id: '.webhook', name: 'test-connector', config: { - // checkout `x-pack/test/security_solution_api_integration/config/ess/config.base.ts` for configuration + // checkout `x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts` for configuration // `some.non.existent.com` must be set as an allowed host url: 'https://some.non.existent.com', method: 'post', @@ -276,7 +276,7 @@ export default ({ getService }: FtrProviderContext): void => { connector_type_id: '.webhook', name: 'existing-connector', config: { - // checkout `x-pack/test/security_solution_api_integration/config/ess/config.base.ts` for configuration + // checkout `x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts` for configuration // `some.non.existent.com` must be set as an allowed host url: 'https://some.non.existent.com', method: 'post', diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_with_overwrite.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_with_overwrite.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_with_overwrite.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_with_overwrite.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/template_data/execution_events.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/template_data/execution_events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/template_data/execution_events.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/template_data/execution_events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/README.md b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/README.md similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/README.md rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/README.md diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_upgrade_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_upgrade_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_upgrade_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_upgrade_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/exceptions_metrics.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/exceptions_metrics.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/exceptions_metrics.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/exceptions_metrics.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/value_list_metrics.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/value_list_metrics.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/value_list_metrics.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/value_list_metrics.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/read_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/read_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/read_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/read_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_webhook_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_webhook_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_webhook_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_webhook_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_slack_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_slack_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_slack_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_slack_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_web_hook_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_web_hook_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_web_hook_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/get_web_hook_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_notifications_so_by_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_notifications_so_by_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_notifications_so_by_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_notifications_so_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_actions_so_by_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_actions_so_by_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_actions_so_by_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_actions_so_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/remove_uuid_from_actions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/remove_uuid_from_actions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/remove_uuid_from_actions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/actions/remove_uuid_from_actions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/alert_assignees.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/alert_assignees.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/alert_assignees.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/alert_assignees.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status_empty_response.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status_empty_response.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status_empty_response.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alert_status_empty_response.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_preview_alerts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_preview_alerts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_preview_alerts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_preview_alerts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/delete_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/delete_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/delete_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/delete_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/finalize_alerts_migration.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/finalize_alerts_migration.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/finalize_alerts_migration.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/finalize_alerts_migration.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/start_alerts_migration.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/start_alerts_migration.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/start_alerts_migration.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/migrations/start_alerts_migration.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/remove_random_valued_properties_from_alert.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/remove_random_valued_properties_from_alert.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/remove_random_valued_properties_from_alert.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/remove_random_valued_properties_from_alert.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_tags.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_tags.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_tags.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/set_alert_tags.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/binary_to_string.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/binary_to_string.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/binary_to_string.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/binary_to_string.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/cases.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/cases.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/cases.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/cases.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/combine_to_ndjson.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/combine_to_ndjson.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/combine_to_ndjson.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/combine_to_ndjson.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/create_connector.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/create_connector.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/create_connector.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/create_connector.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/delete_connector.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/delete_connector.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/delete_connector.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/delete_connector.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_connector.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_connector.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_connector.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_connector.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_web_hook_connector_params.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_web_hook_connector_params.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_web_hook_connector_params.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/get_web_hook_connector_params.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/connectors/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/README.md b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/README.md similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/README.md rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/README.md diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/data_generator_factory.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/data_generator_factory.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/data_generator_factory.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/data_generator_factory.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_document.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_document.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_document.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_document.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_documents.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_documents.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_documents.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/enhance_documents.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/generate_documents.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/generate_documents.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/generate_documents.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/generate_documents.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_kql_query_from_documents_list.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_kql_query_from_documents_list.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_kql_query_from_documents_list.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_kql_query_from_documents_list.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_timestamp.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_timestamp.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_timestamp.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/get_timestamp.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index_documents.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index_documents.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index_documents.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/index_documents.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/data_generator/types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_event_log_execution_events.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_event_log_execution_events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_event_log_execution_events.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_event_log_execution_events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_gaps.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_gaps.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_gaps.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/delete_all_gaps.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/generate_gaps_for_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/generate_gaps_for_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/generate_gaps_for_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/generate_gaps_for_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/get_event_log_execute_complete_by_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/get_event_log_execute_complete_by_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/get_event_log_execute_complete_by_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/get_event_log_execute_complete_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index_event_log_execution_events.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index_event_log_execution_events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index_event_log_execution_events.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/index_event_log_execution_events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/item/create_exception_list_item.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/item/create_exception_list_item.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/item/create_exception_list_item.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/item/create_exception_list_item.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_exception_list.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_exception_list.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_exception_list.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_exception_list.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/delete_exception_list.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/delete_exception_list.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/delete_exception_list.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/delete_exception_list.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/move_index_to_frozen_data_tier.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/move_index_to_frozen_data_tier.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/move_index_to_frozen_data_tier.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/frozen_data_tier/move_index_to_frozen_data_tier.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_detection_metrics_from_body.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_detection_metrics_from_body.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_detection_metrics_from_body.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_detection_metrics_from_body.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_from_body.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_from_body.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_from_body.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_from_body.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_exception_metrics_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_index_name_from_load.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_index_name_from_load.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_index_name_from_load.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_index_name_from_load.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats_url.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats_url.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats_url.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_stats_url.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_from_body.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_from_body.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_from_body.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_from_body.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/get_value_list_metrics_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/machine_learning_setup.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/machine_learning_setup.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/machine_learning_setup.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/machine_learning/machine_learning_setup.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/refresh_index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/refresh_index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/refresh_index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/refresh_index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/retry_delete_by_query_conflicts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/retry_delete_by_query_conflicts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/retry_delete_by_query_conflicts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/retry_delete_by_query_conflicts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/check_investigation_field_in_so.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/check_investigation_field_in_so.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/check_investigation_field_in_so.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/check_investigation_field_in_so.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_legacy_rule_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_legacy_rule_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_legacy_rule_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_legacy_rule_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_non_security_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_non_security_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_non_security_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_non_security_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_saved_object.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_saved_object.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_saved_object.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_saved_object.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_auth.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_auth.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_auth.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_auth.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/downgrade_immutable_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/downgrade_immutable_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/downgrade_immutable_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/downgrade_immutable_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/fetch_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/fetch_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/fetch_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/fetch_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/find_immutable_rule_by_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/find_immutable_rule_by_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/find_immutable_rule_by_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/find_immutable_rule_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/generate_event.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/generate_event.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/generate_event.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/generate_event.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule_output.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule_output.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule_output.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_complex_rule_output.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_coverage_overview.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_coverage_overview.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_coverage_overview.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_coverage_overview.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_actions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_actions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_actions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_actions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_for_alert_testing_with_timestamp_override.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_for_alert_testing_with_timestamp_override.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_for_alert_testing_with_timestamp_override.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_for_alert_testing_with_timestamp_override.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_custom_query_rule_params.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_custom_query_rule_params.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_custom_query_rule_params.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_custom_query_rule_params.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_ml_rule_params.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_ml_rule_params.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_ml_rule_params.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_ml_rule_params.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_saved_query_rule_params.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_saved_query_rule_params.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_saved_query_rule_params.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_saved_query_rule_params.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_threshold_rule_params.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_threshold_rule_params.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_threshold_rule_params.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/get_threshold_rule_params.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_params/types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_so_by_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_so_by_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_so_by_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_so_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_legacy_investigation_fields.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_legacy_investigation_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_legacy_investigation_fields.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_legacy_investigation_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_web_hook_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_web_hook_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_web_hook_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_with_web_hook_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_output.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_output.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_output.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_output.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_update.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_update.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_update.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_ml_rule_update.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_preview_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_preview_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_preview_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_preview_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_as_ndjson.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_as_ndjson.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_as_ndjson.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_as_ndjson.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_with_web_hook_action.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_with_web_hook_action.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_with_web_hook_action.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_with_web_hook_action.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_without_rule_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_without_rule_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_without_rule_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_output_without_rule_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_preview_output.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_preview_output.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_preview_output.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_preview_output.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_update.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_update.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_update.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_update.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_without_rule_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_without_rule_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_without_rule_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_without_rule_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_saved_query_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_saved_query_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_saved_query_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_saved_query_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_threat_match.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_threat_match.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_threat_match.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_threat_match.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/import_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/import_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/import_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/import_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/patch_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/patch_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/patch_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/patch_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rule_saved_objects.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rule_saved_objects.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rule_saved_objects.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rule_saved_objects.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rules_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rules_package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rules_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rules_package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_prebuilt_rule_assets.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_prebuilt_rule_assets.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_prebuilt_rule_assets.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_prebuilt_rule_assets.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_timelines.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_timelines.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_timelines.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_all_timelines.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_fleet_packages.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_fleet_packages.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_fleet_packages.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/delete_fleet_packages.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_installed_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_installed_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_installed_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_installed_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rule_base_version.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rule_base_version.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rule_base_version.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rule_base_version.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_and_timelines_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_and_timelines_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_and_timelines_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_and_timelines_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_fleet_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_fleet_package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_fleet_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_fleet_package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_status.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_status.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/get_prebuilt_rules_status.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_fleet_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_fleet_package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_fleet_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_fleet_package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_mock_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_mock_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_mock_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_mock_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_and_timelines.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_and_timelines.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_and_timelines.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_and_timelines.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_fleet_package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_fleet_package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_fleet_package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_fleet_package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/perform_upgrade_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/perform_upgrade_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/perform_upgrade_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/perform_upgrade_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/revert_prebuilt_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/revert_prebuilt_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/revert_prebuilt_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/revert_prebuilt_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_install_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_install_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_install_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_install_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_upgrade_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_upgrade_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_upgrade_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/review_upgrade_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/set_up_rule_upgrade.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/set_up_rule_upgrade.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/set_up_rule_upgrade.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/set_up_rule_upgrade.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule_with_exception_entries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule_with_exception_entries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule_with_exception_entries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/preview_rule_with_exception_entries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties_including_rule_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties_including_rule_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties_including_rule_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/remove_server_generated_properties_including_rule_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_gaps.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_gaps.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_gaps.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_gaps.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_ndjson.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_ndjson.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_ndjson.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_ndjson.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_update_schema.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_update_schema.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_update_schema.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/rule_to_update_schema.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/run_soon_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/run_soon_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/run_soon_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/run_soon_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/update_rule.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/update_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/update_rule.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/rules/update_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/runtime.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/runtime.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/runtime.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/runtime.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/set_advanced_settings.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/set_advanced_settings.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/set_advanced_settings.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/set_advanced_settings.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/check_rule_type_usage.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/check_rule_type_usage.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/check_rule_type_usage.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/check_rule_type_usage.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/get_security_telemetry_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/get_security_telemetry_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/get_security_telemetry_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/get_security_telemetry_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/remove_time_fields_from_telemetry_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/remove_time_fields_from_telemetry_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/remove_time_fields_from_telemetry_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/telemetry/remove_time_fields_from_telemetry_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/update_username.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/update_username.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/update_username.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/update_username.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/blocklists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/blocklists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/blocklists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/blocklists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/event_filters.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/event_filters.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/event_filters.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/event_filters.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/host_isolation_exceptions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/host_isolation_exceptions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/host_isolation_exceptions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/host_isolation_exceptions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/trusted_apps.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/trusted_apps.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/trusted_apps.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/trusted_apps.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/endpoint_authz.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/endpoint_authz.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/endpoint_authz.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/endpoint_authz.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/metadata.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/metadata.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/metadata.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/metadata.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/package.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/package.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/package.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/package/trial_license_complete_tier/package.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/datastream_index_creation.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/datastream_index_creation.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/datastream_index_creation.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/datastream_index_creation.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/policy_response.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/policy_response.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/policy_response.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/policy_response/trial_license_complete_tier/policy_response.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/common.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/common.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/common.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/common.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity_id.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity_id.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/entity_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/events.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/events.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/tree.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/tree.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/tree.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/resolver/trial_license_complete_tier/tree.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/agent_type_support.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/agent_type_support.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/agent_type_support.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/agent_type_support.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/execute.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/execute.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/execute.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/execute.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/response_actions/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/siem_v3_global_artifact_management.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/siem_v3_global_artifact_management.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/siem_v3_global_artifact_management.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/search_ai_lake_tier/siem_v3_global_artifact_management.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/siem_v3_global_artifact_management.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/siem_v3_global_artifact_management.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/siem_v3_global_artifact_management.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/role_migrations/trial_license_complete_tier/siem_v3_global_artifact_management.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/artifacts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/artifacts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/artifacts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/artifacts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/response_actions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/response_actions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/response_actions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/response_actions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/role_backwards_compatibility.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/role_backwards_compatibility.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/role_backwards_compatibility.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/role_backwards_compatibility.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/space_awareness.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/space_awareness.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/space_awareness.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/space_awareness.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/utils/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/utils/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/utils/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/utils/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/edr_workflows/utils/supertest_error_logger.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/utils/supertest_error_logger.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/edr_workflows/utils/supertest_error_logger.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/edr_workflows/utils/supertest_error_logger.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entities_list.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entities_list.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entities_list.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entities_list.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store_nondefault_spaces.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store_nondefault_spaces.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store_nondefault_spaces.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/entity_store_nondefault_spaces.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/field_retention_operators.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/field_retention_operators.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/field_retention_operators.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/field_retention_operators.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/host_transform.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/host_transform.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/host_transform.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/host_transform.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/utils/ingest.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/utils/ingest.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/utils/ingest.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/utils/ingest.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/engine.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/engine.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/engine.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/engine.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privilege_monitoring_privileges_check.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privilege_monitoring_privileges_check.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privilege_monitoring_privileges_check.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privilege_monitoring_privileges_check.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_access_detection/pad_installation.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_access_detection/pad_installation.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_access_detection/pad_installation.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_access_detection/pad_installation.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/role_utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/role_utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/role_utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/role_utils.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/search_indices.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/search_indices.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/search_indices.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/search_indices.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/api_feature_access.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/api_feature_access.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/api_feature_access.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/api_feature_access.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_csv_upload.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_csv_upload.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_csv_upload.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_csv_upload.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_cleanup_api.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_cleanup_api.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_cleanup_api.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_cleanup_api.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_schedule_now.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_schedule_now.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_schedule_now.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_schedule_now.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_so_config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_so_config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_so_config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_engine_so_config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_entity_calculation.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_entity_calculation.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_entity_calculation.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_entity_calculation.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/data_view.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/data_view.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/data_view.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/data_view.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/elastic_asset_checker.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/elastic_asset_checker.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/elastic_asset_checker.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/elastic_asset_checker.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_analytics.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_analytics.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_analytics.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_analytics.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_metrics_from_body.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_metrics_from_body.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_metrics_from_body.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_metrics_from_body.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/get_risk_engine_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/move_index_to_slow_data_tier.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/move_index_to_slow_data_tier.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/move_index_to_slow_data_tier.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/move_index_to_slow_data_tier.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/privmon_advanced_settings.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privmon_advanced_settings.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/privmon_advanced_settings.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privmon_advanced_settings.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/users_and_roles.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/users_and_roles.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/users_and_roles.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/users_and_roles.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/mocks/host_details.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/mocks/host_details.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/mocks/host_details.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/mocks/host_details.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/host_details.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/host_details.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/host_details.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/host_details.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/hosts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/hosts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/hosts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/hosts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/uncommon_processes.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/uncommon_processes.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/uncommon_processes.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/uncommon_processes.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_details.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_details.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_details.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_details.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_dns.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_dns.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_dns.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_dns.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_top_n_flow.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_top_n_flow.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_top_n_flow.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_top_n_flow.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/tls.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/tls.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/tls.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/tls.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_host.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_host.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_host.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_host.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_network.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_network.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_network.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_network.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/authentications.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/authentications.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/authentications.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/authentications.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/users.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/users.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/users.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/users.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/common.ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/common.ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/common.ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/common.ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/schedules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/schedules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/schedules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/mocks/schedules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/create_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/create/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/delete_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/delete/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/disable_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/disable/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/enable_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/enable/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/find_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/find/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/get_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/get/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_ess.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_ess.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_ess.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_ess.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_serverless.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_serverless.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_serverless.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/trial_license_complete_tier/update/update_serverless.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/apis.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/apis.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/apis.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/apis.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_disabled.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_disabled.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_disabled.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_disabled.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_does_not_exist.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_does_not_exist.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_does_not_exist.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_does_not_exist.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_enabled.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_enabled.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_enabled.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_enabled.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_exists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_exists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_exists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/check_schedule_exists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/helpers.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/helpers.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/helpers.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/attack_discovery/schedules/utils/helpers.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/README.md b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/README.md similarity index 79% rename from x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/README.md rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/README.md index 4ccc615218825..6377debb443d5 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/README.md +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/README.md @@ -2,7 +2,7 @@ This FTR suite is for running the Security GenAI Assistant and Attack Discovery evaluation suites. Evaluations can either be run locally, or on CI by adding the `ci:security-genai-run-evals` GitHub label to a PR. CI evaluations are also run weekly by means of the `kibana-ess-security-solution-gen-ai-evals` BuildKite pipeline (located in `security_solution/gen_ai_evals.yml`), and can also be manually triggered from the [pipeline](https://buildkite.com/elastic/kibana-ess-security-solution-gen-ai-evals) directly on BuildKite. -Most pre-requisites for running the evaluations are managed for you. Connector/LangSmith secrets are stored in vault, and managed via the scripts in `x-pack/test/security_solution_api_integration/scripts/genai/vault`. They are then read from ENV variables at test-time. Data pre-requisites are managed on test setup and include the installation of ptTinyElser, setup of the Knowledge Base, and ingestion of Attack Discovery alerts and KB entries. +Most pre-requisites for running the evaluations are managed for you. Connector/LangSmith secrets are stored in vault, and managed via the scripts in `x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault`. They are then read from ENV variables at test-time. Data pre-requisites are managed on test setup and include the installation of ptTinyElser, setup of the Knowledge Base, and ingestion of Attack Discovery alerts and KB entries. > [!NOTE] > In discussion with @elastic/kibana-operations it was preferred to use the ci-prod vault for which we do not have access. so they are also mirrored to the `secrets.elastic.co` vault which can be modified via manage_secrets.ts and surrounding scripts so we can self-manage to a degree. @@ -12,7 +12,7 @@ Most pre-requisites for running the evaluations are managed for you. Connector/L All commands can be run from security test root: ``` -cd x-pack/test/security_solution_api_integration +cd x-pack/solutions/security/test/security_solution_api_integration ``` Ensure you are authenticated with vault for Connector + LangSmith creds: @@ -22,31 +22,35 @@ Ensure you are authenticated with vault for Connector + LangSmith creds: Fetch config, which includes Connectors and LangSmith creds: ``` -node scripts/genai/vault/retrieve_secrets +node scripts/genai/vault/retrieve_secrets ``` Load the env vars, and start server: + ``` export KIBANA_SECURITY_GEN_AI_CONFIG=$(base64 -w 0 < scripts/genai/vault/config.json) yarn genai_evals:server:ess ``` Then in another terminal, load vars and run the tests: + ``` export KIBANA_SECURITY_GEN_AI_CONFIG=$(base64 -w 0 < scripts/genai/vault/config.json) yarn genai_evals:runner:ess ``` ### To manually run on BuildKite: -Navigate to [BuildKite](https://buildkite.com/elastic/kibana-ess-security-solution-gen-ai-evals) and run `ftr-security-solution-gen-ai-evaluations` pipeline. If you want to run with a custom config, first modify `x-pack/test/security_solution_api_integration/scripts/genai/vault/config.json` and then run: + +Navigate to [BuildKite](https://buildkite.com/elastic/kibana-ess-security-solution-gen-ai-evals) and run `ftr-security-solution-gen-ai-evaluations` pipeline. If you want to run with a custom config, first modify `x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/config.json` and then run: ``` - node scripts/genai/vault/get_command --format env-var + node scripts/genai/vault/get_command --format env-var ``` which can then be pasted into `Environment Variables` section of the BuildKite pipeline. This is helpful for running evals just against a specific model or to change the evaluator model. ### To manually run on BuildKite for specific PR: + Add `ci:security-genai-run-evals` label to PR ### To update secrets @@ -56,11 +60,11 @@ As mentioned above, secrets are mirrored between two different vaults since acce Navigate to the test directory and fetch the latest secrets from our `siem-team` vault: ``` -cd x-pack/test/security_solution_api_integration +cd x-pack/solutions/security/test/security_solution_api_integration node scripts/genai/vault/retrieve_secrets ``` -Modify `x-pack/test/security_solution_api_integration/scripts/genai/vault/config.json` accordingly. +Modify `x-pack/solutions/security/test/security_solution_api_integration/scripts/genai/vault/config.json` accordingly. Then, run the following command to upload the secrets back to the `siem-team` vault: @@ -75,7 +79,7 @@ node scripts/genai/vault/retrieve_secrets.js --vault siem-team node scripts/genai/vault/upload_secrets.js --vault ci-prod ``` -Or you can run the below command and paste the results into https://p.elstc.co and share the link with them to make updating secrets a little easier: +Or you can run the below command and paste the results into https://p.elstc.co and share the link with them to make updating secrets a little easier: ``` node scripts/genai/vault/get_command --format vault-write --vault ci-prod diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/data/kb_entries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/data/kb_entries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/data/kb_entries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/data/kb_entries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/evaluations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/evaluations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/evaluations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/evaluations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/evaluations/trial_license_complete_tier/utils.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/mocks/entries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/mocks/entries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/mocks/entries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/mocks/entries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/delete_entry.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/delete_entry.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/delete_entry.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/delete_entry.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/find_entry.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/find_entry.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/find_entry.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/find_entry.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/get_entry.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/get_entry.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/get_entry.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/get_entry.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/helpers.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/helpers.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/helpers.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/helpers.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/remove_server_generated_properties.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/remove_server_generated_properties.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/remove_server_generated_properties.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/remove_server_generated_properties.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/update_entry.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/update_entry.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/update_entry.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/update_entry.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/task_execution.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/task_execution.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/task_execution.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/task_execution.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/task_execution.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/task_execution.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/task_execution.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/trial_license_complete_tier/task_execution.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/roles.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/roles.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/roles.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/roles.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/spaces.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/spaces.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/spaces.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/spaces.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/users.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/users.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/genai/utils/auth/users.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/utils/auth/users.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/notes_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/notes_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/notes_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/notes_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/utils/notes.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/notes.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/utils/notes.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/notes.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/utils/timelines.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/timelines.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/utils/timelines.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/timelines.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/utils/types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/utils/types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/utils/wait_for.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/wait_for.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/utils/wait_for.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/utils/wait_for.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/create_exception_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/create_exception_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/create_exception_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/create_exception_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/delete_exception_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/delete_exception_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/delete_exception_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/delete_exception_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/find_exception_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/find_exception_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/find_exception_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/find_exception_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/read_exception_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/read_exception_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/read_exception_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/read_exception_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/update_exception_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/update_exception_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/update_exception_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/items/update_exception_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/create_exception_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/create_exception_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/create_exception_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/create_exception_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/delete_exception_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/delete_exception_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/delete_exception_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/delete_exception_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/export_exception_list.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/export_exception_list.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/export_exception_list.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/export_exception_list.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/find_exception_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/find_exception_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/find_exception_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/find_exception_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/get_exception_filter.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/get_exception_filter.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/get_exception_filter.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/get_exception_filter.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/import_exceptions.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/import_exceptions.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/import_exceptions.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/import_exceptions.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/read_exception_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/read_exception_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/read_exception_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/read_exception_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/summary_exception_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/summary_exception_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/summary_exception_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/summary_exception_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/update_exception_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/update_exception_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/update_exception_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/update_exception_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/create_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/create_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/create_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/create_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/delete_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/delete_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/delete_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/delete_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/export_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/export_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/export_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/export_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/find_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/find_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/find_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/find_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/import_list_items_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/patch_list_items_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/read_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/read_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/read_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/read_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/items/update_list_items_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/create_lists_index_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/delete_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/delete_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/delete_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/delete_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists_by_size.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists_by_size.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists_by_size.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/find_lists_by_size.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/patch_lists_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_list_privileges.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_list_privileges.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_list_privileges.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_list_privileges.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/read_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists_migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists_migrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists_migrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/lists/update_lists_migrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/create.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/create.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/create.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/create.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/dashboards/create.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/dashboards/create.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/dashboards/create.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/dashboards/create.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/get.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/get.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/get.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/get.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/dashboard_migrations/stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/create.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/create.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/create.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/create.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/delete.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/delete.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/delete.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/delete.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_integrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_integrations.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_integrations.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_integrations.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_prebuilt_rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_prebuilt_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_prebuilt_rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/get_prebuilt_rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/install.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/install.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/install.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/install.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/integrations_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/integrations_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/integrations_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/integrations_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/create.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/create.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/create.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/create.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/get.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/get.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/get.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/get.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/update.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/update.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/update.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/rules/update.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/start.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/start.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/start.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/start.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stop.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stop.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stop.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/stop.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/update.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/update.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/update.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/rule_migrations/update.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/asserts.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/asserts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/asserts.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/asserts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboard_mocks.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboard_mocks.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboard_mocks.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboard_mocks.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboards.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboards.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboards.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/dashboards.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries_dashboards.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries_dashboards.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries_dashboards.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/es_queries_dashboards.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/mocks.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/mocks.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/mocks.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/mocks.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/resources.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/resources.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/resources.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/resources.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/rules.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/rules.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/rules.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/types.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/types.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/siem_migrations/utils/types.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/siem_migrations/utils/types.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/telemetry/configs/ess.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/configs/ess.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/telemetry/configs/ess.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/telemetry/configs/serverless.config.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/configs/serverless.config.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/telemetry/configs/serverless.config.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/configs/serverless.config.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/telemetry/index.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/telemetry/index.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/telemetry/tasks/endpoint.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/tasks/endpoint.ts similarity index 92% rename from x-pack/test/security_solution_api_integration/test_suites/telemetry/tasks/endpoint.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/tasks/endpoint.ts index a8af3fb7101e0..a891d790f98ae 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/telemetry/tasks/endpoint.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/tasks/endpoint.ts @@ -20,9 +20,12 @@ export default ({ getService }: FtrProviderContext) => { this.tags('skipServerless'); beforeEach(async () => { await esArchiver - .load('x-pack/test/security_solution_api_integration/es_archive/endpoint/metrics', { - useCreate: true, - }) + .load( + 'x-pack/solutions/security/test/security_solution_api_integration/es_archive/endpoint/metrics', + { + useCreate: true, + } + ) .catch((e) => { logger.error('>> Endpoint metrics and info task: load'); logger.error(e); @@ -44,7 +47,9 @@ export default ({ getService }: FtrProviderContext) => { afterEach(async () => { await esArchiver - .unload('x-pack/test/security_solution_api_integration/es_archive/endpoint/metrics') + .unload( + 'x-pack/solutions/security/test/security_solution_api_integration/es_archive/endpoint/metrics' + ) .catch((e) => { logger.error('>> Endpoint metrics and info task: unload'); logger.error(e); diff --git a/x-pack/test/security_solution_api_integration/test_suites/telemetry/tasks/indices_metadata.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/tasks/indices_metadata.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/telemetry/tasks/indices_metadata.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/tasks/indices_metadata.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/telemetry/tasks/ingest_pipeline_stats.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/tasks/ingest_pipeline_stats.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/telemetry/tasks/ingest_pipeline_stats.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/telemetry/tasks/ingest_pipeline_stats.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/utils.ts rename to x-pack/solutions/security/test/security_solution_api_integration/test_suites/utils.ts diff --git a/x-pack/test/security_solution_api_integration/tsconfig.json b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json similarity index 81% rename from x-pack/test/security_solution_api_integration/tsconfig.json rename to x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json index 9953d07987aaa..058fee55a4937 100644 --- a/x-pack/test/security_solution_api_integration/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json @@ -1,21 +1,17 @@ { - "extends": "../../../tsconfig.base.json", + "extends": "../../../../../tsconfig.base.json", "compilerOptions": { "outDir": "target/types", "types": ["node", "jest", "@kbn/ambient-ftr-types"] }, "include": [ "**/*", - "../../../typings/**/*", - "../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" + "../../../../../typings/**/*", + "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], "exclude": ["target/**/*"], "kbn_references": [ { "path": "../security_solution_endpoint/tsconfig.json" }, - "@kbn/test-suites-serverless", - { "path": "../../test_serverless/api_integration/**/*" }, - { "path": "../../test_serverless/shared/**/*" }, - { "path": "../../api_integration/services/**/*" }, "@kbn/dev-utils", "@kbn/test", "@kbn/expect", diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_permissions.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_permissions.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_permissions.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_permissions.ts diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_solution_integrations.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_solution_integrations.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_solution_integrations.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_solution_integrations.ts diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_telemetry.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_telemetry.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_telemetry.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_telemetry.ts diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_transform.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_transform.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_transform.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/endpoint_transform.ts diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/index.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/endpoint/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/endpoint/index.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/artifact_entries_list.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/artifact_entries_list.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/artifact_entries_list.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/artifact_entries_list.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/fleet_integrations.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/fleet_integrations.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/fleet_integrations.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/fleet_integrations.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/index.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/index.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/mocks.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/mocks.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/mocks.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/mocks.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/policy_details.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/policy_details.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/policy_details.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/policy_details.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/policy_list.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/policy_list.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/policy_list.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/policy_list.ts diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/trusted_apps_list.ts b/x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/trusted_apps_list.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/apps/integrations/trusted_apps_list.ts rename to x-pack/solutions/security/test/security_solution_endpoint/apps/integrations/trusted_apps_list.ts diff --git a/x-pack/test/security_solution_endpoint/configs/config.base.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts similarity index 98% rename from x-pack/test/security_solution_endpoint/configs/config.base.ts rename to x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts index 543468d5b23bf..1d34f4770664b 100644 --- a/x-pack/test/security_solution_endpoint/configs/config.base.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts @@ -51,7 +51,7 @@ export const generateConfig = async ({ const { createEndpointDockerConfig, getRegistryUrlAsArray } = SecuritySolutionEndpointRegistryHelpers(); const xpackFunctionalConfig = await readConfigFile( - require.resolve('../../functional/config.base.js') + require.resolve('../../functional/config.base.ts') ); return { diff --git a/x-pack/test/security_solution_endpoint/configs/endpoint.config.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts similarity index 89% rename from x-pack/test/security_solution_endpoint/configs/endpoint.config.ts rename to x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts index cad89b4b3dcd9..0d744c43b588b 100644 --- a/x-pack/test/security_solution_endpoint/configs/endpoint.config.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts @@ -11,12 +11,11 @@ import { generateConfig } from './config.base'; import { services } from '../services'; import { pageObjects } from '../page_objects'; -// eslint-disable-next-line import/no-default-export export default async function (ftrConfigProviderContext: FtrConfigProviderContext) { const { readConfigFile } = ftrConfigProviderContext; const xpackFunctionalConfig = await readConfigFile( - require.resolve('../../functional/config.base.js') + require.resolve('../../functional/config.base.ts') ); return generateConfig({ diff --git a/x-pack/test/security_solution_endpoint/configs/ftr_provider_context.d.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/ftr_provider_context.d.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/configs/ftr_provider_context.d.ts rename to x-pack/solutions/security/test/security_solution_endpoint/configs/ftr_provider_context.d.ts diff --git a/x-pack/test/security_solution_endpoint/configs/integrations.config.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts similarity index 91% rename from x-pack/test/security_solution_endpoint/configs/integrations.config.ts rename to x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts index 9a94b101dccf1..d596e8848c93c 100644 --- a/x-pack/test/security_solution_endpoint/configs/integrations.config.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts @@ -11,12 +11,11 @@ import { generateConfig } from './config.base'; import { services } from '../services'; import { pageObjects } from '../page_objects'; -// eslint-disable-next-line import/no-default-export export default async function (ftrConfigProviderContext: FtrConfigProviderContext) { const { readConfigFile } = ftrConfigProviderContext; const xpackFunctionalConfig = await readConfigFile( - require.resolve('../../functional/config.base.js') + require.resolve('../../functional/config.base.ts') ); return generateConfig({ diff --git a/x-pack/test/security_solution_endpoint/configs/serverless.endpoint.config.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.endpoint.config.ts similarity index 89% rename from x-pack/test/security_solution_endpoint/configs/serverless.endpoint.config.ts rename to x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.endpoint.config.ts index 3df139dc9dd9e..72045fba17df2 100644 --- a/x-pack/test/security_solution_endpoint/configs/serverless.endpoint.config.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.endpoint.config.ts @@ -11,12 +11,11 @@ import { generateConfig } from './config.base'; import { svlServices } from '../services'; import { svlPageObjects } from '../page_objects'; -// eslint-disable-next-line import/no-default-export export default async function (ftrConfigProviderContext: FtrConfigProviderContext) { const { readConfigFile } = ftrConfigProviderContext; const svlBaseConfig = await readConfigFile( - require.resolve('@kbn/test-suites-serverless/shared/config.base') + require.resolve('@kbn/test-suites-xpack-platform/serverless/shared/config.base') ); return generateConfig({ diff --git a/x-pack/test/security_solution_endpoint/configs/serverless.integrations.config.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.integrations.config.ts similarity index 90% rename from x-pack/test/security_solution_endpoint/configs/serverless.integrations.config.ts rename to x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.integrations.config.ts index 2822d16a979e3..1b0cdf777201b 100644 --- a/x-pack/test/security_solution_endpoint/configs/serverless.integrations.config.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/serverless.integrations.config.ts @@ -11,12 +11,11 @@ import { generateConfig } from './config.base'; import { svlServices } from '../services'; import { svlPageObjects } from '../page_objects'; -// eslint-disable-next-line import/no-default-export export default async function (ftrConfigProviderContext: FtrConfigProviderContext) { const { readConfigFile } = ftrConfigProviderContext; const svlBaseConfig = await readConfigFile( - require.resolve('@kbn/test-suites-serverless/shared/config.base') + require.resolve('@kbn/test-suites-xpack-platform/serverless/shared/config.base') ); return generateConfig({ diff --git a/x-pack/test/security_solution_endpoint/page_objects/artifact_entries_list_page.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/artifact_entries_list_page.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/artifact_entries_list_page.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/artifact_entries_list_page.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/endpoint_page.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/endpoint_page.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/endpoint_page.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/endpoint_page.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/endpoint_responder.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/endpoint_responder.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/endpoint_responder.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/endpoint_responder.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/fleet_integrations_page.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/fleet_integrations_page.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/fleet_integrations_page.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/fleet_integrations_page.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/ingest_manager_create_package_policy_page.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/ingest_manager_create_package_policy_page.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/ingest_manager_create_package_policy_page.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/ingest_manager_create_package_policy_page.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/page_utils.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/page_utils.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/page_utils.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/page_utils.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/policy_page.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/policy_page.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/policy_page.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/policy_page.ts diff --git a/x-pack/test/security_solution_endpoint/page_objects/trusted_apps_page.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/trusted_apps_page.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/page_objects/trusted_apps_page.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/trusted_apps_page.ts diff --git a/x-pack/test/security_solution_endpoint/services/endpoint.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/endpoint.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts diff --git a/x-pack/test/security_solution_endpoint/services/endpoint_artifacts.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/endpoint_artifacts.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts diff --git a/x-pack/test/security_solution_endpoint/services/endpoint_data_stream_helpers.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_data_stream_helpers.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/endpoint_data_stream_helpers.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_data_stream_helpers.ts diff --git a/x-pack/test/security_solution_endpoint/services/endpoint_policy.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_policy.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/endpoint_policy.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_policy.ts diff --git a/x-pack/test/security_solution_endpoint/services/endpoint_registry_helpers.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_registry_helpers.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/endpoint_registry_helpers.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_registry_helpers.ts diff --git a/x-pack/test/security_solution_endpoint/services/endpoint_telemetry.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_telemetry.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/endpoint_telemetry.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_telemetry.ts diff --git a/x-pack/test/security_solution_endpoint/services/fixtures/package_registry_config.yml b/x-pack/solutions/security/test/security_solution_endpoint/services/fixtures/package_registry_config.yml similarity index 100% rename from x-pack/test/security_solution_endpoint/services/fixtures/package_registry_config.yml rename to x-pack/solutions/security/test/security_solution_endpoint/services/fixtures/package_registry_config.yml diff --git a/x-pack/test/security_solution_endpoint/services/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts similarity index 94% rename from x-pack/test/security_solution_endpoint/services/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/index.ts index b4515e3d61e4c..8b7dc6bcbdc80 100644 --- a/x-pack/test/security_solution_endpoint/services/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts @@ -6,7 +6,7 @@ */ import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; -import { SvlCommonApiServiceProvider } from '@kbn/test-suites-serverless/shared/services/svl_common_api'; +import { SvlCommonApiServiceProvider } from '@kbn/test-suites-xpack-platform/serverless/shared/services/svl_common_api'; import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/ingest_manager'; import { services as xPackFunctionalServices } from '../../functional/services'; import { EndpointTelemetryTestResourcesProvider } from './endpoint_telemetry'; diff --git a/x-pack/test/security_solution_endpoint/services/roles_users_utils.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/roles_users_utils.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/roles_users_utils.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/roles_users_utils.ts diff --git a/x-pack/test/security_solution_endpoint/services/supertest_with_cert.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/supertest_with_cert.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/services/supertest_with_cert.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/supertest_with_cert.ts diff --git a/x-pack/test/security_solution_endpoint/target_tags.ts b/x-pack/solutions/security/test/security_solution_endpoint/target_tags.ts similarity index 100% rename from x-pack/test/security_solution_endpoint/target_tags.ts rename to x-pack/solutions/security/test/security_solution_endpoint/target_tags.ts diff --git a/x-pack/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json similarity index 78% rename from x-pack/test/security_solution_endpoint/tsconfig.json rename to x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 58da787d4b965..0d4f8d5a0d00b 100644 --- a/x-pack/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -1,5 +1,5 @@ { - "extends": "../../../tsconfig.base.json", + "extends": "../../../../../tsconfig.base.json", "compilerOptions": { "outDir": "target/types", "types": [ @@ -10,14 +10,13 @@ }, "include": [ "**/*", - "../../../typings/**/*", - "../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" + "../../../../../typings/**/*", + "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], "exclude": [ "target/**/*" ], "kbn_references": [ - "@kbn/test-suites-serverless", "@kbn/expect", "@kbn/security-solution-plugin", "@kbn/repo-info", diff --git a/x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts b/x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts new file mode 100644 index 0000000000000..e757164fa1de9 --- /dev/null +++ b/x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { GenericFtrProviderContext, GenericFtrService } from '@kbn/test'; + +import { pageObjects } from './page_objects'; +import { services } from './services'; + +export type FtrProviderContext = GenericFtrProviderContext; +export class FtrService extends GenericFtrService {} diff --git a/x-pack/test/security_solution_ftr/page_objects/detections/index.ts b/x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts similarity index 100% rename from x-pack/test/security_solution_ftr/page_objects/detections/index.ts rename to x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts diff --git a/x-pack/test/security_solution_ftr/page_objects/hosts/index.ts b/x-pack/solutions/security/test/security_solution_ftr/page_objects/hosts/index.ts similarity index 96% rename from x-pack/test/security_solution_ftr/page_objects/hosts/index.ts rename to x-pack/solutions/security/test/security_solution_ftr/page_objects/hosts/index.ts index 50e232a8693e1..c13f65a39277a 100644 --- a/x-pack/test/security_solution_ftr/page_objects/hosts/index.ts +++ b/x-pack/solutions/security/test/security_solution_ftr/page_objects/hosts/index.ts @@ -6,7 +6,7 @@ */ import { WebElementWrapper } from '@kbn/ftr-common-functional-ui-services'; -import { FtrService } from '../../../functional/ftr_provider_context'; +import { FtrService } from '../../ftr_provider_context'; export class HostsPageObject extends FtrService { private readonly pageObjects = this.ctx.getPageObjects(['common', 'header']); diff --git a/x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts b/x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts new file mode 100644 index 0000000000000..0165c27b2400e --- /dev/null +++ b/x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { pageObjects as platformPageObjects } from '@kbn/test-suites-xpack-platform/functional/page_objects'; + +export const pageObjects = { + ...platformPageObjects, +}; diff --git a/x-pack/test/security_solution_ftr/page_objects/timeline/index.ts b/x-pack/solutions/security/test/security_solution_ftr/page_objects/timeline/index.ts similarity index 98% rename from x-pack/test/security_solution_ftr/page_objects/timeline/index.ts rename to x-pack/solutions/security/test/security_solution_ftr/page_objects/timeline/index.ts index 2e5cc8492eaa2..d4636724c0f4c 100644 --- a/x-pack/test/security_solution_ftr/page_objects/timeline/index.ts +++ b/x-pack/solutions/security/test/security_solution_ftr/page_objects/timeline/index.ts @@ -7,7 +7,7 @@ import { subj as testSubjSelector } from '@kbn/test-subj-selector'; import { DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP } from '@kbn/security-solution-plugin/common/test'; -import { FtrService } from '../../../functional/ftr_provider_context'; +import { FtrService } from '../../ftr_provider_context'; const TIMELINE_BOTTOM_BAR_CONTAINER_TEST_SUBJ = 'timeline-bottom-bar'; const TIMELINE_CLOSE_BUTTON_TEST_SUBJ = 'timeline-modal-header-close-button'; diff --git a/x-pack/test/security_solution_ftr/services/detections/index.ts b/x-pack/solutions/security/test/security_solution_ftr/services/detections/index.ts similarity index 98% rename from x-pack/test/security_solution_ftr/services/detections/index.ts rename to x-pack/solutions/security/test/security_solution_ftr/services/detections/index.ts index e89741bade43c..680d1cd99e7fe 100644 --- a/x-pack/test/security_solution_ftr/services/detections/index.ts +++ b/x-pack/solutions/security/test/security_solution_ftr/services/detections/index.ts @@ -19,7 +19,7 @@ import { indexEndpointRuleAlerts, } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_rule_alerts'; import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; -import { FtrService } from '../../../functional/ftr_provider_context'; +import { FtrService } from '../../ftr_provider_context'; export class DetectionsTestService extends FtrService { private readonly supertest = this.ctx.getService('supertest'); diff --git a/x-pack/solutions/security/test/security_solution_ftr/services/index.ts b/x-pack/solutions/security/test/security_solution_ftr/services/index.ts new file mode 100644 index 0000000000000..5b3515c3d3f46 --- /dev/null +++ b/x-pack/solutions/security/test/security_solution_ftr/services/index.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { services as platformServices } from '@kbn/test-suites-xpack-platform/functional/services'; + +export const services = { + ...platformServices, +}; diff --git a/x-pack/test/security_solution_ftr/services/timeline/index.ts b/x-pack/solutions/security/test/security_solution_ftr/services/timeline/index.ts similarity index 98% rename from x-pack/test/security_solution_ftr/services/timeline/index.ts rename to x-pack/solutions/security/test/security_solution_ftr/services/timeline/index.ts index 2edc4a3b3a978..8e7b475938953 100644 --- a/x-pack/test/security_solution_ftr/services/timeline/index.ts +++ b/x-pack/solutions/security/test/security_solution_ftr/services/timeline/index.ts @@ -15,7 +15,7 @@ import { } from '@kbn/security-solution-plugin/common/api/timeline'; import moment from 'moment'; import { fromKueryExpression, toElasticsearchQuery } from '@kbn/es-query'; -import { FtrService } from '../../../functional/ftr_provider_context'; +import { FtrService } from '../../ftr_provider_context'; export class TimelineTestService extends FtrService { private readonly supertest = this.ctx.getService('supertest'); From 4779cb3b96cce60532a30dba804ca863634787f6 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 12 Aug 2025 10:03:54 +0000 Subject: [PATCH 02/42] [CI] Auto-commit changed files from 'security: 3rd-party dependencies' --- x-pack/solutions/security/test/tsconfig.json | 28 +++++++++++++++++++- x-pack/test/tsconfig.json | 1 - 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index 20a0dd8471830..6dab2f30adb62 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -56,6 +56,32 @@ "@kbn/session-view-plugin", "@kbn/repo-info", "@kbn/es-archiver", - "@kbn/task-manager-plugin" + "@kbn/task-manager-plugin", + "@kbn/openapi-common", + "@kbn/spaces-plugin", + "@kbn/securitysolution-exceptions-common", + "@kbn/securitysolution-endpoint-exceptions-common", + "@kbn/securitysolution-lists-common", + "@kbn/osquery-plugin", + "@kbn/search-types", + "@kbn/actions-plugin", + "@kbn/babel-register", + "@kbn/config-schema", + "@kbn/dev-cli-runner", + "@kbn/securitysolution-ecs", + "@kbn/core", + "@kbn/securitysolution-io-ts-list-types", + "@kbn/lists-plugin", + "@kbn/securitysolution-list-constants", + "@kbn/securitysolution-rules", + "@kbn/response-ops-rule-params", + "@kbn/datemath", + "@kbn/safer-lodash-set", + "@kbn/securitysolution-io-ts-alerting-types", + "@kbn/utility-types", + "@kbn/elastic-assistant-common", + "@kbn/elastic-assistant-plugin", + "@kbn/securitysolution-es-utils", + "@kbn/es-query" ] } diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json index 58099d2271324..2244d83cb4c12 100644 --- a/x-pack/test/tsconfig.json +++ b/x-pack/test/tsconfig.json @@ -33,7 +33,6 @@ "@kbn/rule-data-utils", "@kbn/test-subj-selector", "@kbn/rison", - "@kbn/es-query", "@kbn/core-http-common", "@kbn/dataset-quality-plugin", "@kbn/ftr-common-functional-ui-services", From 78eef65e0b1e0536f0e0e53d72c6df7d64552dd7 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 12:29:25 +0200 Subject: [PATCH 03/42] exclude new test dirs from main tsconfig --- x-pack/solutions/security/test/tsconfig.json | 2 ++ 1 file changed, 2 insertions(+) diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index 20a0dd8471830..56f18bf22603e 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -21,6 +21,8 @@ "*/plugins/**/*", "plugins/**/*", "security_solution_cypress/cypress/**/*", + "security_solution_api_integration/**/*", + "security_solution_endpoint/**/*", "*/packages/**/*", "*/*/packages/**/*", ], From 824d144e206ce4cb065a09750638cdd35ea7bb31 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 12:31:40 +0200 Subject: [PATCH 04/42] fix broken import in x-pack/test --- x-pack/test/functional/page_objects/index.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/x-pack/test/functional/page_objects/index.ts b/x-pack/test/functional/page_objects/index.ts index 512fb7f5157fd..3debb3507fa76 100644 --- a/x-pack/test/functional/page_objects/index.ts +++ b/x-pack/test/functional/page_objects/index.ts @@ -38,7 +38,6 @@ import { LogstashPageObject } from '@kbn/test-suites-xpack-platform/functional/p import { RollupPageObject } from '@kbn/test-suites-xpack-platform/functional/page_objects/rollup_page'; import { RemoteClustersPageProvider } from '@kbn/test-suites-xpack-platform/functional/page_objects/remote_clusters_page'; import { AssetDetailsProvider } from './asset_details'; -import { DetectionsPageObject } from '../../security_solution_ftr/page_objects/detections'; import { EmbeddedConsoleProvider } from './embedded_console'; import { InfraHomePageProvider } from './infra_home_page'; import { InfraHostsViewProvider } from './infra_hosts_view'; @@ -56,7 +55,6 @@ export const pageObjects = { canvas: CanvasPageProvider, copySavedObjectsToSpace: CopySavedObjectsToSpacePageProvider, crossClusterReplication: CrossClusterReplicationPageProvider, - detections: DetectionsPageObject, embeddedConsole: EmbeddedConsoleProvider, graph: GraphPageObject, grokDebugger: GrokDebuggerPageObject, From 3ae26e039ae9406acc9038ec7397300aaf4ff281 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 12:37:45 +0200 Subject: [PATCH 05/42] disable floating promise eslint validation for security_solution_api_integration --- src/dev/eslint/types.eslint.config.template.cjs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/dev/eslint/types.eslint.config.template.cjs b/src/dev/eslint/types.eslint.config.template.cjs index 4ad2391055f5d..2322076e61748 100644 --- a/src/dev/eslint/types.eslint.config.template.cjs +++ b/src/dev/eslint/types.eslint.config.template.cjs @@ -35,7 +35,10 @@ module.exports = { }, }, { - files: ['*spaces_api_integration/common/services/basic_auth_supertest.ts'], + files: [ + '*spaces_api_integration/common/services/basic_auth_supertest.ts', + // TODO: high chances missing awaits cause test flakiness, 37 errors spotted + 'x-pack/solutions/security/test/security_solution_api_integration/**/*'], rules: { '@typescript-eslint/no-floating-promises': 'off', }, From 50cf3abad941d7192283841aabfae4258b06e6d4 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 12 Aug 2025 10:51:00 +0000 Subject: [PATCH 06/42] [CI] Auto-commit changed files from 'security: 3rd-party dependencies' --- x-pack/solutions/security/test/tsconfig.json | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index 788a04ecc7464..a014691c781d5 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -65,25 +65,6 @@ "@kbn/securitysolution-endpoint-exceptions-common", "@kbn/securitysolution-lists-common", "@kbn/osquery-plugin", - "@kbn/search-types", - "@kbn/actions-plugin", - "@kbn/babel-register", - "@kbn/config-schema", - "@kbn/dev-cli-runner", - "@kbn/securitysolution-ecs", - "@kbn/core", - "@kbn/securitysolution-io-ts-list-types", - "@kbn/lists-plugin", - "@kbn/securitysolution-list-constants", - "@kbn/securitysolution-rules", - "@kbn/response-ops-rule-params", - "@kbn/datemath", - "@kbn/safer-lodash-set", - "@kbn/securitysolution-io-ts-alerting-types", - "@kbn/utility-types", - "@kbn/elastic-assistant-common", - "@kbn/elastic-assistant-plugin", - "@kbn/securitysolution-es-utils", "@kbn/es-query" ] } From edbaa89c3b6f761293782766627d6e98465dba15 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 14:15:47 +0200 Subject: [PATCH 07/42] fix TS error by adding rootDir tsconfig to references --- .../security/test/security_solution_endpoint/tsconfig.json | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 0d4f8d5a0d00b..ed93b85a9f019 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -17,6 +17,7 @@ "target/**/*" ], "kbn_references": [ + { "path": "../tsconfig.json" }, "@kbn/expect", "@kbn/security-solution-plugin", "@kbn/repo-info", From 992b9625470c61c1f1e8c58c44357d79825f2efb Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 12 Aug 2025 12:54:15 +0000 Subject: [PATCH 08/42] [CI] Auto-commit changed files from 'security: 3rd-party dependencies' --- .../security/test/security_solution_endpoint/tsconfig.json | 1 - 1 file changed, 1 deletion(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index ed93b85a9f019..0d4f8d5a0d00b 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -17,7 +17,6 @@ "target/**/*" ], "kbn_references": [ - { "path": "../tsconfig.json" }, "@kbn/expect", "@kbn/security-solution-plugin", "@kbn/repo-info", From 1ded6a9848114c795ab048f7c5d5d0168f5bfe35 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 15:21:49 +0200 Subject: [PATCH 09/42] load samlAuth service in ess/services_edr_workflows --- .../config/ess/services_edr_workflows.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts index fe657da72251e..a760699211cf8 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; import { EndpointTestResources } from '../../../security_solution_endpoint/services/endpoint'; import { EndpointArtifactsTestResources } from '../../../security_solution_endpoint/services/endpoint_artifacts'; import { EndpointPolicyTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint_policy'; @@ -28,4 +29,5 @@ export const services = { endpointDataStreamHelpers: SecuritySolutionEndpointDataStreamHelpers, endpointRegistryHelpers: SecuritySolutionEndpointRegistryHelpers, securitySolutionUtils: SecuritySolutionESSUtils, + samlAuth: commonFunctionalServices.samlAuth, }; From 96bfd56c0d916afea20b1cb2b9df1164cb121f6e Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 16:06:01 +0200 Subject: [PATCH 10/42] include security_solution_ftr under security_solution_endpoint project --- .../security/test/security_solution_endpoint/tsconfig.json | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 0d4f8d5a0d00b..8f09f1cbb443a 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -10,6 +10,7 @@ }, "include": [ "**/*", + "../security_solution_ftr/**/*", "../../../../../typings/**/*", "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], From ba5a15bc97b717dbde26b230fe7a1544b59a8333 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 12 Aug 2025 14:23:35 +0000 Subject: [PATCH 11/42] [CI] Auto-commit changed files from 'node scripts/yarn_deduplicate' --- .../security/test/security_solution_endpoint/tsconfig.json | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 8f09f1cbb443a..4f9641e38d25f 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -31,5 +31,6 @@ "@kbn/spaces-plugin", "@kbn/scout-info", "@kbn/test-suites-xpack-platform", + "@kbn/es-query", ] } From cef30f17154a30cd19a99024602797553b5b2c42 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 16:41:21 +0200 Subject: [PATCH 12/42] add tsconfig for security_solution_ftr and add its references --- .../tsconfig.json | 1 + .../security_solution_endpoint/tsconfig.json | 1 + .../test/security_solution_ftr/tsconfig.json | 26 +++++++++++++++++++ x-pack/solutions/security/test/tsconfig.json | 1 + 4 files changed, 29 insertions(+) create mode 100644 x-pack/solutions/security/test/security_solution_ftr/tsconfig.json diff --git a/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json index 058fee55a4937..c52885ccb3c46 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json @@ -12,6 +12,7 @@ "exclude": ["target/**/*"], "kbn_references": [ { "path": "../security_solution_endpoint/tsconfig.json" }, + "x-pack/solutions/security/test/security_solution_ftr", "@kbn/dev-utils", "@kbn/test", "@kbn/expect", diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 8f09f1cbb443a..7f7f3704ecd05 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -18,6 +18,7 @@ "target/**/*" ], "kbn_references": [ + "x-pack/solutions/security/test/security_solution_ftr", "@kbn/expect", "@kbn/security-solution-plugin", "@kbn/repo-info", diff --git a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json new file mode 100644 index 0000000000000..234ab0fce8e54 --- /dev/null +++ b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json @@ -0,0 +1,26 @@ +{ + "extends": "../../../../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types", + "types": [ + "node", + "@kbn/ambient-ftr-types" + ], + "allowJs": false + }, + "include": [ + "**/*", + "../../../../../typings/**/*", + "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" + ], + "exclude": [ + "target/**/*" + ], + "kbn_references": [ + "@kbn/test", + "@kbn/security-solution-plugin", + "@kbn/ftr-common-functional-ui-services", + "@kbn/test-subj-selector", + "@kbn/test-suites-xpack-platform", + ] +} diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index a014691c781d5..e7e730953047a 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -23,6 +23,7 @@ "security_solution_cypress/cypress/**/*", "security_solution_api_integration/**/*", "security_solution_endpoint/**/*", + "security_solution_ftr/**/*", "*/packages/**/*", "*/*/packages/**/*", ], From 88985cdc53925c2736316a2b26587b341eed95ff Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 12 Aug 2025 14:54:32 +0000 Subject: [PATCH 13/42] [CI] Auto-commit changed files from 'node scripts/yarn_deduplicate' --- .../test/security_solution_api_integration/tsconfig.json | 1 - .../security/test/security_solution_endpoint/tsconfig.json | 1 - .../solutions/security/test/security_solution_ftr/tsconfig.json | 1 + x-pack/solutions/security/test/tsconfig.json | 1 - 4 files changed, 1 insertion(+), 3 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json index c52885ccb3c46..058fee55a4937 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json @@ -12,7 +12,6 @@ "exclude": ["target/**/*"], "kbn_references": [ { "path": "../security_solution_endpoint/tsconfig.json" }, - "x-pack/solutions/security/test/security_solution_ftr", "@kbn/dev-utils", "@kbn/test", "@kbn/expect", diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 0cdb71f180693..4f9641e38d25f 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -18,7 +18,6 @@ "target/**/*" ], "kbn_references": [ - "x-pack/solutions/security/test/security_solution_ftr", "@kbn/expect", "@kbn/security-solution-plugin", "@kbn/repo-info", diff --git a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json index 234ab0fce8e54..408de7f4fafdf 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json @@ -22,5 +22,6 @@ "@kbn/ftr-common-functional-ui-services", "@kbn/test-subj-selector", "@kbn/test-suites-xpack-platform", + "@kbn/es-query", ] } diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index e7e730953047a..ef58749388869 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -66,6 +66,5 @@ "@kbn/securitysolution-endpoint-exceptions-common", "@kbn/securitysolution-lists-common", "@kbn/osquery-plugin", - "@kbn/es-query" ] } From 38604e6384c01d78deeaac3d6a371182bf0a8278 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 18:19:05 +0200 Subject: [PATCH 14/42] update kbn_references in security_solution_endpoint --- .../security/test/security_solution_endpoint/tsconfig.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 4f9641e38d25f..8b85648505aad 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -10,7 +10,6 @@ }, "include": [ "**/*", - "../security_solution_ftr/**/*", "../../../../../typings/**/*", "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], @@ -18,6 +17,7 @@ "target/**/*" ], "kbn_references": [ + { "path": "../security_solution_ftr/tsconfig.json" }, "@kbn/expect", "@kbn/security-solution-plugin", "@kbn/repo-info", From 236c4ced507d31cd0287d9aad6bfe4a35fbc4524 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 12 Aug 2025 16:35:38 +0000 Subject: [PATCH 15/42] [CI] Auto-commit changed files from 'node scripts/lint_ts_projects --fix' --- .../security/test/security_solution_endpoint/tsconfig.json | 1 - 1 file changed, 1 deletion(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 8b85648505aad..d68dccbbe285a 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -31,6 +31,5 @@ "@kbn/spaces-plugin", "@kbn/scout-info", "@kbn/test-suites-xpack-platform", - "@kbn/es-query", ] } From 102e38056415104b7cfaae74bf10c89393df0f63 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 19:19:17 +0200 Subject: [PATCH 16/42] exclude ../functional/**/* in security_solution_ftr --- .../security/test/security_solution_ftr/tsconfig.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json index 408de7f4fafdf..022d0552e0487 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json @@ -14,7 +14,8 @@ "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], "exclude": [ - "target/**/*" + "target/**/*", + "../functional/**/*" ], "kbn_references": [ "@kbn/test", From 72bf11e503286972c9545a2aa005408e78dafb8f Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 19:23:20 +0200 Subject: [PATCH 17/42] fix import --- .../security_solution_ftr/page_objects/detections/index.ts | 2 +- .../security/test/security_solution_ftr/tsconfig.json | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts b/x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts index e4b1e8e0c4169..41a6f44b77f89 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts +++ b/x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts @@ -6,7 +6,7 @@ */ import { WebElementWrapper } from '@kbn/ftr-common-functional-ui-services'; -import { FtrService } from '../../../functional/ftr_provider_context'; +import { FtrService } from '../../ftr_provider_context'; const ALERT_TABLE_ROW_CSS_SELECTOR = '[data-test-subj="alertsTableIsLoaded"] .euiDataGridRow'; diff --git a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json index 022d0552e0487..408de7f4fafdf 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json @@ -14,8 +14,7 @@ "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], "exclude": [ - "target/**/*", - "../functional/**/*" + "target/**/*" ], "kbn_references": [ "@kbn/test", From 7d4d7ff38bb343bd3ab560d146c1e546bff71ce7 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 20:17:16 +0200 Subject: [PATCH 18/42] exclude /functional from root tsconfig --- x-pack/solutions/security/test/tsconfig.json | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index ef58749388869..024419741edc6 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -24,6 +24,7 @@ "security_solution_api_integration/**/*", "security_solution_endpoint/**/*", "security_solution_ftr/**/*", + "functional/**/*", "*/packages/**/*", "*/*/packages/**/*", ], From cb705f20bb9dca806aabef47c3a96d6d2b01a93e Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 12 Aug 2025 20:21:57 +0200 Subject: [PATCH 19/42] add /functional in tsconfig --- .../security/test/security_solution_endpoint/tsconfig.json | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index d68dccbbe285a..ff78a5ae1e431 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -10,6 +10,7 @@ }, "include": [ "**/*", + "../functional/**/*", "../../../../../typings/**/*", "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], From 24399138f73030f600126fa881ebeedbdae15868 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 13 Aug 2025 14:38:21 +0200 Subject: [PATCH 20/42] relocate services and POs from security_solution_ftr into security_solution_endpoint --- .github/CODEOWNERS | 1 - .../configs/ftr_provider_context.d.ts | 4 ++- .../page_objects/detections.ts} | 3 +-- .../page_objects/hosts.ts} | 2 +- .../page_objects/index.ts | 6 ++--- .../page_objects/timeline.ts} | 2 +- .../services/detections.ts} | 2 +- .../services/index.ts | 4 +-- .../services/timeline.ts} | 2 +- .../security_solution_endpoint/tsconfig.json | 1 - .../ftr_provider_context.ts | 14 ---------- .../page_objects/index.ts | 12 --------- .../security_solution_ftr/services/index.ts | 12 --------- .../test/security_solution_ftr/tsconfig.json | 27 ------------------- x-pack/solutions/security/test/tsconfig.json | 1 - 15 files changed, 13 insertions(+), 80 deletions(-) rename x-pack/solutions/security/test/{security_solution_ftr/page_objects/detections/index.ts => security_solution_endpoint/page_objects/detections.ts} (99%) rename x-pack/solutions/security/test/{security_solution_ftr/page_objects/hosts/index.ts => security_solution_endpoint/page_objects/hosts.ts} (97%) rename x-pack/solutions/security/test/{security_solution_ftr/page_objects/timeline/index.ts => security_solution_endpoint/page_objects/timeline.ts} (98%) rename x-pack/solutions/security/test/{security_solution_ftr/services/detections/index.ts => security_solution_endpoint/services/detections.ts} (98%) rename x-pack/solutions/security/test/{security_solution_ftr/services/timeline/index.ts => security_solution_endpoint/services/timeline.ts} (98%) delete mode 100644 x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts delete mode 100644 x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts delete mode 100644 x-pack/solutions/security/test/security_solution_ftr/services/index.ts delete mode 100644 x-pack/solutions/security/test/security_solution_ftr/tsconfig.json diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 1a9f6565282da..5a84935717976 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2433,7 +2433,6 @@ x-pack/platform/test/functional/page_objects/search_profiler_page.ts @elastic/se # Security Solution /x-pack/solutions/security/test/fixtures/kbn_archives/timelines/7.15.0_space @elastic/security-solution # Assigned per only use: https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts#L58 /x-pack/solutions/security/test/fixtures/es_archives/packetbeat @elastic/security-solution -/x-pack/solutions/security/test/security_solution_ftr @elastic/security-solution /x-pack/solutions/security/test/fixtures/es_archives/security_solution @elastic/security-solution /x-pack/solutions/security/test/fixtures/es_archives/rule_exceptions @elastic/security-solution # Assigned per https://github.com/elastic/kibana/pull/199795/files/ae80bb252bc71f787c122849fcb9b01e386fc5e9#r1840233040 /x-pack/solutions/security/test/functional/ @elastic/security-solution diff --git a/x-pack/solutions/security/test/security_solution_endpoint/configs/ftr_provider_context.d.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/ftr_provider_context.d.ts index 1166169b76ba2..04030b05b76f0 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/configs/ftr_provider_context.d.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/ftr_provider_context.d.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { GenericFtrProviderContext } from '@kbn/test'; +import { GenericFtrProviderContext, GenericFtrService } from '@kbn/test'; import { pageObjects, svlPageObjects } from '../page_objects'; import { services, svlServices } from '../services'; @@ -14,3 +14,5 @@ export type FtrProviderContext = GenericFtrProviderContext< typeof services & typeof svlServices, typeof pageObjects & typeof svlPageObjects >; + +export class FtrService extends GenericFtrService {} diff --git a/x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts similarity index 99% rename from x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts index 41a6f44b77f89..44b284f16c178 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/page_objects/detections/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts @@ -6,8 +6,7 @@ */ import { WebElementWrapper } from '@kbn/ftr-common-functional-ui-services'; -import { FtrService } from '../../ftr_provider_context'; - +import { FtrService } from '../configs/ftr_provider_context'; const ALERT_TABLE_ROW_CSS_SELECTOR = '[data-test-subj="alertsTableIsLoaded"] .euiDataGridRow'; export class DetectionsPageObject extends FtrService { diff --git a/x-pack/solutions/security/test/security_solution_ftr/page_objects/hosts/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts similarity index 97% rename from x-pack/solutions/security/test/security_solution_ftr/page_objects/hosts/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts index c13f65a39277a..7ad44512e4d27 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/page_objects/hosts/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts @@ -6,7 +6,7 @@ */ import { WebElementWrapper } from '@kbn/ftr-common-functional-ui-services'; -import { FtrService } from '../../ftr_provider_context'; +import { FtrService } from '../configs/ftr_provider_context'; export class HostsPageObject extends FtrService { private readonly pageObjects = this.ctx.getPageObjects(['common', 'header']); diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts index 14947275067ae..7e2e40b2ff6bf 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts @@ -10,10 +10,10 @@ import { pageObjects as xpackFunctionalPageObjects } from '../../functional/page import { EndpointPageProvider } from './endpoint_page'; import { EndpointPageUtils } from './page_utils'; import { IngestManagerCreatePackagePolicy } from './ingest_manager_create_package_policy_page'; -import { DetectionsPageObject } from '../../security_solution_ftr/page_objects/detections'; -import { HostsPageObject } from '../../security_solution_ftr/page_objects/hosts'; +import { DetectionsPageObject } from './detections'; +import { HostsPageObject } from './hosts'; import { EndpointResponderPageObjects } from './endpoint_responder'; -import { TimelinePageObject } from '../../security_solution_ftr/page_objects/timeline'; +import { TimelinePageObject } from './timeline'; import { EndpointPolicyPageProvider } from './policy_page'; import { TrustedAppsPageProvider } from './trusted_apps_page'; import { FleetIntegrations } from './fleet_integrations_page'; diff --git a/x-pack/solutions/security/test/security_solution_ftr/page_objects/timeline/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts similarity index 98% rename from x-pack/solutions/security/test/security_solution_ftr/page_objects/timeline/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts index d4636724c0f4c..6cea3221fff79 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/page_objects/timeline/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts @@ -7,7 +7,7 @@ import { subj as testSubjSelector } from '@kbn/test-subj-selector'; import { DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP } from '@kbn/security-solution-plugin/common/test'; -import { FtrService } from '../../ftr_provider_context'; +import { FtrService } from '../configs/ftr_provider_context'; const TIMELINE_BOTTOM_BAR_CONTAINER_TEST_SUBJ = 'timeline-bottom-bar'; const TIMELINE_CLOSE_BUTTON_TEST_SUBJ = 'timeline-modal-header-close-button'; diff --git a/x-pack/solutions/security/test/security_solution_ftr/services/detections/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts similarity index 98% rename from x-pack/solutions/security/test/security_solution_ftr/services/detections/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts index 680d1cd99e7fe..0bf9c05959f14 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/services/detections/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts @@ -19,7 +19,7 @@ import { indexEndpointRuleAlerts, } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_rule_alerts'; import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; -import { FtrService } from '../../ftr_provider_context'; +import { FtrService } from '../../functional/ftr_provider_context'; export class DetectionsTestService extends FtrService { private readonly supertest = this.ctx.getService('supertest'); diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts index 8b7dc6bcbdc80..7f5b070970e25 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts @@ -11,8 +11,8 @@ import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integ import { services as xPackFunctionalServices } from '../../functional/services'; import { EndpointTelemetryTestResourcesProvider } from './endpoint_telemetry'; import { EndpointTestResources } from './endpoint'; -import { TimelineTestService } from '../../security_solution_ftr/services/timeline'; -import { DetectionsTestService } from '../../security_solution_ftr/services/detections'; +import { TimelineTestService } from './timeline'; +import { DetectionsTestService } from './detections'; import { EndpointPolicyTestResourcesProvider } from './endpoint_policy'; import { EndpointArtifactsTestResources } from './endpoint_artifacts'; import { diff --git a/x-pack/solutions/security/test/security_solution_ftr/services/timeline/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts similarity index 98% rename from x-pack/solutions/security/test/security_solution_ftr/services/timeline/index.ts rename to x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts index 8e7b475938953..8efb48f8a83f2 100644 --- a/x-pack/solutions/security/test/security_solution_ftr/services/timeline/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts @@ -15,7 +15,7 @@ import { } from '@kbn/security-solution-plugin/common/api/timeline'; import moment from 'moment'; import { fromKueryExpression, toElasticsearchQuery } from '@kbn/es-query'; -import { FtrService } from '../../ftr_provider_context'; +import { FtrService } from '../../functional/ftr_provider_context'; export class TimelineTestService extends FtrService { private readonly supertest = this.ctx.getService('supertest'); diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index ff78a5ae1e431..88d7f5984ddc6 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -18,7 +18,6 @@ "target/**/*" ], "kbn_references": [ - { "path": "../security_solution_ftr/tsconfig.json" }, "@kbn/expect", "@kbn/security-solution-plugin", "@kbn/repo-info", diff --git a/x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts b/x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts deleted file mode 100644 index e757164fa1de9..0000000000000 --- a/x-pack/solutions/security/test/security_solution_ftr/ftr_provider_context.ts +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { GenericFtrProviderContext, GenericFtrService } from '@kbn/test'; - -import { pageObjects } from './page_objects'; -import { services } from './services'; - -export type FtrProviderContext = GenericFtrProviderContext; -export class FtrService extends GenericFtrService {} diff --git a/x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts b/x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts deleted file mode 100644 index 0165c27b2400e..0000000000000 --- a/x-pack/solutions/security/test/security_solution_ftr/page_objects/index.ts +++ /dev/null @@ -1,12 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { pageObjects as platformPageObjects } from '@kbn/test-suites-xpack-platform/functional/page_objects'; - -export const pageObjects = { - ...platformPageObjects, -}; diff --git a/x-pack/solutions/security/test/security_solution_ftr/services/index.ts b/x-pack/solutions/security/test/security_solution_ftr/services/index.ts deleted file mode 100644 index 5b3515c3d3f46..0000000000000 --- a/x-pack/solutions/security/test/security_solution_ftr/services/index.ts +++ /dev/null @@ -1,12 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { services as platformServices } from '@kbn/test-suites-xpack-platform/functional/services'; - -export const services = { - ...platformServices, -}; diff --git a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json b/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json deleted file mode 100644 index 408de7f4fafdf..0000000000000 --- a/x-pack/solutions/security/test/security_solution_ftr/tsconfig.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "extends": "../../../../../tsconfig.base.json", - "compilerOptions": { - "outDir": "target/types", - "types": [ - "node", - "@kbn/ambient-ftr-types" - ], - "allowJs": false - }, - "include": [ - "**/*", - "../../../../../typings/**/*", - "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" - ], - "exclude": [ - "target/**/*" - ], - "kbn_references": [ - "@kbn/test", - "@kbn/security-solution-plugin", - "@kbn/ftr-common-functional-ui-services", - "@kbn/test-subj-selector", - "@kbn/test-suites-xpack-platform", - "@kbn/es-query", - ] -} diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index 024419741edc6..75e5328793bfb 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -23,7 +23,6 @@ "security_solution_cypress/cypress/**/*", "security_solution_api_integration/**/*", "security_solution_endpoint/**/*", - "security_solution_ftr/**/*", "functional/**/*", "*/packages/**/*", "*/*/packages/**/*", From 58626b88a22f6c162e08c236c6a2d404663b4fb5 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 13 Aug 2025 12:49:57 +0000 Subject: [PATCH 21/42] [CI] Auto-commit changed files from 'node scripts/lint_ts_projects --fix' --- .../security/test/security_solution_endpoint/tsconfig.json | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 88d7f5984ddc6..31e0169f3a955 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -31,5 +31,6 @@ "@kbn/spaces-plugin", "@kbn/scout-info", "@kbn/test-suites-xpack-platform", + "@kbn/es-query", ] } From 5b9553f3adefa8e93a1c77f9a9636e999bfe9538 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 13 Aug 2025 16:11:16 +0200 Subject: [PATCH 22/42] finally fix TS project errors... --- .../ess/config.base.edr_workflows.trial.ts | 2 +- .../config/ess/config.base.ts | 2 +- .../config/ess/services.ts | 6 +- .../config/ess/services_edr_workflows.ts | 2 +- .../config/serverless/services.ts | 4 +- .../services/security_solution_api.gen.ts | 2451 +++++++++++++++++ .../security_solution_exceptions_api.gen.ts | 299 ++ .../frozen_indices_handling.ts | 2 +- .../entity_analytics/utils/entity_store.ts | 2 +- .../trial_license_complete_tier/sources.ts | 2 +- .../tsconfig.json | 2 +- .../configs/config.base.ts | 2 +- .../configs/endpoint.config.ts | 2 +- .../configs/integrations.config.ts | 2 +- .../page_objects/index.ts | 4 +- .../services/detections.ts | 2 +- .../services/endpoint.ts | 2 +- .../services/endpoint_artifacts.ts | 2 +- .../services/index.ts | 4 +- .../services/roles_users_utils.ts | 2 +- .../services/timeline.ts | 2 +- .../security_solution_endpoint/tsconfig.json | 1 - x-pack/solutions/security/test/tsconfig.json | 1 - 23 files changed, 2776 insertions(+), 24 deletions(-) create mode 100644 x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts create mode 100644 x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_exceptions_api.gen.ts diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts index b2ca24d142675..c1af187093cb2 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.edr_workflows.trial.ts @@ -11,7 +11,7 @@ import { services } from './services_edr_workflows'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const xPackAPITestsConfig = await readConfigFile( - require.resolve('../../../api_integration/config.ts') + require.resolve('@kbn/test-suites-xpack-platform/api_integration/config') ); return generateConfig({ diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts index 3ee48a450073f..fc647fb385c82 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts @@ -54,7 +54,7 @@ export function createTestConfig(options: CreateTestConfigOptions, testFiles?: s return async ({ readConfigFile }: FtrConfigProviderContext) => { const xPackApiIntegrationTestsConfig = await readConfigFile( - require.resolve('../../../api_integration/config.ts') + require.resolve('@kbn/test-suites-xpack-platform/api_integration/config') ); const servers = { ...xPackApiIntegrationTestsConfig.get('servers'), diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts index 5cb8f6e72d05c..f4d952ddb2675 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts @@ -6,12 +6,16 @@ */ import { KibanaEBTServerProvider } from '@kbn/test-suites-src/analytics/services/kibana_ebt'; +import { services as essServices } from '@kbn/test-suites-xpack-platform/api_integration/services'; import { SecuritySolutionESSUtils } from '../services/security_solution_ess_utils'; import { SpacesServiceProvider } from '../services/spaces_service'; -import { services as essServices } from '../../../api_integration/services'; +import { SecuritySolutionApiProvider } from '../services/security_solution_api.gen'; +import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from '../services/security_solution_exceptions_api.gen'; export const services = { ...essServices, + securitySolutionApi: SecuritySolutionApiProvider, + securitySolutionExceptionsApi: SecuritySolutionExceptionsApiProvider, spaces: SpacesServiceProvider, securitySolutionUtils: SecuritySolutionESSUtils, kibana_ebt_server: KibanaEBTServerProvider, diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts index a760699211cf8..5a5b08e9bd403 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts @@ -6,11 +6,11 @@ */ import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; +import { services as xPackAPIServices } from '@kbn/test-suites-xpack-platform/api_integration/services'; import { EndpointTestResources } from '../../../security_solution_endpoint/services/endpoint'; import { EndpointArtifactsTestResources } from '../../../security_solution_endpoint/services/endpoint_artifacts'; import { EndpointPolicyTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint_policy'; -import { services as xPackAPIServices } from '../../../api_integration/services'; import { ResolverGeneratorProvider } from '../services/security_solution_edr_workflows_resolver'; import { RolesUsersProvider } from '../services/security_solution_edr_workflows_roles_users'; import { diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts index 02778cd51189e..ad5952ffc52c3 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts @@ -12,8 +12,8 @@ import { SearchSecureService } from '../services/search_secure'; import { SpacesServiceProvider } from '../services/spaces_service'; import { SecuritySolutionServerlessUtils } from '../services/security_solution_serverless_utils'; import { SecuritySolutionServerlessSuperTest } from '../services/security_solution_serverless_supertest'; -import { SecuritySolutionApiProvider } from '../../../api_integration/services/security_solution_api.gen'; -import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from '../../../api_integration/services/security_solution_exceptions_api.gen'; +import { SecuritySolutionApiProvider } from '../services/security_solution_api.gen'; +import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from '../services/security_solution_exceptions_api.gen'; export const services = { ...serverlessServices, diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts new file mode 100644 index 0000000000000..ba15243c27d36 --- /dev/null +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts @@ -0,0 +1,2451 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; +import { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; +import { CleanDraftTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; +import { ConfigureRiskEngineSavedObjectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; +import { CopyTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/copy_timeline/copy_timeline_route.gen'; +import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; +import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; +import { CreateDashboardMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { + CreateDashboardMigrationDashboardsRequestParamsInput, + CreateDashboardMigrationDashboardsRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { CreatePrivilegesImportIndexRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/create_index.gen'; +import { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/create.gen'; +import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; +import { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + CreateRuleMigrationRulesRequestParamsInput, + CreateRuleMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen'; +import { + CreateUpdateProtectionUpdatesNoteRequestParamsInput, + CreateUpdateProtectionUpdatesNoteRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; +import { + DeleteEntityEngineRequestQueryInput, + DeleteEntityEngineRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; +import { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; +import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; +import { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/delete.gen'; +import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; +import { DeleteRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; +import { DeprecatedTriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { EndpointExecuteActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/execute/execute.gen'; +import { EndpointFileDownloadRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_download/file_download.gen'; +import { EndpointFileInfoRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_info/file_info.gen'; +import { EndpointGetActionsDetailsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/details/details.gen'; +import { EndpointGetActionsListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/list/list.gen'; +import { EndpointGetActionsStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/status/status.gen'; +import { EndpointGetFileActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; +import { EndpointGetProcessesActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; +import { EndpointIsolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; +import { EndpointKillProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; +import { EndpointScanActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/scan/scan.gen'; +import { EndpointSuspendProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; +import { EndpointUnisolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; +import { + ExportRulesRequestQueryInput, + ExportRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; +import { + ExportTimelinesRequestQueryInput, + ExportTimelinesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/timeline/export_timelines/export_timelines_route.gen'; +import { FinalizeAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; +import { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; +import { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; +import { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; +import { GetDashboardMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { GetDashboardMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; +import { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; +import { + GetEndpointSuggestionsRequestParamsInput, + GetEndpointSuggestionsRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; +import { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; +import { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; +import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; +import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; +import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { + GetRuleExecutionEventsRequestQueryInput, + GetRuleExecutionEventsRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; +import { + GetRuleExecutionResultsRequestQueryInput, + GetRuleExecutionResultsRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; +import { GetRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationPrebuiltRulesRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationResourcesRequestQueryInput, + GetRuleMigrationResourcesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationRulesRequestQueryInput, + GetRuleMigrationRulesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationTranslationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timeline/get_timeline_route.gen'; +import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timelines/get_timelines_route.gen'; +import { GetWorkflowInsightsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; +import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen'; +import { + InitEntityEngineRequestParamsInput, + InitEntityEngineRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/init.gen'; +import { InitEntityStoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/enable.gen'; +import { + InstallMigrationRulesRequestParamsInput, + InstallMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; +import { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; +import { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; +import { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; +import { + PerformRulesBulkActionRequestQueryInput, + PerformRulesBulkActionRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; +import { PersistFavoriteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_favorite/persist_favorite_route.gen'; +import { PersistNoteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_note/persist_note_route.gen'; +import { PersistPinnedEventRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/pinned_events/pinned_events_route.gen'; +import { PreviewRiskScoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/preview_route.gen'; +import { ReadAlertsMigrationStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; +import { ReadRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; +import { ResolveTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; +import { + RulePreviewRequestQueryInput, + RulePreviewRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_preview/rule_preview.gen'; +import { RunScriptActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; +import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; +import { SearchPrivilegesIndicesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/search_indices.gen'; +import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; +import { SetAlertsStatusRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; +import { SetAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; +import { StartEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen'; +import { + StartRuleMigrationRequestParamsInput, + StartRuleMigrationRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { StopEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen'; +import { StopRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { SuggestUserProfilesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/users/suggest_user_profiles_route.gen'; +import { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { + UpdateEntitySourceRequestParamsInput, + UpdateEntitySourceRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { + UpdatePrivMonUserRequestParamsInput, + UpdatePrivMonUserRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/update.gen'; +import { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; +import { + UpdateRuleMigrationRequestParamsInput, + UpdateRuleMigrationRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateRuleMigrationIndexPatternRequestParamsInput, + UpdateRuleMigrationIndexPatternRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateRuleMigrationRulesRequestParamsInput, + UpdateRuleMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateWorkflowInsightRequestParamsInput, + UpdateWorkflowInsightRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { + UpsertRuleMigrationResourcesRequestParamsInput, + UpsertRuleMigrationResourcesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { FtrProviderContext } from '../../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * Migrations favor data integrity over shard size. Consequently, unused or orphaned indices are artifacts of +the migration process. A successful migration will result in both the old and new indices being present. +As such, the old, orphaned index can (and likely should) be deleted. + +While you can delete these indices manually, +the endpoint accomplishes this task by applying a deletion policy to the relevant index, causing it to be deleted +after 30 days. It also deletes other artifacts specific to the migration implementation. + + */ + alertsMigrationCleanup(props: AlertsMigrationCleanupProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + applyEntityEngineDataviewIndices(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_store/engines/apply_dataview_indices', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + assetCriticalityGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/asset_criticality/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Ensures that the packages needed for prebuilt detection rules to work are installed and up to date + */ + bootstrapPrebuiltRules(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace('/internal/detection_engine/prebuilt_rules/_bootstrap', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Bulk upsert up to 1000 asset criticality records. + +If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created. + + */ + bulkUpsertAssetCriticalityRecords( + props: BulkUpsertAssetCriticalityRecordsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality/bulk', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a clean draft Timeline or Timeline template for the current user. +> info +> If the user already has a draft Timeline, the existing draft Timeline is cleared and returned. + + */ + cleanDraftTimelines(props: CleanDraftTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Cleaning up the the Risk Engine by removing the indices, mapping and transforms + */ + cleanUpRiskEngine(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/risk_score/engine/dangerously_delete_data', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Configuring the Risk Engine Saved Object + */ + configureRiskEngineSavedObject( + props: ConfigureRiskEngineSavedObjectProps, + kibanaSpace: string = 'default' + ) { + return supertest + .patch(getRouteUrlForSpace('/api/risk_score/engine/saved_object/configure', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Copies and returns a timeline or timeline template. + + */ + copyTimeline(props: CopyTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/_copy', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Initiate a migration of detection alerts. +Migrations are initiated per index. While the process is neither destructive nor interferes with existing data, it may be resource-intensive. As such, it is recommended that you plan your migrations accordingly. + + */ + createAlertsMigration(props: CreateAlertsMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create or update an asset criticality record for a specific entity. + +If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created. + + */ + createAssetCriticalityRecord( + props: CreateAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Creates a new dashboard migration and returns the corresponding migration_id + */ + createDashboardMigration( + props: CreateDashboardMigrationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .put(getRouteUrlForSpace('/internal/siem_migrations/dashboards', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Adds dashboards to an alreayd existing dashboard migration + */ + createDashboardMigrationDashboards( + props: CreateDashboardMigrationDashboardsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/dashboards', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createEntitySource(props: CreateEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createPrivilegesImportIndex( + props: CreatePrivilegesImportIndexProps, + kibanaSpace: string = 'default' + ) { + return supertest + .put( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createPrivMonUser(props: CreatePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a new detection rule. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + +You can create the following types of rules: + +* **Custom query**: Searches the defined indices and creates an alert when a document matches the rule's KQL query. +* **Event correlation**: Searches the defined indices and creates an alert when results match an [Event Query Language (EQL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/eql.html) query. +* **Threshold**: Searches the defined indices and creates an alert when the number of times the specified field's value meets the threshold during a single execution. When there are multiple values that meet the threshold, an alert is generated for each value. + For example, if the threshold `field` is `source.ip` and its `value` is `10`, an alert is generated for every source IP address that appears in at least 10 of the rule's search results. If you're interested, see [Terms Aggregation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket-terms-aggregation.html) for more information. +* **Indicator match**: Creates an alert when fields match values defined in the specified [Elasticsearch index](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html). For example, you can create an index for IP addresses and use this index to create an alert whenever an event's `destination.ip` equals a value in the index. The index's field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/current/ecs-reference.html). +* **New terms**: Generates an alert for each new term detected in source documents within a specified time range. +* **ES|QL**: Uses [Elasticsearch Query Language (ES|QL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/esql.html) to find events and aggregate search results. +* **Machine learning rules**: Creates an alert when a machine learning job discovers an anomaly above the defined threshold. +> info +> To create machine learning rules, you must have the [appropriate license](https://www.elastic.co/subscriptions) or use a [cloud deployment](https://cloud.elastic.co/registration). Additionally, for the machine learning rule to function correctly, the associated machine learning job must be running. + +To retrieve machine learning job IDs, which are required to create machine learning jobs, call the [Elasticsearch Get jobs API](https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-job.html). Machine learning jobs that contain `siem` in the `groups` field can be used to create rules: + +```json +... +"job_id": "linux_anomalous_network_activity_ecs", +"job_type": "anomaly_detector", +"job_version": "7.7.0", +"groups": [ + "auditbeat", + "process", + "siem" +], +... +``` + +Additionally, you can set up notifications for when rules create alerts. The notifications use the [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html). Each action type requires a connector. Connectors store the information required to send notifications via external systems. The following connector types are supported for rule notifications: + +* Slack +* Email +* PagerDuty +* Webhook +* Microsoft Teams +* IBM Resilient +* Jira +* ServiceNow ITSM +> info +> For more information on PagerDuty fields, see [Send a v2 Event](https://developer.pagerduty.com/docs/events-api-v2/trigger-events/). + +To retrieve connector IDs, which are required to configure rule notifications, call the [Find objects API](https://www.elastic.co/guide/en/kibana/current/saved-objects-api-find.html) with `"type": "action"` in the request payload. + +For detailed information on Kibana actions and alerting, and additional API calls, see: + +* [Alerting API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-alerting) +* [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html) +* [Connectors API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-connectors) + + */ + createRule(props: CreateRuleProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Creates a new rule migration and returns the corresponding migration_id + */ + createRuleMigration(props: CreateRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/internal/siem_migrations/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Adds original vendor rules to an already existing migration. Can be called multiple times to add more rules + */ + createRuleMigrationRules( + props: CreateRuleMigrationRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a new Timeline or Timeline template. + */ + createTimelines(props: CreateTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createUpdateProtectionUpdatesNote( + props: CreateUpdateProtectionUpdatesNoteProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/api/endpoint/protection_updates_note/{package_policy_id}', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + deleteAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete the asset criticality record for a specific entity. + */ + deleteAssetCriticalityRecord( + props: DeleteAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .delete(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + deleteEntityEngine(props: DeleteEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + deleteEntitySource(props: DeleteEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + deleteMonitoringEngine(props: DeleteMonitoringEngineProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/delete', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete a note from a Timeline using the note ID. + */ + deleteNote(props: DeleteNoteProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + deletePrivMonUser(props: DeletePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete a detection rule using the `rule_id` or `id` field. + +The URL query must include one of the following: + +* `id` - `DELETE /api/detection_engine/rules?id=` +* `rule_id`- `DELETE /api/detection_engine/rules?rule_id=` + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. + + */ + deleteRule(props: DeleteRuleProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Deletes a rule migration document stored in the system given the rule migration id + */ + deleteRuleMigration(props: DeleteRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete one or more Timelines or Timeline templates. + */ + deleteTimelines(props: DeleteTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Calculates and persists Risk Scores for an entity, returning the calculated risk score. + */ + deprecatedTriggerRiskScoreCalculation( + props: DeprecatedTriggerRiskScoreCalculationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/risk_scores/calculation/entity', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + disableMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/disable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + disableRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/disable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + enableRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/enable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Run a shell command on an endpoint. + */ + endpointExecuteAction(props: EndpointExecuteActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/execute', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Download a file from an endpoint. + */ + endpointFileDownload(props: EndpointFileDownloadProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}/file/{file_id}/download', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get information for the specified file using the file ID. + */ + endpointFileInfo(props: EndpointFileInfoProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}/file/{file_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of a response action using the action ID. + */ + endpointGetActionsDetails( + props: EndpointGetActionsDetailsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get a list of all response actions. + */ + endpointGetActionsList(props: EndpointGetActionsListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a response actions state, which reports whether encryption is enabled. + */ + endpointGetActionsState(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action/state', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the status of response actions for the specified agent IDs. + */ + endpointGetActionsStatus( + props: EndpointGetActionsStatusProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a file from an endpoint. + */ + endpointGetFileAction(props: EndpointGetFileActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/get_file', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Get a list of all processes running on an endpoint. + */ + endpointGetProcessesAction( + props: EndpointGetProcessesActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/running_procs', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Isolate an endpoint from the network. The endpoint remains isolated until it's released. + */ + endpointIsolateAction(props: EndpointIsolateActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/isolate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Terminate a running process on an endpoint. + */ + endpointKillProcessAction( + props: EndpointKillProcessActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/kill_process', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Scan a specific file or directory on an endpoint for malware. + */ + endpointScanAction(props: EndpointScanActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/scan', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Suspend a running process on an endpoint. + */ + endpointSuspendProcessAction( + props: EndpointSuspendProcessActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/suspend_process', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Release an isolated endpoint, allowing it to rejoin a network. + */ + endpointUnisolateAction(props: EndpointUnisolateActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/unisolate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Upload a file to an endpoint. + */ + endpointUploadAction(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/upload', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + entityStoreGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/entity_store/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Export detection rules to an `.ndjson` file. The following configuration items are also included in the `.ndjson` file: +- Actions +- Exception lists +> info +> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. + +> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. + +> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. + + */ + exportRules(props: ExportRulesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Export Timelines as an NDJSON file. + */ + exportTimelines(props: ExportTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Finalize successful migrations of detection alerts. This replaces the original index's alias with the successfully migrated index's alias. +The endpoint is idempotent; therefore, it can safely be used to poll a given migration and, upon completion, +finalize it. + + */ + finalizeAlertsMigration(props: FinalizeAlertsMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/finalize_migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * List asset criticality records, paging, sorting and filtering as needed. + */ + findAssetCriticalityRecords( + props: FindAssetCriticalityRecordsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/asset_criticality/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieve a paginated list of detection rules. By default, the first page is returned, with 20 results per page. + */ + findRules(props: FindRulesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the rule migrations stats for all migrations stored in the system + */ + getAllStatsRuleMigration(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/stats', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the asset criticality record for a specific entity. + */ + getAssetCriticalityRecord( + props: GetAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getAssetCriticalityStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/asset_criticality/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the dashboard migration document stored in the system given the dashboard migration id + */ + getDashboardMigration(props: GetDashboardMigrationProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/dashboards/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the dashboard migrations stats for given migrations stored in the system + */ + getDashboardMigrationStats( + props: GetDashboardMigrationStatsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/stats', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of the draft Timeline or Timeline template for the current user. If the user doesn't have a draft Timeline, an empty Timeline is returned. + */ + getDraftTimelines(props: GetDraftTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getEndpointMetadataList(props: GetEndpointMetadataListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/metadata', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getEndpointSuggestions(props: GetEndpointSuggestionsProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/api/endpoint/suggestions/{suggestion_type}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + getEntityEngine(props: GetEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getEntitySource(props: GetEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getEntityStoreStatus(props: GetEntityStoreStatusProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get all notes for a given document. + */ + getNotes(props: GetNotesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getPolicyResponse(props: GetPolicyResponseProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/policy_response', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getPrivilegedAccessDetectionPackageStatus(kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + '/api/entity_analytics/privileged_user_monitoring/pad/status', + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getProtectionUpdatesNote( + props: GetProtectionUpdatesNoteProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/api/endpoint/protection_updates_note/{package_policy_id}', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Returns the status of both the legacy transform-based risk engine, as well as the new risk engine + */ + getRiskEngineStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_score/engine/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getRuleExecutionEvents(props: GetRuleExecutionEventsProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams( + '/internal/detection_engine/rules/{ruleId}/execution/events', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getRuleExecutionResults(props: GetRuleExecutionResultsProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams( + '/internal/detection_engine/rules/{ruleId}/execution/results', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the rule migration document stored in the system given the rule migration id + */ + getRuleMigration(props: GetRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves all related integrations + */ + getRuleMigrationIntegrations(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the stats of all the integrations for all the rule migrations, including the number of rules associated with the integration + */ + getRuleMigrationIntegrationsStats(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations/stats', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves all available prebuilt rules (installed and installable) + */ + getRuleMigrationPrebuiltRules( + props: GetRuleMigrationPrebuiltRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/prebuilt_rules', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Identifies the privileges required for a SIEM rules migration and returns the missing privileges + */ + getRuleMigrationPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/missing_privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves resources for an existing SIEM rules migration + */ + getRuleMigrationResources( + props: GetRuleMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Identifies missing resources from all the rules of an existing SIEM rules migration + */ + getRuleMigrationResourcesMissing( + props: GetRuleMigrationResourcesMissingProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/resources/missing', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the the list of rules included in a migration given the migration id + */ + getRuleMigrationRules(props: GetRuleMigrationRulesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the stats of a SIEM rules migration using the migration id provided + */ + getRuleMigrationStats(props: GetRuleMigrationStatsProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/stats', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the translation stats of a SIEM rules migration using the migration id provided + */ + getRuleMigrationTranslationStats( + props: GetRuleMigrationTranslationStatsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/translation_stats', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of an existing saved Timeline or Timeline template. + */ + getTimeline(props: GetTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all saved Timelines or Timeline templates. + */ + getTimelines(props: GetTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timelines', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getWorkflowInsights(props: GetWorkflowInsightsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/api/endpoint/workflow_insights', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import detection rules from an `.ndjson` file, including actions and exception lists. The request must include: +- The `Content-Type: multipart/form-data` HTTP header. +- A link to the `.ndjson` file containing the rules. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. +> info +> To import rules with actions, you need at least Read privileges for the Action and Connectors feature. To overwrite or add new connectors, you need All privileges for the Actions and Connectors feature. To import rules without actions, you don’t need Actions and Connectors privileges. Refer to [Enable and access detections](https://www.elastic.co/guide/en/security/current/detections-permissions-section.html#enable-detections-ui) for more information. + +> info +> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. + +> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. + +> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. + + */ + importRules(props: ImportRulesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import Timelines. + */ + importTimelines(props: ImportTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initEntityEngine(props: InitEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/init', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initEntityStore(props: InitEntityStoreProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_store/enable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/init', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Initializes the Risk Engine by creating the necessary indices and mappings, removing old transforms, and starting the new risk engine + */ + initRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/init', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Installs migration rules + */ + installMigrationRules(props: InstallMigrationRulesProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/install', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Install and update all Elastic prebuilt detection rules and Timelines. + +This endpoint allows you to install and update prebuilt detection rules and Timelines provided by Elastic. +When you call this endpoint, it will: +- Install any new prebuilt detection rules that are not currently installed in your system. +- Update any existing prebuilt detection rules that have been modified or improved by Elastic. +- Install any new prebuilt Timelines that are not currently installed in your system. +- Update any existing prebuilt Timelines that have been modified or improved by Elastic. + +This ensures that your detection engine is always up-to-date with the latest rules and Timelines, +providing you with the most current and effective threat detection capabilities. + + */ + installPrebuiltRulesAndTimelines(kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Install or update prepackaged Timelines. + */ + installPrepackedTimelines( + props: InstallPrepackedTimelinesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_prepackaged', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + installPrivilegedAccessDetectionPackage(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + '/api/entity_analytics/privileged_user_monitoring/pad/install', + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + internalUploadAssetCriticalityRecords(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/asset_criticality/upload_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * List entities records, paging, sorting and filtering as needed. + */ + listEntities(props: ListEntitiesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/entities/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + listEntityEngines(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/engines', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + listEntitySources(props: ListEntitySourcesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source/list', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + listPrivMonUsers(props: ListPrivMonUsersProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update specific fields of an existing detection rule using the `rule_id` or `id` field. + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + patchRule(props: PatchRuleProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update an existing Timeline. You can update the title, description, date range, pinned events, pinned queries, and/or pinned saved queries of an existing Timeline. + */ + patchTimeline(props: PatchTimelineProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Apply a bulk action, such as bulk edit, duplicate, or delete, to multiple detection rules. The bulk action is applied to all rules that match the query or to the rules listed by their IDs. + +The edit action allows you to add, delete, or set tags, index patterns, investigation fields, rule actions and schedules for multiple rules at once. +The edit action is idempotent, meaning that if you add a tag to a rule that already has that tag, no changes are made. The same is true for other edit actions, for example removing an index pattern that is not specified in a rule will not result in any changes. The only exception is the `add_rule_actions` and `set_rule_actions` action, which is non-idempotent. This means that if you add or set a rule action to a rule that already has that action, a new action is created with a new unique ID. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + performRulesBulkAction(props: PerformRulesBulkActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_bulk_action', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Favorite a Timeline or Timeline template for the current user. + */ + persistFavoriteRoute(props: PersistFavoriteRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/timeline/_favorite', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Add a note to a Timeline or update an existing note. + */ + persistNoteRoute(props: PersistNoteRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Pin/unpin an event to/from an existing Timeline. + */ + persistPinnedEventRoute(props: PersistPinnedEventRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/pinned_event', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Calculates and returns a list of Risk Scores, sorted by identifier_type and risk score. + */ + previewRiskScore(props: PreviewRiskScoreProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/preview', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + privmonBulkUploadUsersCsv(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + privMonHealth(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/health', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Check if the current user has all required permissions for Privilege Monitoring + */ + privMonPrivileges(kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/privileges', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieve indices that contain detection alerts of a particular age, along with migration information for each of those indices. + */ + readAlertsMigrationStatus( + props: ReadAlertsMigrationStatusProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/signals/migration_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieve the status of all Elastic prebuilt detection rules and Timelines. + +This endpoint provides detailed information about the number of custom rules, installed prebuilt rules, available prebuilt rules that are not installed, outdated prebuilt rules, installed prebuilt timelines, available prebuilt timelines that are not installed, and outdated prebuilt timelines. + + */ + readPrebuiltRulesAndTimelinesStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged/_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves whether or not the user is authenticated, and the user's Kibana +space and index privileges, which determine if the user can create an +index for the Elastic Security alerts generated by +detection engine rules. + + */ + readPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readRiskEngineSettings(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_score/engine/settings', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieve a detection rule using the `rule_id` or `id` field. + +The URL query must include one of the following: + +* `id` - `GET /api/detection_engine/rules?id=` +* `rule_id` - `GET /api/detection_engine/rules?rule_id=` + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. + + */ + readRule(props: ReadRuleProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * List all unique tags from all detection rules. + */ + readTags(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/tags', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + resolveTimeline(props: ResolveTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/resolve', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + riskEngineGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_engine/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + rulePreview(props: RulePreviewProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/preview', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + runEntityAnalyticsMigrations(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/entity_analytics/migrations/run', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Run a shell command on an endpoint. + */ + runScriptAction(props: RunScriptActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/runscript', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. + */ + scheduleRiskEngineNow(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/risk_score/engine/schedule_now', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Find and/or aggregate detection alerts that match the given query. + */ + searchAlerts(props: SearchAlertsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/search', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + searchPrivilegesIndices(props: SearchPrivilegesIndicesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Assign users to detection alerts, and unassign them from alerts. +> info +> You cannot add and remove the same assignee in the same request. + + */ + setAlertAssignees(props: SetAlertAssigneesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/assignees', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Set the status of one or more detection alerts. + */ + setAlertsStatus(props: SetAlertsStatusProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * And tags to detection alerts, and remove them from alerts. +> info +> You cannot add and remove the same alert tag in the same request. + + */ + setAlertTags(props: SetAlertTagsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/tags', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + startEntityEngine(props: StartEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/start', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Starts a SIEM rules migration using the migration id provided + */ + startRuleMigration(props: StartRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/start', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + stopEntityEngine(props: StopEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/stop', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Stops a running SIEM rules migration using the migration id provided + */ + stopRuleMigration(props: StopRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/stop', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Suggests user profiles. + */ + suggestUserProfiles(props: SuggestUserProfilesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/detection_engine/users/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Calculates and persists Risk Scores for an entity, returning the calculated risk score. + */ + triggerRiskScoreCalculation( + props: TriggerRiskScoreCalculationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/calculation/entity', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updateEntitySource(props: UpdateEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updatePrivMonUser(props: UpdatePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update a detection rule using the `rule_id` or `id` field. The original rule is replaced, and all unspecified fields are deleted. + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + updateRule(props: UpdateRuleProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates rules migrations data + */ + updateRuleMigration(props: UpdateRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .patch( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates the index pattern for eligible and/or selected rules of a migration + */ + updateRuleMigrationIndexPattern( + props: UpdateRuleMigrationIndexPatternProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/update_index_pattern', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates rules migrations attributes + */ + updateRuleMigrationRules( + props: UpdateRuleMigrationRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .patch( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updateWorkflowInsight(props: UpdateWorkflowInsightProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/internal/api/endpoint/workflow_insights/{insightId}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + uploadAssetCriticalityRecords(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality/upload_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Creates or updates resources for an existing SIEM rules migration + */ + upsertRuleMigrationResources( + props: UpsertRuleMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface AlertsMigrationCleanupProps { + body: AlertsMigrationCleanupRequestBodyInput; +} +export interface BulkUpsertAssetCriticalityRecordsProps { + body: BulkUpsertAssetCriticalityRecordsRequestBodyInput; +} +export interface CleanDraftTimelinesProps { + body: CleanDraftTimelinesRequestBodyInput; +} +export interface ConfigureRiskEngineSavedObjectProps { + body: ConfigureRiskEngineSavedObjectRequestBodyInput; +} +export interface CopyTimelineProps { + body: CopyTimelineRequestBodyInput; +} +export interface CreateAlertsMigrationProps { + body: CreateAlertsMigrationRequestBodyInput; +} +export interface CreateAssetCriticalityRecordProps { + body: CreateAssetCriticalityRecordRequestBodyInput; +} +export interface CreateDashboardMigrationProps { + body: CreateDashboardMigrationRequestBodyInput; +} +export interface CreateDashboardMigrationDashboardsProps { + params: CreateDashboardMigrationDashboardsRequestParamsInput; + body: CreateDashboardMigrationDashboardsRequestBodyInput; +} +export interface CreateEntitySourceProps { + body: CreateEntitySourceRequestBodyInput; +} +export interface CreatePrivilegesImportIndexProps { + body: CreatePrivilegesImportIndexRequestBodyInput; +} +export interface CreatePrivMonUserProps { + body: CreatePrivMonUserRequestBodyInput; +} +export interface CreateRuleProps { + body: CreateRuleRequestBodyInput; +} +export interface CreateRuleMigrationProps { + body: CreateRuleMigrationRequestBodyInput; +} +export interface CreateRuleMigrationRulesProps { + params: CreateRuleMigrationRulesRequestParamsInput; + body: CreateRuleMigrationRulesRequestBodyInput; +} +export interface CreateTimelinesProps { + body: CreateTimelinesRequestBodyInput; +} +export interface CreateUpdateProtectionUpdatesNoteProps { + params: CreateUpdateProtectionUpdatesNoteRequestParamsInput; + body: CreateUpdateProtectionUpdatesNoteRequestBodyInput; +} +export interface DeleteAssetCriticalityRecordProps { + query: DeleteAssetCriticalityRecordRequestQueryInput; +} +export interface DeleteEntityEngineProps { + query: DeleteEntityEngineRequestQueryInput; + params: DeleteEntityEngineRequestParamsInput; +} +export interface DeleteEntitySourceProps { + params: DeleteEntitySourceRequestParamsInput; +} +export interface DeleteMonitoringEngineProps { + query: DeleteMonitoringEngineRequestQueryInput; +} +export interface DeleteNoteProps { + body: DeleteNoteRequestBodyInput; +} +export interface DeletePrivMonUserProps { + params: DeletePrivMonUserRequestParamsInput; +} +export interface DeleteRuleProps { + query: DeleteRuleRequestQueryInput; +} +export interface DeleteRuleMigrationProps { + params: DeleteRuleMigrationRequestParamsInput; +} +export interface DeleteTimelinesProps { + body: DeleteTimelinesRequestBodyInput; +} +export interface DeprecatedTriggerRiskScoreCalculationProps { + body: DeprecatedTriggerRiskScoreCalculationRequestBodyInput; +} +export interface EndpointExecuteActionProps { + body: EndpointExecuteActionRequestBodyInput; +} +export interface EndpointFileDownloadProps { + params: EndpointFileDownloadRequestParamsInput; +} +export interface EndpointFileInfoProps { + params: EndpointFileInfoRequestParamsInput; +} +export interface EndpointGetActionsDetailsProps { + params: EndpointGetActionsDetailsRequestParamsInput; +} +export interface EndpointGetActionsListProps { + query: EndpointGetActionsListRequestQueryInput; +} +export interface EndpointGetActionsStatusProps { + query: EndpointGetActionsStatusRequestQueryInput; +} +export interface EndpointGetFileActionProps { + body: EndpointGetFileActionRequestBodyInput; +} +export interface EndpointGetProcessesActionProps { + body: EndpointGetProcessesActionRequestBodyInput; +} +export interface EndpointIsolateActionProps { + body: EndpointIsolateActionRequestBodyInput; +} +export interface EndpointKillProcessActionProps { + body: EndpointKillProcessActionRequestBodyInput; +} +export interface EndpointScanActionProps { + body: EndpointScanActionRequestBodyInput; +} +export interface EndpointSuspendProcessActionProps { + body: EndpointSuspendProcessActionRequestBodyInput; +} +export interface EndpointUnisolateActionProps { + body: EndpointUnisolateActionRequestBodyInput; +} +export interface ExportRulesProps { + query: ExportRulesRequestQueryInput; + body: ExportRulesRequestBodyInput; +} +export interface ExportTimelinesProps { + query: ExportTimelinesRequestQueryInput; + body: ExportTimelinesRequestBodyInput; +} +export interface FinalizeAlertsMigrationProps { + body: FinalizeAlertsMigrationRequestBodyInput; +} +export interface FindAssetCriticalityRecordsProps { + query: FindAssetCriticalityRecordsRequestQueryInput; +} +export interface FindRulesProps { + query: FindRulesRequestQueryInput; +} +export interface GetAssetCriticalityRecordProps { + query: GetAssetCriticalityRecordRequestQueryInput; +} +export interface GetDashboardMigrationProps { + params: GetDashboardMigrationRequestParamsInput; +} +export interface GetDashboardMigrationStatsProps { + params: GetDashboardMigrationStatsRequestParamsInput; +} +export interface GetDraftTimelinesProps { + query: GetDraftTimelinesRequestQueryInput; +} +export interface GetEndpointMetadataListProps { + query: GetEndpointMetadataListRequestQueryInput; +} +export interface GetEndpointSuggestionsProps { + params: GetEndpointSuggestionsRequestParamsInput; + body: GetEndpointSuggestionsRequestBodyInput; +} +export interface GetEntityEngineProps { + params: GetEntityEngineRequestParamsInput; +} +export interface GetEntitySourceProps { + params: GetEntitySourceRequestParamsInput; +} +export interface GetEntityStoreStatusProps { + query: GetEntityStoreStatusRequestQueryInput; +} +export interface GetNotesProps { + query: GetNotesRequestQueryInput; +} +export interface GetPolicyResponseProps { + query: GetPolicyResponseRequestQueryInput; +} +export interface GetProtectionUpdatesNoteProps { + params: GetProtectionUpdatesNoteRequestParamsInput; +} +export interface GetRuleExecutionEventsProps { + query: GetRuleExecutionEventsRequestQueryInput; + params: GetRuleExecutionEventsRequestParamsInput; +} +export interface GetRuleExecutionResultsProps { + query: GetRuleExecutionResultsRequestQueryInput; + params: GetRuleExecutionResultsRequestParamsInput; +} +export interface GetRuleMigrationProps { + params: GetRuleMigrationRequestParamsInput; +} +export interface GetRuleMigrationPrebuiltRulesProps { + params: GetRuleMigrationPrebuiltRulesRequestParamsInput; +} +export interface GetRuleMigrationResourcesProps { + query: GetRuleMigrationResourcesRequestQueryInput; + params: GetRuleMigrationResourcesRequestParamsInput; +} +export interface GetRuleMigrationResourcesMissingProps { + params: GetRuleMigrationResourcesMissingRequestParamsInput; +} +export interface GetRuleMigrationRulesProps { + query: GetRuleMigrationRulesRequestQueryInput; + params: GetRuleMigrationRulesRequestParamsInput; +} +export interface GetRuleMigrationStatsProps { + params: GetRuleMigrationStatsRequestParamsInput; +} +export interface GetRuleMigrationTranslationStatsProps { + params: GetRuleMigrationTranslationStatsRequestParamsInput; +} +export interface GetTimelineProps { + query: GetTimelineRequestQueryInput; +} +export interface GetTimelinesProps { + query: GetTimelinesRequestQueryInput; +} +export interface GetWorkflowInsightsProps { + query: GetWorkflowInsightsRequestQueryInput; +} +export interface ImportRulesProps { + query: ImportRulesRequestQueryInput; +} +export interface ImportTimelinesProps { + body: ImportTimelinesRequestBodyInput; +} +export interface InitEntityEngineProps { + params: InitEntityEngineRequestParamsInput; + body: InitEntityEngineRequestBodyInput; +} +export interface InitEntityStoreProps { + body: InitEntityStoreRequestBodyInput; +} +export interface InstallMigrationRulesProps { + params: InstallMigrationRulesRequestParamsInput; + body: InstallMigrationRulesRequestBodyInput; +} +export interface InstallPrepackedTimelinesProps { + body: InstallPrepackedTimelinesRequestBodyInput; +} +export interface ListEntitiesProps { + query: ListEntitiesRequestQueryInput; +} +export interface ListEntitySourcesProps { + query: ListEntitySourcesRequestQueryInput; +} +export interface ListPrivMonUsersProps { + query: ListPrivMonUsersRequestQueryInput; +} +export interface PatchRuleProps { + body: PatchRuleRequestBodyInput; +} +export interface PatchTimelineProps { + body: PatchTimelineRequestBodyInput; +} +export interface PerformRulesBulkActionProps { + query: PerformRulesBulkActionRequestQueryInput; + body: PerformRulesBulkActionRequestBodyInput; +} +export interface PersistFavoriteRouteProps { + body: PersistFavoriteRouteRequestBodyInput; +} +export interface PersistNoteRouteProps { + body: PersistNoteRouteRequestBodyInput; +} +export interface PersistPinnedEventRouteProps { + body: PersistPinnedEventRouteRequestBodyInput; +} +export interface PreviewRiskScoreProps { + body: PreviewRiskScoreRequestBodyInput; +} +export interface ReadAlertsMigrationStatusProps { + query: ReadAlertsMigrationStatusRequestQueryInput; +} +export interface ReadRuleProps { + query: ReadRuleRequestQueryInput; +} +export interface ResolveTimelineProps { + query: ResolveTimelineRequestQueryInput; +} +export interface RulePreviewProps { + query: RulePreviewRequestQueryInput; + body: RulePreviewRequestBodyInput; +} +export interface RunScriptActionProps { + body: RunScriptActionRequestBodyInput; +} +export interface SearchAlertsProps { + body: SearchAlertsRequestBodyInput; +} +export interface SearchPrivilegesIndicesProps { + query: SearchPrivilegesIndicesRequestQueryInput; +} +export interface SetAlertAssigneesProps { + body: SetAlertAssigneesRequestBodyInput; +} +export interface SetAlertsStatusProps { + body: SetAlertsStatusRequestBodyInput; +} +export interface SetAlertTagsProps { + body: SetAlertTagsRequestBodyInput; +} +export interface StartEntityEngineProps { + params: StartEntityEngineRequestParamsInput; +} +export interface StartRuleMigrationProps { + params: StartRuleMigrationRequestParamsInput; + body: StartRuleMigrationRequestBodyInput; +} +export interface StopEntityEngineProps { + params: StopEntityEngineRequestParamsInput; +} +export interface StopRuleMigrationProps { + params: StopRuleMigrationRequestParamsInput; +} +export interface SuggestUserProfilesProps { + query: SuggestUserProfilesRequestQueryInput; +} +export interface TriggerRiskScoreCalculationProps { + body: TriggerRiskScoreCalculationRequestBodyInput; +} +export interface UpdateEntitySourceProps { + params: UpdateEntitySourceRequestParamsInput; + body: UpdateEntitySourceRequestBodyInput; +} +export interface UpdatePrivMonUserProps { + params: UpdatePrivMonUserRequestParamsInput; + body: UpdatePrivMonUserRequestBodyInput; +} +export interface UpdateRuleProps { + body: UpdateRuleRequestBodyInput; +} +export interface UpdateRuleMigrationProps { + params: UpdateRuleMigrationRequestParamsInput; + body: UpdateRuleMigrationRequestBodyInput; +} +export interface UpdateRuleMigrationIndexPatternProps { + params: UpdateRuleMigrationIndexPatternRequestParamsInput; + body: UpdateRuleMigrationIndexPatternRequestBodyInput; +} +export interface UpdateRuleMigrationRulesProps { + params: UpdateRuleMigrationRulesRequestParamsInput; + body: UpdateRuleMigrationRulesRequestBodyInput; +} +export interface UpdateWorkflowInsightProps { + params: UpdateWorkflowInsightRequestParamsInput; + body: UpdateWorkflowInsightRequestBodyInput; +} +export interface UpsertRuleMigrationResourcesProps { + params: UpsertRuleMigrationResourcesRequestParamsInput; + body: UpsertRuleMigrationResourcesRequestBodyInput; +} diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_exceptions_api.gen.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_exceptions_api.gen.ts new file mode 100644 index 0000000000000..7b4ba75b9e33d --- /dev/null +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_exceptions_api.gen.ts @@ -0,0 +1,299 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Exceptions API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { CreateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list/create_exception_list.gen'; +import { CreateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list_item/create_exception_list_item.gen'; +import { + CreateRuleExceptionListItemsRequestParamsInput, + CreateRuleExceptionListItemsRequestBodyInput, +} from '@kbn/securitysolution-exceptions-common/api/create_rule_exceptions/create_rule_exceptions.gen'; +import { CreateSharedExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_shared_exceptions_list/create_shared_exceptions_list.gen'; +import { DeleteExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list/delete_exception_list.gen'; +import { DeleteExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list_item/delete_exception_list_item.gen'; +import { DuplicateExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/duplicate_exception_list/duplicate_exception_list.gen'; +import { ExportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/export_exception_list/export_exception_list.gen'; +import { FindExceptionListItemsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_list_items/find_exception_list_items.gen'; +import { FindExceptionListsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_lists/find_exception_lists.gen'; +import { ImportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/import_exceptions/import_exceptions.gen'; +import { ReadExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list/read_exception_list.gen'; +import { ReadExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_item/read_exception_list_item.gen'; +import { ReadExceptionListSummaryRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_summary/read_exception_list_summary.gen'; +import { UpdateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list/update_exception_list.gen'; +import { UpdateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list_item/update_exception_list_item.gen'; +import { FtrProviderContext } from '../../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * An exception list groups exception items and can be associated with detection rules. You can assign exception lists to multiple detection rules. +> info +> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. + + */ + createExceptionList(props: CreateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create an exception item and associate it with the specified exception list. +> info +> Before creating exception items, you must create an exception list. + + */ + createExceptionListItem(props: CreateExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create exception items that apply to a single detection rule. + */ + createRuleExceptionListItems( + props: CreateRuleExceptionListItemsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/detection_engine/rules/{id}/exceptions', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * An exception list groups exception items and can be associated with detection rules. A shared exception list can apply to multiple detection rules. +> info +> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. + + */ + createSharedExceptionList( + props: CreateSharedExceptionListProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/exceptions/shared', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete an exception list using the `id` or `list_id` field. + */ + deleteExceptionList(props: DeleteExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete an exception list item using the `id` or `item_id` field. + */ + deleteExceptionListItem(props: DeleteExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Duplicate an existing exception list. + */ + duplicateExceptionList(props: DuplicateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_duplicate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Export an exception list and its associated items to an NDJSON file. + */ + exportExceptionList(props: ExportExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all exception list items in the specified list. + */ + findExceptionListItems(props: FindExceptionListItemsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/items/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all exception list containers. + */ + findExceptionLists(props: FindExceptionListsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import an exception list and its associated items from an NDJSON file. + */ + importExceptionList(props: ImportExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an exception list using the `id` or `list_id` field. + */ + readExceptionList(props: ReadExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an exception list item using the `id` or `item_id` field. + */ + readExceptionListItem(props: ReadExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a summary of the specified exception list. + */ + readExceptionListSummary( + props: ReadExceptionListSummaryProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/summary', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update an exception list using the `id` or `list_id` field. + */ + updateExceptionList(props: UpdateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update an exception list item using the `id` or `item_id` field. + */ + updateExceptionListItem(props: UpdateExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface CreateExceptionListProps { + body: CreateExceptionListRequestBodyInput; +} +export interface CreateExceptionListItemProps { + body: CreateExceptionListItemRequestBodyInput; +} +export interface CreateRuleExceptionListItemsProps { + params: CreateRuleExceptionListItemsRequestParamsInput; + body: CreateRuleExceptionListItemsRequestBodyInput; +} +export interface CreateSharedExceptionListProps { + body: CreateSharedExceptionListRequestBodyInput; +} +export interface DeleteExceptionListProps { + query: DeleteExceptionListRequestQueryInput; +} +export interface DeleteExceptionListItemProps { + query: DeleteExceptionListItemRequestQueryInput; +} +export interface DuplicateExceptionListProps { + query: DuplicateExceptionListRequestQueryInput; +} +export interface ExportExceptionListProps { + query: ExportExceptionListRequestQueryInput; +} +export interface FindExceptionListItemsProps { + query: FindExceptionListItemsRequestQueryInput; +} +export interface FindExceptionListsProps { + query: FindExceptionListsRequestQueryInput; +} +export interface ImportExceptionListProps { + query: ImportExceptionListRequestQueryInput; +} +export interface ReadExceptionListProps { + query: ReadExceptionListRequestQueryInput; +} +export interface ReadExceptionListItemProps { + query: ReadExceptionListItemRequestQueryInput; +} +export interface ReadExceptionListSummaryProps { + query: ReadExceptionListSummaryRequestQueryInput; +} +export interface UpdateExceptionListProps { + body: UpdateExceptionListRequestBodyInput; +} +export interface UpdateExceptionListItemProps { + body: UpdateExceptionListItemRequestBodyInput; +} diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts index 534916fd088b4..d3b3965753f14 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/frozen_indices_handling/trial_license_complete_tier/frozen_indices_handling.ts @@ -7,7 +7,7 @@ import { v4 as uuidv4 } from 'uuid'; import expect from '@kbn/expect'; -import { CreateRuleProps } from '../../../../../../../api_integration/services/security_solution_api.gen'; +import { CreateRuleProps } from '../../../../../../config/services/security_solution_api.gen'; import { dataGeneratorFactory } from '../../../../utils'; import { diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts index c6ddce9356295..e133d9f20f3bd 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts @@ -8,7 +8,7 @@ import { EntityType } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/common.gen'; import expect from '@kbn/expect'; import { InitEntityStoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/enable.gen'; -import { FtrProviderContext } from '../../../../api_integration/ftr_provider_context'; +import { FtrProviderContext } from '../../../ftr_provider_context'; import { elasticAssetCheckerFactory } from './elastic_asset_checker'; export const EntityStoreUtils = ( diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts index 3dc21d9db18d7..4e44bd9b9095b 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/sources.ts @@ -8,7 +8,7 @@ import expect from '@kbn/expect'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; -import { FtrProviderContext } from '../../../../../api_integration/ftr_provider_context'; +import { FtrProviderContext } from '../../../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { const esArchiver = getService('esArchiver'); diff --git a/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json index 058fee55a4937..1e01ede317678 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_api_integration/tsconfig.json @@ -2,7 +2,7 @@ "extends": "../../../../../tsconfig.base.json", "compilerOptions": { "outDir": "target/types", - "types": ["node", "jest", "@kbn/ambient-ftr-types"] + "types": ["node", "jest", "@kbn/ambient-ftr-types"], }, "include": [ "**/*", diff --git a/x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts index 1d34f4770664b..d30ffa15b3b2b 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/config.base.ts @@ -51,7 +51,7 @@ export const generateConfig = async ({ const { createEndpointDockerConfig, getRegistryUrlAsArray } = SecuritySolutionEndpointRegistryHelpers(); const xpackFunctionalConfig = await readConfigFile( - require.resolve('../../functional/config.base.ts') + require.resolve('@kbn/test-suites-xpack-platform/functional/config.base') ); return { diff --git a/x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts index 0d744c43b588b..57de5e40a074f 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/endpoint.config.ts @@ -15,7 +15,7 @@ export default async function (ftrConfigProviderContext: FtrConfigProviderContex const { readConfigFile } = ftrConfigProviderContext; const xpackFunctionalConfig = await readConfigFile( - require.resolve('../../functional/config.base.ts') + require.resolve('@kbn/test-suites-xpack-platform/functional/config.base') ); return generateConfig({ diff --git a/x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts b/x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts index d596e8848c93c..6151b1d9fd1f7 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/configs/integrations.config.ts @@ -15,7 +15,7 @@ export default async function (ftrConfigProviderContext: FtrConfigProviderContex const { readConfigFile } = ftrConfigProviderContext; const xpackFunctionalConfig = await readConfigFile( - require.resolve('../../functional/config.base.ts') + require.resolve('@kbn/test-suites-xpack-platform/functional/config.base') ); return generateConfig({ diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts index 7e2e40b2ff6bf..b18477765c078 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts @@ -6,7 +6,7 @@ */ import { SvlCommonPageProvider } from '@kbn/test-suites-xpack-platform/serverless/functional/page_objects/svl_common_page'; -import { pageObjects as xpackFunctionalPageObjects } from '../../functional/page_objects'; +import { pageObjects as platformPageObjects } from '@kbn/test-suites-xpack-platform/functional/page_objects'; import { EndpointPageProvider } from './endpoint_page'; import { EndpointPageUtils } from './page_utils'; import { IngestManagerCreatePackagePolicy } from './ingest_manager_create_package_policy_page'; @@ -20,7 +20,7 @@ import { FleetIntegrations } from './fleet_integrations_page'; import { ArtifactEntriesListPageProvider } from './artifact_entries_list_page'; export const pageObjects = { - ...xpackFunctionalPageObjects, + ...platformPageObjects, endpoint: EndpointPageProvider, endpointPageUtils: EndpointPageUtils, diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts index 0bf9c05959f14..ba8414471b484 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts @@ -19,7 +19,7 @@ import { indexEndpointRuleAlerts, } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_rule_alerts'; import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; -import { FtrService } from '../../functional/ftr_provider_context'; +import { FtrService } from '../configs/ftr_provider_context'; export class DetectionsTestService extends FtrService { private readonly supertest = this.ctx.getService('supertest'); diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts index 579139cade4cc..990fc7bde8ffe 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts @@ -42,7 +42,7 @@ import { startMetadataTransforms, stopMetadataTransforms, } from '@kbn/security-solution-plugin/common/endpoint/utils/transforms'; -import { FtrService } from '../../functional/ftr_provider_context'; +import { FtrService } from '../configs/ftr_provider_context'; export type IndexedHostsAndAlertsResponseExtended = IndexedHostsAndAlertsResponse & { unloadEndpointData(): Promise; diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts index 179811598ba1f..df07e978c8f1b 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts @@ -31,7 +31,7 @@ import { ManifestConstants } from '@kbn/security-solution-plugin/server/endpoint import TestAgent from 'supertest/lib/agent'; import { addSpaceIdToPath, DEFAULT_SPACE_ID } from '@kbn/spaces-plugin/common'; import { isArtifactGlobal } from '@kbn/security-solution-plugin/common/endpoint/service/artifacts'; -import { FtrService } from '../../functional/ftr_provider_context'; +import { FtrService } from '../configs/ftr_provider_context'; import { InternalUnifiedManifestSchemaResponseType } from '../apps/integrations/mocks'; export interface ArtifactTestData { diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts index 7f5b070970e25..65e8f1141ef03 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts @@ -8,7 +8,7 @@ import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; import { SvlCommonApiServiceProvider } from '@kbn/test-suites-xpack-platform/serverless/shared/services/svl_common_api'; import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/ingest_manager'; -import { services as xPackFunctionalServices } from '../../functional/services'; +import { services as platformServices } from '@kbn/test-suites-xpack-platform/functional/services'; import { EndpointTelemetryTestResourcesProvider } from './endpoint_telemetry'; import { EndpointTestResources } from './endpoint'; import { TimelineTestService } from './timeline'; @@ -23,7 +23,7 @@ import { SecuritySolutionEndpointDataStreamHelpers } from './endpoint_data_strea import { SecuritySolutionEndpointRegistryHelpers } from './endpoint_registry_helpers'; export const services = { - ...xPackFunctionalServices, + ...platformServices, endpointTestResources: EndpointTestResources, telemetryTestResources: EndpointTelemetryTestResourcesProvider, diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/roles_users_utils.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/roles_users_utils.ts index 7de7f0e0b3426..5e8fc5f5a0ac3 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/roles_users_utils.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/roles_users_utils.ts @@ -10,7 +10,7 @@ import { KNOWN_SERVERLESS_ROLE_DEFINITIONS, } from '@kbn/security-solution-plugin/common/test'; import type { SecurityRoleName } from '@kbn/security-solution-plugin/common/test'; -import { FtrProviderContext } from '../../functional/ftr_provider_context'; +import { FtrProviderContext } from '../configs/ftr_provider_context'; const KNOWN_ROLE_DEFINITIONS = { ...KNOWN_SERVERLESS_ROLE_DEFINITIONS, diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts index 8efb48f8a83f2..7c4cebaea3a31 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts @@ -15,7 +15,7 @@ import { } from '@kbn/security-solution-plugin/common/api/timeline'; import moment from 'moment'; import { fromKueryExpression, toElasticsearchQuery } from '@kbn/es-query'; -import { FtrService } from '../../functional/ftr_provider_context'; +import { FtrService } from '../configs/ftr_provider_context'; export class TimelineTestService extends FtrService { private readonly supertest = this.ctx.getService('supertest'); diff --git a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json index 88d7f5984ddc6..0d4f8d5a0d00b 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json +++ b/x-pack/solutions/security/test/security_solution_endpoint/tsconfig.json @@ -10,7 +10,6 @@ }, "include": [ "**/*", - "../functional/**/*", "../../../../../typings/**/*", "../../../../../src/platform/packages/shared/kbn-test/types/ftr_globals/**/*" ], diff --git a/x-pack/solutions/security/test/tsconfig.json b/x-pack/solutions/security/test/tsconfig.json index 75e5328793bfb..ae2e39009811a 100644 --- a/x-pack/solutions/security/test/tsconfig.json +++ b/x-pack/solutions/security/test/tsconfig.json @@ -23,7 +23,6 @@ "security_solution_cypress/cypress/**/*", "security_solution_api_integration/**/*", "security_solution_endpoint/**/*", - "functional/**/*", "*/packages/**/*", "*/*/packages/**/*", ], From c9489304028e950d219edc7ed6351d0b01e7b39a Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 13 Aug 2025 16:56:12 +0200 Subject: [PATCH 23/42] update path to the test plugin --- .../security_solution_api_integration/config/ess/config.base.ts | 2 +- .../config/serverless/config.base.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts index fc647fb385c82..ecce4f1fb8173 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/config.base.ts @@ -114,7 +114,7 @@ export function createTestConfig(options: CreateTestConfigOptions, testFiles?: s ])}`, `--plugin-path=${path.resolve( __dirname, - '../../../../../src/platform/test/analytics/plugins/analytics_ftr_helpers' + '../../../../../../../src/platform/test/analytics/plugins/analytics_ftr_helpers' )}`, '--xpack.task_manager.poll_interval=1000', diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts index e103692fcdff5..c94401dca5797 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/config.base.ts @@ -52,7 +52,7 @@ export function createTestConfig(options: CreateTestConfigOptions) { ...(options.kbnTestServerArgs || []), `--plugin-path=${path.resolve( __dirname, - '../../../../../src/platform/test/analytics/plugins/analytics_ftr_helpers' + '../../../../../../../src/platform/test/analytics/plugins/analytics_ftr_helpers' )}`, ], env: { From c3ba30d602f413b68f14f8b77410353be81979fc Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 13 Aug 2025 18:51:14 +0200 Subject: [PATCH 24/42] convert FTR services to old function format --- .../config/ess/services_edr_workflows.ts | 8 +- .../services/endpoint.ts | 577 +++++++++--------- .../services/endpoint_artifacts.ts | 372 +++++------ .../services/index.ts | 8 +- 4 files changed, 488 insertions(+), 477 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts index 5a5b08e9bd403..1c172c1dc7996 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts @@ -7,8 +7,8 @@ import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; import { services as xPackAPIServices } from '@kbn/test-suites-xpack-platform/api_integration/services'; -import { EndpointTestResources } from '../../../security_solution_endpoint/services/endpoint'; -import { EndpointArtifactsTestResources } from '../../../security_solution_endpoint/services/endpoint_artifacts'; +import { EndpointTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint'; +import { EndpointArtifactsTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint_artifacts'; import { EndpointPolicyTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint_policy'; import { ResolverGeneratorProvider } from '../services/security_solution_edr_workflows_resolver'; @@ -22,9 +22,9 @@ import { SecuritySolutionESSUtils } from '../services/security_solution_ess_util export const services = { ...xPackAPIServices, resolverGenerator: ResolverGeneratorProvider, - endpointTestResources: EndpointTestResources, + endpointTestResources: EndpointTestResourcesProvider, endpointPolicyTestResources: EndpointPolicyTestResourcesProvider, - endpointArtifactTestResources: EndpointArtifactsTestResources, + endpointArtifactTestResources: EndpointArtifactsTestResourcesProvider, rolesUsersProvider: RolesUsersProvider, endpointDataStreamHelpers: SecuritySolutionEndpointDataStreamHelpers, endpointRegistryHelpers: SecuritySolutionEndpointRegistryHelpers, diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts index 990fc7bde8ffe..4a91d4ca4fce0 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts @@ -42,7 +42,7 @@ import { startMetadataTransforms, stopMetadataTransforms, } from '@kbn/security-solution-plugin/common/endpoint/utils/transforms'; -import { FtrService } from '../configs/ftr_provider_context'; +import { FtrProviderContext } from '../configs/ftr_provider_context'; export type IndexedHostsAndAlertsResponseExtended = IndexedHostsAndAlertsResponse & { unloadEndpointData(): Promise; @@ -72,312 +72,319 @@ const createDocGeneratorClass = async (kbnClient: KbnClient, isServerless: boole }; }; -export class EndpointTestResources extends FtrService { - private readonly esClient = this.ctx.getService('es'); - private readonly retry = this.ctx.getService('retry'); - private readonly kbnClient = this.ctx.getService('kibanaServer'); - private readonly config = this.ctx.getService('config'); - private readonly supertest = this.ctx.getService('supertest'); - private readonly log = this.ctx.getService('log'); - - public getScopedKbnClient(spaceId: string = DEFAULT_SPACE_ID): KbnClient { - if (!spaceId || spaceId === DEFAULT_SPACE_ID) { - return this.kbnClient; - } - - const kbnClientOptions: Parameters[0] = { - url: this.kbnClient.resolveUrl('/'), - username: this.config.get('servers.elasticsearch.username'), - password: this.config.get('servers.elasticsearch.password'), - spaceId, - }; +export function EndpointTestResourcesProvider({ getService }: FtrProviderContext) { + const esClient = getService('es'); + const retry = getService('retry'); + const kbnClient = getService('kibanaServer'); + const config = getService('config'); + const supertest = getService('supertest'); + const log = getService('log'); + + return new (class EndpointTestResources { + getScopedKbnClient(spaceId: string = DEFAULT_SPACE_ID): KbnClient { + if (!spaceId || spaceId === DEFAULT_SPACE_ID) { + return kbnClient; + } - this.log.info(`creating new KbnClient with:\n${JSON.stringify(kbnClientOptions, null, 2)}`); + const kbnClientOptions: Parameters[0] = { + url: kbnClient.resolveUrl('/'), + username: config.get('servers.elasticsearch.username'), + password: config.get('servers.elasticsearch.password'), + spaceId, + }; - // Was not included above in order to keep the output of the log.info() above clean in the output - kbnClientOptions.log = this.log; + log.info(`creating new KbnClient with:\n${JSON.stringify(kbnClientOptions, null, 2)}`); - return createKbnClient(kbnClientOptions); - } + // Was not included above in order to keep the output of the log.info() above clean in the output + kbnClientOptions.log = log; - /** - * Loads endpoint host/alert/event data into elasticsearch - * @param [options] - * @param [options.numHosts=1] Number of Endpoint Hosts to be loaded - * @param [options.numHostDocs=1] Number of Document to be loaded per Endpoint Host (Endpoint hosts index uses a append-only index) - * @param [options.alertsPerHost=1] Number of Alerts and Events to be loaded per Endpoint Host - * @param [options.enableFleetIntegration=true] When set to `true`, Fleet data will also be loaded (ex. Integration Policies, Agent Policies, "fake" Agents) - * @param [options.generatorSeed='seed'] The seed to be used by the data generator. Important in order to ensure the same data is generated on very run. - * @param [options.waitUntilTransformed=true] If set to `true`, the data loading process will wait until the endpoint hosts metadata is processed by the transform - * @param [options.waitTimeout=120000] If waitUntilTransformed=true, number of ms to wait until timeout - * @param [options.customIndexFn] If provided, will use this function to generate and index data instead - */ - async loadEndpointData( - options: Partial<{ - numHosts: number; - numHostDocs: number; - alertsPerHost: number; - enableFleetIntegration: boolean; - generatorSeed: string; - waitUntilTransformed: boolean; - waitTimeout: number; - customIndexFn: () => Promise; - spaceId: string; - withResponseActions: boolean; - }> = {} - ): Promise { - const { - numHosts = 1, - numHostDocs = 1, - alertsPerHost = 1, - enableFleetIntegration = true, - generatorSeed = 'seed', - waitUntilTransformed = true, - waitTimeout = 120000, - customIndexFn, - spaceId = DEFAULT_SPACE_ID, - withResponseActions = true, - } = options; - - const kbnClient = this.getScopedKbnClient(spaceId); - const endpointPackage = await getEndpointPackageInfo(kbnClient); - - if (waitUntilTransformed && customIndexFn) { - // need this before indexing docs so that the united transform doesn't - // create a checkpoint with a timestamp after the doc timestamps - await stopMetadataTransforms(this.esClient, endpointPackage.version); + return createKbnClient(kbnClientOptions); } - const isServerless = await isServerlessKibanaFlavor(kbnClient); - const CurrentKibanaVersionDocGenerator = await createDocGeneratorClass(kbnClient, isServerless); - - // load data into the system - const indexedData = customIndexFn - ? await customIndexFn() - : await indexHostsAndAlerts( - this.esClient as Client, - kbnClient, - generatorSeed, - numHosts, - numHostDocs, - 'metrics-endpoint.metadata-default', - 'metrics-endpoint.policy-default', - 'logs-endpoint.events.process-default', - 'logs-endpoint.alerts-default', - alertsPerHost, - enableFleetIntegration, - undefined, - CurrentKibanaVersionDocGenerator, - withResponseActions, - undefined, - undefined, - undefined, - this.log + /** + * Loads endpoint host/alert/event data into elasticsearch + * @param [options] + * @param [options.numHosts=1] Number of Endpoint Hosts to be loaded + * @param [options.numHostDocs=1] Number of Document to be loaded per Endpoint Host (Endpoint hosts index uses a append-only index) + * @param [options.alertsPerHost=1] Number of Alerts and Events to be loaded per Endpoint Host + * @param [options.enableFleetIntegration=true] When set to `true`, Fleet data will also be loaded (ex. Integration Policies, Agent Policies, "fake" Agents) + * @param [options.generatorSeed='seed'] The seed to be used by the data generator. Important in order to ensure the same data is generated on very run. + * @param [options.waitUntilTransformed=true] If set to `true`, the data loading process will wait until the endpoint hosts metadata is processed by the transform + * @param [options.waitTimeout=120000] If waitUntilTransformed=true, number of ms to wait until timeout + * @param [options.customIndexFn] If provided, will use this function to generate and index data instead + */ + async loadEndpointData( + options: Partial<{ + numHosts: number; + numHostDocs: number; + alertsPerHost: number; + enableFleetIntegration: boolean; + generatorSeed: string; + waitUntilTransformed: boolean; + waitTimeout: number; + customIndexFn: () => Promise; + spaceId: string; + withResponseActions: boolean; + }> = {} + ): Promise { + const { + numHosts = 1, + numHostDocs = 1, + alertsPerHost = 1, + enableFleetIntegration = true, + generatorSeed = 'seed', + waitUntilTransformed = true, + waitTimeout = 120000, + customIndexFn, + spaceId = DEFAULT_SPACE_ID, + withResponseActions = true, + } = options; + + const _kbnClient = this.getScopedKbnClient(spaceId); + const endpointPackage = await getEndpointPackageInfo(_kbnClient); + + if (waitUntilTransformed && customIndexFn) { + // need this before indexing docs so that the united transform doesn't + // create a checkpoint with a timestamp after the doc timestamps + await stopMetadataTransforms(esClient, endpointPackage.version); + } + + const isServerless = await isServerlessKibanaFlavor(_kbnClient); + const CurrentKibanaVersionDocGenerator = await createDocGeneratorClass( + _kbnClient, + isServerless + ); + + // load data into the system + const indexedData = customIndexFn + ? await customIndexFn() + : await indexHostsAndAlerts( + esClient as Client, + kbnClient, + generatorSeed, + numHosts, + numHostDocs, + 'metrics-endpoint.metadata-default', + 'metrics-endpoint.policy-default', + 'logs-endpoint.events.process-default', + 'logs-endpoint.alerts-default', + alertsPerHost, + enableFleetIntegration, + undefined, + CurrentKibanaVersionDocGenerator, + withResponseActions, + undefined, + undefined, + undefined, + log + ); + + if (waitUntilTransformed && customIndexFn) { + await startMetadataTransforms( + esClient, + Array.from(new Set(indexedData.hosts.map((host) => host.agent.id))), + endpointPackage.version ); + } + + if (waitUntilTransformed) { + const agentIds = Array.from(new Set(indexedData.agents.map((agent) => agent.agent!.id))); + await this.waitForUnitedEndpoints(agentIds, waitTimeout); + } - if (waitUntilTransformed && customIndexFn) { - await startMetadataTransforms( - this.esClient, - Array.from(new Set(indexedData.hosts.map((host) => host.agent.id))), - endpointPackage.version + return { + ...indexedData, + spaceId, + unloadEndpointData: (): Promise => { + return this.unloadEndpointData(indexedData, { spaceId }); + }, + }; + } + + /** + * Deletes the loaded data created via `loadEndpointData()` + * @param indexedData + * @param options + */ + async unloadEndpointData( + indexedData: IndexedHostsAndAlertsResponse, + { spaceId = DEFAULT_SPACE_ID }: { spaceId?: string } = {} + ): Promise { + return deleteIndexedHostsAndAlerts( + esClient as Client, + this.getScopedKbnClient(spaceId), + indexedData ); } - if (waitUntilTransformed) { - const agentIds = Array.from(new Set(indexedData.agents.map((agent) => agent.agent!.id))); - await this.waitForUnitedEndpoints(agentIds, waitTimeout); + async waitForIndex( + ids: string[], + index: string, + body: any = {}, + timeout: number = config.get('timeouts.waitFor') + ) { + // If we have a specific number of endpoint hosts to check for, then use that number, + // else we just want to make sure the index has data, thus just having one in the index will do + const size = ids.length || 1; + + await retry.waitForWithTimeout(`endpoint hosts in ${index}`, timeout, async () => { + try { + if (index === METADATA_UNITED_INDEX) { + // United metadata transform occasionally can't find docs in .fleet-agents. + // Running a search on the index first eliminates this issue. + // Replacing the search with a refresh does not resolve flakiness. + await esClient.search({ index: AGENTS_INDEX }); + } + const searchResponse = await esClient.search({ + index, + size, + body, + rest_total_hits_as_int: true, + }); + + return searchResponse.hits.total === size; + } catch (error) { + // We ignore 404's (index might not exist) + if (error instanceof errors.ResponseError && error.statusCode === 404) { + return false; + } + + // Wrap the ES error so that we get a good stack trace + throw new EndpointError(error.message, error); + } + }); } - return { - ...indexedData, - spaceId, - unloadEndpointData: (): Promise => { - return this.unloadEndpointData(indexedData, { spaceId }); - }, - }; - } + /** + * Waits for endpoints to show up on the `metadata_united` index. + * Optionally, specific endpoint IDs (agent.id) can be provided to ensure those specific ones show up. + * + * @param [ids] optional list of ids to check for. If empty, it will just check if data exists in the index + * @param [timeout] optional max timeout to waitFor in ms. default is 20000. + */ + async waitForUnitedEndpoints(ids: string[] = [], timeout = config.get('timeouts.waitFor')) { + const body = ids.length + ? { + query: { + bool: { + filter: [ + { + terms: { + 'agent.id': ids, + }, + }, + // make sure that both endpoint and agent portions are populated + // since agent is likely to be populated first + { exists: { field: 'united.endpoint.agent.id' } }, + { exists: { field: 'united.agent.agent.id' } }, + ], + }, + }, + } + : { + size: 1, + query: { + match_all: {}, + }, + }; - /** - * Deletes the loaded data created via `loadEndpointData()` - * @param indexedData - * @param options - */ - async unloadEndpointData( - indexedData: IndexedHostsAndAlertsResponse, - { spaceId = DEFAULT_SPACE_ID }: { spaceId?: string } = {} - ): Promise { - return deleteIndexedHostsAndAlerts( - this.esClient as Client, - this.getScopedKbnClient(spaceId), - indexedData - ); - } + await this.waitForIndex(ids, METADATA_UNITED_INDEX, body, timeout); + } - private async waitForIndex( - ids: string[], - index: string, - body: any = {}, - timeout: number = this.config.get('timeouts.waitFor') - ) { - // If we have a specific number of endpoint hosts to check for, then use that number, - // else we just want to make sure the index has data, thus just having one in the index will do - const size = ids.length || 1; - - await this.retry.waitForWithTimeout(`endpoint hosts in ${index}`, timeout, async () => { - try { - if (index === METADATA_UNITED_INDEX) { - // United metadata transform occasionally can't find docs in .fleet-agents. - // Running a search on the index first eliminates this issue. - // Replacing the search with a refresh does not resolve flakiness. - await this.esClient.search({ index: AGENTS_INDEX }); - } - const searchResponse = await this.esClient.search({ - index, - size, - body, - rest_total_hits_as_int: true, - }); - - return searchResponse.hits.total === size; - } catch (error) { - // We ignore 404's (index might not exist) - if (error instanceof errors.ResponseError && error.statusCode === 404) { - return false; - } + /** + * installs (or upgrades) the Endpoint Fleet package + * (NOTE: ensure that fleet is setup first before calling this function) + */ + async installOrUpgradeEndpointFleetPackage( + spaceId: string = DEFAULT_SPACE_ID + ): ReturnType { + return installOrUpgradeEndpointFleetPackage(this.getScopedKbnClient(spaceId), log); + } - // Wrap the ES error so that we get a good stack trace - throw new EndpointError(error.message, error); - } - }); - } + /** + * Fetch (GET) the details of an endpoint + * @param endpointAgentId + * @param spaceId + */ + async fetchEndpointMetadata( + endpointAgentId: string, + spaceId: string = DEFAULT_SPACE_ID + ): Promise { + return supertest + .get( + addSpaceIdToPath('/', spaceId, HOST_METADATA_GET_ROUTE.replace('{id}', endpointAgentId)) + ) + .set('kbn-xsrf', 'true') + .set('Elastic-Api-Version', '2023-10-31') + .send() + .expect(200) + .then((response) => response.body as HostInfo); + } - /** - * Waits for endpoints to show up on the `metadata_united` index. - * Optionally, specific endpoint IDs (agent.id) can be provided to ensure those specific ones show up. - * - * @param [ids] optional list of ids to check for. If empty, it will just check if data exists in the index - * @param [timeout] optional max timeout to waitFor in ms. default is 20000. - */ - async waitForUnitedEndpoints(ids: string[] = [], timeout = this.config.get('timeouts.waitFor')) { - const body = ids.length - ? { - query: { - bool: { - filter: [ - { - terms: { - 'agent.id': ids, - }, - }, - // make sure that both endpoint and agent portions are populated - // since agent is likely to be populated first - { exists: { field: 'united.endpoint.agent.id' } }, - { exists: { field: 'united.agent.agent.id' } }, - ], - }, - }, - } - : { - size: 1, - query: { - match_all: {}, - }, - }; - - await this.waitForIndex(ids, METADATA_UNITED_INDEX, body, timeout); - } + /** + * Sends an updated metadata document for a given endpoint to the datastream and waits for the + * update to show up on the Metadata API (after transform runs) + */ + async sendEndpointMetadataUpdate( + endpointAgentId: string, + updates: DeepPartial = {}, + spaceId: string = DEFAULT_SPACE_ID + ): Promise { + const currentMetadata = await this.fetchEndpointMetadata(endpointAgentId, spaceId); + const endpointPackage = await getEndpointPackageInfo(this.getScopedKbnClient(spaceId)); + + await stopMetadataTransforms(esClient, endpointPackage.version); + const generatedMetadataDoc = new EndpointDocGenerator().generateHostMetadata(); + + const updatedMetadataDoc = merge( + { ...currentMetadata.metadata }, + // Grab the updated `event` and timestamp from the generator data + { + event: generatedMetadataDoc.event, + '@timestamp': generatedMetadataDoc['@timestamp'], + }, + updates + ); - /** - * installs (or upgrades) the Endpoint Fleet package - * (NOTE: ensure that fleet is setup first before calling this function) - */ - async installOrUpgradeEndpointFleetPackage( - spaceId: string = DEFAULT_SPACE_ID - ): ReturnType { - return installOrUpgradeEndpointFleetPackage(this.getScopedKbnClient(spaceId), this.log); - } + await esClient + .index({ + index: METADATA_DATASTREAM, + body: updatedMetadataDoc, + op_type: 'create', + }) + .catch(catchAxiosErrorFormatAndThrow); - /** - * Fetch (GET) the details of an endpoint - * @param endpointAgentId - * @param spaceId - */ - async fetchEndpointMetadata( - endpointAgentId: string, - spaceId: string = DEFAULT_SPACE_ID - ): Promise { - return this.supertest - .get(addSpaceIdToPath('/', spaceId, HOST_METADATA_GET_ROUTE.replace('{id}', endpointAgentId))) - .set('kbn-xsrf', 'true') - .set('Elastic-Api-Version', '2023-10-31') - .send() - .expect(200) - .then((response) => response.body as HostInfo); - } + await startMetadataTransforms(esClient, [], endpointPackage.version); - /** - * Sends an updated metadata document for a given endpoint to the datastream and waits for the - * update to show up on the Metadata API (after transform runs) - */ - async sendEndpointMetadataUpdate( - endpointAgentId: string, - updates: DeepPartial = {}, - spaceId: string = DEFAULT_SPACE_ID - ): Promise { - const currentMetadata = await this.fetchEndpointMetadata(endpointAgentId, spaceId); - const endpointPackage = await getEndpointPackageInfo(this.getScopedKbnClient(spaceId)); - - await stopMetadataTransforms(this.esClient, endpointPackage.version); - const generatedMetadataDoc = new EndpointDocGenerator().generateHostMetadata(); - - const updatedMetadataDoc = merge( - { ...currentMetadata.metadata }, - // Grab the updated `event` and timestamp from the generator data - { - event: generatedMetadataDoc.event, - '@timestamp': generatedMetadataDoc['@timestamp'], - }, - updates - ); - - await this.esClient - .index({ - index: METADATA_DATASTREAM, - body: updatedMetadataDoc, - op_type: 'create', - }) - .catch(catchAxiosErrorFormatAndThrow); - - await startMetadataTransforms(this.esClient, [], endpointPackage.version); - - this.log.info( - `Endpoint metadata update was indexed for endpoint agent id [${endpointAgentId}] in space [${spaceId}]` - ); - - let response: HostInfo | undefined; - - // Wait for the update to show up on Metadata API (after transform runs) - await this.retry.waitFor( - `update to endpoint id [${endpointAgentId}] to be processed by transform`, - async () => { - response = await this.fetchEndpointMetadata(endpointAgentId, spaceId); - - return response.metadata.event.id === updatedMetadataDoc.event.id; - } - ); + log.info( + `Endpoint metadata update was indexed for endpoint agent id [${endpointAgentId}] in space [${spaceId}]` + ); - if (!response) { - throw new Error(`Response object not set. Issue fetching endpoint metadata`); - } + let response: HostInfo | undefined; - this.log.info(`Endpoint metadata doc update done for agent ID [${endpointAgentId}]`); - this.log.verbose(JSON.stringify(response, null, 2)); + // Wait for the update to show up on Metadata API (after transform runs) + await retry.waitFor( + `update to endpoint id [${endpointAgentId}] to be processed by transform`, + async () => { + response = await this.fetchEndpointMetadata(endpointAgentId, spaceId); - return response; - } + return response.metadata.event.id === updatedMetadataDoc.event.id; + } + ); - async isEndpointPackageV2(spaceId: string = DEFAULT_SPACE_ID): Promise { - const endpointPackage = await getEndpointPackageInfo(this.getScopedKbnClient(spaceId)); - return isEndpointPackageV2(endpointPackage.version); - } + if (!response) { + throw new Error(`Response object not set. Issue fetching endpoint metadata`); + } + + log.info(`Endpoint metadata doc update done for agent ID [${endpointAgentId}]`); + log.verbose(JSON.stringify(response, null, 2)); + + return response; + } + + async isEndpointPackageV2(spaceId: string = DEFAULT_SPACE_ID): Promise { + const endpointPackage = await getEndpointPackageInfo(this.getScopedKbnClient(spaceId)); + return isEndpointPackageV2(endpointPackage.version); + } + })(); } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts index df07e978c8f1b..35e15fd7fa6fc 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts @@ -31,7 +31,7 @@ import { ManifestConstants } from '@kbn/security-solution-plugin/server/endpoint import TestAgent from 'supertest/lib/agent'; import { addSpaceIdToPath, DEFAULT_SPACE_ID } from '@kbn/spaces-plugin/common'; import { isArtifactGlobal } from '@kbn/security-solution-plugin/common/endpoint/service/artifacts'; -import { FtrService } from '../configs/ftr_provider_context'; +import { FtrProviderContext } from '../configs/ftr_provider_context'; import { InternalUnifiedManifestSchemaResponseType } from '../apps/integrations/mocks'; export interface ArtifactTestData { @@ -44,191 +44,195 @@ export interface ArtifactCreateOptions { spaceId?: string; } -export class EndpointArtifactsTestResources extends FtrService { - private readonly exceptionsGenerator = new ExceptionsListItemGenerator(); - private readonly supertest = this.ctx.getService('supertest'); - private readonly log = this.ctx.getService('log'); - private readonly esClient = this.ctx.getService('es'); - - private getHttpResponseFailureHandler( - ignoredStatusCodes: number[] = [] - ): (res: Response) => Promise { - return async (res) => { - if (!res.ok && !ignoredStatusCodes.includes(res.status)) { - throw new EndpointError(JSON.stringify(res.error, null, 2)); - } +export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProviderContext) { + const exceptionsGenerator = new ExceptionsListItemGenerator(); + const supertestSv = getService('supertest'); + const log = getService('log'); + const esClient = getService('es'); + + return new (class EndpointTelemetryTestResources { + private getHttpResponseFailureHandler( + ignoredStatusCodes: number[] = [] + ): (res: Response) => Promise { + return async (res) => { + if (!res.ok && !ignoredStatusCodes.includes(res.status)) { + throw new EndpointError(JSON.stringify(res.error, null, 2)); + } + + return res; + }; + } + + private async ensureListExists( + listDefinition: CreateExceptionListSchema, + { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} + ): Promise { + // attempt to create it and ignore 409 (already exists) errors + await supertest + .post(addSpaceIdToPath('/', spaceId, EXCEPTION_LIST_URL)) + .set('kbn-xsrf', 'true') + .send(listDefinition) + .then(this.getHttpResponseFailureHandler([409])); + } - return res; - }; - } - - private async ensureListExists( - listDefinition: CreateExceptionListSchema, - { supertest = this.supertest, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} - ): Promise { - // attempt to create it and ignore 409 (already exists) errors - await supertest - .post(addSpaceIdToPath('/', spaceId, EXCEPTION_LIST_URL)) - .set('kbn-xsrf', 'true') - .send(listDefinition) - .then(this.getHttpResponseFailureHandler([409])); - } - - private async createExceptionItem( - createPayload: CreateExceptionListItemSchema, - { supertest = this.supertest, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} - ): Promise { - this.log.verbose(`Creating exception item:\n${JSON.stringify(createPayload)}`); - - const artifact = await supertest - .post(addSpaceIdToPath('/', spaceId, EXCEPTION_LIST_ITEM_URL)) - .set('kbn-xsrf', 'true') - .send(createPayload) - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body as ExceptionListItemSchema); - - const { item_id: itemId, list_id: listId } = artifact; - const artifactAssignment = isArtifactGlobal(artifact) ? 'Global' : 'Per-Policy'; - - this.log.info( - `Created [${artifactAssignment}] exception list item in space [${spaceId}], List ID [${listId}], Item ID [${itemId}]` - ); - - const cleanup = async () => { - await this.deleteExceptionItem(artifact, { supertest, spaceId }); - }; - - return { - artifact, - cleanup, - }; - } - - async deleteExceptionItem( - { - list_id: listId, - item_id: itemId, - namespace_type: nameSpaceType, - }: Pick, - { supertest = this.supertest, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} - ): Promise { - const deleteResponse = await supertest - .delete( - `${addSpaceIdToPath( - '/', - spaceId, - EXCEPTION_LIST_ITEM_URL - )}?item_id=${itemId}&namespace_type=${nameSpaceType}` - ) - .set('kbn-xsrf', 'true') - .send() - .then(this.getHttpResponseFailureHandler([404])); - - this.log.info(`Deleted exception list item [${listId}]: ${itemId} (${deleteResponse.status})`); - } - - async createEndpointException( - overrides: Partial = {}, - options?: ArtifactCreateOptions - ): Promise { - await this.ensureListExists( + private async createExceptionItem( + createPayload: CreateExceptionListItemSchema, + { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} + ): Promise { + this.log.verbose(`Creating exception item:\n${JSON.stringify(createPayload)}`); + + const artifact = await supertest + .post(addSpaceIdToPath('/', spaceId, EXCEPTION_LIST_ITEM_URL)) + .set('kbn-xsrf', 'true') + .send(createPayload) + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body as ExceptionListItemSchema); + + const { item_id: itemId, list_id: listId } = artifact; + const artifactAssignment = isArtifactGlobal(artifact) ? 'Global' : 'Per-Policy'; + + this.log.info( + `Created [${artifactAssignment}] exception list item in space [${spaceId}], List ID [${listId}], Item ID [${itemId}]` + ); + + const cleanup = async () => { + await this.deleteExceptionItem(artifact, { supertest, spaceId }); + }; + + return { + artifact, + cleanup, + }; + } + + async deleteExceptionItem( { - name: ENDPOINT_LIST_NAME, - description: ENDPOINT_LIST_DESCRIPTION, - list_id: ENDPOINT_LIST_ID, - type: ExceptionListTypeEnum.ENDPOINT, - namespace_type: 'agnostic', - }, - options - ); - const endpointException = - this.exceptionsGenerator.generateEndpointExceptionForCreate(overrides); - - return this.createExceptionItem(endpointException, options); - } - - async createTrustedApp( - overrides: Partial = {}, - options?: ArtifactCreateOptions - ): Promise { - await this.ensureListExists(TRUSTED_APPS_EXCEPTION_LIST_DEFINITION, options); - const trustedApp = this.exceptionsGenerator.generateTrustedAppForCreate(overrides); - - return this.createExceptionItem(trustedApp, options); - } - - async createEventFilter( - overrides: Partial = {}, - options?: ArtifactCreateOptions - ): Promise { - await this.ensureListExists(EVENT_FILTER_LIST_DEFINITION, options); - const eventFilter = this.exceptionsGenerator.generateEventFilterForCreate(overrides); - - return this.createExceptionItem(eventFilter, options); - } - - async createHostIsolationException( - overrides: Partial = {}, - options?: ArtifactCreateOptions - ): Promise { - await this.ensureListExists(HOST_ISOLATION_EXCEPTIONS_LIST_DEFINITION, options); - const artifact = this.exceptionsGenerator.generateHostIsolationExceptionForCreate(overrides); - - return this.createExceptionItem(artifact, options); - } - - async createBlocklist( - overrides: Partial = {}, - options?: ArtifactCreateOptions - ): Promise { - await this.ensureListExists(BLOCKLISTS_LIST_DEFINITION, options); - const blocklist = this.exceptionsGenerator.generateBlocklistForCreate(overrides); - - return this.createExceptionItem(blocklist, options); - } - - async createArtifact( - listId: (typeof ENDPOINT_ARTIFACT_LIST_IDS)[number] | typeof ENDPOINT_LIST_ID, - overrides: Partial = {}, - options?: ArtifactCreateOptions - ): Promise { - switch (listId) { - case ENDPOINT_ARTIFACT_LISTS.trustedApps.id: { - return this.createTrustedApp(overrides, options); - } - case ENDPOINT_ARTIFACT_LISTS.eventFilters.id: { - return this.createEventFilter(overrides, options); - } - case ENDPOINT_ARTIFACT_LISTS.blocklists.id: { - return this.createBlocklist(overrides, options); - } - case ENDPOINT_ARTIFACT_LISTS.hostIsolationExceptions.id: { - return this.createHostIsolationException(overrides, options); - } - case ENDPOINT_LIST_ID: { - return this.createEndpointException(overrides, options); + list_id: listId, + item_id: itemId, + namespace_type: nameSpaceType, + }: Pick, + { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} + ): Promise { + const deleteResponse = await supertest + .delete( + `${addSpaceIdToPath( + '/', + spaceId, + EXCEPTION_LIST_ITEM_URL + )}?item_id=${itemId}&namespace_type=${nameSpaceType}` + ) + .set('kbn-xsrf', 'true') + .send() + .then(this.getHttpResponseFailureHandler([404])); + + this.log.info( + `Deleted exception list item [${listId}]: ${itemId} (${deleteResponse.status})` + ); + } + + async createEndpointException( + overrides: Partial = {}, + options?: ArtifactCreateOptions + ): Promise { + await this.ensureListExists( + { + name: ENDPOINT_LIST_NAME, + description: ENDPOINT_LIST_DESCRIPTION, + list_id: ENDPOINT_LIST_ID, + type: ExceptionListTypeEnum.ENDPOINT, + namespace_type: 'agnostic', + }, + options + ); + const endpointException = + this.exceptionsGenerator.generateEndpointExceptionForCreate(overrides); + + return this.createExceptionItem(endpointException, options); + } + + async createTrustedApp( + overrides: Partial = {}, + options?: ArtifactCreateOptions + ): Promise { + await this.ensureListExists(TRUSTED_APPS_EXCEPTION_LIST_DEFINITION, options); + const trustedApp = this.exceptionsGenerator.generateTrustedAppForCreate(overrides); + + return this.createExceptionItem(trustedApp, options); + } + + async createEventFilter( + overrides: Partial = {}, + options?: ArtifactCreateOptions + ): Promise { + await this.ensureListExists(EVENT_FILTER_LIST_DEFINITION, options); + const eventFilter = this.exceptionsGenerator.generateEventFilterForCreate(overrides); + + return this.createExceptionItem(eventFilter, options); + } + + async createHostIsolationException( + overrides: Partial = {}, + options?: ArtifactCreateOptions + ): Promise { + await this.ensureListExists(HOST_ISOLATION_EXCEPTIONS_LIST_DEFINITION, options); + const artifact = this.exceptionsGenerator.generateHostIsolationExceptionForCreate(overrides); + + return this.createExceptionItem(artifact, options); + } + + async createBlocklist( + overrides: Partial = {}, + options?: ArtifactCreateOptions + ): Promise { + await this.ensureListExists(BLOCKLISTS_LIST_DEFINITION, options); + const blocklist = this.exceptionsGenerator.generateBlocklistForCreate(overrides); + + return this.createExceptionItem(blocklist, options); + } + + async createArtifact( + listId: (typeof ENDPOINT_ARTIFACT_LIST_IDS)[number] | typeof ENDPOINT_LIST_ID, + overrides: Partial = {}, + options?: ArtifactCreateOptions + ): Promise { + switch (listId) { + case ENDPOINT_ARTIFACT_LISTS.trustedApps.id: { + return this.createTrustedApp(overrides, options); + } + case ENDPOINT_ARTIFACT_LISTS.eventFilters.id: { + return this.createEventFilter(overrides, options); + } + case ENDPOINT_ARTIFACT_LISTS.blocklists.id: { + return this.createBlocklist(overrides, options); + } + case ENDPOINT_ARTIFACT_LISTS.hostIsolationExceptions.id: { + return this.createHostIsolationException(overrides, options); + } + case ENDPOINT_LIST_ID: { + return this.createEndpointException(overrides, options); + } + default: + throw new Error(`Unexpected list id ${listId}`); } - default: - throw new Error(`Unexpected list id ${listId}`); } - } - - async getArtifactsFromUnifiedManifestSO(): Promise< - Array< - InternalUnifiedManifestSchemaResponseType['_source']['endpoint:unified-user-artifact-manifest'] - > - > { - const { - hits: { hits: manifestResults }, - } = await this.esClient.search({ - index: '.kibana*', - query: { - bool: { filter: [{ term: { type: ManifestConstants.UNIFIED_SAVED_OBJECT_TYPE } }] }, - }, - }); - - return manifestResults.map( - (result) => result._source!['endpoint:unified-user-artifact-manifest'] - ); - } + + async getArtifactsFromUnifiedManifestSO(): Promise< + Array< + InternalUnifiedManifestSchemaResponseType['_source']['endpoint:unified-user-artifact-manifest'] + > + > { + const { + hits: { hits: manifestResults }, + } = await this.esClient.search({ + index: '.kibana*', + query: { + bool: { filter: [{ term: { type: ManifestConstants.UNIFIED_SAVED_OBJECT_TYPE } }] }, + }, + }); + + return manifestResults.map( + (result) => result._source!['endpoint:unified-user-artifact-manifest'] + ); + } + })(); } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts index 65e8f1141ef03..a0d062f5163b9 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts @@ -10,11 +10,11 @@ import { SvlCommonApiServiceProvider } from '@kbn/test-suites-xpack-platform/ser import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/ingest_manager'; import { services as platformServices } from '@kbn/test-suites-xpack-platform/functional/services'; import { EndpointTelemetryTestResourcesProvider } from './endpoint_telemetry'; -import { EndpointTestResources } from './endpoint'; +import { EndpointTestResourcesProvider } from './endpoint'; import { TimelineTestService } from './timeline'; import { DetectionsTestService } from './detections'; import { EndpointPolicyTestResourcesProvider } from './endpoint_policy'; -import { EndpointArtifactsTestResources } from './endpoint_artifacts'; +import { EndpointArtifactsTestResourcesProvider } from './endpoint_artifacts'; import { KibanaSupertestWithCertProvider, KibanaSupertestWithCertWithoutAuthProvider, @@ -25,12 +25,12 @@ import { SecuritySolutionEndpointRegistryHelpers } from './endpoint_registry_hel export const services = { ...platformServices, - endpointTestResources: EndpointTestResources, + endpointTestResources: EndpointTestResourcesProvider, telemetryTestResources: EndpointTelemetryTestResourcesProvider, ingestManager: IngestManagerProvider, timeline: TimelineTestService, detections: DetectionsTestService, - endpointArtifactTestResources: EndpointArtifactsTestResources, + endpointArtifactTestResources: EndpointArtifactsTestResourcesProvider, policyTestResources: EndpointPolicyTestResourcesProvider, endpointDataStreamHelpers: SecuritySolutionEndpointDataStreamHelpers, endpointRegistryHelpers: SecuritySolutionEndpointRegistryHelpers, From 1dfc86e6cf35ec3bcc2025a796419c85e100af98 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 13 Aug 2025 19:37:24 +0200 Subject: [PATCH 25/42] fix ts errors --- .../services/endpoint_artifacts.ts | 27 +++++++++---------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts index 35e15fd7fa6fc..b671c5759991a 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts @@ -51,7 +51,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid const esClient = getService('es'); return new (class EndpointTelemetryTestResources { - private getHttpResponseFailureHandler( + getHttpResponseFailureHandler( ignoredStatusCodes: number[] = [] ): (res: Response) => Promise { return async (res) => { @@ -63,7 +63,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid }; } - private async ensureListExists( + async ensureListExists( listDefinition: CreateExceptionListSchema, { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} ): Promise { @@ -75,11 +75,11 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid .then(this.getHttpResponseFailureHandler([409])); } - private async createExceptionItem( + async createExceptionItem( createPayload: CreateExceptionListItemSchema, { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} ): Promise { - this.log.verbose(`Creating exception item:\n${JSON.stringify(createPayload)}`); + log.verbose(`Creating exception item:\n${JSON.stringify(createPayload)}`); const artifact = await supertest .post(addSpaceIdToPath('/', spaceId, EXCEPTION_LIST_ITEM_URL)) @@ -91,7 +91,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid const { item_id: itemId, list_id: listId } = artifact; const artifactAssignment = isArtifactGlobal(artifact) ? 'Global' : 'Per-Policy'; - this.log.info( + log.info( `Created [${artifactAssignment}] exception list item in space [${spaceId}], List ID [${listId}], Item ID [${itemId}]` ); @@ -125,9 +125,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid .send() .then(this.getHttpResponseFailureHandler([404])); - this.log.info( - `Deleted exception list item [${listId}]: ${itemId} (${deleteResponse.status})` - ); + log.info(`Deleted exception list item [${listId}]: ${itemId} (${deleteResponse.status})`); } async createEndpointException( @@ -144,8 +142,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid }, options ); - const endpointException = - this.exceptionsGenerator.generateEndpointExceptionForCreate(overrides); + const endpointException = exceptionsGenerator.generateEndpointExceptionForCreate(overrides); return this.createExceptionItem(endpointException, options); } @@ -155,7 +152,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(TRUSTED_APPS_EXCEPTION_LIST_DEFINITION, options); - const trustedApp = this.exceptionsGenerator.generateTrustedAppForCreate(overrides); + const trustedApp = exceptionsGenerator.generateTrustedAppForCreate(overrides); return this.createExceptionItem(trustedApp, options); } @@ -165,7 +162,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(EVENT_FILTER_LIST_DEFINITION, options); - const eventFilter = this.exceptionsGenerator.generateEventFilterForCreate(overrides); + const eventFilter = exceptionsGenerator.generateEventFilterForCreate(overrides); return this.createExceptionItem(eventFilter, options); } @@ -175,7 +172,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(HOST_ISOLATION_EXCEPTIONS_LIST_DEFINITION, options); - const artifact = this.exceptionsGenerator.generateHostIsolationExceptionForCreate(overrides); + const artifact = exceptionsGenerator.generateHostIsolationExceptionForCreate(overrides); return this.createExceptionItem(artifact, options); } @@ -185,7 +182,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(BLOCKLISTS_LIST_DEFINITION, options); - const blocklist = this.exceptionsGenerator.generateBlocklistForCreate(overrides); + const blocklist = exceptionsGenerator.generateBlocklistForCreate(overrides); return this.createExceptionItem(blocklist, options); } @@ -223,7 +220,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid > { const { hits: { hits: manifestResults }, - } = await this.esClient.search({ + } = await esClient.search({ index: '.kibana*', query: { bool: { filter: [{ term: { type: ManifestConstants.UNIFIED_SAVED_OBJECT_TYPE } }] }, From 06f284b2dc43061c55ca7bbe2e8db86c7afc070a Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 00:36:39 +0200 Subject: [PATCH 26/42] fix services and load the proper ones --- .../config/ess/services.ts | 17 +++- .../config/ess/services_edr_workflows.ts | 19 ++++- .../config/serverless/services.ts | 1 - .../services/endpoint.ts | 84 +++++++++++-------- .../services/endpoint_artifacts.ts | 40 ++++++--- 5 files changed, 108 insertions(+), 53 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts index f4d952ddb2675..6856e85d22cf3 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services.ts @@ -6,16 +6,27 @@ */ import { KibanaEBTServerProvider } from '@kbn/test-suites-src/analytics/services/kibana_ebt'; -import { services as essServices } from '@kbn/test-suites-xpack-platform/api_integration/services'; -import { SecuritySolutionESSUtils } from '../services/security_solution_ess_utils'; +import { services as kibanaApiIntegrationServices } from '@kbn/test-suites-src/api_integration/services'; +import { MachineLearningProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/ml'; +import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/ingest_manager'; +import { UsageAPIProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/usage_api'; +import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; import { SpacesServiceProvider } from '../services/spaces_service'; +import { SecuritySolutionESSUtils } from '../services/security_solution_ess_utils'; import { SecuritySolutionApiProvider } from '../services/security_solution_api.gen'; import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from '../services/security_solution_exceptions_api.gen'; export const services = { - ...essServices, + ...commonFunctionalServices, + esSupertest: kibanaApiIntegrationServices.esSupertest, + supertest: kibanaApiIntegrationServices.supertest, + // esSupertestWithoutAuth: EsSupertestWithoutAuthProvider, + usageAPI: UsageAPIProvider, + ml: MachineLearningProvider, + ingestManager: IngestManagerProvider, securitySolutionApi: SecuritySolutionApiProvider, securitySolutionExceptionsApi: SecuritySolutionExceptionsApiProvider, + spaces: SpacesServiceProvider, securitySolutionUtils: SecuritySolutionESSUtils, kibana_ebt_server: KibanaEBTServerProvider, diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts index 1c172c1dc7996..7d141c3982c6b 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/ess/services_edr_workflows.ts @@ -5,8 +5,14 @@ * 2.0. */ +import { services as kibanaApiIntegrationServices } from '@kbn/test-suites-src/api_integration/services'; +import { MachineLearningProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/ml'; +import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/ingest_manager'; +import { UsageAPIProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/usage_api'; import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; -import { services as xPackAPIServices } from '@kbn/test-suites-xpack-platform/api_integration/services'; +import { SecuritySolutionApiProvider } from '../services/security_solution_api.gen'; +import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from '../services/security_solution_exceptions_api.gen'; + import { EndpointTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint'; import { EndpointArtifactsTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint_artifacts'; import { EndpointPolicyTestResourcesProvider } from '../../../security_solution_endpoint/services/endpoint_policy'; @@ -20,7 +26,16 @@ import { import { SecuritySolutionESSUtils } from '../services/security_solution_ess_utils'; export const services = { - ...xPackAPIServices, + ...commonFunctionalServices, + esSupertest: kibanaApiIntegrationServices.esSupertest, + supertest: kibanaApiIntegrationServices.supertest, + // esSupertestWithoutAuth: EsSupertestWithoutAuthProvider, + usageAPI: UsageAPIProvider, + ml: MachineLearningProvider, + ingestManager: IngestManagerProvider, + securitySolutionApi: SecuritySolutionApiProvider, + securitySolutionExceptionsApi: SecuritySolutionExceptionsApiProvider, + resolverGenerator: ResolverGeneratorProvider, endpointTestResources: EndpointTestResourcesProvider, endpointPolicyTestResources: EndpointPolicyTestResourcesProvider, diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts index ad5952ffc52c3..bf92ce445acfc 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/serverless/services.ts @@ -5,7 +5,6 @@ * 2.0. */ -// some services might be missing ... import { services as serverlessServices } from '@kbn/test-suites-xpack-platform/serverless/api_integration/services'; import { KibanaEBTServerProvider } from '@kbn/test-suites-src/analytics/services/kibana_ebt'; import { SearchSecureService } from '../services/search_secure'; diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts index 4a91d4ca4fce0..9784531c597cc 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts @@ -81,22 +81,38 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext const log = getService('log'); return new (class EndpointTestResources { + private readonly esClient: ReturnType; + private readonly retry: ReturnType; + private readonly kbnClient: ReturnType; + private readonly config: ReturnType; + private readonly supertest: ReturnType; + private readonly log: ReturnType; + + constructor() { + this.esClient = esClient; + this.retry = retry; + this.kbnClient = kbnClient; + this.config = config; + this.supertest = supertest; + this.log = log; + } + getScopedKbnClient(spaceId: string = DEFAULT_SPACE_ID): KbnClient { if (!spaceId || spaceId === DEFAULT_SPACE_ID) { - return kbnClient; + return this.kbnClient; } const kbnClientOptions: Parameters[0] = { - url: kbnClient.resolveUrl('/'), - username: config.get('servers.elasticsearch.username'), - password: config.get('servers.elasticsearch.password'), + url: this.kbnClient.resolveUrl('/'), + username: this.config.get('servers.elasticsearch.username'), + password: this.config.get('servers.elasticsearch.password'), spaceId, }; - log.info(`creating new KbnClient with:\n${JSON.stringify(kbnClientOptions, null, 2)}`); + this.log.info(`creating new KbnClient with:\n${JSON.stringify(kbnClientOptions, null, 2)}`); // Was not included above in order to keep the output of the log.info() above clean in the output - kbnClientOptions.log = log; + kbnClientOptions.log = this.log; return createKbnClient(kbnClientOptions); } @@ -140,27 +156,24 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext withResponseActions = true, } = options; - const _kbnClient = this.getScopedKbnClient(spaceId); - const endpointPackage = await getEndpointPackageInfo(_kbnClient); + const client = this.getScopedKbnClient(spaceId); + const endpointPackage = await getEndpointPackageInfo(client); if (waitUntilTransformed && customIndexFn) { // need this before indexing docs so that the united transform doesn't // create a checkpoint with a timestamp after the doc timestamps - await stopMetadataTransforms(esClient, endpointPackage.version); + await stopMetadataTransforms(this.esClient, endpointPackage.version); } - const isServerless = await isServerlessKibanaFlavor(_kbnClient); - const CurrentKibanaVersionDocGenerator = await createDocGeneratorClass( - _kbnClient, - isServerless - ); + const isServerless = await isServerlessKibanaFlavor(client); + const CurrentKibanaVersionDocGenerator = await createDocGeneratorClass(client, isServerless); // load data into the system const indexedData = customIndexFn ? await customIndexFn() : await indexHostsAndAlerts( - esClient as Client, - kbnClient, + this.esClient as Client, + client, generatorSeed, numHosts, numHostDocs, @@ -176,12 +189,12 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext undefined, undefined, undefined, - log + this.log ); if (waitUntilTransformed && customIndexFn) { await startMetadataTransforms( - esClient, + this.esClient, Array.from(new Set(indexedData.hosts.map((host) => host.agent.id))), endpointPackage.version ); @@ -211,31 +224,31 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext { spaceId = DEFAULT_SPACE_ID }: { spaceId?: string } = {} ): Promise { return deleteIndexedHostsAndAlerts( - esClient as Client, + this.esClient as Client, this.getScopedKbnClient(spaceId), indexedData ); } - async waitForIndex( + private async waitForIndex( ids: string[], index: string, body: any = {}, - timeout: number = config.get('timeouts.waitFor') + timeout: number = this.config.get('timeouts.waitFor') ) { // If we have a specific number of endpoint hosts to check for, then use that number, // else we just want to make sure the index has data, thus just having one in the index will do const size = ids.length || 1; - await retry.waitForWithTimeout(`endpoint hosts in ${index}`, timeout, async () => { + await this.retry.waitForWithTimeout(`endpoint hosts in ${index}`, timeout, async () => { try { if (index === METADATA_UNITED_INDEX) { // United metadata transform occasionally can't find docs in .fleet-agents. // Running a search on the index first eliminates this issue. // Replacing the search with a refresh does not resolve flakiness. - await esClient.search({ index: AGENTS_INDEX }); + await this.esClient.search({ index: AGENTS_INDEX }); } - const searchResponse = await esClient.search({ + const searchResponse = await this.esClient.search({ index, size, body, @@ -262,7 +275,10 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext * @param [ids] optional list of ids to check for. If empty, it will just check if data exists in the index * @param [timeout] optional max timeout to waitFor in ms. default is 20000. */ - async waitForUnitedEndpoints(ids: string[] = [], timeout = config.get('timeouts.waitFor')) { + async waitForUnitedEndpoints( + ids: string[] = [], + timeout = this.config.get('timeouts.waitFor') + ) { const body = ids.length ? { query: { @@ -298,7 +314,7 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext async installOrUpgradeEndpointFleetPackage( spaceId: string = DEFAULT_SPACE_ID ): ReturnType { - return installOrUpgradeEndpointFleetPackage(this.getScopedKbnClient(spaceId), log); + return installOrUpgradeEndpointFleetPackage(this.getScopedKbnClient(spaceId), this.log); } /** @@ -310,7 +326,7 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext endpointAgentId: string, spaceId: string = DEFAULT_SPACE_ID ): Promise { - return supertest + return this.supertest .get( addSpaceIdToPath('/', spaceId, HOST_METADATA_GET_ROUTE.replace('{id}', endpointAgentId)) ) @@ -333,7 +349,7 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext const currentMetadata = await this.fetchEndpointMetadata(endpointAgentId, spaceId); const endpointPackage = await getEndpointPackageInfo(this.getScopedKbnClient(spaceId)); - await stopMetadataTransforms(esClient, endpointPackage.version); + await stopMetadataTransforms(this.esClient, endpointPackage.version); const generatedMetadataDoc = new EndpointDocGenerator().generateHostMetadata(); const updatedMetadataDoc = merge( @@ -346,7 +362,7 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext updates ); - await esClient + await this.esClient .index({ index: METADATA_DATASTREAM, body: updatedMetadataDoc, @@ -354,16 +370,16 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext }) .catch(catchAxiosErrorFormatAndThrow); - await startMetadataTransforms(esClient, [], endpointPackage.version); + await startMetadataTransforms(this.esClient, [], endpointPackage.version); - log.info( + this.log.info( `Endpoint metadata update was indexed for endpoint agent id [${endpointAgentId}] in space [${spaceId}]` ); let response: HostInfo | undefined; // Wait for the update to show up on Metadata API (after transform runs) - await retry.waitFor( + await this.retry.waitFor( `update to endpoint id [${endpointAgentId}] to be processed by transform`, async () => { response = await this.fetchEndpointMetadata(endpointAgentId, spaceId); @@ -376,8 +392,8 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext throw new Error(`Response object not set. Issue fetching endpoint metadata`); } - log.info(`Endpoint metadata doc update done for agent ID [${endpointAgentId}]`); - log.verbose(JSON.stringify(response, null, 2)); + this.log.info(`Endpoint metadata doc update done for agent ID [${endpointAgentId}]`); + this.log.verbose(JSON.stringify(response, null, 2)); return response; } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts index b671c5759991a..190c08dff8727 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts @@ -45,12 +45,23 @@ export interface ArtifactCreateOptions { } export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProviderContext) { - const exceptionsGenerator = new ExceptionsListItemGenerator(); const supertestSv = getService('supertest'); const log = getService('log'); const esClient = getService('es'); return new (class EndpointTelemetryTestResources { + private readonly supertest: TestAgent; + private readonly log: ReturnType; + private readonly esClient: ReturnType; + private readonly exceptionsGenerator: ExceptionsListItemGenerator; + + constructor() { + this.supertest = supertestSv; + this.log = log; + this.esClient = esClient; + this.exceptionsGenerator = new ExceptionsListItemGenerator(); + } + getHttpResponseFailureHandler( ignoredStatusCodes: number[] = [] ): (res: Response) => Promise { @@ -65,7 +76,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid async ensureListExists( listDefinition: CreateExceptionListSchema, - { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} + { supertest = this.supertest, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} ): Promise { // attempt to create it and ignore 409 (already exists) errors await supertest @@ -77,9 +88,9 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid async createExceptionItem( createPayload: CreateExceptionListItemSchema, - { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} + { supertest = this.supertest, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} ): Promise { - log.verbose(`Creating exception item:\n${JSON.stringify(createPayload)}`); + this.log.verbose(`Creating exception item:\n${JSON.stringify(createPayload)}`); const artifact = await supertest .post(addSpaceIdToPath('/', spaceId, EXCEPTION_LIST_ITEM_URL)) @@ -91,7 +102,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid const { item_id: itemId, list_id: listId } = artifact; const artifactAssignment = isArtifactGlobal(artifact) ? 'Global' : 'Per-Policy'; - log.info( + this.log.info( `Created [${artifactAssignment}] exception list item in space [${spaceId}], List ID [${listId}], Item ID [${itemId}]` ); @@ -111,7 +122,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid item_id: itemId, namespace_type: nameSpaceType, }: Pick, - { supertest = supertestSv, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} + { supertest = this.supertest, spaceId = DEFAULT_SPACE_ID }: ArtifactCreateOptions = {} ): Promise { const deleteResponse = await supertest .delete( @@ -125,7 +136,9 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid .send() .then(this.getHttpResponseFailureHandler([404])); - log.info(`Deleted exception list item [${listId}]: ${itemId} (${deleteResponse.status})`); + this.log.info( + `Deleted exception list item [${listId}]: ${itemId} (${deleteResponse.status})` + ); } async createEndpointException( @@ -142,7 +155,8 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid }, options ); - const endpointException = exceptionsGenerator.generateEndpointExceptionForCreate(overrides); + const endpointException = + this.exceptionsGenerator.generateEndpointExceptionForCreate(overrides); return this.createExceptionItem(endpointException, options); } @@ -152,7 +166,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(TRUSTED_APPS_EXCEPTION_LIST_DEFINITION, options); - const trustedApp = exceptionsGenerator.generateTrustedAppForCreate(overrides); + const trustedApp = this.exceptionsGenerator.generateTrustedAppForCreate(overrides); return this.createExceptionItem(trustedApp, options); } @@ -162,7 +176,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(EVENT_FILTER_LIST_DEFINITION, options); - const eventFilter = exceptionsGenerator.generateEventFilterForCreate(overrides); + const eventFilter = this.exceptionsGenerator.generateEventFilterForCreate(overrides); return this.createExceptionItem(eventFilter, options); } @@ -172,7 +186,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(HOST_ISOLATION_EXCEPTIONS_LIST_DEFINITION, options); - const artifact = exceptionsGenerator.generateHostIsolationExceptionForCreate(overrides); + const artifact = this.exceptionsGenerator.generateHostIsolationExceptionForCreate(overrides); return this.createExceptionItem(artifact, options); } @@ -182,7 +196,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid options?: ArtifactCreateOptions ): Promise { await this.ensureListExists(BLOCKLISTS_LIST_DEFINITION, options); - const blocklist = exceptionsGenerator.generateBlocklistForCreate(overrides); + const blocklist = this.exceptionsGenerator.generateBlocklistForCreate(overrides); return this.createExceptionItem(blocklist, options); } @@ -220,7 +234,7 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid > { const { hits: { hits: manifestResults }, - } = await esClient.search({ + } = await this.esClient.search({ index: '.kibana*', query: { bool: { filter: [{ term: { type: ManifestConstants.UNIFIED_SAVED_OBJECT_TYPE } }] }, From c2c968022afa5f7a8e066cb82a6e5c4e22062c84 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 00:45:20 +0200 Subject: [PATCH 27/42] convert services --- .../services/detections.ts | 285 +++++++------- .../services/index.ts | 8 +- .../services/timeline.ts | 370 +++++++++--------- 3 files changed, 347 insertions(+), 316 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts index ba8414471b484..926b65703f498 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts @@ -19,140 +19,157 @@ import { indexEndpointRuleAlerts, } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_rule_alerts'; import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; -import { FtrService } from '../configs/ftr_provider_context'; - -export class DetectionsTestService extends FtrService { - private readonly supertest = this.ctx.getService('supertest'); - private readonly log = this.ctx.getService('log'); - private readonly retry = this.ctx.getService('retry'); - private readonly config = this.ctx.getService('config'); - private readonly esClient = this.ctx.getService('es'); - private readonly defaultTimeout = this.config.get('timeouts.waitFor'); - - /** - * Returns an error handler for `supertest` request that will dump out more useful information - * when things fail. - * - * @param ignoredStatusCodes - * @internal - * - * @example - * - * await this.supertest - * .post('/some/api') - * .set('kbn-xsrf', 'true') - * .send(somePayLoad) - * .then(this.getHttpResponseFailureHandler([409])); - */ - private getHttpResponseFailureHandler( - ignoredStatusCodes: number[] = [] - ): (res: Response) => Promise { - return async (res) => { - if (!res.ok && !ignoredStatusCodes.includes(res.status)) { - throw new EndpointError(JSON.stringify(res.error, null, 2)); - } - - return res; - }; - } - - /** - * Fetches the endpoint security rule using the pre-packaged `rule_id` - */ - async fetchEndpointSecurityRule(): Promise { - return this.supertest - .get(DETECTION_ENGINE_RULES_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .query({ rule_id: ELASTIC_SECURITY_RULE_ID }) - .send() - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body as Rule); - } - - /** - * Disables and then re-enables the Endpoint Security Rule. Use this to speed up triggering - * the rule to run, since it is immediately ran when it is enabled. - */ - async stopStartEndpointRule(): Promise { - const endpointSecurityRule = await this.fetchEndpointSecurityRule(); - - // First disable/stop it - this.log.info(`Disabling Endpoint Security Rule (id: ${endpointSecurityRule.id})`); - - await this.supertest - .post(DETECTION_ENGINE_RULES_BULK_ACTION) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send({ - action: 'disable', - ids: [endpointSecurityRule.id], - }) - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body as Rule); - - // Now enable/start it - this.log.info(`Re-Enabling Endpoint Security Rule (id: ${endpointSecurityRule.id})`); - - await this.supertest - .post(DETECTION_ENGINE_RULES_BULK_ACTION) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send({ - action: 'enable', - ids: [endpointSecurityRule.id], - }) - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body as Rule); - } - - /** - * Waits for alerts to have been loaded by continuously calling the alerts api until data shows up - * @param query - * @param timeoutMs - */ - async waitForAlerts(query: object = { match_all: {} }, timeoutMs?: number): Promise { - await this.retry.waitForWithTimeout( - 'Checking alerts index for data', - timeoutMs ?? this.defaultTimeout, - async (): Promise => { - const res = await this.supertest - .post(DETECTION_ENGINE_QUERY_SIGNALS_URL) - .set('kbn-xsrf', 'true') - .send({ - query, - size: 1, - }) - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body as estypes.SearchResponse); - - const hitsTotal = (res.hits.total as estypes.SearchTotalHits)?.value; - const response = Boolean(hitsTotal ?? 0); - - if (response) { - this.log.info(`Found ${hitsTotal} alerts for query: ${JSON.stringify(query)}`); +import { FtrProviderContext } from '../configs/ftr_provider_context'; + +export function DetectionsTestServiceProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + const log = getService('log'); + const retry = getService('retry'); + const config = getService('config'); + const esClient = getService('es'); + + return new (class DetectionsTestService { + private readonly supertest: ReturnType; + private readonly log: ReturnType; + private readonly retry: ReturnType; + private readonly config: ReturnType; + private readonly esClient: ReturnType; + private readonly defaultTimeout: number; + + constructor() { + this.supertest = supertest; + this.log = log; + this.retry = retry; + this.config = config; + this.esClient = esClient; + this.defaultTimeout = config.get('timeouts.waitFor'); + } + + /** + * Returns an error handler for `supertest` request that will dump out more useful information + * when things fail. + * + * @param ignoredStatusCodes + * @internal + * + * @example + * + * await this.supertest + * .post('/some/api') + * .set('kbn-xsrf', 'true') + * .send(somePayLoad) + * .then(this.getHttpResponseFailureHandler([409])); + */ + getHttpResponseFailureHandler( + ignoredStatusCodes: number[] = [] + ): (res: Response) => Promise { + return async (res) => { + if (!res.ok && !ignoredStatusCodes.includes(res.status)) { + throw new EndpointError(JSON.stringify(res.error, null, 2)); + } + + return res; + }; + } + + /** + * Fetches the endpoint security rule using the pre-packaged `rule_id` + */ + async fetchEndpointSecurityRule(): Promise { + return this.supertest + .get(DETECTION_ENGINE_RULES_URL) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .query({ rule_id: ELASTIC_SECURITY_RULE_ID }) + .send() + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body as Rule); + } + + /** + * Disables and then re-enables the Endpoint Security Rule. Use this to speed up triggering + * the rule to run, since it is immediately ran when it is enabled. + */ + async stopStartEndpointRule(): Promise { + const endpointSecurityRule = await this.fetchEndpointSecurityRule(); + + // First disable/stop it + this.log.info(`Disabling Endpoint Security Rule (id: ${endpointSecurityRule.id})`); + + await this.supertest + .post(DETECTION_ENGINE_RULES_BULK_ACTION) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .send({ + action: 'disable', + ids: [endpointSecurityRule.id], + }) + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body as Rule); + + // Now enable/start it + this.log.info(`Re-Enabling Endpoint Security Rule (id: ${endpointSecurityRule.id})`); + + await this.supertest + .post(DETECTION_ENGINE_RULES_BULK_ACTION) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .send({ + action: 'enable', + ids: [endpointSecurityRule.id], + }) + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body as Rule); + } + + /** + * Waits for alerts to have been loaded by continuously calling the alerts api until data shows up + * @param query + * @param timeoutMs + */ + async waitForAlerts(query: object = { match_all: {} }, timeoutMs?: number): Promise { + await this.retry.waitForWithTimeout( + 'Checking alerts index for data', + timeoutMs ?? this.defaultTimeout, + async (): Promise => { + const res = await this.supertest + .post(DETECTION_ENGINE_QUERY_SIGNALS_URL) + .set('kbn-xsrf', 'true') + .send({ + query, + size: 1, + }) + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body as estypes.SearchResponse); + + const hitsTotal = (res.hits.total as estypes.SearchTotalHits)?.value; + const response = Boolean(hitsTotal ?? 0); + + if (response) { + this.log.info(`Found ${hitsTotal} alerts for query: ${JSON.stringify(query)}`); + } + + return response; } + ); + } - return response; - } - ); - } - - /** - * Loads alerts for Endpoint directly into the internal index that the Endpoint Rule - * would have written them to for a given endpoint - * @param endpointAgentId - * @param count - */ - async loadEndpointRuleAlerts( - endpointAgentId: string, - count: number = 2 - ): Promise { - return indexEndpointRuleAlerts({ - esClient: this.esClient, - endpointAgentId, - count, - log: this.log, - }); - } + /** + * Loads alerts for Endpoint directly into the internal index that the Endpoint Rule + * would have written them to for a given endpoint + * @param endpointAgentId + * @param count + */ + async loadEndpointRuleAlerts( + endpointAgentId: string, + count: number = 2 + ): Promise { + return indexEndpointRuleAlerts({ + esClient: this.esClient, + endpointAgentId, + count, + log: this.log, + }); + } + })(); } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts index a0d062f5163b9..d6d4dc19fbb5b 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/index.ts @@ -11,8 +11,8 @@ import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integ import { services as platformServices } from '@kbn/test-suites-xpack-platform/functional/services'; import { EndpointTelemetryTestResourcesProvider } from './endpoint_telemetry'; import { EndpointTestResourcesProvider } from './endpoint'; -import { TimelineTestService } from './timeline'; -import { DetectionsTestService } from './detections'; +import { TimelineTestServiceProvider } from './timeline'; +import { DetectionsTestServiceProvider } from './detections'; import { EndpointPolicyTestResourcesProvider } from './endpoint_policy'; import { EndpointArtifactsTestResourcesProvider } from './endpoint_artifacts'; import { @@ -28,8 +28,8 @@ export const services = { endpointTestResources: EndpointTestResourcesProvider, telemetryTestResources: EndpointTelemetryTestResourcesProvider, ingestManager: IngestManagerProvider, - timeline: TimelineTestService, - detections: DetectionsTestService, + timeline: TimelineTestServiceProvider, + detections: DetectionsTestServiceProvider, endpointArtifactTestResources: EndpointArtifactsTestResourcesProvider, policyTestResources: EndpointPolicyTestResourcesProvider, endpointDataStreamHelpers: SecuritySolutionEndpointDataStreamHelpers, diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts index 7c4cebaea3a31..4ed4b9bef2720 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts @@ -15,188 +15,202 @@ import { } from '@kbn/security-solution-plugin/common/api/timeline'; import moment from 'moment'; import { fromKueryExpression, toElasticsearchQuery } from '@kbn/es-query'; -import { FtrService } from '../configs/ftr_provider_context'; - -export class TimelineTestService extends FtrService { - private readonly supertest = this.ctx.getService('supertest'); - private readonly log = this.ctx.getService('log'); - - /** - * Returns an error handler for `supertest` request that will dump out more useful information - * when things fail. - * - * @param ignoredStatusCodes - * @internal - * - * @example - * - * await this.supertest - * .post('/some/api') - * .set('kbn-xsrf', 'true') - * .send(somePayLoad) - * .then(this.getHttpResponseFailureHandler([409])); - */ - private getHttpResponseFailureHandler( - ignoredStatusCodes: number[] = [] - ): (res: Response) => Promise { - return async (res) => { - if (!res.ok && !ignoredStatusCodes.includes(res.status)) { - throw new EndpointError(JSON.stringify(res.error, null, 2)); - } - - return res; - }; - } - - /** - * Creates a new timeline. - * - * Note: Although the timeline is created, when displayed on the UI, no events are retrieved - * for display (not sure why). TO get around this, just select a date range from the user date - * picker and that seems to trigger the events to be fetched. - */ - async createTimeline(title: string): Promise { - // Create a new timeline draft - const createdTimeline = await this.supertest - .post(TIMELINE_DRAFT_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send({ timelineType: 'default' }) - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body as GetDraftTimelinesResponse); - - this.log.info('Draft timeline:'); - this.log.indent(4, () => { - this.log.info(JSON.stringify(createdTimeline)); - }); - - const { savedObjectId: timelineId, version } = createdTimeline; - - const timelineUpdate: SavedTimeline = { - title, - // Set date range to the last 1 year - dateRange: { - start: moment().subtract(1, 'year').toISOString(), - end: moment().toISOString(), - // Not sure why `start`/`end` are defined as numbers in the type, but looking at the - // UI's use of it, I can see they are being set to strings, so I'm forcing a cast here - } as unknown as SavedTimeline['dateRange'], - - // Not sure why, but the following fields are not in the created timeline, which causes - // the timeline to not be able to pull in the event for display - indexNames: [], - eqlOptions: { - tiebreakerField: '', - size: 100, - query: '', - eventCategoryField: 'event.category', - timestampField: '@timestamp', - }, - savedSearchId: null, - }; - - // Update the timeline - const updatedTimelineResponse = await this.updateTimeline(timelineId, timelineUpdate, version); - - this.log.info('Created timeline:'); - this.log.indent(4, () => { - this.log.info(JSON.stringify(updatedTimelineResponse)); - }); - - return updatedTimelineResponse; - } - - async updateTimeline( - timelineId: string, - updates: SavedTimeline, - version: string - ): Promise { - return await this.supertest - .patch(TIMELINE_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send({ +import { FtrProviderContext } from '../configs/ftr_provider_context'; + +export function TimelineTestServiceProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + const log = getService('log'); + + return new (class TimelineTestService { + private readonly supertest: ReturnType; + private readonly log: ReturnType; + + constructor() { + this.supertest = supertest; + this.log = log; + } + + /** + * Returns an error handler for `supertest` request that will dump out more useful information + * when things fail. + * + * @param ignoredStatusCodes + * @internal + * + * @example + * + * await this.supertest + * .post('/some/api') + * .set('kbn-xsrf', 'true') + * .send(somePayLoad) + * .then(this.getHttpResponseFailureHandler([409])); + */ + getHttpResponseFailureHandler( + ignoredStatusCodes: number[] = [] + ): (res: Response) => Promise { + return async (res) => { + if (!res.ok && !ignoredStatusCodes.includes(res.status)) { + throw new EndpointError(JSON.stringify(res.error, null, 2)); + } + + return res; + }; + } + + /** + * Creates a new timeline. + * + * Note: Although the timeline is created, when displayed on the UI, no events are retrieved + * for display (not sure why). TO get around this, just select a date range from the user date + * picker and that seems to trigger the events to be fetched. + */ + async createTimeline(title: string): Promise { + // Create a new timeline draft + const createdTimeline = await this.supertest + .post(TIMELINE_DRAFT_URL) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .send({ timelineType: 'default' }) + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body as GetDraftTimelinesResponse); + + this.log.info('Draft timeline:'); + this.log.indent(4, () => { + this.log.info(JSON.stringify(createdTimeline)); + }); + + const { savedObjectId: timelineId, version } = createdTimeline; + + const timelineUpdate: SavedTimeline = { + title, + // Set date range to the last 1 year + dateRange: { + start: moment().subtract(1, 'year').toISOString(), + end: moment().toISOString(), + // Not sure why `start`/`end` are defined as numbers in the type, but looking at the + // UI's use of it, I can see they are being set to strings, so I'm forcing a cast here + } as unknown as SavedTimeline['dateRange'], + + // Not sure why, but the following fields are not in the created timeline, which causes + // the timeline to not be able to pull in the event for display + indexNames: [], + eqlOptions: { + tiebreakerField: '', + size: 100, + query: '', + eventCategoryField: 'event.category', + timestampField: '@timestamp', + }, + savedSearchId: null, + }; + + // Update the timeline + const updatedTimelineResponse = await this.updateTimeline( timelineId, - version, - timeline: updates, - }) - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body as PatchTimelineResponse); - } - - /** Deletes a timeline using it timeline id */ - async deleteTimeline(id: string | string[]) { - await this.supertest - .delete(TIMELINE_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send({ - savedObjectIds: Array.isArray(id) ? id : [id], - }) - .then(this.getHttpResponseFailureHandler()) - .then((response) => response.body); - } - - /** - * Get the KQL query that will filter the content of a timeline to display Endpoint alerts - * @param endpointAgentId - */ - getEndpointAlertsKqlQuery(endpointAgentId?: string): { - expression: string; - esQuery: ReturnType; - } { - const expression = [ - 'agent.type: "endpoint"', - 'kibana.alert.rule.uuid : *', - ...(endpointAgentId ? [`agent.id: "${endpointAgentId}"`] : []), - ].join(' AND '); - - const esQuery = toElasticsearchQuery(fromKueryExpression(expression)); - - return { - expression, - esQuery, - }; - } - - /** - * Crates a new Timeline and sets its `kqlQuery` so that Endpoint Alerts are displayed. - * Can be limited to an endpoint by providing its `agent.id` - * - * @param title - * @param endpointAgentId - */ - async createTimelineForEndpointAlerts( - title: string, - { - endpointAgentId, - }: Partial<{ - /** If defined, then only alerts from the specific `agent.id` will be displayed */ - endpointAgentId: string; - }> - ): Promise { - const newTimeline = await this.createTimeline(title); - - const { expression, esQuery } = this.getEndpointAlertsKqlQuery(endpointAgentId); - - const updatedTimeline = await this.updateTimeline( - newTimeline.savedObjectId, + timelineUpdate, + version + ); + + this.log.info('Created timeline:'); + this.log.indent(4, () => { + this.log.info(JSON.stringify(updatedTimelineResponse)); + }); + + return updatedTimelineResponse; + } + + async updateTimeline( + timelineId: string, + updates: SavedTimeline, + version: string + ): Promise { + return await this.supertest + .patch(TIMELINE_URL) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .send({ + timelineId, + version, + timeline: updates, + }) + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body as PatchTimelineResponse); + } + + /** Deletes a timeline using it timeline id */ + async deleteTimeline(id: string | string[]) { + await this.supertest + .delete(TIMELINE_URL) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .send({ + savedObjectIds: Array.isArray(id) ? id : [id], + }) + .then(this.getHttpResponseFailureHandler()) + .then((response) => response.body); + } + + /** + * Get the KQL query that will filter the content of a timeline to display Endpoint alerts + * @param endpointAgentId + */ + getEndpointAlertsKqlQuery(endpointAgentId?: string): { + expression: string; + esQuery: ReturnType; + } { + const expression = [ + 'agent.type: "endpoint"', + 'kibana.alert.rule.uuid : *', + ...(endpointAgentId ? [`agent.id: "${endpointAgentId}"`] : []), + ].join(' AND '); + + const esQuery = toElasticsearchQuery(fromKueryExpression(expression)); + + return { + expression, + esQuery, + }; + } + + /** + * Crates a new Timeline and sets its `kqlQuery` so that Endpoint Alerts are displayed. + * Can be limited to an endpoint by providing its `agent.id` + * + * @param title + * @param endpointAgentId + */ + async createTimelineForEndpointAlerts( + title: string, { - title, - kqlQuery: { - filterQuery: { - kuery: { - kind: 'kuery', - expression, + endpointAgentId, + }: Partial<{ + /** If defined, then only alerts from the specific `agent.id` will be displayed */ + endpointAgentId: string; + }> + ): Promise { + const newTimeline = await this.createTimeline(title); + + const { expression, esQuery } = this.getEndpointAlertsKqlQuery(endpointAgentId); + + const updatedTimeline = await this.updateTimeline( + newTimeline.savedObjectId, + { + title, + kqlQuery: { + filterQuery: { + kuery: { + kind: 'kuery', + expression, + }, + serializedQuery: JSON.stringify(esQuery), }, - serializedQuery: JSON.stringify(esQuery), }, + savedSearchId: null, }, - savedSearchId: null, - }, - newTimeline.version - ); + newTimeline.version + ); - return updatedTimeline; - } + return updatedTimeline; + } + })(); } From 6b76df79cd5eb8e9e91189b4f07c9e6eba86ec24 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 00:53:37 +0200 Subject: [PATCH 28/42] delete copied services --- x-pack/test/api_integration/services/index.ts | 8 - .../services/security_solution_api.gen.ts | 2451 ----------------- ...ty_solution_endpoint_exceptions_api.gen.ts | 116 - .../security_solution_exceptions_api.gen.ts | 299 -- .../security_solution_lists_api.gen.ts | 295 -- .../security_solution_osquery_api.gen.ts | 391 --- .../services/deployment_agnostic_services.ts | 4 - .../shared/services/search_secure.ts | 111 - 8 files changed, 3675 deletions(-) delete mode 100644 x-pack/test/api_integration/services/security_solution_api.gen.ts delete mode 100644 x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts delete mode 100644 x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts delete mode 100644 x-pack/test/api_integration/services/security_solution_lists_api.gen.ts delete mode 100644 x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts delete mode 100644 x-pack/test_serverless/shared/services/search_secure.ts diff --git a/x-pack/test/api_integration/services/index.ts b/x-pack/test/api_integration/services/index.ts index 6309814201bf5..7f5f4921b5365 100644 --- a/x-pack/test/api_integration/services/index.ts +++ b/x-pack/test/api_integration/services/index.ts @@ -11,20 +11,12 @@ import { IngestManagerProvider } from '@kbn/test-suites-xpack-platform/api_integ import { UsageAPIProvider } from '@kbn/test-suites-xpack-platform/api_integration/services/usage_api'; import { services as commonServices } from '../../common/services'; -// @ts-ignore not ts yet -import { EsSupertestWithoutAuthProvider } from './es_supertest_without_auth'; -import { SecuritySolutionApiProvider } from './security_solution_api.gen'; -import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from './security_solution_exceptions_api.gen'; - export const services = { ...commonServices, - esSupertest: kibanaApiIntegrationServices.esSupertest, supertest: kibanaApiIntegrationServices.supertest, esSupertestWithoutAuth: EsSupertestWithoutAuthProvider, usageAPI: UsageAPIProvider, ml: MachineLearningProvider, ingestManager: IngestManagerProvider, - securitySolutionApi: SecuritySolutionApiProvider, - securitySolutionExceptionsApi: SecuritySolutionExceptionsApiProvider, }; diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts deleted file mode 100644 index b26d1f0c25a63..0000000000000 --- a/x-pack/test/api_integration/services/security_solution_api.gen.ts +++ /dev/null @@ -1,2451 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: API client for tests - * version: Bundle (no version) - */ - -import { - ELASTIC_HTTP_VERSION_HEADER, - X_ELASTIC_INTERNAL_ORIGIN_REQUEST, -} from '@kbn/core-http-common'; -import { replaceParams } from '@kbn/openapi-common/shared'; -import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; - -import { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; -import { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; -import { CleanDraftTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; -import { ConfigureRiskEngineSavedObjectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; -import { CopyTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/copy_timeline/copy_timeline_route.gen'; -import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; -import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; -import { CreateDashboardMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; -import { - CreateDashboardMigrationDashboardsRequestParamsInput, - CreateDashboardMigrationDashboardsRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; -import { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import { CreatePrivilegesImportIndexRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/create_index.gen'; -import { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/create.gen'; -import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; -import { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - CreateRuleMigrationRulesRequestParamsInput, - CreateRuleMigrationRulesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen'; -import { - CreateUpdateProtectionUpdatesNoteRequestParamsInput, - CreateUpdateProtectionUpdatesNoteRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; -import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; -import { - DeleteEntityEngineRequestQueryInput, - DeleteEntityEngineRequestParamsInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; -import { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; -import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; -import { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/delete.gen'; -import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; -import { DeleteRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; -import { DeprecatedTriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; -import { EndpointExecuteActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/execute/execute.gen'; -import { EndpointFileDownloadRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_download/file_download.gen'; -import { EndpointFileInfoRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_info/file_info.gen'; -import { EndpointGetActionsDetailsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/details/details.gen'; -import { EndpointGetActionsListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/list/list.gen'; -import { EndpointGetActionsStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/status/status.gen'; -import { EndpointGetFileActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; -import { EndpointGetProcessesActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; -import { EndpointIsolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; -import { EndpointKillProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; -import { EndpointScanActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/scan/scan.gen'; -import { EndpointSuspendProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; -import { EndpointUnisolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; -import { - ExportRulesRequestQueryInput, - ExportRulesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; -import { - ExportTimelinesRequestQueryInput, - ExportTimelinesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/timeline/export_timelines/export_timelines_route.gen'; -import { FinalizeAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; -import { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; -import { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; -import { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; -import { GetDashboardMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; -import { GetDashboardMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; -import { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; -import { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; -import { - GetEndpointSuggestionsRequestParamsInput, - GetEndpointSuggestionsRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; -import { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; -import { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; -import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; -import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; -import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; -import { - GetRuleExecutionEventsRequestQueryInput, - GetRuleExecutionEventsRequestParamsInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; -import { - GetRuleExecutionResultsRequestQueryInput, - GetRuleExecutionResultsRequestParamsInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; -import { GetRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationPrebuiltRulesRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationResourcesRequestQueryInput, - GetRuleMigrationResourcesRequestParamsInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - GetRuleMigrationRulesRequestQueryInput, - GetRuleMigrationRulesRequestParamsInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetRuleMigrationTranslationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { GetTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timeline/get_timeline_route.gen'; -import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timelines/get_timelines_route.gen'; -import { GetWorkflowInsightsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; -import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; -import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen'; -import { - InitEntityEngineRequestParamsInput, - InitEntityEngineRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/init.gen'; -import { InitEntityStoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/enable.gen'; -import { - InstallMigrationRulesRequestParamsInput, - InstallMigrationRulesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; -import { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; -import { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; -import { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; -import { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; -import { - PerformRulesBulkActionRequestQueryInput, - PerformRulesBulkActionRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; -import { PersistFavoriteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_favorite/persist_favorite_route.gen'; -import { PersistNoteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_note/persist_note_route.gen'; -import { PersistPinnedEventRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/pinned_events/pinned_events_route.gen'; -import { PreviewRiskScoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/preview_route.gen'; -import { ReadAlertsMigrationStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; -import { ReadRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; -import { ResolveTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; -import { - RulePreviewRequestQueryInput, - RulePreviewRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_preview/rule_preview.gen'; -import { RunScriptActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; -import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; -import { SearchPrivilegesIndicesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/search_indices.gen'; -import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; -import { SetAlertsStatusRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; -import { SetAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; -import { StartEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen'; -import { - StartRuleMigrationRequestParamsInput, - StartRuleMigrationRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { StopEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen'; -import { StopRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { SuggestUserProfilesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/users/suggest_user_profiles_route.gen'; -import { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; -import { - UpdateEntitySourceRequestParamsInput, - UpdateEntitySourceRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import { - UpdatePrivMonUserRequestParamsInput, - UpdatePrivMonUserRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/update.gen'; -import { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; -import { - UpdateRuleMigrationRequestParamsInput, - UpdateRuleMigrationRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - UpdateRuleMigrationIndexPatternRequestParamsInput, - UpdateRuleMigrationIndexPatternRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - UpdateRuleMigrationRulesRequestParamsInput, - UpdateRuleMigrationRulesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { - UpdateWorkflowInsightRequestParamsInput, - UpdateWorkflowInsightRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; -import { - UpsertRuleMigrationResourcesRequestParamsInput, - UpsertRuleMigrationResourcesRequestBodyInput, -} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; -import { FtrProviderContext } from '../ftr_provider_context'; - -export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); - - return { - /** - * Migrations favor data integrity over shard size. Consequently, unused or orphaned indices are artifacts of -the migration process. A successful migration will result in both the old and new indices being present. -As such, the old, orphaned index can (and likely should) be deleted. - -While you can delete these indices manually, -the endpoint accomplishes this task by applying a deletion policy to the relevant index, causing it to be deleted -after 30 days. It also deletes other artifacts specific to the migration implementation. - - */ - alertsMigrationCleanup(props: AlertsMigrationCleanupProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - applyEntityEngineDataviewIndices(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/entity_store/engines/apply_dataview_indices', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - assetCriticalityGetPrivileges(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/asset_criticality/privileges', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Ensures that the packages needed for prebuilt detection rules to work are installed and up to date - */ - bootstrapPrebuiltRules(kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace('/internal/detection_engine/prebuilt_rules/_bootstrap', kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Bulk upsert up to 1000 asset criticality records. - -If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created. - - */ - bulkUpsertAssetCriticalityRecords( - props: BulkUpsertAssetCriticalityRecordsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/asset_criticality/bulk', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create a clean draft Timeline or Timeline template for the current user. -> info -> If the user already has a draft Timeline, the existing draft Timeline is cleared and returned. - - */ - cleanDraftTimelines(props: CleanDraftTimelinesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Cleaning up the the Risk Engine by removing the indices, mapping and transforms - */ - cleanUpRiskEngine(kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/risk_score/engine/dangerously_delete_data', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Configuring the Risk Engine Saved Object - */ - configureRiskEngineSavedObject( - props: ConfigureRiskEngineSavedObjectProps, - kibanaSpace: string = 'default' - ) { - return supertest - .patch(getRouteUrlForSpace('/api/risk_score/engine/saved_object/configure', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Copies and returns a timeline or timeline template. - - */ - copyTimeline(props: CopyTimelineProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/timeline/_copy', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - createAlertsIndex(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Initiate a migration of detection alerts. -Migrations are initiated per index. While the process is neither destructive nor interferes with existing data, it may be resource-intensive. As such, it is recommended that you plan your migrations accordingly. - - */ - createAlertsMigration(props: CreateAlertsMigrationProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create or update an asset criticality record for a specific entity. - -If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created. - - */ - createAssetCriticalityRecord( - props: CreateAssetCriticalityRecordProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Creates a new dashboard migration and returns the corresponding migration_id - */ - createDashboardMigration( - props: CreateDashboardMigrationProps, - kibanaSpace: string = 'default' - ) { - return supertest - .put(getRouteUrlForSpace('/internal/siem_migrations/dashboards', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Adds dashboards to an alreayd existing dashboard migration - */ - createDashboardMigrationDashboards( - props: CreateDashboardMigrationDashboardsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post( - getRouteUrlForSpace( - replaceParams( - '/internal/siem_migrations/dashboards/{migration_id}/dashboards', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - createEntitySource(props: CreateEntitySourceProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - createPrivilegesImportIndex( - props: CreatePrivilegesImportIndexProps, - kibanaSpace: string = 'default' - ) { - return supertest - .put( - getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - createPrivMonUser(props: CreatePrivMonUserProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create a new detection rule. -> warn -> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. - -> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. - -You can create the following types of rules: - -* **Custom query**: Searches the defined indices and creates an alert when a document matches the rule's KQL query. -* **Event correlation**: Searches the defined indices and creates an alert when results match an [Event Query Language (EQL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/eql.html) query. -* **Threshold**: Searches the defined indices and creates an alert when the number of times the specified field's value meets the threshold during a single execution. When there are multiple values that meet the threshold, an alert is generated for each value. - For example, if the threshold `field` is `source.ip` and its `value` is `10`, an alert is generated for every source IP address that appears in at least 10 of the rule's search results. If you're interested, see [Terms Aggregation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket-terms-aggregation.html) for more information. -* **Indicator match**: Creates an alert when fields match values defined in the specified [Elasticsearch index](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html). For example, you can create an index for IP addresses and use this index to create an alert whenever an event's `destination.ip` equals a value in the index. The index's field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/current/ecs-reference.html). -* **New terms**: Generates an alert for each new term detected in source documents within a specified time range. -* **ES|QL**: Uses [Elasticsearch Query Language (ES|QL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/esql.html) to find events and aggregate search results. -* **Machine learning rules**: Creates an alert when a machine learning job discovers an anomaly above the defined threshold. -> info -> To create machine learning rules, you must have the [appropriate license](https://www.elastic.co/subscriptions) or use a [cloud deployment](https://cloud.elastic.co/registration). Additionally, for the machine learning rule to function correctly, the associated machine learning job must be running. - -To retrieve machine learning job IDs, which are required to create machine learning jobs, call the [Elasticsearch Get jobs API](https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-job.html). Machine learning jobs that contain `siem` in the `groups` field can be used to create rules: - -```json -... -"job_id": "linux_anomalous_network_activity_ecs", -"job_type": "anomaly_detector", -"job_version": "7.7.0", -"groups": [ - "auditbeat", - "process", - "siem" -], -... -``` - -Additionally, you can set up notifications for when rules create alerts. The notifications use the [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html). Each action type requires a connector. Connectors store the information required to send notifications via external systems. The following connector types are supported for rule notifications: - -* Slack -* Email -* PagerDuty -* Webhook -* Microsoft Teams -* IBM Resilient -* Jira -* ServiceNow ITSM -> info -> For more information on PagerDuty fields, see [Send a v2 Event](https://developer.pagerduty.com/docs/events-api-v2/trigger-events/). - -To retrieve connector IDs, which are required to configure rule notifications, call the [Find objects API](https://www.elastic.co/guide/en/kibana/current/saved-objects-api-find.html) with `"type": "action"` in the request payload. - -For detailed information on Kibana actions and alerting, and additional API calls, see: - -* [Alerting API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-alerting) -* [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html) -* [Connectors API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-connectors) - - */ - createRule(props: CreateRuleProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Creates a new rule migration and returns the corresponding migration_id - */ - createRuleMigration(props: CreateRuleMigrationProps, kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/internal/siem_migrations/rules', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Adds original vendor rules to an already existing migration. Can be called multiple times to add more rules - */ - createRuleMigrationRules( - props: CreateRuleMigrationRulesProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create a new Timeline or Timeline template. - */ - createTimelines(props: CreateTimelinesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/timeline', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - createUpdateProtectionUpdatesNote( - props: CreateUpdateProtectionUpdatesNoteProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post( - getRouteUrlForSpace( - replaceParams( - '/api/endpoint/protection_updates_note/{package_policy_id}', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - deleteAlertsIndex(kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Delete the asset criticality record for a specific entity. - */ - deleteAssetCriticalityRecord( - props: DeleteAssetCriticalityRecordProps, - kibanaSpace: string = 'default' - ) { - return supertest - .delete(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - deleteEntityEngine(props: DeleteEntityEngineProps, kibanaSpace: string = 'default') { - return supertest - .delete( - getRouteUrlForSpace( - replaceParams('/api/entity_store/engines/{entityType}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - deleteEntitySource(props: DeleteEntitySourceProps, kibanaSpace: string = 'default') { - return supertest - .delete( - getRouteUrlForSpace( - replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - deleteMonitoringEngine(props: DeleteMonitoringEngineProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/delete', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Delete a note from a Timeline using the note ID. - */ - deleteNote(props: DeleteNoteProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/note', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - deletePrivMonUser(props: DeletePrivMonUserProps, kibanaSpace: string = 'default') { - return supertest - .delete( - getRouteUrlForSpace( - replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Delete a detection rule using the `rule_id` or `id` field. - -The URL query must include one of the following: - -* `id` - `DELETE /api/detection_engine/rules?id=` -* `rule_id`- `DELETE /api/detection_engine/rules?rule_id=` - -The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. - - */ - deleteRule(props: DeleteRuleProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Deletes a rule migration document stored in the system given the rule migration id - */ - deleteRuleMigration(props: DeleteRuleMigrationProps, kibanaSpace: string = 'default') { - return supertest - .delete( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Delete one or more Timelines or Timeline templates. - */ - deleteTimelines(props: DeleteTimelinesProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/timeline', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Calculates and persists Risk Scores for an entity, returning the calculated risk score. - */ - deprecatedTriggerRiskScoreCalculation( - props: DeprecatedTriggerRiskScoreCalculationProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/risk_scores/calculation/entity', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - disableMonitoringEngine(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/disable', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - disableRiskEngine(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/risk_score/engine/disable', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - enableRiskEngine(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/risk_score/engine/enable', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Run a shell command on an endpoint. - */ - endpointExecuteAction(props: EndpointExecuteActionProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/execute', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Download a file from an endpoint. - */ - endpointFileDownload(props: EndpointFileDownloadProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/endpoint/action/{action_id}/file/{file_id}/download', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get information for the specified file using the file ID. - */ - endpointFileInfo(props: EndpointFileInfoProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/endpoint/action/{action_id}/file/{file_id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the details of a response action using the action ID. - */ - endpointGetActionsDetails( - props: EndpointGetActionsDetailsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/endpoint/action/{action_id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get a list of all response actions. - */ - endpointGetActionsList(props: EndpointGetActionsListProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/endpoint/action', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a response actions state, which reports whether encryption is enabled. - */ - endpointGetActionsState(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/endpoint/action/state', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the status of response actions for the specified agent IDs. - */ - endpointGetActionsStatus( - props: EndpointGetActionsStatusProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get(getRouteUrlForSpace('/api/endpoint/action_status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a file from an endpoint. - */ - endpointGetFileAction(props: EndpointGetFileActionProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/get_file', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Get a list of all processes running on an endpoint. - */ - endpointGetProcessesAction( - props: EndpointGetProcessesActionProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/running_procs', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Isolate an endpoint from the network. The endpoint remains isolated until it's released. - */ - endpointIsolateAction(props: EndpointIsolateActionProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/isolate', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Terminate a running process on an endpoint. - */ - endpointKillProcessAction( - props: EndpointKillProcessActionProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/kill_process', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Scan a specific file or directory on an endpoint for malware. - */ - endpointScanAction(props: EndpointScanActionProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/scan', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Suspend a running process on an endpoint. - */ - endpointSuspendProcessAction( - props: EndpointSuspendProcessActionProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/suspend_process', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Release an isolated endpoint, allowing it to rejoin a network. - */ - endpointUnisolateAction(props: EndpointUnisolateActionProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/unisolate', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Upload a file to an endpoint. - */ - endpointUploadAction(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/upload', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - entityStoreGetPrivileges(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/entity_store/privileges', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Export detection rules to an `.ndjson` file. The following configuration items are also included in the `.ndjson` file: -- Actions -- Exception lists -> info -> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. - -> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. - -> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. - - */ - exportRules(props: ExportRulesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/rules/_export', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object) - .query(props.query); - }, - /** - * Export Timelines as an NDJSON file. - */ - exportTimelines(props: ExportTimelinesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/timeline/_export', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object) - .query(props.query); - }, - /** - * Finalize successful migrations of detection alerts. This replaces the original index's alias with the successfully migrated index's alias. -The endpoint is idempotent; therefore, it can safely be used to poll a given migration and, upon completion, -finalize it. - - */ - finalizeAlertsMigration(props: FinalizeAlertsMigrationProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/signals/finalize_migration', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * List asset criticality records, paging, sorting and filtering as needed. - */ - findAssetCriticalityRecords( - props: FindAssetCriticalityRecordsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get(getRouteUrlForSpace('/api/asset_criticality/list', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Retrieve a paginated list of detection rules. By default, the first page is returned, with 20 results per page. - */ - findRules(props: FindRulesProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/detection_engine/rules/_find', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Retrieves the rule migrations stats for all migrations stored in the system - */ - getAllStatsRuleMigration(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/siem_migrations/rules/stats', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the asset criticality record for a specific entity. - */ - getAssetCriticalityRecord( - props: GetAssetCriticalityRecordProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - getAssetCriticalityStatus(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/asset_criticality/status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves the dashboard migration document stored in the system given the dashboard migration id - */ - getDashboardMigration(props: GetDashboardMigrationProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/dashboards/{migration_id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves the dashboard migrations stats for given migrations stored in the system - */ - getDashboardMigrationStats( - props: GetDashboardMigrationStatsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams( - '/internal/siem_migrations/dashboards/{migration_id}/stats', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the details of the draft Timeline or Timeline template for the current user. If the user doesn't have a draft Timeline, an empty Timeline is returned. - */ - getDraftTimelines(props: GetDraftTimelinesProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - getEndpointMetadataList(props: GetEndpointMetadataListProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/endpoint/metadata', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - getEndpointSuggestions(props: GetEndpointSuggestionsProps, kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/internal/api/endpoint/suggestions/{suggestion_type}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - getEntityEngine(props: GetEntityEngineProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/entity_store/engines/{entityType}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getEntitySource(props: GetEntitySourceProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getEntityStoreStatus(props: GetEntityStoreStatusProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/entity_store/status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get all notes for a given document. - */ - getNotes(props: GetNotesProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/note', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - getPolicyResponse(props: GetPolicyResponseProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/endpoint/policy_response', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - getPrivilegedAccessDetectionPackageStatus(kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - '/api/entity_analytics/privileged_user_monitoring/pad/status', - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getProtectionUpdatesNote( - props: GetProtectionUpdatesNoteProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams( - '/api/endpoint/protection_updates_note/{package_policy_id}', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Returns the status of both the legacy transform-based risk engine, as well as the new risk engine - */ - getRiskEngineStatus(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/risk_score/engine/status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getRuleExecutionEvents(props: GetRuleExecutionEventsProps, kibanaSpace: string = 'default') { - return supertest - .put( - getRouteUrlForSpace( - replaceParams( - '/internal/detection_engine/rules/{ruleId}/execution/events', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - getRuleExecutionResults(props: GetRuleExecutionResultsProps, kibanaSpace: string = 'default') { - return supertest - .put( - getRouteUrlForSpace( - replaceParams( - '/internal/detection_engine/rules/{ruleId}/execution/results', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Retrieves the rule migration document stored in the system given the rule migration id - */ - getRuleMigration(props: GetRuleMigrationProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves all related integrations - */ - getRuleMigrationIntegrations(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves the stats of all the integrations for all the rule migrations, including the number of rules associated with the integration - */ - getRuleMigrationIntegrationsStats(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations/stats', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves all available prebuilt rules (installed and installable) - */ - getRuleMigrationPrebuiltRules( - props: GetRuleMigrationPrebuiltRulesProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams( - '/internal/siem_migrations/rules/{migration_id}/prebuilt_rules', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Identifies the privileges required for a SIEM rules migration and returns the missing privileges - */ - getRuleMigrationPrivileges(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/siem_migrations/rules/missing_privileges', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves resources for an existing SIEM rules migration - */ - getRuleMigrationResources( - props: GetRuleMigrationResourcesProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Identifies missing resources from all the rules of an existing SIEM rules migration - */ - getRuleMigrationResourcesMissing( - props: GetRuleMigrationResourcesMissingProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams( - '/internal/siem_migrations/rules/{migration_id}/resources/missing', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves the the list of rules included in a migration given the migration id - */ - getRuleMigrationRules(props: GetRuleMigrationRulesProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Retrieves the stats of a SIEM rules migration using the migration id provided - */ - getRuleMigrationStats(props: GetRuleMigrationStatsProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/stats', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves the translation stats of a SIEM rules migration using the migration id provided - */ - getRuleMigrationTranslationStats( - props: GetRuleMigrationTranslationStatsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams( - '/internal/siem_migrations/rules/{migration_id}/translation_stats', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the details of an existing saved Timeline or Timeline template. - */ - getTimeline(props: GetTimelineProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/timeline', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a list of all saved Timelines or Timeline templates. - */ - getTimelines(props: GetTimelinesProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/timelines', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - getWorkflowInsights(props: GetWorkflowInsightsProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/api/endpoint/workflow_insights', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Import detection rules from an `.ndjson` file, including actions and exception lists. The request must include: -- The `Content-Type: multipart/form-data` HTTP header. -- A link to the `.ndjson` file containing the rules. -> warn -> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. - -> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. -> info -> To import rules with actions, you need at least Read privileges for the Action and Connectors feature. To overwrite or add new connectors, you need All privileges for the Actions and Connectors feature. To import rules without actions, you don’t need Actions and Connectors privileges. Refer to [Enable and access detections](https://www.elastic.co/guide/en/security/current/detections-permissions-section.html#enable-detections-ui) for more information. - -> info -> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. - -> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. - -> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. - - */ - importRules(props: ImportRulesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/rules/_import', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Import Timelines. - */ - importTimelines(props: ImportTimelinesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/timeline/_import', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - initEntityEngine(props: InitEntityEngineProps, kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/api/entity_store/engines/{entityType}/init', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - initEntityStore(props: InitEntityStoreProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/entity_store/enable', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - initMonitoringEngine(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/init', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Initializes the Risk Engine by creating the necessary indices and mappings, removing old transforms, and starting the new risk engine - */ - initRiskEngine(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/risk_score/engine/init', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Installs migration rules - */ - installMigrationRules(props: InstallMigrationRulesProps, kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/install', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Install and update all Elastic prebuilt detection rules and Timelines. - -This endpoint allows you to install and update prebuilt detection rules and Timelines provided by Elastic. -When you call this endpoint, it will: -- Install any new prebuilt detection rules that are not currently installed in your system. -- Update any existing prebuilt detection rules that have been modified or improved by Elastic. -- Install any new prebuilt Timelines that are not currently installed in your system. -- Update any existing prebuilt Timelines that have been modified or improved by Elastic. - -This ensures that your detection engine is always up-to-date with the latest rules and Timelines, -providing you with the most current and effective threat detection capabilities. - - */ - installPrebuiltRulesAndTimelines(kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Install or update prepackaged Timelines. - */ - installPrepackedTimelines( - props: InstallPrepackedTimelinesProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/timeline/_prepackaged', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - installPrivilegedAccessDetectionPackage(kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - '/api/entity_analytics/privileged_user_monitoring/pad/install', - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - internalUploadAssetCriticalityRecords(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/asset_criticality/upload_csv', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * List entities records, paging, sorting and filtering as needed. - */ - listEntities(props: ListEntitiesProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/entity_store/entities/list', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - listEntityEngines(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/entity_store/engines', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - listEntitySources(props: ListEntitySourcesProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source/list', kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - listPrivMonUsers(props: ListPrivMonUsersProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/list', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Update specific fields of an existing detection rule using the `rule_id` or `id` field. - -The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. -> warn -> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. - -> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. - - */ - patchRule(props: PatchRuleProps, kibanaSpace: string = 'default') { - return supertest - .patch(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Update an existing Timeline. You can update the title, description, date range, pinned events, pinned queries, and/or pinned saved queries of an existing Timeline. - */ - patchTimeline(props: PatchTimelineProps, kibanaSpace: string = 'default') { - return supertest - .patch(getRouteUrlForSpace('/api/timeline', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Apply a bulk action, such as bulk edit, duplicate, or delete, to multiple detection rules. The bulk action is applied to all rules that match the query or to the rules listed by their IDs. - -The edit action allows you to add, delete, or set tags, index patterns, investigation fields, rule actions and schedules for multiple rules at once. -The edit action is idempotent, meaning that if you add a tag to a rule that already has that tag, no changes are made. The same is true for other edit actions, for example removing an index pattern that is not specified in a rule will not result in any changes. The only exception is the `add_rule_actions` and `set_rule_actions` action, which is non-idempotent. This means that if you add or set a rule action to a rule that already has that action, a new action is created with a new unique ID. -> warn -> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. - -> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. - - */ - performRulesBulkAction(props: PerformRulesBulkActionProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/rules/_bulk_action', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object) - .query(props.query); - }, - /** - * Favorite a Timeline or Timeline template for the current user. - */ - persistFavoriteRoute(props: PersistFavoriteRouteProps, kibanaSpace: string = 'default') { - return supertest - .patch(getRouteUrlForSpace('/api/timeline/_favorite', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Add a note to a Timeline or update an existing note. - */ - persistNoteRoute(props: PersistNoteRouteProps, kibanaSpace: string = 'default') { - return supertest - .patch(getRouteUrlForSpace('/api/note', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Pin/unpin an event to/from an existing Timeline. - */ - persistPinnedEventRoute(props: PersistPinnedEventRouteProps, kibanaSpace: string = 'default') { - return supertest - .patch(getRouteUrlForSpace('/api/pinned_event', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Calculates and returns a list of Risk Scores, sorted by identifier_type and risk score. - */ - previewRiskScore(props: PreviewRiskScoreProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/risk_score/preview', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - privmonBulkUploadUsersCsv(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/_csv', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - privMonHealth(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/health', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Check if the current user has all required permissions for Privilege Monitoring - */ - privMonPrivileges(kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/privileges', kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - readAlertsIndex(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieve indices that contain detection alerts of a particular age, along with migration information for each of those indices. - */ - readAlertsMigrationStatus( - props: ReadAlertsMigrationStatusProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get(getRouteUrlForSpace('/api/detection_engine/signals/migration_status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Retrieve the status of all Elastic prebuilt detection rules and Timelines. - -This endpoint provides detailed information about the number of custom rules, installed prebuilt rules, available prebuilt rules that are not installed, outdated prebuilt rules, installed prebuilt timelines, available prebuilt timelines that are not installed, and outdated prebuilt timelines. - - */ - readPrebuiltRulesAndTimelinesStatus(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged/_status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieves whether or not the user is authenticated, and the user's Kibana -space and index privileges, which determine if the user can create an -index for the Elastic Security alerts generated by -detection engine rules. - - */ - readPrivileges(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/detection_engine/privileges', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - readRiskEngineSettings(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/risk_score/engine/settings', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Retrieve a detection rule using the `rule_id` or `id` field. - -The URL query must include one of the following: - -* `id` - `GET /api/detection_engine/rules?id=` -* `rule_id` - `GET /api/detection_engine/rules?rule_id=` - -The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. - - */ - readRule(props: ReadRuleProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * List all unique tags from all detection rules. - */ - readTags(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/detection_engine/tags', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - resolveTimeline(props: ResolveTimelineProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/timeline/resolve', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - riskEngineGetPrivileges(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/risk_engine/privileges', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - rulePreview(props: RulePreviewProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/rules/preview', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object) - .query(props.query); - }, - runEntityAnalyticsMigrations(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/entity_analytics/migrations/run', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Run a shell command on an endpoint. - */ - runScriptAction(props: RunScriptActionProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint/action/runscript', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. - */ - scheduleRiskEngineNow(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/risk_score/engine/schedule_now', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Find and/or aggregate detection alerts that match the given query. - */ - searchAlerts(props: SearchAlertsProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/signals/search', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - searchPrivilegesIndices(props: SearchPrivilegesIndicesProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Assign users to detection alerts, and unassign them from alerts. -> info -> You cannot add and remove the same assignee in the same request. - - */ - setAlertAssignees(props: SetAlertAssigneesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/signals/assignees', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Set the status of one or more detection alerts. - */ - setAlertsStatus(props: SetAlertsStatusProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/signals/status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * And tags to detection alerts, and remove them from alerts. -> info -> You cannot add and remove the same alert tag in the same request. - - */ - setAlertTags(props: SetAlertTagsProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/detection_engine/signals/tags', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - startEntityEngine(props: StartEntityEngineProps, kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/api/entity_store/engines/{entityType}/start', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Starts a SIEM rules migration using the migration id provided - */ - startRuleMigration(props: StartRuleMigrationProps, kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/start', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - stopEntityEngine(props: StopEntityEngineProps, kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/api/entity_store/engines/{entityType}/stop', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Stops a running SIEM rules migration using the migration id provided - */ - stopRuleMigration(props: StopRuleMigrationProps, kibanaSpace: string = 'default') { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/stop', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Suggests user profiles. - */ - suggestUserProfiles(props: SuggestUserProfilesProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/detection_engine/users/_find', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Calculates and persists Risk Scores for an entity, returning the calculated risk score. - */ - triggerRiskScoreCalculation( - props: TriggerRiskScoreCalculationProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/internal/risk_score/calculation/entity', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - updateEntitySource(props: UpdateEntitySourceProps, kibanaSpace: string = 'default') { - return supertest - .put( - getRouteUrlForSpace( - replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - updatePrivMonUser(props: UpdatePrivMonUserProps, kibanaSpace: string = 'default') { - return supertest - .put( - getRouteUrlForSpace( - replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Update a detection rule using the `rule_id` or `id` field. The original rule is replaced, and all unspecified fields are deleted. - -The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. -> warn -> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. - -> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. - - */ - updateRule(props: UpdateRuleProps, kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Updates rules migrations data - */ - updateRuleMigration(props: UpdateRuleMigrationProps, kibanaSpace: string = 'default') { - return supertest - .patch( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Updates the index pattern for eligible and/or selected rules of a migration - */ - updateRuleMigrationIndexPattern( - props: UpdateRuleMigrationIndexPatternProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post( - getRouteUrlForSpace( - replaceParams( - '/internal/siem_migrations/rules/{migration_id}/update_index_pattern', - props.params - ), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Updates rules migrations attributes - */ - updateRuleMigrationRules( - props: UpdateRuleMigrationRulesProps, - kibanaSpace: string = 'default' - ) { - return supertest - .patch( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - updateWorkflowInsight(props: UpdateWorkflowInsightProps, kibanaSpace: string = 'default') { - return supertest - .put( - getRouteUrlForSpace( - replaceParams('/internal/api/endpoint/workflow_insights/{insightId}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - uploadAssetCriticalityRecords(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/asset_criticality/upload_csv', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Creates or updates resources for an existing SIEM rules migration - */ - upsertRuleMigrationResources( - props: UpsertRuleMigrationResourcesProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - }; -} - -export interface AlertsMigrationCleanupProps { - body: AlertsMigrationCleanupRequestBodyInput; -} -export interface BulkUpsertAssetCriticalityRecordsProps { - body: BulkUpsertAssetCriticalityRecordsRequestBodyInput; -} -export interface CleanDraftTimelinesProps { - body: CleanDraftTimelinesRequestBodyInput; -} -export interface ConfigureRiskEngineSavedObjectProps { - body: ConfigureRiskEngineSavedObjectRequestBodyInput; -} -export interface CopyTimelineProps { - body: CopyTimelineRequestBodyInput; -} -export interface CreateAlertsMigrationProps { - body: CreateAlertsMigrationRequestBodyInput; -} -export interface CreateAssetCriticalityRecordProps { - body: CreateAssetCriticalityRecordRequestBodyInput; -} -export interface CreateDashboardMigrationProps { - body: CreateDashboardMigrationRequestBodyInput; -} -export interface CreateDashboardMigrationDashboardsProps { - params: CreateDashboardMigrationDashboardsRequestParamsInput; - body: CreateDashboardMigrationDashboardsRequestBodyInput; -} -export interface CreateEntitySourceProps { - body: CreateEntitySourceRequestBodyInput; -} -export interface CreatePrivilegesImportIndexProps { - body: CreatePrivilegesImportIndexRequestBodyInput; -} -export interface CreatePrivMonUserProps { - body: CreatePrivMonUserRequestBodyInput; -} -export interface CreateRuleProps { - body: CreateRuleRequestBodyInput; -} -export interface CreateRuleMigrationProps { - body: CreateRuleMigrationRequestBodyInput; -} -export interface CreateRuleMigrationRulesProps { - params: CreateRuleMigrationRulesRequestParamsInput; - body: CreateRuleMigrationRulesRequestBodyInput; -} -export interface CreateTimelinesProps { - body: CreateTimelinesRequestBodyInput; -} -export interface CreateUpdateProtectionUpdatesNoteProps { - params: CreateUpdateProtectionUpdatesNoteRequestParamsInput; - body: CreateUpdateProtectionUpdatesNoteRequestBodyInput; -} -export interface DeleteAssetCriticalityRecordProps { - query: DeleteAssetCriticalityRecordRequestQueryInput; -} -export interface DeleteEntityEngineProps { - query: DeleteEntityEngineRequestQueryInput; - params: DeleteEntityEngineRequestParamsInput; -} -export interface DeleteEntitySourceProps { - params: DeleteEntitySourceRequestParamsInput; -} -export interface DeleteMonitoringEngineProps { - query: DeleteMonitoringEngineRequestQueryInput; -} -export interface DeleteNoteProps { - body: DeleteNoteRequestBodyInput; -} -export interface DeletePrivMonUserProps { - params: DeletePrivMonUserRequestParamsInput; -} -export interface DeleteRuleProps { - query: DeleteRuleRequestQueryInput; -} -export interface DeleteRuleMigrationProps { - params: DeleteRuleMigrationRequestParamsInput; -} -export interface DeleteTimelinesProps { - body: DeleteTimelinesRequestBodyInput; -} -export interface DeprecatedTriggerRiskScoreCalculationProps { - body: DeprecatedTriggerRiskScoreCalculationRequestBodyInput; -} -export interface EndpointExecuteActionProps { - body: EndpointExecuteActionRequestBodyInput; -} -export interface EndpointFileDownloadProps { - params: EndpointFileDownloadRequestParamsInput; -} -export interface EndpointFileInfoProps { - params: EndpointFileInfoRequestParamsInput; -} -export interface EndpointGetActionsDetailsProps { - params: EndpointGetActionsDetailsRequestParamsInput; -} -export interface EndpointGetActionsListProps { - query: EndpointGetActionsListRequestQueryInput; -} -export interface EndpointGetActionsStatusProps { - query: EndpointGetActionsStatusRequestQueryInput; -} -export interface EndpointGetFileActionProps { - body: EndpointGetFileActionRequestBodyInput; -} -export interface EndpointGetProcessesActionProps { - body: EndpointGetProcessesActionRequestBodyInput; -} -export interface EndpointIsolateActionProps { - body: EndpointIsolateActionRequestBodyInput; -} -export interface EndpointKillProcessActionProps { - body: EndpointKillProcessActionRequestBodyInput; -} -export interface EndpointScanActionProps { - body: EndpointScanActionRequestBodyInput; -} -export interface EndpointSuspendProcessActionProps { - body: EndpointSuspendProcessActionRequestBodyInput; -} -export interface EndpointUnisolateActionProps { - body: EndpointUnisolateActionRequestBodyInput; -} -export interface ExportRulesProps { - query: ExportRulesRequestQueryInput; - body: ExportRulesRequestBodyInput; -} -export interface ExportTimelinesProps { - query: ExportTimelinesRequestQueryInput; - body: ExportTimelinesRequestBodyInput; -} -export interface FinalizeAlertsMigrationProps { - body: FinalizeAlertsMigrationRequestBodyInput; -} -export interface FindAssetCriticalityRecordsProps { - query: FindAssetCriticalityRecordsRequestQueryInput; -} -export interface FindRulesProps { - query: FindRulesRequestQueryInput; -} -export interface GetAssetCriticalityRecordProps { - query: GetAssetCriticalityRecordRequestQueryInput; -} -export interface GetDashboardMigrationProps { - params: GetDashboardMigrationRequestParamsInput; -} -export interface GetDashboardMigrationStatsProps { - params: GetDashboardMigrationStatsRequestParamsInput; -} -export interface GetDraftTimelinesProps { - query: GetDraftTimelinesRequestQueryInput; -} -export interface GetEndpointMetadataListProps { - query: GetEndpointMetadataListRequestQueryInput; -} -export interface GetEndpointSuggestionsProps { - params: GetEndpointSuggestionsRequestParamsInput; - body: GetEndpointSuggestionsRequestBodyInput; -} -export interface GetEntityEngineProps { - params: GetEntityEngineRequestParamsInput; -} -export interface GetEntitySourceProps { - params: GetEntitySourceRequestParamsInput; -} -export interface GetEntityStoreStatusProps { - query: GetEntityStoreStatusRequestQueryInput; -} -export interface GetNotesProps { - query: GetNotesRequestQueryInput; -} -export interface GetPolicyResponseProps { - query: GetPolicyResponseRequestQueryInput; -} -export interface GetProtectionUpdatesNoteProps { - params: GetProtectionUpdatesNoteRequestParamsInput; -} -export interface GetRuleExecutionEventsProps { - query: GetRuleExecutionEventsRequestQueryInput; - params: GetRuleExecutionEventsRequestParamsInput; -} -export interface GetRuleExecutionResultsProps { - query: GetRuleExecutionResultsRequestQueryInput; - params: GetRuleExecutionResultsRequestParamsInput; -} -export interface GetRuleMigrationProps { - params: GetRuleMigrationRequestParamsInput; -} -export interface GetRuleMigrationPrebuiltRulesProps { - params: GetRuleMigrationPrebuiltRulesRequestParamsInput; -} -export interface GetRuleMigrationResourcesProps { - query: GetRuleMigrationResourcesRequestQueryInput; - params: GetRuleMigrationResourcesRequestParamsInput; -} -export interface GetRuleMigrationResourcesMissingProps { - params: GetRuleMigrationResourcesMissingRequestParamsInput; -} -export interface GetRuleMigrationRulesProps { - query: GetRuleMigrationRulesRequestQueryInput; - params: GetRuleMigrationRulesRequestParamsInput; -} -export interface GetRuleMigrationStatsProps { - params: GetRuleMigrationStatsRequestParamsInput; -} -export interface GetRuleMigrationTranslationStatsProps { - params: GetRuleMigrationTranslationStatsRequestParamsInput; -} -export interface GetTimelineProps { - query: GetTimelineRequestQueryInput; -} -export interface GetTimelinesProps { - query: GetTimelinesRequestQueryInput; -} -export interface GetWorkflowInsightsProps { - query: GetWorkflowInsightsRequestQueryInput; -} -export interface ImportRulesProps { - query: ImportRulesRequestQueryInput; -} -export interface ImportTimelinesProps { - body: ImportTimelinesRequestBodyInput; -} -export interface InitEntityEngineProps { - params: InitEntityEngineRequestParamsInput; - body: InitEntityEngineRequestBodyInput; -} -export interface InitEntityStoreProps { - body: InitEntityStoreRequestBodyInput; -} -export interface InstallMigrationRulesProps { - params: InstallMigrationRulesRequestParamsInput; - body: InstallMigrationRulesRequestBodyInput; -} -export interface InstallPrepackedTimelinesProps { - body: InstallPrepackedTimelinesRequestBodyInput; -} -export interface ListEntitiesProps { - query: ListEntitiesRequestQueryInput; -} -export interface ListEntitySourcesProps { - query: ListEntitySourcesRequestQueryInput; -} -export interface ListPrivMonUsersProps { - query: ListPrivMonUsersRequestQueryInput; -} -export interface PatchRuleProps { - body: PatchRuleRequestBodyInput; -} -export interface PatchTimelineProps { - body: PatchTimelineRequestBodyInput; -} -export interface PerformRulesBulkActionProps { - query: PerformRulesBulkActionRequestQueryInput; - body: PerformRulesBulkActionRequestBodyInput; -} -export interface PersistFavoriteRouteProps { - body: PersistFavoriteRouteRequestBodyInput; -} -export interface PersistNoteRouteProps { - body: PersistNoteRouteRequestBodyInput; -} -export interface PersistPinnedEventRouteProps { - body: PersistPinnedEventRouteRequestBodyInput; -} -export interface PreviewRiskScoreProps { - body: PreviewRiskScoreRequestBodyInput; -} -export interface ReadAlertsMigrationStatusProps { - query: ReadAlertsMigrationStatusRequestQueryInput; -} -export interface ReadRuleProps { - query: ReadRuleRequestQueryInput; -} -export interface ResolveTimelineProps { - query: ResolveTimelineRequestQueryInput; -} -export interface RulePreviewProps { - query: RulePreviewRequestQueryInput; - body: RulePreviewRequestBodyInput; -} -export interface RunScriptActionProps { - body: RunScriptActionRequestBodyInput; -} -export interface SearchAlertsProps { - body: SearchAlertsRequestBodyInput; -} -export interface SearchPrivilegesIndicesProps { - query: SearchPrivilegesIndicesRequestQueryInput; -} -export interface SetAlertAssigneesProps { - body: SetAlertAssigneesRequestBodyInput; -} -export interface SetAlertsStatusProps { - body: SetAlertsStatusRequestBodyInput; -} -export interface SetAlertTagsProps { - body: SetAlertTagsRequestBodyInput; -} -export interface StartEntityEngineProps { - params: StartEntityEngineRequestParamsInput; -} -export interface StartRuleMigrationProps { - params: StartRuleMigrationRequestParamsInput; - body: StartRuleMigrationRequestBodyInput; -} -export interface StopEntityEngineProps { - params: StopEntityEngineRequestParamsInput; -} -export interface StopRuleMigrationProps { - params: StopRuleMigrationRequestParamsInput; -} -export interface SuggestUserProfilesProps { - query: SuggestUserProfilesRequestQueryInput; -} -export interface TriggerRiskScoreCalculationProps { - body: TriggerRiskScoreCalculationRequestBodyInput; -} -export interface UpdateEntitySourceProps { - params: UpdateEntitySourceRequestParamsInput; - body: UpdateEntitySourceRequestBodyInput; -} -export interface UpdatePrivMonUserProps { - params: UpdatePrivMonUserRequestParamsInput; - body: UpdatePrivMonUserRequestBodyInput; -} -export interface UpdateRuleProps { - body: UpdateRuleRequestBodyInput; -} -export interface UpdateRuleMigrationProps { - params: UpdateRuleMigrationRequestParamsInput; - body: UpdateRuleMigrationRequestBodyInput; -} -export interface UpdateRuleMigrationIndexPatternProps { - params: UpdateRuleMigrationIndexPatternRequestParamsInput; - body: UpdateRuleMigrationIndexPatternRequestBodyInput; -} -export interface UpdateRuleMigrationRulesProps { - params: UpdateRuleMigrationRulesRequestParamsInput; - body: UpdateRuleMigrationRulesRequestBodyInput; -} -export interface UpdateWorkflowInsightProps { - params: UpdateWorkflowInsightRequestParamsInput; - body: UpdateWorkflowInsightRequestBodyInput; -} -export interface UpsertRuleMigrationResourcesProps { - params: UpsertRuleMigrationResourcesRequestParamsInput; - body: UpsertRuleMigrationResourcesRequestBodyInput; -} diff --git a/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts b/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts deleted file mode 100644 index a72af9e4c0bb6..0000000000000 --- a/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Endpoint Exceptions API client for tests - * version: Bundle (no version) - */ - -import { - ELASTIC_HTTP_VERSION_HEADER, - X_ELASTIC_INTERNAL_ORIGIN_REQUEST, -} from '@kbn/core-http-common'; -import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; - -import { CreateEndpointListItemRequestBodyInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.gen'; -import { DeleteEndpointListItemRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.gen'; -import { FindEndpointListItemsRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.gen'; -import { ReadEndpointListItemRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.gen'; -import { UpdateEndpointListItemRequestBodyInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.gen'; -import { FtrProviderContext } from '../ftr_provider_context'; - -export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); - - return { - /** - * Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. - */ - createEndpointList(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint_list', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. - */ - createEndpointListItem(props: CreateEndpointListItemProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. - */ - deleteEndpointListItem(props: DeleteEndpointListItemProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a list of all Elastic Endpoint exception list items. - */ - findEndpointListItems(props: FindEndpointListItemsProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/endpoint_list/items/_find', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. - */ - readEndpointListItem(props: ReadEndpointListItemProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. - */ - updateEndpointListItem(props: UpdateEndpointListItemProps, kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - }; -} - -export interface CreateEndpointListItemProps { - body: CreateEndpointListItemRequestBodyInput; -} -export interface DeleteEndpointListItemProps { - query: DeleteEndpointListItemRequestQueryInput; -} -export interface FindEndpointListItemsProps { - query: FindEndpointListItemsRequestQueryInput; -} -export interface ReadEndpointListItemProps { - query: ReadEndpointListItemRequestQueryInput; -} -export interface UpdateEndpointListItemProps { - body: UpdateEndpointListItemRequestBodyInput; -} diff --git a/x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts b/x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts deleted file mode 100644 index b195f6731c643..0000000000000 --- a/x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts +++ /dev/null @@ -1,299 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Exceptions API client for tests - * version: Bundle (no version) - */ - -import { - ELASTIC_HTTP_VERSION_HEADER, - X_ELASTIC_INTERNAL_ORIGIN_REQUEST, -} from '@kbn/core-http-common'; -import { replaceParams } from '@kbn/openapi-common/shared'; -import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; - -import { CreateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list/create_exception_list.gen'; -import { CreateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list_item/create_exception_list_item.gen'; -import { - CreateRuleExceptionListItemsRequestParamsInput, - CreateRuleExceptionListItemsRequestBodyInput, -} from '@kbn/securitysolution-exceptions-common/api/create_rule_exceptions/create_rule_exceptions.gen'; -import { CreateSharedExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_shared_exceptions_list/create_shared_exceptions_list.gen'; -import { DeleteExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list/delete_exception_list.gen'; -import { DeleteExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list_item/delete_exception_list_item.gen'; -import { DuplicateExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/duplicate_exception_list/duplicate_exception_list.gen'; -import { ExportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/export_exception_list/export_exception_list.gen'; -import { FindExceptionListItemsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_list_items/find_exception_list_items.gen'; -import { FindExceptionListsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_lists/find_exception_lists.gen'; -import { ImportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/import_exceptions/import_exceptions.gen'; -import { ReadExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list/read_exception_list.gen'; -import { ReadExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_item/read_exception_list_item.gen'; -import { ReadExceptionListSummaryRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_summary/read_exception_list_summary.gen'; -import { UpdateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list/update_exception_list.gen'; -import { UpdateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list_item/update_exception_list_item.gen'; -import { FtrProviderContext } from '../ftr_provider_context'; - -export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); - - return { - /** - * An exception list groups exception items and can be associated with detection rules. You can assign exception lists to multiple detection rules. -> info -> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. - - */ - createExceptionList(props: CreateExceptionListProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create an exception item and associate it with the specified exception list. -> info -> Before creating exception items, you must create an exception list. - - */ - createExceptionListItem(props: CreateExceptionListItemProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create exception items that apply to a single detection rule. - */ - createRuleExceptionListItems( - props: CreateRuleExceptionListItemsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post( - getRouteUrlForSpace( - replaceParams('/api/detection_engine/rules/{id}/exceptions', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * An exception list groups exception items and can be associated with detection rules. A shared exception list can apply to multiple detection rules. -> info -> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. - - */ - createSharedExceptionList( - props: CreateSharedExceptionListProps, - kibanaSpace: string = 'default' - ) { - return supertest - .post(getRouteUrlForSpace('/api/exceptions/shared', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Delete an exception list using the `id` or `list_id` field. - */ - deleteExceptionList(props: DeleteExceptionListProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Delete an exception list item using the `id` or `item_id` field. - */ - deleteExceptionListItem(props: DeleteExceptionListItemProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Duplicate an existing exception list. - */ - duplicateExceptionList(props: DuplicateExceptionListProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/exception_lists/_duplicate', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Export an exception list and its associated items to an NDJSON file. - */ - exportExceptionList(props: ExportExceptionListProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/exception_lists/_export', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a list of all exception list items in the specified list. - */ - findExceptionListItems(props: FindExceptionListItemsProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/exception_lists/items/_find', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a list of all exception list containers. - */ - findExceptionLists(props: FindExceptionListsProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/exception_lists/_find', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Import an exception list and its associated items from an NDJSON file. - */ - importExceptionList(props: ImportExceptionListProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/exception_lists/_import', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get the details of an exception list using the `id` or `list_id` field. - */ - readExceptionList(props: ReadExceptionListProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get the details of an exception list item using the `id` or `item_id` field. - */ - readExceptionListItem(props: ReadExceptionListItemProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a summary of the specified exception list. - */ - readExceptionListSummary( - props: ReadExceptionListSummaryProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get(getRouteUrlForSpace('/api/exception_lists/summary', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Update an exception list using the `id` or `list_id` field. - */ - updateExceptionList(props: UpdateExceptionListProps, kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Update an exception list item using the `id` or `item_id` field. - */ - updateExceptionListItem(props: UpdateExceptionListItemProps, kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - }; -} - -export interface CreateExceptionListProps { - body: CreateExceptionListRequestBodyInput; -} -export interface CreateExceptionListItemProps { - body: CreateExceptionListItemRequestBodyInput; -} -export interface CreateRuleExceptionListItemsProps { - params: CreateRuleExceptionListItemsRequestParamsInput; - body: CreateRuleExceptionListItemsRequestBodyInput; -} -export interface CreateSharedExceptionListProps { - body: CreateSharedExceptionListRequestBodyInput; -} -export interface DeleteExceptionListProps { - query: DeleteExceptionListRequestQueryInput; -} -export interface DeleteExceptionListItemProps { - query: DeleteExceptionListItemRequestQueryInput; -} -export interface DuplicateExceptionListProps { - query: DuplicateExceptionListRequestQueryInput; -} -export interface ExportExceptionListProps { - query: ExportExceptionListRequestQueryInput; -} -export interface FindExceptionListItemsProps { - query: FindExceptionListItemsRequestQueryInput; -} -export interface FindExceptionListsProps { - query: FindExceptionListsRequestQueryInput; -} -export interface ImportExceptionListProps { - query: ImportExceptionListRequestQueryInput; -} -export interface ReadExceptionListProps { - query: ReadExceptionListRequestQueryInput; -} -export interface ReadExceptionListItemProps { - query: ReadExceptionListItemRequestQueryInput; -} -export interface ReadExceptionListSummaryProps { - query: ReadExceptionListSummaryRequestQueryInput; -} -export interface UpdateExceptionListProps { - body: UpdateExceptionListRequestBodyInput; -} -export interface UpdateExceptionListItemProps { - body: UpdateExceptionListItemRequestBodyInput; -} diff --git a/x-pack/test/api_integration/services/security_solution_lists_api.gen.ts b/x-pack/test/api_integration/services/security_solution_lists_api.gen.ts deleted file mode 100644 index 64de6940d77eb..0000000000000 --- a/x-pack/test/api_integration/services/security_solution_lists_api.gen.ts +++ /dev/null @@ -1,295 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Lists API client for tests - * version: Bundle (no version) - */ - -import { - ELASTIC_HTTP_VERSION_HEADER, - X_ELASTIC_INTERNAL_ORIGIN_REQUEST, -} from '@kbn/core-http-common'; -import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; - -import { CreateListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/create_list/create_list.gen'; -import { CreateListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/create_list_item/create_list_item.gen'; -import { DeleteListRequestQueryInput } from '@kbn/securitysolution-lists-common/api/delete_list/delete_list.gen'; -import { DeleteListItemRequestQueryInput } from '@kbn/securitysolution-lists-common/api/delete_list_item/delete_list_item.gen'; -import { ExportListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/export_list_items/export_list_items.gen'; -import { FindListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/find_list_items/find_list_items.gen'; -import { FindListsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/find_lists/find_lists.gen'; -import { ImportListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/import_list_items/import_list_items.gen'; -import { PatchListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/patch_list/patch_list.gen'; -import { PatchListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/patch_list_item/patch_list_item.gen'; -import { ReadListRequestQueryInput } from '@kbn/securitysolution-lists-common/api/read_list/read_list.gen'; -import { ReadListItemRequestQueryInput } from '@kbn/securitysolution-lists-common/api/read_list_item/read_list_item.gen'; -import { UpdateListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/update_list/update_list.gen'; -import { UpdateListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/update_list_item/update_list_item.gen'; -import { FtrProviderContext } from '../ftr_provider_context'; - -export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); - - return { - /** - * Create a new value list. - */ - createList(props: CreateListProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create `.lists` and `.items` data streams in the relevant space. - */ - createListIndex(kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Create a value list item and associate it with the specified value list. - -All value list items in the same list must be the same type. For example, each list item in an `ip` list must define a specific IP address. -> info -> Before creating a list item, you must create a list. - - */ - createListItem(props: CreateListItemProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Delete a value list using the list ID. -> info -> When you delete a list, all of its list items are also deleted. - - */ - deleteList(props: DeleteListProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Delete the `.lists` and `.items` data streams. - */ - deleteListIndex(kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Delete a value list item using its `id`, or its `list_id` and `value` fields. - */ - deleteListItem(props: DeleteListItemProps, kibanaSpace: string = 'default') { - return supertest - .delete(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Export list item values from the specified value list. - */ - exportListItems(props: ExportListItemsProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/lists/items/_export', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get all value list items in the specified list. - */ - findListItems(props: FindListItemsProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/lists/items/_find', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a paginated subset of value lists. By default, the first page is returned, with 20 results per page. - */ - findLists(props: FindListsProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/lists/_find', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Import value list items from a TXT or CSV file. The maximum file size is 9 million bytes. - -You can import items to a new or existing list. - - */ - importListItems(props: ImportListItemsProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/lists/items/_import', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Update specific fields of an existing list using the list `id`. - */ - patchList(props: PatchListProps, kibanaSpace: string = 'default') { - return supertest - .patch(getRouteUrlForSpace('/api/lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Update specific fields of an existing value list item using the item `id`. - */ - patchListItem(props: PatchListItemProps, kibanaSpace: string = 'default') { - return supertest - .patch(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Get the details of a value list using the list ID. - */ - readList(props: ReadListProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Verify that `.lists` and `.items` data streams exist. - */ - readListIndex(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the details of a value list item. - */ - readListItem(props: ReadListItemProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - readListPrivileges(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/lists/privileges', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Update a value list using the list `id`. The original list is replaced, and all unspecified fields are deleted. -> info -> You cannot modify the `id` value. - - */ - updateList(props: UpdateListProps, kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/api/lists', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Update a value list item using the list item ID. The original list item is replaced, and all unspecified fields are deleted. -> info -> You cannot modify the `id` value. - - */ - updateListItem(props: UpdateListItemProps, kibanaSpace: string = 'default') { - return supertest - .put(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - }; -} - -export interface CreateListProps { - body: CreateListRequestBodyInput; -} -export interface CreateListItemProps { - body: CreateListItemRequestBodyInput; -} -export interface DeleteListProps { - query: DeleteListRequestQueryInput; -} -export interface DeleteListItemProps { - query: DeleteListItemRequestQueryInput; -} -export interface ExportListItemsProps { - query: ExportListItemsRequestQueryInput; -} -export interface FindListItemsProps { - query: FindListItemsRequestQueryInput; -} -export interface FindListsProps { - query: FindListsRequestQueryInput; -} -export interface ImportListItemsProps { - query: ImportListItemsRequestQueryInput; -} -export interface PatchListProps { - body: PatchListRequestBodyInput; -} -export interface PatchListItemProps { - body: PatchListItemRequestBodyInput; -} -export interface ReadListProps { - query: ReadListRequestQueryInput; -} -export interface ReadListItemProps { - query: ReadListItemRequestQueryInput; -} -export interface UpdateListProps { - body: UpdateListRequestBodyInput; -} -export interface UpdateListItemProps { - body: UpdateListItemRequestBodyInput; -} diff --git a/x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts b/x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts deleted file mode 100644 index 2a71f7065b835..0000000000000 --- a/x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts +++ /dev/null @@ -1,391 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: API client for tests - * version: Bundle (no version) - */ - -import { - ELASTIC_HTTP_VERSION_HEADER, - X_ELASTIC_INTERNAL_ORIGIN_REQUEST, -} from '@kbn/core-http-common'; -import { replaceParams } from '@kbn/openapi-common/shared'; -import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; - -import { GetAgentDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; -import { GetAgentPolicyRequestParamsInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; -import { GetAgentsRequestQueryInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; -import { OsqueryCreateLiveQueryRequestBodyInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; -import { OsqueryCreatePacksRequestBodyInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; -import { OsqueryCreateSavedQueryRequestBodyInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; -import { OsqueryDeletePacksRequestParamsInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; -import { OsqueryDeleteSavedQueryRequestParamsInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; -import { OsqueryFindLiveQueriesRequestQueryInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; -import { OsqueryFindPacksRequestQueryInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; -import { OsqueryFindSavedQueriesRequestQueryInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; -import { OsqueryGetLiveQueryDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; -import { - OsqueryGetLiveQueryResultsRequestQueryInput, - OsqueryGetLiveQueryResultsRequestParamsInput, -} from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; -import { OsqueryGetPacksDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; -import { OsqueryGetSavedQueryDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; -import { - OsqueryUpdatePacksRequestParamsInput, - OsqueryUpdatePacksRequestBodyInput, -} from '@kbn/osquery-plugin/common/api/packs/packs.gen'; -import { - OsqueryUpdateSavedQueryRequestParamsInput, - OsqueryUpdateSavedQueryRequestBodyInput, -} from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; -import { ReadAssetsStatusRequestQueryInput } from '@kbn/osquery-plugin/common/api/asset/assets.gen'; -import { UpdateAssetsStatusRequestQueryInput } from '@kbn/osquery-plugin/common/api/asset/assets.gen'; -import { FtrProviderContext } from '../ftr_provider_context'; - -export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); - - return { - getAgentDetails(props: GetAgentDetailsProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/internal/osquery/fleet_wrapper/agents/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getAgentPackagePolicies(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/package_policies', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getAgentPolicies(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/agent_policies', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getAgentPolicy(props: GetAgentPolicyProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/internal/osquery/fleet_wrapper/agent_policies/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - getAgents(props: GetAgentsProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/agents', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Create and run a live query. - */ - osqueryCreateLiveQuery(props: OsqueryCreateLiveQueryProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/osquery/live_queries', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create a query pack. - */ - osqueryCreatePacks(props: OsqueryCreatePacksProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/osquery/packs', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Create and run a saved query. - */ - osqueryCreateSavedQuery(props: OsqueryCreateSavedQueryProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/api/osquery/saved_queries', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Delete a query pack using the pack ID. - */ - osqueryDeletePacks(props: OsqueryDeletePacksProps, kibanaSpace: string = 'default') { - return supertest - .delete( - getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Delete a saved query using the query ID. - */ - osqueryDeleteSavedQuery(props: OsqueryDeleteSavedQueryProps, kibanaSpace: string = 'default') { - return supertest - .delete( - getRouteUrlForSpace( - replaceParams('/api/osquery/saved_queries/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get a list of all live queries. - */ - osqueryFindLiveQueries(props: OsqueryFindLiveQueriesProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/osquery/live_queries', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a list of all query packs. - */ - osqueryFindPacks(props: OsqueryFindPacksProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/osquery/packs', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get a list of all saved queries. - */ - osqueryFindSavedQueries(props: OsqueryFindSavedQueriesProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/api/osquery/saved_queries', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get the details of a live query using the query ID. - */ - osqueryGetLiveQueryDetails( - props: OsqueryGetLiveQueryDetailsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/osquery/live_queries/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the results of a live query using the query action ID. - */ - osqueryGetLiveQueryResults( - props: OsqueryGetLiveQueryResultsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/osquery/live_queries/{id}/results/{actionId}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - /** - * Get the details of a query pack using the pack ID. - */ - osqueryGetPacksDetails(props: OsqueryGetPacksDetailsProps, kibanaSpace: string = 'default') { - return supertest - .get( - getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Get the details of a saved query using the query ID. - */ - osqueryGetSavedQueryDetails( - props: OsqueryGetSavedQueryDetailsProps, - kibanaSpace: string = 'default' - ) { - return supertest - .get( - getRouteUrlForSpace( - replaceParams('/api/osquery/saved_queries/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - /** - * Update a query pack using the pack ID. -> info -> You cannot update a prebuilt pack. - - */ - osqueryUpdatePacks(props: OsqueryUpdatePacksProps, kibanaSpace: string = 'default') { - return supertest - .put( - getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - /** - * Update a saved query using the query ID. -> info -> You cannot update a prebuilt saved query. - - */ - osqueryUpdateSavedQuery(props: OsqueryUpdateSavedQueryProps, kibanaSpace: string = 'default') { - return supertest - .put( - getRouteUrlForSpace( - replaceParams('/api/osquery/saved_queries/{id}', props.params), - kibanaSpace - ) - ) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .send(props.body as object); - }, - readAssetsStatus(props: ReadAssetsStatusProps, kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/osquery/assets', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - readInstallationStatus(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/osquery/status', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - readPrivilegesCheck(kibanaSpace: string = 'default') { - return supertest - .get(getRouteUrlForSpace('/internal/osquery/privileges_check', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); - }, - updateAssetsStatus(props: UpdateAssetsStatusProps, kibanaSpace: string = 'default') { - return supertest - .post(getRouteUrlForSpace('/internal/osquery/assets/update', kibanaSpace)) - .set('kbn-xsrf', 'true') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') - .query(props.query); - }, - }; -} - -export interface GetAgentDetailsProps { - params: GetAgentDetailsRequestParamsInput; -} -export interface GetAgentPolicyProps { - params: GetAgentPolicyRequestParamsInput; -} -export interface GetAgentsProps { - query: GetAgentsRequestQueryInput; -} -export interface OsqueryCreateLiveQueryProps { - body: OsqueryCreateLiveQueryRequestBodyInput; -} -export interface OsqueryCreatePacksProps { - body: OsqueryCreatePacksRequestBodyInput; -} -export interface OsqueryCreateSavedQueryProps { - body: OsqueryCreateSavedQueryRequestBodyInput; -} -export interface OsqueryDeletePacksProps { - params: OsqueryDeletePacksRequestParamsInput; -} -export interface OsqueryDeleteSavedQueryProps { - params: OsqueryDeleteSavedQueryRequestParamsInput; -} -export interface OsqueryFindLiveQueriesProps { - query: OsqueryFindLiveQueriesRequestQueryInput; -} -export interface OsqueryFindPacksProps { - query: OsqueryFindPacksRequestQueryInput; -} -export interface OsqueryFindSavedQueriesProps { - query: OsqueryFindSavedQueriesRequestQueryInput; -} -export interface OsqueryGetLiveQueryDetailsProps { - params: OsqueryGetLiveQueryDetailsRequestParamsInput; -} -export interface OsqueryGetLiveQueryResultsProps { - query: OsqueryGetLiveQueryResultsRequestQueryInput; - params: OsqueryGetLiveQueryResultsRequestParamsInput; -} -export interface OsqueryGetPacksDetailsProps { - params: OsqueryGetPacksDetailsRequestParamsInput; -} -export interface OsqueryGetSavedQueryDetailsProps { - params: OsqueryGetSavedQueryDetailsRequestParamsInput; -} -export interface OsqueryUpdatePacksProps { - params: OsqueryUpdatePacksRequestParamsInput; - body: OsqueryUpdatePacksRequestBodyInput; -} -export interface OsqueryUpdateSavedQueryProps { - params: OsqueryUpdateSavedQueryRequestParamsInput; - body: OsqueryUpdateSavedQueryRequestBodyInput; -} -export interface ReadAssetsStatusProps { - query: ReadAssetsStatusRequestQueryInput; -} -export interface UpdateAssetsStatusProps { - query: UpdateAssetsStatusRequestQueryInput; -} diff --git a/x-pack/test_serverless/shared/services/deployment_agnostic_services.ts b/x-pack/test_serverless/shared/services/deployment_agnostic_services.ts index 4eaddca65be2c..b31a1e9e344e5 100644 --- a/x-pack/test_serverless/shared/services/deployment_agnostic_services.ts +++ b/x-pack/test_serverless/shared/services/deployment_agnostic_services.ts @@ -7,8 +7,6 @@ import { services as apiIntegrationServices } from '@kbn/test-suites-xpack/api_integration/services'; import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; -import { SecuritySolutionApiProvider } from '@kbn/test-suites-xpack/api_integration/services/security_solution_api.gen'; -import { SecuritySolutionApiProvider as SecuritySolutionExceptionsApiProvider } from '@kbn/test-suites-xpack/api_integration/services/security_solution_exceptions_api.gen'; import { services as platformApiIntegrationServices } from '@kbn/test-suites-xpack-platform/api_integration/services'; import { AlertingApiProvider } from './alerting_api'; import { UsageAPIProvider } from './usage_api'; @@ -45,7 +43,5 @@ export const services = { security, usageAPI: UsageAPIProvider, console, - securitySolutionApi: SecuritySolutionApiProvider, alertingApi: AlertingApiProvider, - securitySolutionExceptionsApi: SecuritySolutionExceptionsApiProvider, }; diff --git a/x-pack/test_serverless/shared/services/search_secure.ts b/x-pack/test_serverless/shared/services/search_secure.ts deleted file mode 100644 index b7bbc50bcb18b..0000000000000 --- a/x-pack/test_serverless/shared/services/search_secure.ts +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -// NOTE: This is pretty much a copy/paste from src/platform/packages/shared/kbn-ftr-common-functional-services/services/bsearch.ts -// but with the ability to provide custom auth - -import expect from '@kbn/expect'; -import { GenericFtrService } from '@kbn/test'; -import type { IEsSearchResponse } from '@kbn/search-types'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; -import { SupertestWithoutAuthProviderType } from '@kbn/ftr-common-functional-services'; -import { FtrProviderContext } from '../../functional/ftr_provider_context'; - -export interface SendOptions { - supertestWithoutAuth: SupertestWithoutAuthProviderType; - apiKeyHeader: { Authorization: string }; - referer?: string; - kibanaVersion?: string; - options: object; - strategy: string; - space?: string; - internalOrigin: string; -} - -export class SearchSecureService extends GenericFtrService { - private readonly retry = this.ctx.getService('retry'); - - async send({ - supertestWithoutAuth, - apiKeyHeader, - referer, - kibanaVersion, - internalOrigin, - options, - strategy, - space, - }: SendOptions) { - const { body } = await this.retry.try(async () => { - let result; - const url = `/internal/search/${strategy}`; - if (referer && kibanaVersion) { - result = await supertestWithoutAuth - .post(url) - .set(apiKeyHeader) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('referer', referer) - .set('kbn-version', kibanaVersion) - .set('kbn-xsrf', 'true') - .send(options); - } else if (referer) { - result = await supertestWithoutAuth - .post(url) - .set(apiKeyHeader) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('referer', referer) - .set('kbn-xsrf', 'true') - .send(options); - } else if (kibanaVersion) { - result = await supertestWithoutAuth - .post(url) - .set(apiKeyHeader) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-version', kibanaVersion) - .set('kbn-xsrf', 'true') - .send(options); - } else if (internalOrigin) { - result = await supertestWithoutAuth - .post(url) - .set(apiKeyHeader) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('x-elastic-internal-origin', internalOrigin) - .set('kbn-xsrf', 'true') - .send(options); - } else { - result = await supertestWithoutAuth - .post(url) - .set(apiKeyHeader) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .send(options); - } - if ((result.status === 500 || result.status === 200) && result.body) { - return result; - } - throw new Error('try again'); - }); - - if (!body.isRunning) { - return body as T; - } - - const result = await this.retry.try(async () => { - const resp = await supertestWithoutAuth - .post(`/internal/search/${strategy}/${body.id}`) - .set(apiKeyHeader) - .set('kbn-xsrf', 'true') - .set('x-elastic-internal-origin', 'Kibana') - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .send(options) - .expect(200); - expect(resp.body.isRunning).equal(false); - return resp.body; - }); - - return result as T; - } -} From 876ed4b4a91ad82821b9a556475c351256802865 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 01:25:39 +0200 Subject: [PATCH 29/42] remove constructor in services --- .../services/detections.ts | 21 ++++++------------- .../services/endpoint.ts | 21 ++++++------------- .../services/endpoint_artifacts.ts | 15 ++++--------- .../services/timeline.ts | 9 ++------ 4 files changed, 18 insertions(+), 48 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts index 926b65703f498..2281d5a33f762 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts @@ -29,21 +29,12 @@ export function DetectionsTestServiceProvider({ getService }: FtrProviderContext const esClient = getService('es'); return new (class DetectionsTestService { - private readonly supertest: ReturnType; - private readonly log: ReturnType; - private readonly retry: ReturnType; - private readonly config: ReturnType; - private readonly esClient: ReturnType; - private readonly defaultTimeout: number; - - constructor() { - this.supertest = supertest; - this.log = log; - this.retry = retry; - this.config = config; - this.esClient = esClient; - this.defaultTimeout = config.get('timeouts.waitFor'); - } + private readonly supertest = supertest; + private readonly log = log; + private readonly retry = retry; + private readonly config = config; + private readonly esClient = esClient; + private readonly defaultTimeout = config.get('timeouts.waitFor'); /** * Returns an error handler for `supertest` request that will dump out more useful information diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts index 9784531c597cc..0f10debb8c7d8 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts @@ -81,21 +81,12 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext const log = getService('log'); return new (class EndpointTestResources { - private readonly esClient: ReturnType; - private readonly retry: ReturnType; - private readonly kbnClient: ReturnType; - private readonly config: ReturnType; - private readonly supertest: ReturnType; - private readonly log: ReturnType; - - constructor() { - this.esClient = esClient; - this.retry = retry; - this.kbnClient = kbnClient; - this.config = config; - this.supertest = supertest; - this.log = log; - } + private readonly esClient = esClient; + private readonly retry = retry; + private readonly kbnClient = kbnClient; + private readonly config = config; + private readonly supertest = supertest; + private readonly log = log; getScopedKbnClient(spaceId: string = DEFAULT_SPACE_ID): KbnClient { if (!spaceId || spaceId === DEFAULT_SPACE_ID) { diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts index 190c08dff8727..260ad4e0d6426 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts @@ -50,17 +50,10 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid const esClient = getService('es'); return new (class EndpointTelemetryTestResources { - private readonly supertest: TestAgent; - private readonly log: ReturnType; - private readonly esClient: ReturnType; - private readonly exceptionsGenerator: ExceptionsListItemGenerator; - - constructor() { - this.supertest = supertestSv; - this.log = log; - this.esClient = esClient; - this.exceptionsGenerator = new ExceptionsListItemGenerator(); - } + private readonly supertest = supertestSv; + private readonly log = log; + private readonly esClient = esClient; + private readonly exceptionsGenerator = new ExceptionsListItemGenerator(); getHttpResponseFailureHandler( ignoredStatusCodes: number[] = [] diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts index 4ed4b9bef2720..416c3014ab3a9 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts @@ -22,13 +22,8 @@ export function TimelineTestServiceProvider({ getService }: FtrProviderContext) const log = getService('log'); return new (class TimelineTestService { - private readonly supertest: ReturnType; - private readonly log: ReturnType; - - constructor() { - this.supertest = supertest; - this.log = log; - } + private readonly supertest = supertest; + private readonly log = log; /** * Returns an error handler for `supertest` request that will dump out more useful information From 44dc879fbecda22febf4807d8ecb2b885e0d8a19 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 13 Aug 2025 23:36:19 +0000 Subject: [PATCH 30/42] [CI] Auto-commit changed files from 'node scripts/lint_ts_projects --fix' --- x-pack/test/tsconfig.json | 8 -------- x-pack/test_serverless/tsconfig.json | 1 - 2 files changed, 9 deletions(-) diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json index 2244d83cb4c12..459c673a4e394 100644 --- a/x-pack/test/tsconfig.json +++ b/x-pack/test/tsconfig.json @@ -25,23 +25,15 @@ ], "kbn_references": [ "@kbn/test-suites-src", - "@kbn/security-solution-plugin", - "@kbn/spaces-plugin", "@kbn/test", "@kbn/ftr-common-functional-services", "@kbn/expect", "@kbn/rule-data-utils", "@kbn/test-subj-selector", "@kbn/rison", - "@kbn/core-http-common", "@kbn/dataset-quality-plugin", "@kbn/ftr-common-functional-ui-services", "@kbn/data-quality-plugin", - "@kbn/openapi-common", - "@kbn/securitysolution-lists-common", - "@kbn/securitysolution-exceptions-common", - "@kbn/securitysolution-endpoint-exceptions-common", - "@kbn/osquery-plugin", "@kbn/scout-info", "@kbn/test-suites-xpack-platform", "@kbn/ml-string-hash" diff --git a/x-pack/test_serverless/tsconfig.json b/x-pack/test_serverless/tsconfig.json index 88f089a311026..0be0cd4402e28 100644 --- a/x-pack/test_serverless/tsconfig.json +++ b/x-pack/test_serverless/tsconfig.json @@ -42,7 +42,6 @@ "@kbn/es", "@kbn/reporting-common", "@kbn/slo-plugin", - "@kbn/search-types", "@kbn/test-suites-src", "@kbn/scout-info", "@kbn/test-suites-xpack-platform", From 01653e57020c3ac194d532f38edf591ba4f0ce58 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 13 Aug 2025 23:57:19 +0000 Subject: [PATCH 31/42] [CI] Auto-commit changed files from 'yarn openapi:generate' --- .../services/security_solution_api.gen.ts | 2451 +++++++++++++++++ ...ty_solution_endpoint_exceptions_api.gen.ts | 116 + .../security_solution_exceptions_api.gen.ts | 299 ++ .../security_solution_lists_api.gen.ts | 295 ++ 4 files changed, 3161 insertions(+) create mode 100644 x-pack/test/api_integration/services/security_solution_api.gen.ts create mode 100644 x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts create mode 100644 x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts create mode 100644 x-pack/test/api_integration/services/security_solution_lists_api.gen.ts diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts new file mode 100644 index 0000000000000..b26d1f0c25a63 --- /dev/null +++ b/x-pack/test/api_integration/services/security_solution_api.gen.ts @@ -0,0 +1,2451 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; +import { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; +import { CleanDraftTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen'; +import { ConfigureRiskEngineSavedObjectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/engine_configure_saved_object_route.gen'; +import { CopyTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/copy_timeline/copy_timeline_route.gen'; +import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; +import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; +import { CreateDashboardMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { + CreateDashboardMigrationDashboardsRequestParamsInput, + CreateDashboardMigrationDashboardsRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { CreatePrivilegesImportIndexRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/create_index.gen'; +import { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/create.gen'; +import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; +import { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + CreateRuleMigrationRulesRequestParamsInput, + CreateRuleMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen'; +import { + CreateUpdateProtectionUpdatesNoteRequestParamsInput, + CreateUpdateProtectionUpdatesNoteRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen'; +import { + DeleteEntityEngineRequestQueryInput, + DeleteEntityEngineRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; +import { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; +import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; +import { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/delete.gen'; +import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; +import { DeleteRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; +import { DeprecatedTriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { EndpointExecuteActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/execute/execute.gen'; +import { EndpointFileDownloadRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_download/file_download.gen'; +import { EndpointFileInfoRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/file_info/file_info.gen'; +import { EndpointGetActionsDetailsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/details/details.gen'; +import { EndpointGetActionsListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/list/list.gen'; +import { EndpointGetActionsStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/status/status.gen'; +import { EndpointGetFileActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/get_file/get_file.gen'; +import { EndpointGetProcessesActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/running_procs/running_procs.gen'; +import { EndpointIsolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/isolate/isolate.gen'; +import { EndpointKillProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/kill_process/kill_process.gen'; +import { EndpointScanActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/scan/scan.gen'; +import { EndpointSuspendProcessActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/suspend_process/suspend_process.gen'; +import { EndpointUnisolateActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/unisolate/unisolate.gen'; +import { + ExportRulesRequestQueryInput, + ExportRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen'; +import { + ExportTimelinesRequestQueryInput, + ExportTimelinesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/timeline/export_timelines/export_timelines_route.gen'; +import { FinalizeAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen'; +import { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen'; +import { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; +import { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; +import { GetDashboardMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { GetDashboardMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; +import { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; +import { + GetEndpointSuggestionsRequestParamsInput, + GetEndpointSuggestionsRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; +import { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; +import { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; +import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; +import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; +import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen'; +import { + GetRuleExecutionEventsRequestQueryInput, + GetRuleExecutionEventsRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen'; +import { + GetRuleExecutionResultsRequestQueryInput, + GetRuleExecutionResultsRequestParamsInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen'; +import { GetRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationPrebuiltRulesRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationResourcesRequestQueryInput, + GetRuleMigrationResourcesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + GetRuleMigrationRulesRequestQueryInput, + GetRuleMigrationRulesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetRuleMigrationTranslationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { GetTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timeline/get_timeline_route.gen'; +import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timelines/get_timelines_route.gen'; +import { GetWorkflowInsightsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen'; +import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen'; +import { + InitEntityEngineRequestParamsInput, + InitEntityEngineRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/init.gen'; +import { InitEntityStoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/enable.gen'; +import { + InstallMigrationRulesRequestParamsInput, + InstallMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; +import { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; +import { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; +import { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; +import { + PerformRulesBulkActionRequestQueryInput, + PerformRulesBulkActionRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen'; +import { PersistFavoriteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_favorite/persist_favorite_route.gen'; +import { PersistNoteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_note/persist_note_route.gen'; +import { PersistPinnedEventRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/pinned_events/pinned_events_route.gen'; +import { PreviewRiskScoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/preview_route.gen'; +import { ReadAlertsMigrationStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen'; +import { ReadRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen'; +import { ResolveTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/resolve_timeline/resolve_timeline_route.gen'; +import { + RulePreviewRequestQueryInput, + RulePreviewRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_preview/rule_preview.gen'; +import { RunScriptActionRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/response_actions/run_script/run_script.gen'; +import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/query_signals/query_signals_route.gen'; +import { SearchPrivilegesIndicesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/search_indices.gen'; +import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen'; +import { SetAlertsStatusRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen'; +import { SetAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen'; +import { StartEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen'; +import { + StartRuleMigrationRequestParamsInput, + StartRuleMigrationRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { StopEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen'; +import { StopRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { SuggestUserProfilesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/users/suggest_user_profiles_route.gen'; +import { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; +import { + UpdateEntitySourceRequestParamsInput, + UpdateEntitySourceRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import { + UpdatePrivMonUserRequestParamsInput, + UpdatePrivMonUserRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/update.gen'; +import { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; +import { + UpdateRuleMigrationRequestParamsInput, + UpdateRuleMigrationRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateRuleMigrationIndexPatternRequestParamsInput, + UpdateRuleMigrationIndexPatternRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateRuleMigrationRulesRequestParamsInput, + UpdateRuleMigrationRulesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { + UpdateWorkflowInsightRequestParamsInput, + UpdateWorkflowInsightRequestBodyInput, +} from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import { + UpsertRuleMigrationResourcesRequestParamsInput, + UpsertRuleMigrationResourcesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * Migrations favor data integrity over shard size. Consequently, unused or orphaned indices are artifacts of +the migration process. A successful migration will result in both the old and new indices being present. +As such, the old, orphaned index can (and likely should) be deleted. + +While you can delete these indices manually, +the endpoint accomplishes this task by applying a deletion policy to the relevant index, causing it to be deleted +after 30 days. It also deletes other artifacts specific to the migration implementation. + + */ + alertsMigrationCleanup(props: AlertsMigrationCleanupProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + applyEntityEngineDataviewIndices(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_store/engines/apply_dataview_indices', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + assetCriticalityGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/asset_criticality/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Ensures that the packages needed for prebuilt detection rules to work are installed and up to date + */ + bootstrapPrebuiltRules(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace('/internal/detection_engine/prebuilt_rules/_bootstrap', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Bulk upsert up to 1000 asset criticality records. + +If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created. + + */ + bulkUpsertAssetCriticalityRecords( + props: BulkUpsertAssetCriticalityRecordsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality/bulk', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a clean draft Timeline or Timeline template for the current user. +> info +> If the user already has a draft Timeline, the existing draft Timeline is cleared and returned. + + */ + cleanDraftTimelines(props: CleanDraftTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Cleaning up the the Risk Engine by removing the indices, mapping and transforms + */ + cleanUpRiskEngine(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/risk_score/engine/dangerously_delete_data', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Configuring the Risk Engine Saved Object + */ + configureRiskEngineSavedObject( + props: ConfigureRiskEngineSavedObjectProps, + kibanaSpace: string = 'default' + ) { + return supertest + .patch(getRouteUrlForSpace('/api/risk_score/engine/saved_object/configure', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Copies and returns a timeline or timeline template. + + */ + copyTimeline(props: CopyTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/_copy', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Initiate a migration of detection alerts. +Migrations are initiated per index. While the process is neither destructive nor interferes with existing data, it may be resource-intensive. As such, it is recommended that you plan your migrations accordingly. + + */ + createAlertsMigration(props: CreateAlertsMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create or update an asset criticality record for a specific entity. + +If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created. + + */ + createAssetCriticalityRecord( + props: CreateAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Creates a new dashboard migration and returns the corresponding migration_id + */ + createDashboardMigration( + props: CreateDashboardMigrationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .put(getRouteUrlForSpace('/internal/siem_migrations/dashboards', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Adds dashboards to an alreayd existing dashboard migration + */ + createDashboardMigrationDashboards( + props: CreateDashboardMigrationDashboardsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/dashboards', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createEntitySource(props: CreateEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createPrivilegesImportIndex( + props: CreatePrivilegesImportIndexProps, + kibanaSpace: string = 'default' + ) { + return supertest + .put( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createPrivMonUser(props: CreatePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a new detection rule. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + +You can create the following types of rules: + +* **Custom query**: Searches the defined indices and creates an alert when a document matches the rule's KQL query. +* **Event correlation**: Searches the defined indices and creates an alert when results match an [Event Query Language (EQL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/eql.html) query. +* **Threshold**: Searches the defined indices and creates an alert when the number of times the specified field's value meets the threshold during a single execution. When there are multiple values that meet the threshold, an alert is generated for each value. + For example, if the threshold `field` is `source.ip` and its `value` is `10`, an alert is generated for every source IP address that appears in at least 10 of the rule's search results. If you're interested, see [Terms Aggregation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket-terms-aggregation.html) for more information. +* **Indicator match**: Creates an alert when fields match values defined in the specified [Elasticsearch index](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html). For example, you can create an index for IP addresses and use this index to create an alert whenever an event's `destination.ip` equals a value in the index. The index's field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/current/ecs-reference.html). +* **New terms**: Generates an alert for each new term detected in source documents within a specified time range. +* **ES|QL**: Uses [Elasticsearch Query Language (ES|QL)](https://www.elastic.co/guide/en/elasticsearch/reference/current/esql.html) to find events and aggregate search results. +* **Machine learning rules**: Creates an alert when a machine learning job discovers an anomaly above the defined threshold. +> info +> To create machine learning rules, you must have the [appropriate license](https://www.elastic.co/subscriptions) or use a [cloud deployment](https://cloud.elastic.co/registration). Additionally, for the machine learning rule to function correctly, the associated machine learning job must be running. + +To retrieve machine learning job IDs, which are required to create machine learning jobs, call the [Elasticsearch Get jobs API](https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-job.html). Machine learning jobs that contain `siem` in the `groups` field can be used to create rules: + +```json +... +"job_id": "linux_anomalous_network_activity_ecs", +"job_type": "anomaly_detector", +"job_version": "7.7.0", +"groups": [ + "auditbeat", + "process", + "siem" +], +... +``` + +Additionally, you can set up notifications for when rules create alerts. The notifications use the [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html). Each action type requires a connector. Connectors store the information required to send notifications via external systems. The following connector types are supported for rule notifications: + +* Slack +* Email +* PagerDuty +* Webhook +* Microsoft Teams +* IBM Resilient +* Jira +* ServiceNow ITSM +> info +> For more information on PagerDuty fields, see [Send a v2 Event](https://developer.pagerduty.com/docs/events-api-v2/trigger-events/). + +To retrieve connector IDs, which are required to configure rule notifications, call the [Find objects API](https://www.elastic.co/guide/en/kibana/current/saved-objects-api-find.html) with `"type": "action"` in the request payload. + +For detailed information on Kibana actions and alerting, and additional API calls, see: + +* [Alerting API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-alerting) +* [Alerting and Actions framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html) +* [Connectors API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-connectors) + + */ + createRule(props: CreateRuleProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Creates a new rule migration and returns the corresponding migration_id + */ + createRuleMigration(props: CreateRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/internal/siem_migrations/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Adds original vendor rules to an already existing migration. Can be called multiple times to add more rules + */ + createRuleMigrationRules( + props: CreateRuleMigrationRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a new Timeline or Timeline template. + */ + createTimelines(props: CreateTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + createUpdateProtectionUpdatesNote( + props: CreateUpdateProtectionUpdatesNoteProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/api/endpoint/protection_updates_note/{package_policy_id}', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + deleteAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete the asset criticality record for a specific entity. + */ + deleteAssetCriticalityRecord( + props: DeleteAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .delete(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + deleteEntityEngine(props: DeleteEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + deleteEntitySource(props: DeleteEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + deleteMonitoringEngine(props: DeleteMonitoringEngineProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/delete', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete a note from a Timeline using the note ID. + */ + deleteNote(props: DeleteNoteProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + deletePrivMonUser(props: DeletePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete a detection rule using the `rule_id` or `id` field. + +The URL query must include one of the following: + +* `id` - `DELETE /api/detection_engine/rules?id=` +* `rule_id`- `DELETE /api/detection_engine/rules?rule_id=` + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. + + */ + deleteRule(props: DeleteRuleProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Deletes a rule migration document stored in the system given the rule migration id + */ + deleteRuleMigration(props: DeleteRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete one or more Timelines or Timeline templates. + */ + deleteTimelines(props: DeleteTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Calculates and persists Risk Scores for an entity, returning the calculated risk score. + */ + deprecatedTriggerRiskScoreCalculation( + props: DeprecatedTriggerRiskScoreCalculationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/risk_scores/calculation/entity', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + disableMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/disable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + disableRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/disable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + enableRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/enable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Run a shell command on an endpoint. + */ + endpointExecuteAction(props: EndpointExecuteActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/execute', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Download a file from an endpoint. + */ + endpointFileDownload(props: EndpointFileDownloadProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}/file/{file_id}/download', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get information for the specified file using the file ID. + */ + endpointFileInfo(props: EndpointFileInfoProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}/file/{file_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of a response action using the action ID. + */ + endpointGetActionsDetails( + props: EndpointGetActionsDetailsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/endpoint/action/{action_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get a list of all response actions. + */ + endpointGetActionsList(props: EndpointGetActionsListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a response actions state, which reports whether encryption is enabled. + */ + endpointGetActionsState(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action/state', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the status of response actions for the specified agent IDs. + */ + endpointGetActionsStatus( + props: EndpointGetActionsStatusProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/action_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a file from an endpoint. + */ + endpointGetFileAction(props: EndpointGetFileActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/get_file', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Get a list of all processes running on an endpoint. + */ + endpointGetProcessesAction( + props: EndpointGetProcessesActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/running_procs', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Isolate an endpoint from the network. The endpoint remains isolated until it's released. + */ + endpointIsolateAction(props: EndpointIsolateActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/isolate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Terminate a running process on an endpoint. + */ + endpointKillProcessAction( + props: EndpointKillProcessActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/kill_process', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Scan a specific file or directory on an endpoint for malware. + */ + endpointScanAction(props: EndpointScanActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/scan', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Suspend a running process on an endpoint. + */ + endpointSuspendProcessAction( + props: EndpointSuspendProcessActionProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/suspend_process', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Release an isolated endpoint, allowing it to rejoin a network. + */ + endpointUnisolateAction(props: EndpointUnisolateActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/unisolate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Upload a file to an endpoint. + */ + endpointUploadAction(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/upload', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + entityStoreGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/entity_store/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Export detection rules to an `.ndjson` file. The following configuration items are also included in the `.ndjson` file: +- Actions +- Exception lists +> info +> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. + +> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. + +> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. + + */ + exportRules(props: ExportRulesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Export Timelines as an NDJSON file. + */ + exportTimelines(props: ExportTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Finalize successful migrations of detection alerts. This replaces the original index's alias with the successfully migrated index's alias. +The endpoint is idempotent; therefore, it can safely be used to poll a given migration and, upon completion, +finalize it. + + */ + finalizeAlertsMigration(props: FinalizeAlertsMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/finalize_migration', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * List asset criticality records, paging, sorting and filtering as needed. + */ + findAssetCriticalityRecords( + props: FindAssetCriticalityRecordsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/asset_criticality/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieve a paginated list of detection rules. By default, the first page is returned, with 20 results per page. + */ + findRules(props: FindRulesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the rule migrations stats for all migrations stored in the system + */ + getAllStatsRuleMigration(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/stats', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the asset criticality record for a specific entity. + */ + getAssetCriticalityRecord( + props: GetAssetCriticalityRecordProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/asset_criticality', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getAssetCriticalityStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/asset_criticality/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the dashboard migration document stored in the system given the dashboard migration id + */ + getDashboardMigration(props: GetDashboardMigrationProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/dashboards/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the dashboard migrations stats for given migrations stored in the system + */ + getDashboardMigrationStats( + props: GetDashboardMigrationStatsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/stats', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of the draft Timeline or Timeline template for the current user. If the user doesn't have a draft Timeline, an empty Timeline is returned. + */ + getDraftTimelines(props: GetDraftTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/_draft', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getEndpointMetadataList(props: GetEndpointMetadataListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/metadata', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getEndpointSuggestions(props: GetEndpointSuggestionsProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/api/endpoint/suggestions/{suggestion_type}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + getEntityEngine(props: GetEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getEntitySource(props: GetEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getEntityStoreStatus(props: GetEntityStoreStatusProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get all notes for a given document. + */ + getNotes(props: GetNotesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getPolicyResponse(props: GetPolicyResponseProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint/policy_response', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getPrivilegedAccessDetectionPackageStatus(kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + '/api/entity_analytics/privileged_user_monitoring/pad/status', + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getProtectionUpdatesNote( + props: GetProtectionUpdatesNoteProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/api/endpoint/protection_updates_note/{package_policy_id}', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Returns the status of both the legacy transform-based risk engine, as well as the new risk engine + */ + getRiskEngineStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_score/engine/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getRuleExecutionEvents(props: GetRuleExecutionEventsProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams( + '/internal/detection_engine/rules/{ruleId}/execution/events', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getRuleExecutionResults(props: GetRuleExecutionResultsProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams( + '/internal/detection_engine/rules/{ruleId}/execution/results', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the rule migration document stored in the system given the rule migration id + */ + getRuleMigration(props: GetRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves all related integrations + */ + getRuleMigrationIntegrations(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the stats of all the integrations for all the rule migrations, including the number of rules associated with the integration + */ + getRuleMigrationIntegrationsStats(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/integrations/stats', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves all available prebuilt rules (installed and installable) + */ + getRuleMigrationPrebuiltRules( + props: GetRuleMigrationPrebuiltRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/prebuilt_rules', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Identifies the privileges required for a SIEM rules migration and returns the missing privileges + */ + getRuleMigrationPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/siem_migrations/rules/missing_privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves resources for an existing SIEM rules migration + */ + getRuleMigrationResources( + props: GetRuleMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Identifies missing resources from all the rules of an existing SIEM rules migration + */ + getRuleMigrationResourcesMissing( + props: GetRuleMigrationResourcesMissingProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/resources/missing', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the the list of rules included in a migration given the migration id + */ + getRuleMigrationRules(props: GetRuleMigrationRulesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieves the stats of a SIEM rules migration using the migration id provided + */ + getRuleMigrationStats(props: GetRuleMigrationStatsProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/stats', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves the translation stats of a SIEM rules migration using the migration id provided + */ + getRuleMigrationTranslationStats( + props: GetRuleMigrationTranslationStatsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/translation_stats', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of an existing saved Timeline or Timeline template. + */ + getTimeline(props: GetTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all saved Timelines or Timeline templates. + */ + getTimelines(props: GetTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timelines', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + getWorkflowInsights(props: GetWorkflowInsightsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/api/endpoint/workflow_insights', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import detection rules from an `.ndjson` file, including actions and exception lists. The request must include: +- The `Content-Type: multipart/form-data` HTTP header. +- A link to the `.ndjson` file containing the rules. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. +> info +> To import rules with actions, you need at least Read privileges for the Action and Connectors feature. To overwrite or add new connectors, you need All privileges for the Actions and Connectors feature. To import rules without actions, you don’t need Actions and Connectors privileges. Refer to [Enable and access detections](https://www.elastic.co/guide/en/security/current/detections-permissions-section.html#enable-detections-ui) for more information. + +> info +> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules. + +> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules. + +> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately. + + */ + importRules(props: ImportRulesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import Timelines. + */ + importTimelines(props: ImportTimelinesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initEntityEngine(props: InitEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/init', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initEntityStore(props: InitEntityStoreProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_store/enable', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + initMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/init', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Initializes the Risk Engine by creating the necessary indices and mappings, removing old transforms, and starting the new risk engine + */ + initRiskEngine(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/engine/init', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Installs migration rules + */ + installMigrationRules(props: InstallMigrationRulesProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/install', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Install and update all Elastic prebuilt detection rules and Timelines. + +This endpoint allows you to install and update prebuilt detection rules and Timelines provided by Elastic. +When you call this endpoint, it will: +- Install any new prebuilt detection rules that are not currently installed in your system. +- Update any existing prebuilt detection rules that have been modified or improved by Elastic. +- Install any new prebuilt Timelines that are not currently installed in your system. +- Update any existing prebuilt Timelines that have been modified or improved by Elastic. + +This ensures that your detection engine is always up-to-date with the latest rules and Timelines, +providing you with the most current and effective threat detection capabilities. + + */ + installPrebuiltRulesAndTimelines(kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Install or update prepackaged Timelines. + */ + installPrepackedTimelines( + props: InstallPrepackedTimelinesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/timeline/_prepackaged', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + installPrivilegedAccessDetectionPackage(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + '/api/entity_analytics/privileged_user_monitoring/pad/install', + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + internalUploadAssetCriticalityRecords(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/asset_criticality/upload_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * List entities records, paging, sorting and filtering as needed. + */ + listEntities(props: ListEntitiesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/entities/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + listEntityEngines(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_store/engines', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + listEntitySources(props: ListEntitySourcesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/entity_source/list', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + listPrivMonUsers(props: ListPrivMonUsersProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update specific fields of an existing detection rule using the `rule_id` or `id` field. + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + patchRule(props: PatchRuleProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update an existing Timeline. You can update the title, description, date range, pinned events, pinned queries, and/or pinned saved queries of an existing Timeline. + */ + patchTimeline(props: PatchTimelineProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/timeline', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Apply a bulk action, such as bulk edit, duplicate, or delete, to multiple detection rules. The bulk action is applied to all rules that match the query or to the rules listed by their IDs. + +The edit action allows you to add, delete, or set tags, index patterns, investigation fields, rule actions and schedules for multiple rules at once. +The edit action is idempotent, meaning that if you add a tag to a rule that already has that tag, no changes are made. The same is true for other edit actions, for example removing an index pattern that is not specified in a rule will not result in any changes. The only exception is the `add_rule_actions` and `set_rule_actions` action, which is non-idempotent. This means that if you add or set a rule action to a rule that already has that action, a new action is created with a new unique ID. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + performRulesBulkAction(props: PerformRulesBulkActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/_bulk_action', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + /** + * Favorite a Timeline or Timeline template for the current user. + */ + persistFavoriteRoute(props: PersistFavoriteRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/timeline/_favorite', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Add a note to a Timeline or update an existing note. + */ + persistNoteRoute(props: PersistNoteRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/note', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Pin/unpin an event to/from an existing Timeline. + */ + persistPinnedEventRoute(props: PersistPinnedEventRouteProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/pinned_event', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Calculates and returns a list of Risk Scores, sorted by identifier_type and risk score. + */ + previewRiskScore(props: PreviewRiskScoreProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/preview', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + privmonBulkUploadUsersCsv(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/entity_analytics/monitoring/users/_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + privMonHealth(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/health', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Check if the current user has all required permissions for Privilege Monitoring + */ + privMonPrivileges(kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/privileges', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readAlertsIndex(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieve indices that contain detection alerts of a particular age, along with migration information for each of those indices. + */ + readAlertsMigrationStatus( + props: ReadAlertsMigrationStatusProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/signals/migration_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Retrieve the status of all Elastic prebuilt detection rules and Timelines. + +This endpoint provides detailed information about the number of custom rules, installed prebuilt rules, available prebuilt rules that are not installed, outdated prebuilt rules, installed prebuilt timelines, available prebuilt timelines that are not installed, and outdated prebuilt timelines. + + */ + readPrebuiltRulesAndTimelinesStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules/prepackaged/_status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieves whether or not the user is authenticated, and the user's Kibana +space and index privileges, which determine if the user can create an +index for the Elastic Security alerts generated by +detection engine rules. + + */ + readPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readRiskEngineSettings(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_score/engine/settings', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Retrieve a detection rule using the `rule_id` or `id` field. + +The URL query must include one of the following: + +* `id` - `GET /api/detection_engine/rules?id=` +* `rule_id` - `GET /api/detection_engine/rules?rule_id=` + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. + + */ + readRule(props: ReadRuleProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * List all unique tags from all detection rules. + */ + readTags(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/detection_engine/tags', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + resolveTimeline(props: ResolveTimelineProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/timeline/resolve', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + riskEngineGetPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/risk_engine/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + rulePreview(props: RulePreviewProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/rules/preview', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object) + .query(props.query); + }, + runEntityAnalyticsMigrations(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/entity_analytics/migrations/run', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Run a shell command on an endpoint. + */ + runScriptAction(props: RunScriptActionProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint/action/runscript', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. + */ + scheduleRiskEngineNow(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/risk_score/engine/schedule_now', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Find and/or aggregate detection alerts that match the given query. + */ + searchAlerts(props: SearchAlertsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/search', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + searchPrivilegesIndices(props: SearchPrivilegesIndicesProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace('/api/entity_analytics/monitoring/privileges/indices', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Assign users to detection alerts, and unassign them from alerts. +> info +> You cannot add and remove the same assignee in the same request. + + */ + setAlertAssignees(props: SetAlertAssigneesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/assignees', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Set the status of one or more detection alerts. + */ + setAlertsStatus(props: SetAlertsStatusProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * And tags to detection alerts, and remove them from alerts. +> info +> You cannot add and remove the same alert tag in the same request. + + */ + setAlertTags(props: SetAlertTagsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/detection_engine/signals/tags', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + startEntityEngine(props: StartEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/start', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Starts a SIEM rules migration using the migration id provided + */ + startRuleMigration(props: StartRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/start', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + stopEntityEngine(props: StopEntityEngineProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/entity_store/engines/{entityType}/stop', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Stops a running SIEM rules migration using the migration id provided + */ + stopRuleMigration(props: StopRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/stop', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Suggests user profiles. + */ + suggestUserProfiles(props: SuggestUserProfilesProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/detection_engine/users/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Calculates and persists Risk Scores for an entity, returning the calculated risk score. + */ + triggerRiskScoreCalculation( + props: TriggerRiskScoreCalculationProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/internal/risk_score/calculation/entity', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updateEntitySource(props: UpdateEntitySourceProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/entity_source/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updatePrivMonUser(props: UpdatePrivMonUserProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/entity_analytics/monitoring/users/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update a detection rule using the `rule_id` or `id` field. The original rule is replaced, and all unspecified fields are deleted. + +The difference between the `id` and `rule_id` is that the `id` is a unique rule identifier that is randomly generated when a rule is created and cannot be set, whereas `rule_id` is a stable rule identifier that can be assigned during rule creation. +> warn +> When used with [API key](https://www.elastic.co/docs/deploy-manage/api-keys) authentication, the user's key gets assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running. + +> If the API key that is used for authorization has different privileges than the key that created or most recently updated the rule, the rule behavior might change. + + */ + updateRule(props: UpdateRuleProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/detection_engine/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates rules migrations data + */ + updateRuleMigration(props: UpdateRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .patch( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates the index pattern for eligible and/or selected rules of a migration + */ + updateRuleMigrationIndexPattern( + props: UpdateRuleMigrationIndexPatternProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/rules/{migration_id}/update_index_pattern', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Updates rules migrations attributes + */ + updateRuleMigrationRules( + props: UpdateRuleMigrationRulesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .patch( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/rules', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + updateWorkflowInsight(props: UpdateWorkflowInsightProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/internal/api/endpoint/workflow_insights/{insightId}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + uploadAssetCriticalityRecords(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/asset_criticality/upload_csv', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Creates or updates resources for an existing SIEM rules migration + */ + upsertRuleMigrationResources( + props: UpsertRuleMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/internal/siem_migrations/rules/{migration_id}/resources', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface AlertsMigrationCleanupProps { + body: AlertsMigrationCleanupRequestBodyInput; +} +export interface BulkUpsertAssetCriticalityRecordsProps { + body: BulkUpsertAssetCriticalityRecordsRequestBodyInput; +} +export interface CleanDraftTimelinesProps { + body: CleanDraftTimelinesRequestBodyInput; +} +export interface ConfigureRiskEngineSavedObjectProps { + body: ConfigureRiskEngineSavedObjectRequestBodyInput; +} +export interface CopyTimelineProps { + body: CopyTimelineRequestBodyInput; +} +export interface CreateAlertsMigrationProps { + body: CreateAlertsMigrationRequestBodyInput; +} +export interface CreateAssetCriticalityRecordProps { + body: CreateAssetCriticalityRecordRequestBodyInput; +} +export interface CreateDashboardMigrationProps { + body: CreateDashboardMigrationRequestBodyInput; +} +export interface CreateDashboardMigrationDashboardsProps { + params: CreateDashboardMigrationDashboardsRequestParamsInput; + body: CreateDashboardMigrationDashboardsRequestBodyInput; +} +export interface CreateEntitySourceProps { + body: CreateEntitySourceRequestBodyInput; +} +export interface CreatePrivilegesImportIndexProps { + body: CreatePrivilegesImportIndexRequestBodyInput; +} +export interface CreatePrivMonUserProps { + body: CreatePrivMonUserRequestBodyInput; +} +export interface CreateRuleProps { + body: CreateRuleRequestBodyInput; +} +export interface CreateRuleMigrationProps { + body: CreateRuleMigrationRequestBodyInput; +} +export interface CreateRuleMigrationRulesProps { + params: CreateRuleMigrationRulesRequestParamsInput; + body: CreateRuleMigrationRulesRequestBodyInput; +} +export interface CreateTimelinesProps { + body: CreateTimelinesRequestBodyInput; +} +export interface CreateUpdateProtectionUpdatesNoteProps { + params: CreateUpdateProtectionUpdatesNoteRequestParamsInput; + body: CreateUpdateProtectionUpdatesNoteRequestBodyInput; +} +export interface DeleteAssetCriticalityRecordProps { + query: DeleteAssetCriticalityRecordRequestQueryInput; +} +export interface DeleteEntityEngineProps { + query: DeleteEntityEngineRequestQueryInput; + params: DeleteEntityEngineRequestParamsInput; +} +export interface DeleteEntitySourceProps { + params: DeleteEntitySourceRequestParamsInput; +} +export interface DeleteMonitoringEngineProps { + query: DeleteMonitoringEngineRequestQueryInput; +} +export interface DeleteNoteProps { + body: DeleteNoteRequestBodyInput; +} +export interface DeletePrivMonUserProps { + params: DeletePrivMonUserRequestParamsInput; +} +export interface DeleteRuleProps { + query: DeleteRuleRequestQueryInput; +} +export interface DeleteRuleMigrationProps { + params: DeleteRuleMigrationRequestParamsInput; +} +export interface DeleteTimelinesProps { + body: DeleteTimelinesRequestBodyInput; +} +export interface DeprecatedTriggerRiskScoreCalculationProps { + body: DeprecatedTriggerRiskScoreCalculationRequestBodyInput; +} +export interface EndpointExecuteActionProps { + body: EndpointExecuteActionRequestBodyInput; +} +export interface EndpointFileDownloadProps { + params: EndpointFileDownloadRequestParamsInput; +} +export interface EndpointFileInfoProps { + params: EndpointFileInfoRequestParamsInput; +} +export interface EndpointGetActionsDetailsProps { + params: EndpointGetActionsDetailsRequestParamsInput; +} +export interface EndpointGetActionsListProps { + query: EndpointGetActionsListRequestQueryInput; +} +export interface EndpointGetActionsStatusProps { + query: EndpointGetActionsStatusRequestQueryInput; +} +export interface EndpointGetFileActionProps { + body: EndpointGetFileActionRequestBodyInput; +} +export interface EndpointGetProcessesActionProps { + body: EndpointGetProcessesActionRequestBodyInput; +} +export interface EndpointIsolateActionProps { + body: EndpointIsolateActionRequestBodyInput; +} +export interface EndpointKillProcessActionProps { + body: EndpointKillProcessActionRequestBodyInput; +} +export interface EndpointScanActionProps { + body: EndpointScanActionRequestBodyInput; +} +export interface EndpointSuspendProcessActionProps { + body: EndpointSuspendProcessActionRequestBodyInput; +} +export interface EndpointUnisolateActionProps { + body: EndpointUnisolateActionRequestBodyInput; +} +export interface ExportRulesProps { + query: ExportRulesRequestQueryInput; + body: ExportRulesRequestBodyInput; +} +export interface ExportTimelinesProps { + query: ExportTimelinesRequestQueryInput; + body: ExportTimelinesRequestBodyInput; +} +export interface FinalizeAlertsMigrationProps { + body: FinalizeAlertsMigrationRequestBodyInput; +} +export interface FindAssetCriticalityRecordsProps { + query: FindAssetCriticalityRecordsRequestQueryInput; +} +export interface FindRulesProps { + query: FindRulesRequestQueryInput; +} +export interface GetAssetCriticalityRecordProps { + query: GetAssetCriticalityRecordRequestQueryInput; +} +export interface GetDashboardMigrationProps { + params: GetDashboardMigrationRequestParamsInput; +} +export interface GetDashboardMigrationStatsProps { + params: GetDashboardMigrationStatsRequestParamsInput; +} +export interface GetDraftTimelinesProps { + query: GetDraftTimelinesRequestQueryInput; +} +export interface GetEndpointMetadataListProps { + query: GetEndpointMetadataListRequestQueryInput; +} +export interface GetEndpointSuggestionsProps { + params: GetEndpointSuggestionsRequestParamsInput; + body: GetEndpointSuggestionsRequestBodyInput; +} +export interface GetEntityEngineProps { + params: GetEntityEngineRequestParamsInput; +} +export interface GetEntitySourceProps { + params: GetEntitySourceRequestParamsInput; +} +export interface GetEntityStoreStatusProps { + query: GetEntityStoreStatusRequestQueryInput; +} +export interface GetNotesProps { + query: GetNotesRequestQueryInput; +} +export interface GetPolicyResponseProps { + query: GetPolicyResponseRequestQueryInput; +} +export interface GetProtectionUpdatesNoteProps { + params: GetProtectionUpdatesNoteRequestParamsInput; +} +export interface GetRuleExecutionEventsProps { + query: GetRuleExecutionEventsRequestQueryInput; + params: GetRuleExecutionEventsRequestParamsInput; +} +export interface GetRuleExecutionResultsProps { + query: GetRuleExecutionResultsRequestQueryInput; + params: GetRuleExecutionResultsRequestParamsInput; +} +export interface GetRuleMigrationProps { + params: GetRuleMigrationRequestParamsInput; +} +export interface GetRuleMigrationPrebuiltRulesProps { + params: GetRuleMigrationPrebuiltRulesRequestParamsInput; +} +export interface GetRuleMigrationResourcesProps { + query: GetRuleMigrationResourcesRequestQueryInput; + params: GetRuleMigrationResourcesRequestParamsInput; +} +export interface GetRuleMigrationResourcesMissingProps { + params: GetRuleMigrationResourcesMissingRequestParamsInput; +} +export interface GetRuleMigrationRulesProps { + query: GetRuleMigrationRulesRequestQueryInput; + params: GetRuleMigrationRulesRequestParamsInput; +} +export interface GetRuleMigrationStatsProps { + params: GetRuleMigrationStatsRequestParamsInput; +} +export interface GetRuleMigrationTranslationStatsProps { + params: GetRuleMigrationTranslationStatsRequestParamsInput; +} +export interface GetTimelineProps { + query: GetTimelineRequestQueryInput; +} +export interface GetTimelinesProps { + query: GetTimelinesRequestQueryInput; +} +export interface GetWorkflowInsightsProps { + query: GetWorkflowInsightsRequestQueryInput; +} +export interface ImportRulesProps { + query: ImportRulesRequestQueryInput; +} +export interface ImportTimelinesProps { + body: ImportTimelinesRequestBodyInput; +} +export interface InitEntityEngineProps { + params: InitEntityEngineRequestParamsInput; + body: InitEntityEngineRequestBodyInput; +} +export interface InitEntityStoreProps { + body: InitEntityStoreRequestBodyInput; +} +export interface InstallMigrationRulesProps { + params: InstallMigrationRulesRequestParamsInput; + body: InstallMigrationRulesRequestBodyInput; +} +export interface InstallPrepackedTimelinesProps { + body: InstallPrepackedTimelinesRequestBodyInput; +} +export interface ListEntitiesProps { + query: ListEntitiesRequestQueryInput; +} +export interface ListEntitySourcesProps { + query: ListEntitySourcesRequestQueryInput; +} +export interface ListPrivMonUsersProps { + query: ListPrivMonUsersRequestQueryInput; +} +export interface PatchRuleProps { + body: PatchRuleRequestBodyInput; +} +export interface PatchTimelineProps { + body: PatchTimelineRequestBodyInput; +} +export interface PerformRulesBulkActionProps { + query: PerformRulesBulkActionRequestQueryInput; + body: PerformRulesBulkActionRequestBodyInput; +} +export interface PersistFavoriteRouteProps { + body: PersistFavoriteRouteRequestBodyInput; +} +export interface PersistNoteRouteProps { + body: PersistNoteRouteRequestBodyInput; +} +export interface PersistPinnedEventRouteProps { + body: PersistPinnedEventRouteRequestBodyInput; +} +export interface PreviewRiskScoreProps { + body: PreviewRiskScoreRequestBodyInput; +} +export interface ReadAlertsMigrationStatusProps { + query: ReadAlertsMigrationStatusRequestQueryInput; +} +export interface ReadRuleProps { + query: ReadRuleRequestQueryInput; +} +export interface ResolveTimelineProps { + query: ResolveTimelineRequestQueryInput; +} +export interface RulePreviewProps { + query: RulePreviewRequestQueryInput; + body: RulePreviewRequestBodyInput; +} +export interface RunScriptActionProps { + body: RunScriptActionRequestBodyInput; +} +export interface SearchAlertsProps { + body: SearchAlertsRequestBodyInput; +} +export interface SearchPrivilegesIndicesProps { + query: SearchPrivilegesIndicesRequestQueryInput; +} +export interface SetAlertAssigneesProps { + body: SetAlertAssigneesRequestBodyInput; +} +export interface SetAlertsStatusProps { + body: SetAlertsStatusRequestBodyInput; +} +export interface SetAlertTagsProps { + body: SetAlertTagsRequestBodyInput; +} +export interface StartEntityEngineProps { + params: StartEntityEngineRequestParamsInput; +} +export interface StartRuleMigrationProps { + params: StartRuleMigrationRequestParamsInput; + body: StartRuleMigrationRequestBodyInput; +} +export interface StopEntityEngineProps { + params: StopEntityEngineRequestParamsInput; +} +export interface StopRuleMigrationProps { + params: StopRuleMigrationRequestParamsInput; +} +export interface SuggestUserProfilesProps { + query: SuggestUserProfilesRequestQueryInput; +} +export interface TriggerRiskScoreCalculationProps { + body: TriggerRiskScoreCalculationRequestBodyInput; +} +export interface UpdateEntitySourceProps { + params: UpdateEntitySourceRequestParamsInput; + body: UpdateEntitySourceRequestBodyInput; +} +export interface UpdatePrivMonUserProps { + params: UpdatePrivMonUserRequestParamsInput; + body: UpdatePrivMonUserRequestBodyInput; +} +export interface UpdateRuleProps { + body: UpdateRuleRequestBodyInput; +} +export interface UpdateRuleMigrationProps { + params: UpdateRuleMigrationRequestParamsInput; + body: UpdateRuleMigrationRequestBodyInput; +} +export interface UpdateRuleMigrationIndexPatternProps { + params: UpdateRuleMigrationIndexPatternRequestParamsInput; + body: UpdateRuleMigrationIndexPatternRequestBodyInput; +} +export interface UpdateRuleMigrationRulesProps { + params: UpdateRuleMigrationRulesRequestParamsInput; + body: UpdateRuleMigrationRulesRequestBodyInput; +} +export interface UpdateWorkflowInsightProps { + params: UpdateWorkflowInsightRequestParamsInput; + body: UpdateWorkflowInsightRequestBodyInput; +} +export interface UpsertRuleMigrationResourcesProps { + params: UpsertRuleMigrationResourcesRequestParamsInput; + body: UpsertRuleMigrationResourcesRequestBodyInput; +} diff --git a/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts b/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts new file mode 100644 index 0000000000000..a72af9e4c0bb6 --- /dev/null +++ b/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts @@ -0,0 +1,116 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Endpoint Exceptions API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { CreateEndpointListItemRequestBodyInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.gen'; +import { DeleteEndpointListItemRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.gen'; +import { FindEndpointListItemsRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.gen'; +import { ReadEndpointListItemRequestQueryInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.gen'; +import { UpdateEndpointListItemRequestBodyInput } from '@kbn/securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. + */ + createEndpointList(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint_list', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. + */ + createEndpointListItem(props: CreateEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. + */ + deleteEndpointListItem(props: DeleteEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all Elastic Endpoint exception list items. + */ + findEndpointListItems(props: FindEndpointListItemsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint_list/items/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. + */ + readEndpointListItem(props: ReadEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. + */ + updateEndpointListItem(props: UpdateEndpointListItemProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/endpoint_list/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface CreateEndpointListItemProps { + body: CreateEndpointListItemRequestBodyInput; +} +export interface DeleteEndpointListItemProps { + query: DeleteEndpointListItemRequestQueryInput; +} +export interface FindEndpointListItemsProps { + query: FindEndpointListItemsRequestQueryInput; +} +export interface ReadEndpointListItemProps { + query: ReadEndpointListItemRequestQueryInput; +} +export interface UpdateEndpointListItemProps { + body: UpdateEndpointListItemRequestBodyInput; +} diff --git a/x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts b/x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts new file mode 100644 index 0000000000000..b195f6731c643 --- /dev/null +++ b/x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts @@ -0,0 +1,299 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Exceptions API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { CreateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list/create_exception_list.gen'; +import { CreateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_exception_list_item/create_exception_list_item.gen'; +import { + CreateRuleExceptionListItemsRequestParamsInput, + CreateRuleExceptionListItemsRequestBodyInput, +} from '@kbn/securitysolution-exceptions-common/api/create_rule_exceptions/create_rule_exceptions.gen'; +import { CreateSharedExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/create_shared_exceptions_list/create_shared_exceptions_list.gen'; +import { DeleteExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list/delete_exception_list.gen'; +import { DeleteExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/delete_exception_list_item/delete_exception_list_item.gen'; +import { DuplicateExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/duplicate_exception_list/duplicate_exception_list.gen'; +import { ExportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/export_exception_list/export_exception_list.gen'; +import { FindExceptionListItemsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_list_items/find_exception_list_items.gen'; +import { FindExceptionListsRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/find_exception_lists/find_exception_lists.gen'; +import { ImportExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/import_exceptions/import_exceptions.gen'; +import { ReadExceptionListRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list/read_exception_list.gen'; +import { ReadExceptionListItemRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_item/read_exception_list_item.gen'; +import { ReadExceptionListSummaryRequestQueryInput } from '@kbn/securitysolution-exceptions-common/api/read_exception_list_summary/read_exception_list_summary.gen'; +import { UpdateExceptionListRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list/update_exception_list.gen'; +import { UpdateExceptionListItemRequestBodyInput } from '@kbn/securitysolution-exceptions-common/api/update_exception_list_item/update_exception_list_item.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * An exception list groups exception items and can be associated with detection rules. You can assign exception lists to multiple detection rules. +> info +> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. + + */ + createExceptionList(props: CreateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create an exception item and associate it with the specified exception list. +> info +> Before creating exception items, you must create an exception list. + + */ + createExceptionListItem(props: CreateExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create exception items that apply to a single detection rule. + */ + createRuleExceptionListItems( + props: CreateRuleExceptionListItemsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams('/api/detection_engine/rules/{id}/exceptions', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * An exception list groups exception items and can be associated with detection rules. A shared exception list can apply to multiple detection rules. +> info +> All exception items added to the same list are evaluated using `OR` logic. That is, if any of the items in a list evaluate to `true`, the exception prevents the rule from generating an alert. Likewise, `OR` logic is used for evaluating exceptions when more than one exception list is assigned to a rule. To use the `AND` operator, you can define multiple clauses (`entries`) in a single exception item. + + */ + createSharedExceptionList( + props: CreateSharedExceptionListProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post(getRouteUrlForSpace('/api/exceptions/shared', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete an exception list using the `id` or `list_id` field. + */ + deleteExceptionList(props: DeleteExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete an exception list item using the `id` or `item_id` field. + */ + deleteExceptionListItem(props: DeleteExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Duplicate an existing exception list. + */ + duplicateExceptionList(props: DuplicateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_duplicate', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Export an exception list and its associated items to an NDJSON file. + */ + exportExceptionList(props: ExportExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all exception list items in the specified list. + */ + findExceptionListItems(props: FindExceptionListItemsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/items/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all exception list containers. + */ + findExceptionLists(props: FindExceptionListsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import an exception list and its associated items from an NDJSON file. + */ + importExceptionList(props: ImportExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/exception_lists/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an exception list using the `id` or `list_id` field. + */ + readExceptionList(props: ReadExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of an exception list item using the `id` or `item_id` field. + */ + readExceptionListItem(props: ReadExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a summary of the specified exception list. + */ + readExceptionListSummary( + props: ReadExceptionListSummaryProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get(getRouteUrlForSpace('/api/exception_lists/summary', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update an exception list using the `id` or `list_id` field. + */ + updateExceptionList(props: UpdateExceptionListProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/exception_lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update an exception list item using the `id` or `item_id` field. + */ + updateExceptionListItem(props: UpdateExceptionListItemProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/exception_lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface CreateExceptionListProps { + body: CreateExceptionListRequestBodyInput; +} +export interface CreateExceptionListItemProps { + body: CreateExceptionListItemRequestBodyInput; +} +export interface CreateRuleExceptionListItemsProps { + params: CreateRuleExceptionListItemsRequestParamsInput; + body: CreateRuleExceptionListItemsRequestBodyInput; +} +export interface CreateSharedExceptionListProps { + body: CreateSharedExceptionListRequestBodyInput; +} +export interface DeleteExceptionListProps { + query: DeleteExceptionListRequestQueryInput; +} +export interface DeleteExceptionListItemProps { + query: DeleteExceptionListItemRequestQueryInput; +} +export interface DuplicateExceptionListProps { + query: DuplicateExceptionListRequestQueryInput; +} +export interface ExportExceptionListProps { + query: ExportExceptionListRequestQueryInput; +} +export interface FindExceptionListItemsProps { + query: FindExceptionListItemsRequestQueryInput; +} +export interface FindExceptionListsProps { + query: FindExceptionListsRequestQueryInput; +} +export interface ImportExceptionListProps { + query: ImportExceptionListRequestQueryInput; +} +export interface ReadExceptionListProps { + query: ReadExceptionListRequestQueryInput; +} +export interface ReadExceptionListItemProps { + query: ReadExceptionListItemRequestQueryInput; +} +export interface ReadExceptionListSummaryProps { + query: ReadExceptionListSummaryRequestQueryInput; +} +export interface UpdateExceptionListProps { + body: UpdateExceptionListRequestBodyInput; +} +export interface UpdateExceptionListItemProps { + body: UpdateExceptionListItemRequestBodyInput; +} diff --git a/x-pack/test/api_integration/services/security_solution_lists_api.gen.ts b/x-pack/test/api_integration/services/security_solution_lists_api.gen.ts new file mode 100644 index 0000000000000..64de6940d77eb --- /dev/null +++ b/x-pack/test/api_integration/services/security_solution_lists_api.gen.ts @@ -0,0 +1,295 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Lists API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { CreateListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/create_list/create_list.gen'; +import { CreateListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/create_list_item/create_list_item.gen'; +import { DeleteListRequestQueryInput } from '@kbn/securitysolution-lists-common/api/delete_list/delete_list.gen'; +import { DeleteListItemRequestQueryInput } from '@kbn/securitysolution-lists-common/api/delete_list_item/delete_list_item.gen'; +import { ExportListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/export_list_items/export_list_items.gen'; +import { FindListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/find_list_items/find_list_items.gen'; +import { FindListsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/find_lists/find_lists.gen'; +import { ImportListItemsRequestQueryInput } from '@kbn/securitysolution-lists-common/api/import_list_items/import_list_items.gen'; +import { PatchListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/patch_list/patch_list.gen'; +import { PatchListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/patch_list_item/patch_list_item.gen'; +import { ReadListRequestQueryInput } from '@kbn/securitysolution-lists-common/api/read_list/read_list.gen'; +import { ReadListItemRequestQueryInput } from '@kbn/securitysolution-lists-common/api/read_list_item/read_list_item.gen'; +import { UpdateListRequestBodyInput } from '@kbn/securitysolution-lists-common/api/update_list/update_list.gen'; +import { UpdateListItemRequestBodyInput } from '@kbn/securitysolution-lists-common/api/update_list_item/update_list_item.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + /** + * Create a new value list. + */ + createList(props: CreateListProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create `.lists` and `.items` data streams in the relevant space. + */ + createListIndex(kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Create a value list item and associate it with the specified value list. + +All value list items in the same list must be the same type. For example, each list item in an `ip` list must define a specific IP address. +> info +> Before creating a list item, you must create a list. + + */ + createListItem(props: CreateListItemProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete a value list using the list ID. +> info +> When you delete a list, all of its list items are also deleted. + + */ + deleteList(props: DeleteListProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Delete the `.lists` and `.items` data streams. + */ + deleteListIndex(kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete a value list item using its `id`, or its `list_id` and `value` fields. + */ + deleteListItem(props: DeleteListItemProps, kibanaSpace: string = 'default') { + return supertest + .delete(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Export list item values from the specified value list. + */ + exportListItems(props: ExportListItemsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/items/_export', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get all value list items in the specified list. + */ + findListItems(props: FindListItemsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/items/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a paginated subset of value lists. By default, the first page is returned, with 20 results per page. + */ + findLists(props: FindListsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/_find', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Import value list items from a TXT or CSV file. The maximum file size is 9 million bytes. + +You can import items to a new or existing list. + + */ + importListItems(props: ImportListItemsProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/lists/items/_import', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Update specific fields of an existing list using the list `id`. + */ + patchList(props: PatchListProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update specific fields of an existing value list item using the item `id`. + */ + patchListItem(props: PatchListItemProps, kibanaSpace: string = 'default') { + return supertest + .patch(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Get the details of a value list using the list ID. + */ + readList(props: ReadListProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Verify that `.lists` and `.items` data streams exist. + */ + readListIndex(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/index', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of a value list item. + */ + readListItem(props: ReadListItemProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + readListPrivileges(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/lists/privileges', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Update a value list using the list `id`. The original list is replaced, and all unspecified fields are deleted. +> info +> You cannot modify the `id` value. + + */ + updateList(props: UpdateListProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/lists', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update a value list item using the list item ID. The original list item is replaced, and all unspecified fields are deleted. +> info +> You cannot modify the `id` value. + + */ + updateListItem(props: UpdateListItemProps, kibanaSpace: string = 'default') { + return supertest + .put(getRouteUrlForSpace('/api/lists/items', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + }; +} + +export interface CreateListProps { + body: CreateListRequestBodyInput; +} +export interface CreateListItemProps { + body: CreateListItemRequestBodyInput; +} +export interface DeleteListProps { + query: DeleteListRequestQueryInput; +} +export interface DeleteListItemProps { + query: DeleteListItemRequestQueryInput; +} +export interface ExportListItemsProps { + query: ExportListItemsRequestQueryInput; +} +export interface FindListItemsProps { + query: FindListItemsRequestQueryInput; +} +export interface FindListsProps { + query: FindListsRequestQueryInput; +} +export interface ImportListItemsProps { + query: ImportListItemsRequestQueryInput; +} +export interface PatchListProps { + body: PatchListRequestBodyInput; +} +export interface PatchListItemProps { + body: PatchListItemRequestBodyInput; +} +export interface ReadListProps { + query: ReadListRequestQueryInput; +} +export interface ReadListItemProps { + query: ReadListItemRequestQueryInput; +} +export interface UpdateListProps { + body: UpdateListRequestBodyInput; +} +export interface UpdateListItemProps { + body: UpdateListItemRequestBodyInput; +} From 00a94b2c9dcdc96827f885218db50035f191a58d Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 14 Aug 2025 00:12:15 +0000 Subject: [PATCH 32/42] [CI] Auto-commit changed files from 'security: 3rd-party dependencies' --- x-pack/test/tsconfig.json | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json index 459c673a4e394..04fa8e43db389 100644 --- a/x-pack/test/tsconfig.json +++ b/x-pack/test/tsconfig.json @@ -36,6 +36,13 @@ "@kbn/data-quality-plugin", "@kbn/scout-info", "@kbn/test-suites-xpack-platform", - "@kbn/ml-string-hash" + "@kbn/ml-string-hash", + "@kbn/core-http-common", + "@kbn/openapi-common", + "@kbn/spaces-plugin", + "@kbn/securitysolution-exceptions-common", + "@kbn/securitysolution-endpoint-exceptions-common", + "@kbn/securitysolution-lists-common", + "@kbn/security-solution-plugin" ] } From 4985a8f5ad4ebdccd4333906fb02a10927ca601c Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 14 Aug 2025 00:43:05 +0000 Subject: [PATCH 33/42] [CI] Auto-commit changed files from 'yarn openapi:generate' --- .../security_solution_osquery_api.gen.ts | 391 ++++++++++++++++++ 1 file changed, 391 insertions(+) create mode 100644 x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts diff --git a/x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts b/x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts new file mode 100644 index 0000000000000..2a71f7065b835 --- /dev/null +++ b/x-pack/test/api_integration/services/security_solution_osquery_api.gen.ts @@ -0,0 +1,391 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: API client for tests + * version: Bundle (no version) + */ + +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { replaceParams } from '@kbn/openapi-common/shared'; +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; + +import { GetAgentDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; +import { GetAgentPolicyRequestParamsInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; +import { GetAgentsRequestQueryInput } from '@kbn/osquery-plugin/common/api/fleet_wrapper/fleet_wrapper.gen'; +import { OsqueryCreateLiveQueryRequestBodyInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { OsqueryCreatePacksRequestBodyInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryCreateSavedQueryRequestBodyInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { OsqueryDeletePacksRequestParamsInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryDeleteSavedQueryRequestParamsInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { OsqueryFindLiveQueriesRequestQueryInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { OsqueryFindPacksRequestQueryInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryFindSavedQueriesRequestQueryInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { OsqueryGetLiveQueryDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { + OsqueryGetLiveQueryResultsRequestQueryInput, + OsqueryGetLiveQueryResultsRequestParamsInput, +} from '@kbn/osquery-plugin/common/api/live_query/live_queries.gen'; +import { OsqueryGetPacksDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { OsqueryGetSavedQueryDetailsRequestParamsInput } from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { + OsqueryUpdatePacksRequestParamsInput, + OsqueryUpdatePacksRequestBodyInput, +} from '@kbn/osquery-plugin/common/api/packs/packs.gen'; +import { + OsqueryUpdateSavedQueryRequestParamsInput, + OsqueryUpdateSavedQueryRequestBodyInput, +} from '@kbn/osquery-plugin/common/api/saved_query/saved_query.gen'; +import { ReadAssetsStatusRequestQueryInput } from '@kbn/osquery-plugin/common/api/asset/assets.gen'; +import { UpdateAssetsStatusRequestQueryInput } from '@kbn/osquery-plugin/common/api/asset/assets.gen'; +import { FtrProviderContext } from '../ftr_provider_context'; + +export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + return { + getAgentDetails(props: GetAgentDetailsProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/osquery/fleet_wrapper/agents/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgentPackagePolicies(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/package_policies', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgentPolicies(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/agent_policies', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgentPolicy(props: GetAgentPolicyProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/internal/osquery/fleet_wrapper/agent_policies/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + getAgents(props: GetAgentsProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/fleet_wrapper/agents', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Create and run a live query. + */ + osqueryCreateLiveQuery(props: OsqueryCreateLiveQueryProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/osquery/live_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create a query pack. + */ + osqueryCreatePacks(props: OsqueryCreatePacksProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/osquery/packs', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Create and run a saved query. + */ + osqueryCreateSavedQuery(props: OsqueryCreateSavedQueryProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/api/osquery/saved_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Delete a query pack using the pack ID. + */ + osqueryDeletePacks(props: OsqueryDeletePacksProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Delete a saved query using the query ID. + */ + osqueryDeleteSavedQuery(props: OsqueryDeleteSavedQueryProps, kibanaSpace: string = 'default') { + return supertest + .delete( + getRouteUrlForSpace( + replaceParams('/api/osquery/saved_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get a list of all live queries. + */ + osqueryFindLiveQueries(props: OsqueryFindLiveQueriesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/osquery/live_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all query packs. + */ + osqueryFindPacks(props: OsqueryFindPacksProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/osquery/packs', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get a list of all saved queries. + */ + osqueryFindSavedQueries(props: OsqueryFindSavedQueriesProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/api/osquery/saved_queries', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of a live query using the query ID. + */ + osqueryGetLiveQueryDetails( + props: OsqueryGetLiveQueryDetailsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/osquery/live_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the results of a live query using the query action ID. + */ + osqueryGetLiveQueryResults( + props: OsqueryGetLiveQueryResultsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/osquery/live_queries/{id}/results/{actionId}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Get the details of a query pack using the pack ID. + */ + osqueryGetPacksDetails(props: OsqueryGetPacksDetailsProps, kibanaSpace: string = 'default') { + return supertest + .get( + getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Get the details of a saved query using the query ID. + */ + osqueryGetSavedQueryDetails( + props: OsqueryGetSavedQueryDetailsProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams('/api/osquery/saved_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + /** + * Update a query pack using the pack ID. +> info +> You cannot update a prebuilt pack. + + */ + osqueryUpdatePacks(props: OsqueryUpdatePacksProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace(replaceParams('/api/osquery/packs/{id}', props.params), kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + /** + * Update a saved query using the query ID. +> info +> You cannot update a prebuilt saved query. + + */ + osqueryUpdateSavedQuery(props: OsqueryUpdateSavedQueryProps, kibanaSpace: string = 'default') { + return supertest + .put( + getRouteUrlForSpace( + replaceParams('/api/osquery/saved_queries/{id}', props.params), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, + readAssetsStatus(props: ReadAssetsStatusProps, kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/assets', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + readInstallationStatus(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/status', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + readPrivilegesCheck(kibanaSpace: string = 'default') { + return supertest + .get(getRouteUrlForSpace('/internal/osquery/privileges_check', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, + updateAssetsStatus(props: UpdateAssetsStatusProps, kibanaSpace: string = 'default') { + return supertest + .post(getRouteUrlForSpace('/internal/osquery/assets/update', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + }; +} + +export interface GetAgentDetailsProps { + params: GetAgentDetailsRequestParamsInput; +} +export interface GetAgentPolicyProps { + params: GetAgentPolicyRequestParamsInput; +} +export interface GetAgentsProps { + query: GetAgentsRequestQueryInput; +} +export interface OsqueryCreateLiveQueryProps { + body: OsqueryCreateLiveQueryRequestBodyInput; +} +export interface OsqueryCreatePacksProps { + body: OsqueryCreatePacksRequestBodyInput; +} +export interface OsqueryCreateSavedQueryProps { + body: OsqueryCreateSavedQueryRequestBodyInput; +} +export interface OsqueryDeletePacksProps { + params: OsqueryDeletePacksRequestParamsInput; +} +export interface OsqueryDeleteSavedQueryProps { + params: OsqueryDeleteSavedQueryRequestParamsInput; +} +export interface OsqueryFindLiveQueriesProps { + query: OsqueryFindLiveQueriesRequestQueryInput; +} +export interface OsqueryFindPacksProps { + query: OsqueryFindPacksRequestQueryInput; +} +export interface OsqueryFindSavedQueriesProps { + query: OsqueryFindSavedQueriesRequestQueryInput; +} +export interface OsqueryGetLiveQueryDetailsProps { + params: OsqueryGetLiveQueryDetailsRequestParamsInput; +} +export interface OsqueryGetLiveQueryResultsProps { + query: OsqueryGetLiveQueryResultsRequestQueryInput; + params: OsqueryGetLiveQueryResultsRequestParamsInput; +} +export interface OsqueryGetPacksDetailsProps { + params: OsqueryGetPacksDetailsRequestParamsInput; +} +export interface OsqueryGetSavedQueryDetailsProps { + params: OsqueryGetSavedQueryDetailsRequestParamsInput; +} +export interface OsqueryUpdatePacksProps { + params: OsqueryUpdatePacksRequestParamsInput; + body: OsqueryUpdatePacksRequestBodyInput; +} +export interface OsqueryUpdateSavedQueryProps { + params: OsqueryUpdateSavedQueryRequestParamsInput; + body: OsqueryUpdateSavedQueryRequestBodyInput; +} +export interface ReadAssetsStatusProps { + query: ReadAssetsStatusRequestQueryInput; +} +export interface UpdateAssetsStatusProps { + query: UpdateAssetsStatusRequestQueryInput; +} From f56b00552ec02de2b13e1520b2faa34bb607622c Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 14 Aug 2025 00:56:44 +0000 Subject: [PATCH 34/42] [CI] Auto-commit changed files from 'security: 3rd-party dependencies' --- x-pack/test/tsconfig.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json index 04fa8e43db389..927d65f6c959f 100644 --- a/x-pack/test/tsconfig.json +++ b/x-pack/test/tsconfig.json @@ -43,6 +43,7 @@ "@kbn/securitysolution-exceptions-common", "@kbn/securitysolution-endpoint-exceptions-common", "@kbn/securitysolution-lists-common", - "@kbn/security-solution-plugin" + "@kbn/security-solution-plugin", + "@kbn/osquery-plugin" ] } From 060c2f0f2ea6da37094a267017e16e43f2849daf Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 07:26:07 +0200 Subject: [PATCH 35/42] fix TS error in detections.ts --- .../test/security_solution_endpoint/services/detections.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts index 2281d5a33f762..f489d442fb197 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts @@ -32,7 +32,6 @@ export function DetectionsTestServiceProvider({ getService }: FtrProviderContext private readonly supertest = supertest; private readonly log = log; private readonly retry = retry; - private readonly config = config; private readonly esClient = esClient; private readonly defaultTimeout = config.get('timeouts.waitFor'); From 8773d8285fcd078a4dc385d65ef8c05449d13a15 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 08:03:30 +0200 Subject: [PATCH 36/42] update exported class property --- .../services/detections.ts | 10 +++++----- .../security_solution_endpoint/services/endpoint.ts | 12 ++++++------ .../services/endpoint_artifacts.ts | 8 ++++---- .../security_solution_endpoint/services/timeline.ts | 4 ++-- x-pack/test/api_integration/services/index.ts | 1 - 5 files changed, 17 insertions(+), 18 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts index f489d442fb197..2bd60d4e1c476 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/detections.ts @@ -29,11 +29,11 @@ export function DetectionsTestServiceProvider({ getService }: FtrProviderContext const esClient = getService('es'); return new (class DetectionsTestService { - private readonly supertest = supertest; - private readonly log = log; - private readonly retry = retry; - private readonly esClient = esClient; - private readonly defaultTimeout = config.get('timeouts.waitFor'); + readonly supertest = supertest; + readonly log = log; + readonly retry = retry; + readonly esClient = esClient; + readonly defaultTimeout = config.get('timeouts.waitFor'); /** * Returns an error handler for `supertest` request that will dump out more useful information diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts index 0f10debb8c7d8..db9061f51183a 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts @@ -81,12 +81,12 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext const log = getService('log'); return new (class EndpointTestResources { - private readonly esClient = esClient; - private readonly retry = retry; - private readonly kbnClient = kbnClient; - private readonly config = config; - private readonly supertest = supertest; - private readonly log = log; + readonly esClient = esClient; + readonly retry = retry; + readonly kbnClient = kbnClient; + readonly config = config; + readonly supertest = supertest; + readonly log = log; getScopedKbnClient(spaceId: string = DEFAULT_SPACE_ID): KbnClient { if (!spaceId || spaceId === DEFAULT_SPACE_ID) { diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts index 260ad4e0d6426..518cc3ea17e39 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint_artifacts.ts @@ -50,10 +50,10 @@ export function EndpointArtifactsTestResourcesProvider({ getService }: FtrProvid const esClient = getService('es'); return new (class EndpointTelemetryTestResources { - private readonly supertest = supertestSv; - private readonly log = log; - private readonly esClient = esClient; - private readonly exceptionsGenerator = new ExceptionsListItemGenerator(); + readonly supertest = supertestSv; + readonly log = log; + readonly esClient = esClient; + readonly exceptionsGenerator = new ExceptionsListItemGenerator(); getHttpResponseFailureHandler( ignoredStatusCodes: number[] = [] diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts index 416c3014ab3a9..b41ec186e6500 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/timeline.ts @@ -22,8 +22,8 @@ export function TimelineTestServiceProvider({ getService }: FtrProviderContext) const log = getService('log'); return new (class TimelineTestService { - private readonly supertest = supertest; - private readonly log = log; + readonly supertest = supertest; + readonly log = log; /** * Returns an error handler for `supertest` request that will dump out more useful information diff --git a/x-pack/test/api_integration/services/index.ts b/x-pack/test/api_integration/services/index.ts index 7f5f4921b5365..1d28d3a1cbe62 100644 --- a/x-pack/test/api_integration/services/index.ts +++ b/x-pack/test/api_integration/services/index.ts @@ -15,7 +15,6 @@ export const services = { ...commonServices, supertest: kibanaApiIntegrationServices.supertest, - esSupertestWithoutAuth: EsSupertestWithoutAuthProvider, usageAPI: UsageAPIProvider, ml: MachineLearningProvider, ingestManager: IngestManagerProvider, From 9496d964712b16e49f13bc60a5d9257287d829b9 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 08:37:31 +0200 Subject: [PATCH 37/42] remove private for endpoint function --- .../test/security_solution_endpoint/services/endpoint.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts index db9061f51183a..9144b2ec28b12 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/services/endpoint.ts @@ -221,7 +221,7 @@ export function EndpointTestResourcesProvider({ getService }: FtrProviderContext ); } - private async waitForIndex( + async waitForIndex( ids: string[], index: string, body: any = {}, From ae3671e74bef536464dc81c0969069eadce3441b Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 09:59:58 +0200 Subject: [PATCH 38/42] delete stale file --- .../semantic_text_indices.ts | 43 ------------------- 1 file changed, 43 deletions(-) delete mode 100644 x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts deleted file mode 100644 index 0afa92df6d5d9..0000000000000 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/semantic_text_indices.ts +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from 'expect'; -import { FtrProviderContext } from '../../../../../ftr_provider_context'; -import { getKnowledgeBaseIndices } from '../utils/helpers'; - -export default ({ getService }: FtrProviderContext) => { - const supertest = getService('supertest'); - const log = getService('log'); - const esArchiver = getService('esArchiver'); - - // FLAKY: https://github.com/elastic/kibana/issues/208603 - describe.skip('@ess Security AI Assistant - Indices with `semantic_text` fields', () => { - before(async () => { - await esArchiver.load( - 'x-pack/solutions/security/test/fixtures/es_archives/security_solution/ignore_fields' - ); - await esArchiver.load( - 'x-pack/solutions/security/test/fixtures/es_archives/security_solution/semantic_text_fields' - ); - }); - - after(async () => { - await esArchiver.unload( - 'x-pack/solutions/security/test/fixtures/es_archives/security_solution/ignore_fields' - ); - await esArchiver.unload( - 'x-pack/solutions/security/test/fixtures/es_archives/security_solution/semantic_text_fields' - ); - }); - - it('should return all existing indices with `semantic_text` fields', async () => { - const indices = await getKnowledgeBaseIndices({ supertest, log }); - - expect(indices).toEqual({ semantic_text_fields: ['content'] }); - }); - }); -}; From 9f4b7ea0ec5d9717eff9ef0deb5d87ae16d9be3f Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 13:34:32 +0200 Subject: [PATCH 39/42] fix page objects in security_solution_endpoint --- .../page_objects/detections.ts | 460 +++++++++--------- .../page_objects/hosts.ts | 105 ++-- .../page_objects/index.ts | 12 +- .../page_objects/timeline.ts | 250 +++++----- 4 files changed, 430 insertions(+), 397 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts index 44b284f16c178..8fcd8fca6a8ae 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts @@ -6,238 +6,256 @@ */ import { WebElementWrapper } from '@kbn/ftr-common-functional-ui-services'; -import { FtrService } from '../configs/ftr_provider_context'; +import { FtrProviderContext } from '../configs/ftr_provider_context'; const ALERT_TABLE_ROW_CSS_SELECTOR = '[data-test-subj="alertsTableIsLoaded"] .euiDataGridRow'; -export class DetectionsPageObject extends FtrService { - private readonly find = this.ctx.getService('find'); - private readonly common = this.ctx.getPageObject('common'); - private readonly testSubjects = this.ctx.getService('testSubjects'); - private readonly headerPageObjects = this.ctx.getPageObject('header'); - private readonly retry = this.ctx.getService('retry'); - private readonly defaultTimeoutMs = this.ctx.getService('config').get('timeouts.waitFor'); - - async navigateHome(): Promise { - await this.navigateToDetectionsPage(); - } - - /** - * Navigate to the Alerts list page. - * @param searchParams - * - * @example - * - * // filter list by alert only for a given host name - * navigateToAlerts(`query=(language:kuery,query:'host.hostname: "HOST-abc"')`) - */ - async navigateToAlerts(searchParams: string = ''): Promise { - await this.common.navigateToUrlWithBrowserHistory('securitySolution', '/alerts', searchParams, { - ensureCurrentUrl: !Boolean(searchParams), - }); - await this.headerPageObjects.waitUntilLoadingHasFinished(); - } - - async navigateToRules(): Promise { - await this.navigateToDetectionsPage('rules'); - } - - async navigateToCreateRule(): Promise { - await this.navigateToDetectionsPage('rules/create'); - } - - async replaceIndexPattern(): Promise { - const buttons = await this.find.allByCssSelector('[data-test-subj="comboBoxInput"] button'); - await buttons.map(async (button: WebElementWrapper) => await button.click()); - await this.testSubjects.setValue('comboBoxSearchInput', '*'); - } - - async openImportQueryModal(): Promise { - const element = await this.testSubjects.find('importQueryFromSavedTimeline'); - await element.click(500); - await this.testSubjects.exists('open-timeline-modal-body-filter-default'); - } - - async viewTemplatesInImportQueryModal(): Promise { - await this.common.clickAndValidate( - 'open-timeline-modal-body-filter-template', - 'timelines-table' - ); - } - - async closeImportQueryModal(): Promise { - await this.find.clickByCssSelector('.euiButtonIcon.euiModal__closeIcon'); - } - - async selectMachineLearningJob(): Promise { - await this.find.clickByCssSelector('[data-test-subj="mlJobSelect"] button'); - await this.find.clickByCssSelector('#high_distinct_count_error_message'); - } - - async openAddFilterPopover(): Promise { - const addButtons = await this.testSubjects.findAll('addFilter'); - await addButtons[1].click(); - await this.testSubjects.exists('saveFilter'); - } - - async closeAddFilterPopover(): Promise { - await this.testSubjects.click('cancelSaveFilter'); - } - - async toggleFilterActions(): Promise { - const filterActions = await this.testSubjects.findAll('addFilter'); - await filterActions[1].click(); - } - - async toggleSavedQueries(): Promise { - const filterActions = await this.find.allByCssSelector( - '[data-test-subj="saved-query-management-popover-button"]' - ); - await filterActions[1].click(); - } - - async addNameAndDescription( - name: string = 'test rule name', - description: string = 'test rule description' - ): Promise { - await this.find.setValue(`[aria-describedby="detectionEngineStepAboutRuleName"]`, name, 500); - await this.find.setValue( - `[aria-describedby="detectionEngineStepAboutRuleDescription"]`, - description, - 500 - ); - } - - async goBackToAllRules(): Promise { - await this.common.clickAndValidate('ruleDetailsBackToAllRules', 'create-new-rule'); - } - - async revealAdvancedSettings(): Promise { - await this.common.clickAndValidate( - 'advancedSettings', - 'detectionEngineStepAboutRuleReferenceUrls' - ); - } - - async preview(): Promise { - await this.common.clickAndValidate( - 'previewSubmitButton', - 'queryPreviewCustomHistogram', - undefined, - 500 - ); - } - - async continue(prefix: string): Promise { - await this.testSubjects.click(`${prefix}-continue`); - } - - async addCustomQuery(query: string): Promise { - await this.testSubjects.setValue('queryInput', query, undefined, 500); - } - - async selectMLRule(): Promise { - await this.common.clickAndValidate('machineLearningRuleType', 'mlJobSelect'); - } - - async selectEQLRule(): Promise { - await this.common.clickAndValidate('eqlRuleType', 'eqlQueryBarTextInput'); - } - - async selectIndicatorMatchRule(): Promise { - await this.common.clickAndValidate('threatMatchRuleType', 'comboBoxInput'); - } - - async selectThresholdRule(): Promise { - await this.common.clickAndValidate('thresholdRuleType', 'input'); - } - - async ensureOnAlertsPage(): Promise { - await this.testSubjects.existOrFail('detectionsAlertsPage'); - } - - /** - * Opens the first alert on the Alerts List page for the given host name - * @param hostName - */ - async openFirstAlertDetailsForHostName(hostName: string): Promise { - await this.ensureOnAlertsPage(); - - let foundAndHandled = false; - - // Get all event rows - const allEvents = await this.testSubjects.findService.allByCssSelector( - ALERT_TABLE_ROW_CSS_SELECTOR - ); - - for (const eventRow of allEvents) { - const hostNameButton = await this.testSubjects.findDescendant( - 'host-details-button', - eventRow +export function DetectionsPageObjectProvider({ getService, getPageObjects }: FtrProviderContext) { + const find = getService('find'); + const pageObjects = getPageObjects(['common', 'header']); + const testSubjects = getService('testSubjects'); + const retry = getService('retry'); + const defaultTimeoutMs = getService('config').get('timeouts.waitFor'); + + return new (class DetectionsTestService { + readonly find = find; + readonly pageObjects = pageObjects; + readonly testSubjects = testSubjects; + readonly retry = retry; + readonly defaultTimeout = defaultTimeoutMs; + + async navigateHome(): Promise { + await this.navigateToDetectionsPage(); + } + + /** + * Navigate to the Alerts list page. + * @param searchParams + * + * @example + * + * // filter list by alert only for a given host name + * navigateToAlerts(`query=(language:kuery,query:'host.hostname: "HOST-abc"')`) + */ + async navigateToAlerts(searchParams: string = ''): Promise { + await this.pageObjects.common.navigateToUrlWithBrowserHistory( + 'securitySolution', + '/alerts', + searchParams, + { + ensureCurrentUrl: !Boolean(searchParams), + } ); - const eventRowHostName = (await hostNameButton.getVisibleText()).trim(); - - if (eventRowHostName === hostName) { - const expandAlertButton = await this.testSubjects.findDescendant('expand-event', eventRow); - await expandAlertButton.click(); - await this.testSubjects.existOrFail('eventDetails'); - foundAndHandled = true; - break; - } + await this.pageObjects.header.waitUntilLoadingHasFinished(); } - if (!foundAndHandled) { - throw new Error(`no alerts found for host: ${hostName}`); + async navigateToRules(): Promise { + await this.navigateToDetectionsPage('rules'); } - } - /** - * Opens the Response console from the alert Details. Alert details must be already opened/displayed - */ - async openResponseConsoleFromAlertDetails(): Promise { - await this.testSubjects.existOrFail('eventDetails'); - await this.testSubjects.click('securitySolutionFlyoutFooterDropdownButton'); - await this.testSubjects.clickWhenNotDisabled('endpointResponseActions-action-item'); - await this.testSubjects.existOrFail('consolePageOverlay'); - } + async navigateToCreateRule(): Promise { + await this.navigateToDetectionsPage('rules/create'); + } - /** - * Clicks the refresh button on the Alerts page and waits for it to complete - */ - async clickRefresh(): Promise { - await this.ensureOnAlertsPage(); - await this.testSubjects.click('querySubmitButton'); + async replaceIndexPattern(): Promise { + const buttons = await this.find.allByCssSelector('[data-test-subj="comboBoxInput"] button'); + await buttons.map(async (button: WebElementWrapper) => await button.click()); + await this.testSubjects.setValue('comboBoxSearchInput', '*'); + } - // wait for refresh to complete - await this.retry.waitFor( - 'Alerts pages refresh button to be enabled', - async (): Promise => { - const refreshButton = await this.testSubjects.find('querySubmitButton'); + async openImportQueryModal(): Promise { + const element = await this.testSubjects.find('importQueryFromSavedTimeline'); + await element.click(500); + await this.testSubjects.exists('open-timeline-modal-body-filter-default'); + } - return (await refreshButton.isDisplayed()) && (await refreshButton.isEnabled()); - } - ); - } - - async waitForListToHaveAlerts(timeoutMs?: number): Promise { - await this.retry.waitForWithTimeout( - 'waiting for alerts to show up on alerts page', - timeoutMs ?? this.defaultTimeoutMs, - async (): Promise => { - await this.clickRefresh(); - - const allEventRows = await this.testSubjects.findService.allByCssSelector( - ALERT_TABLE_ROW_CSS_SELECTOR + async viewTemplatesInImportQueryModal(): Promise { + await this.pageObjects.common.clickAndValidate( + 'open-timeline-modal-body-filter-template', + 'timelines-table' + ); + } + + async closeImportQueryModal(): Promise { + await this.find.clickByCssSelector('.euiButtonIcon.euiModal__closeIcon'); + } + + async selectMachineLearningJob(): Promise { + await this.find.clickByCssSelector('[data-test-subj="mlJobSelect"] button'); + await this.find.clickByCssSelector('#high_distinct_count_error_message'); + } + + async openAddFilterPopover(): Promise { + const addButtons = await this.testSubjects.findAll('addFilter'); + await addButtons[1].click(); + await this.testSubjects.exists('saveFilter'); + } + + async closeAddFilterPopover(): Promise { + await this.testSubjects.click('cancelSaveFilter'); + } + + async toggleFilterActions(): Promise { + const filterActions = await this.testSubjects.findAll('addFilter'); + await filterActions[1].click(); + } + + async toggleSavedQueries(): Promise { + const filterActions = await this.find.allByCssSelector( + '[data-test-subj="saved-query-management-popover-button"]' + ); + await filterActions[1].click(); + } + + async addNameAndDescription( + name: string = 'test rule name', + description: string = 'test rule description' + ): Promise { + await this.find.setValue(`[aria-describedby="detectionEngineStepAboutRuleName"]`, name, 500); + await this.find.setValue( + `[aria-describedby="detectionEngineStepAboutRuleDescription"]`, + description, + 500 + ); + } + + async goBackToAllRules(): Promise { + await this.pageObjects.common.clickAndValidate( + 'ruleDetailsBackToAllRules', + 'create-new-rule' + ); + } + + async revealAdvancedSettings(): Promise { + await this.pageObjects.common.clickAndValidate( + 'advancedSettings', + 'detectionEngineStepAboutRuleReferenceUrls' + ); + } + + async preview(): Promise { + await this.pageObjects.common.clickAndValidate( + 'previewSubmitButton', + 'queryPreviewCustomHistogram', + undefined, + 500 + ); + } + + async continue(prefix: string): Promise { + await this.testSubjects.click(`${prefix}-continue`); + } + + async addCustomQuery(query: string): Promise { + await this.testSubjects.setValue('queryInput', query, undefined, 500); + } + + async selectMLRule(): Promise { + await this.pageObjects.common.clickAndValidate('machineLearningRuleType', 'mlJobSelect'); + } + + async selectEQLRule(): Promise { + await this.pageObjects.common.clickAndValidate('eqlRuleType', 'eqlQueryBarTextInput'); + } + + async selectIndicatorMatchRule(): Promise { + await this.pageObjects.common.clickAndValidate('threatMatchRuleType', 'comboBoxInput'); + } + + async selectThresholdRule(): Promise { + await this.pageObjects.common.clickAndValidate('thresholdRuleType', 'input'); + } + + async ensureOnAlertsPage(): Promise { + await this.testSubjects.existOrFail('detectionsAlertsPage'); + } + + /** + * Opens the first alert on the Alerts List page for the given host name + * @param hostName + */ + async openFirstAlertDetailsForHostName(hostName: string): Promise { + await this.ensureOnAlertsPage(); + + let foundAndHandled = false; + + // Get all event rows + const allEvents = await this.testSubjects.findService.allByCssSelector( + ALERT_TABLE_ROW_CSS_SELECTOR + ); + + for (const eventRow of allEvents) { + const hostNameButton = await this.testSubjects.findDescendant( + 'host-details-button', + eventRow ); + const eventRowHostName = (await hostNameButton.getVisibleText()).trim(); + + if (eventRowHostName === hostName) { + const expandAlertButton = await this.testSubjects.findDescendant( + 'expand-event', + eventRow + ); + await expandAlertButton.click(); + await this.testSubjects.existOrFail('eventDetails'); + foundAndHandled = true; + break; + } + } - return Boolean(allEventRows.length); + if (!foundAndHandled) { + throw new Error(`no alerts found for host: ${hostName}`); } - ); - } - - private async navigateToDetectionsPage(path: string = ''): Promise { - const subUrl = `detections${path ? `/${path}` : ''}`; - await this.common.navigateToUrl('securitySolution', subUrl, { - shouldUseHashForSubUrl: false, - }); - } + } + + /** + * Opens the Response console from the alert Details. Alert details must be already opened/displayed + */ + async openResponseConsoleFromAlertDetails(): Promise { + await this.testSubjects.existOrFail('eventDetails'); + await this.testSubjects.click('securitySolutionFlyoutFooterDropdownButton'); + await this.testSubjects.clickWhenNotDisabled('endpointResponseActions-action-item'); + await this.testSubjects.existOrFail('consolePageOverlay'); + } + + /** + * Clicks the refresh button on the Alerts page and waits for it to complete + */ + async clickRefresh(): Promise { + await this.ensureOnAlertsPage(); + await this.testSubjects.click('querySubmitButton'); + + // wait for refresh to complete + await this.retry.waitFor( + 'Alerts pages refresh button to be enabled', + async (): Promise => { + const refreshButton = await this.testSubjects.find('querySubmitButton'); + + return (await refreshButton.isDisplayed()) && (await refreshButton.isEnabled()); + } + ); + } + + async waitForListToHaveAlerts(timeoutMs?: number): Promise { + await this.retry.waitForWithTimeout( + 'waiting for alerts to show up on alerts page', + timeoutMs ?? this.defaultTimeoutMs, + async (): Promise => { + await this.clickRefresh(); + + const allEventRows = await this.testSubjects.findService.allByCssSelector( + ALERT_TABLE_ROW_CSS_SELECTOR + ); + + return Boolean(allEventRows.length); + } + ); + } + + async navigateToDetectionsPage(path: string = ''): Promise { + const subUrl = `detections${path ? `/${path}` : ''}`; + await this.pageObjects.common.navigateToUrl('securitySolution', subUrl, { + shouldUseHashForSubUrl: false, + }); + } + })(); } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts index 7ad44512e4d27..f445c9be8fddd 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts @@ -6,55 +6,62 @@ */ import { WebElementWrapper } from '@kbn/ftr-common-functional-ui-services'; -import { FtrService } from '../configs/ftr_provider_context'; - -export class HostsPageObject extends FtrService { - private readonly pageObjects = this.ctx.getPageObjects(['common', 'header']); - private readonly testSubjects = this.ctx.getService('testSubjects'); - - async navigateToHostDetails(hostName: string): Promise { - await this.pageObjects.common.navigateToUrl('securitySolution', `hosts/${hostName}`, { - shouldUseHashForSubUrl: false, - }); - await this.pageObjects.header.waitUntilLoadingHasFinished(); - } - - async ensureOnHostDetails(): Promise { - await this.testSubjects.existOrFail('hostDetailsPage'); - } - - /** - * Returns an object with the Endpoint overview data, where the keys are the visible labels in the UI. - * Must be on the Host details in order for this page object to work - */ - async hostDetailsEndpointOverviewData(): Promise> { - await this.ensureOnHostDetails(); - const endpointDescriptionLists: WebElementWrapper[] = await this.testSubjects.findAll( - 'endpoint-overview' - ); - - const data: Record = {}; - - for (const dlElement of endpointDescriptionLists) { - const $ = await dlElement.parseDomContent(); - - const title = $('dt') - .text() - .replace(/ /g, '') - .trim(); - - // The value could be draggable, in which case we need to grab the value displayed from a deeper element - const $ddElement = $('dd'); - const $valueContainer = $ddElement.find('.draggable-keyboard-wrapper .euiToolTipAnchor'); - - const value = ($valueContainer.length > 0 ? $valueContainer : $ddElement) - .text() - .replace(/ /g, '') - .trim(); - - data[title] = value; +import { FtrProviderContext } from '../configs/ftr_provider_context'; + +export function HostsPageObjectProvider({ getService, getPageObjects }: FtrProviderContext) { + const find = getService('find'); + const pageObjects = getPageObjects(['common', 'header']); + const testSubjects = getService('testSubjects'); + + return new (class HostsPageObject { + readonly find = find; + readonly pageObjects = pageObjects; + readonly testSubjects = testSubjects; + + async navigateToHostDetails(hostName: string): Promise { + await this.pageObjects.common.navigateToUrl('securitySolution', `hosts/${hostName}`, { + shouldUseHashForSubUrl: false, + }); + await this.pageObjects.header.waitUntilLoadingHasFinished(); } - return data; - } + async ensureOnHostDetails(): Promise { + await this.testSubjects.existOrFail('hostDetailsPage'); + } + + /** + * Returns an object with the Endpoint overview data, where the keys are the visible labels in the UI. + * Must be on the Host details in order for this page object to work + */ + async hostDetailsEndpointOverviewData(): Promise> { + await this.ensureOnHostDetails(); + const endpointDescriptionLists: WebElementWrapper[] = await this.testSubjects.findAll( + 'endpoint-overview' + ); + + const data: Record = {}; + + for (const dlElement of endpointDescriptionLists) { + const $ = await dlElement.parseDomContent(); + + const title = $('dt') + .text() + .replace(/ /g, '') + .trim(); + + // The value could be draggable, in which case we need to grab the value displayed from a deeper element + const $ddElement = $('dd'); + const $valueContainer = $ddElement.find('.draggable-keyboard-wrapper .euiToolTipAnchor'); + + const value = ($valueContainer.length > 0 ? $valueContainer : $ddElement) + .text() + .replace(/ /g, '') + .trim(); + + data[title] = value; + } + + return data; + } + })(); } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts index b18477765c078..b7a6ae43d289d 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/index.ts @@ -10,10 +10,10 @@ import { pageObjects as platformPageObjects } from '@kbn/test-suites-xpack-platf import { EndpointPageProvider } from './endpoint_page'; import { EndpointPageUtils } from './page_utils'; import { IngestManagerCreatePackagePolicy } from './ingest_manager_create_package_policy_page'; -import { DetectionsPageObject } from './detections'; -import { HostsPageObject } from './hosts'; +import { DetectionsPageObjectProvider } from './detections'; +import { HostsPageObjectProvider } from './hosts'; import { EndpointResponderPageObjects } from './endpoint_responder'; -import { TimelinePageObject } from './timeline'; +import { TimelinePageObjectProvider } from './timeline'; import { EndpointPolicyPageProvider } from './policy_page'; import { TrustedAppsPageProvider } from './trusted_apps_page'; import { FleetIntegrations } from './fleet_integrations_page'; @@ -25,9 +25,9 @@ export const pageObjects = { endpoint: EndpointPageProvider, endpointPageUtils: EndpointPageUtils, ingestManagerCreatePackagePolicy: IngestManagerCreatePackagePolicy, - detections: DetectionsPageObject, - timeline: TimelinePageObject, - hosts: HostsPageObject, + detections: DetectionsPageObjectProvider, + timeline: TimelinePageObjectProvider, + hosts: HostsPageObjectProvider, responder: EndpointResponderPageObjects, policy: EndpointPolicyPageProvider, trustedApps: TrustedAppsPageProvider, diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts index 6cea3221fff79..a1db95e1f737a 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts @@ -7,7 +7,7 @@ import { subj as testSubjSelector } from '@kbn/test-subj-selector'; import { DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP } from '@kbn/security-solution-plugin/common/test'; -import { FtrService } from '../configs/ftr_provider_context'; +import { FtrProviderContext } from '../configs/ftr_provider_context'; const TIMELINE_BOTTOM_BAR_CONTAINER_TEST_SUBJ = 'timeline-bottom-bar'; const TIMELINE_CLOSE_BUTTON_TEST_SUBJ = 'timeline-modal-header-close-button'; @@ -24,130 +24,138 @@ const TIMELINE_CSS_SELECTOR = Object.freeze({ )} `, }); -export class TimelinePageObject extends FtrService { - private readonly pageObjects = this.ctx.getPageObjects(['common', 'header']); - private readonly testSubjects = this.ctx.getService('testSubjects'); - private readonly retry = this.ctx.getService('retry'); - private readonly defaultTimeoutMs = this.ctx.getService('config').get('timeouts.waitFor'); - private readonly logger = this.ctx.getService('log'); - - async navigateToTimelineList(): Promise { - await this.pageObjects.common.navigateToUrlWithBrowserHistory('securitySolutionTimelines'); - await this.pageObjects.header.waitUntilLoadingHasFinished(); - } - - /** - * Ensure that the timeline bottom bar is accessible - */ - async ensureTimelineAccessible(): Promise { - await this.testSubjects.existOrFail(TIMELINE_BOTTOM_BAR_CONTAINER_TEST_SUBJ); - } - - async openTimelineFromBottomBar() { - await this.ensureTimelineAccessible(); - await this.testSubjects.findService.clickByCssSelector( - TIMELINE_CSS_SELECTOR.bottomBarTimelineTitle - ); - } - - async openTimelineById(id: string): Promise { - await this.openTimelineFromBottomBar(); - await this.testSubjects.click('timeline-bottom-bar-open-timeline'); - await this.testSubjects.findService.clickByCssSelector( - `${testSubjSelector('open-timeline-modal')} ${testSubjSelector(`timeline-title-${id}`)}` - ); - - await this.ensureTimelineIsOpen(); - } - - async closeTimeline(): Promise { - if (await this.testSubjects.exists(TIMELINE_CLOSE_BUTTON_TEST_SUBJ)) { - await this.testSubjects.click(TIMELINE_CLOSE_BUTTON_TEST_SUBJ); - await this.testSubjects.waitForHidden(TIMELINE_MODAL_PAGE_TEST_SUBJ); +export function TimelinePageObjectProvider({ getService, getPageObjects }: FtrProviderContext) { + const pageObjects = getPageObjects(['common', 'header']); + const testSubjects = getService('testSubjects'); + const retry = getService('retry'); + const defaultTimeoutMs = getService('config').get('timeouts.waitFor'); + const logger = getService('log'); + + return new (class TimelinePageObject { + readonly pageObjects = pageObjects; + readonly testSubjects = testSubjects; + readonly retry = retry; + readonly defaultTimeoutMs = defaultTimeoutMs; + readonly logger = logger; + + async navigateToTimelineList(): Promise { + await this.pageObjects.common.navigateToUrlWithBrowserHistory('securitySolutionTimelines'); + await this.pageObjects.header.waitUntilLoadingHasFinished(); } - } - - async ensureTimelineIsOpen(): Promise { - await this.testSubjects.existOrFail(TIMELINE_MODAL_PAGE_TEST_SUBJ); - } - - /** - * From a visible timeline, clicks the "view details" for an event on the list - * @param index - */ - async showEventDetails(index: number = 0): Promise { - await this.ensureTimelineIsOpen(); - await this.testSubjects.findService.clickByCssSelector( - `${testSubjSelector('event')}:nth-child(${index + 1}) ${testSubjSelector('expand-event')}` - ); - await this.testSubjects.existOrFail('eventDetails'); - } - - /** - * Clicks the Refresh button at the top of the timeline page and waits for the refresh to complete - */ - async clickRefresh(): Promise { - await this.ensureTimelineIsOpen(); - await this.pageObjects.header.waitUntilLoadingHasFinished(); - await ( - await this.testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) - ).isEnabled(); - await this.testSubjects.findService.clickByCssSelector(TIMELINE_CSS_SELECTOR.refreshButton); - await this.retry.waitFor( - 'Timeline refresh button to be enabled', - async (): Promise => { - return ( - await this.testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) - ).isEnabled(); + + /** + * Ensure that the timeline bottom bar is accessible + */ + async ensureTimelineAccessible(): Promise { + await this.testSubjects.existOrFail(TIMELINE_BOTTOM_BAR_CONTAINER_TEST_SUBJ); + } + + async openTimelineFromBottomBar() { + await this.ensureTimelineAccessible(); + await this.testSubjects.findService.clickByCssSelector( + TIMELINE_CSS_SELECTOR.bottomBarTimelineTitle + ); + } + + async openTimelineById(id: string): Promise { + await this.openTimelineFromBottomBar(); + await this.testSubjects.click('timeline-bottom-bar-open-timeline'); + await this.testSubjects.findService.clickByCssSelector( + `${testSubjSelector('open-timeline-modal')} ${testSubjSelector(`timeline-title-${id}`)}` + ); + + await this.ensureTimelineIsOpen(); + } + + async closeTimeline(): Promise { + if (await this.testSubjects.exists(TIMELINE_CLOSE_BUTTON_TEST_SUBJ)) { + await this.testSubjects.click(TIMELINE_CLOSE_BUTTON_TEST_SUBJ); + await this.testSubjects.waitForHidden(TIMELINE_MODAL_PAGE_TEST_SUBJ); } - ); - } - - /** - * Check to see if the timeline has events in the list - */ - async hasEvents(): Promise { - const eventRows = await this.testSubjects.findService.allByCssSelector( - `${testSubjSelector(TIMELINE_MODAL_PAGE_TEST_SUBJ)} ${testSubjSelector('event')}` - ); - - return eventRows.length > 0; - } - - /** - * Waits for events to be displayed in the timeline. It will click on the "Refresh" button to trigger a data fetch - * @param timeoutMs - */ - async waitForEvents(timeoutMs?: number): Promise { - if (await this.hasEvents()) { - this.logger.info(`Timeline already has events displayed`); - return; } - await this.retry.waitForWithTimeout( - 'waiting for events to show up on timeline', - timeoutMs ?? this.defaultTimeoutMs, - async (): Promise => { - await this.clickRefresh(); + async ensureTimelineIsOpen(): Promise { + await this.testSubjects.existOrFail(TIMELINE_MODAL_PAGE_TEST_SUBJ); + } + + /** + * From a visible timeline, clicks the "view details" for an event on the list + * @param index + */ + async showEventDetails(index: number = 0): Promise { + await this.ensureTimelineIsOpen(); + await this.testSubjects.findService.clickByCssSelector( + `${testSubjSelector('event')}:nth-child(${index + 1}) ${testSubjSelector('expand-event')}` + ); + await this.testSubjects.existOrFail('eventDetails'); + } - return this.hasEvents(); + /** + * Clicks the Refresh button at the top of the timeline page and waits for the refresh to complete + */ + async clickRefresh(): Promise { + await this.ensureTimelineIsOpen(); + await this.pageObjects.header.waitUntilLoadingHasFinished(); + await ( + await this.testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) + ).isEnabled(); + await this.testSubjects.findService.clickByCssSelector(TIMELINE_CSS_SELECTOR.refreshButton); + await this.retry.waitFor( + 'Timeline refresh button to be enabled', + async (): Promise => { + return ( + await this.testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) + ).isEnabled(); + } + ); + } + + /** + * Check to see if the timeline has events in the list + */ + async hasEvents(): Promise { + const eventRows = await this.testSubjects.findService.allByCssSelector( + `${testSubjSelector(TIMELINE_MODAL_PAGE_TEST_SUBJ)} ${testSubjSelector('event')}` + ); + + return eventRows.length > 0; + } + + /** + * Waits for events to be displayed in the timeline. It will click on the "Refresh" button to trigger a data fetch + * @param timeoutMs + */ + async waitForEvents(timeoutMs?: number): Promise { + if (await this.hasEvents()) { + this.logger.info(`Timeline already has events displayed`); + return; } - ); - } - - /** - * Sets the date range on the timeline by clicking on a commonly used preset from the super date picker - * @param range - */ - async setDateRange(range: keyof typeof DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP): Promise { - await this.ensureTimelineIsOpen(); - await this.testSubjects.findService.clickByCssSelector( - `${testSubjSelector(TIMELINE_TAB_QUERY_TEST_SUBJ)} ${testSubjSelector( - 'superDatePickerToggleQuickMenuButton' - )}` - ); - await this.testSubjects.existOrFail('superDatePickerQuickMenu'); - await this.testSubjects.click(DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP[range]); - await this.testSubjects.missingOrFail('superDatePickerQuickMenu'); - } + + await this.retry.waitForWithTimeout( + 'waiting for events to show up on timeline', + timeoutMs ?? this.defaultTimeoutMs, + async (): Promise => { + await this.clickRefresh(); + + return this.hasEvents(); + } + ); + } + + /** + * Sets the date range on the timeline by clicking on a commonly used preset from the super date picker + * @param range + */ + async setDateRange(range: keyof typeof DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP): Promise { + await this.ensureTimelineIsOpen(); + await this.testSubjects.findService.clickByCssSelector( + `${testSubjSelector(TIMELINE_TAB_QUERY_TEST_SUBJ)} ${testSubjSelector( + 'superDatePickerToggleQuickMenuButton' + )}` + ); + await this.testSubjects.existOrFail('superDatePickerQuickMenu'); + await this.testSubjects.click(DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP[range]); + await this.testSubjects.missingOrFail('superDatePickerQuickMenu'); + } + })(); } From fec5b27b44fc69e7e7c0dd63a1eed6ff8bcafd45 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 14:32:46 +0200 Subject: [PATCH 40/42] fix class property --- .../test/security_solution_endpoint/page_objects/detections.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts index 8fcd8fca6a8ae..842c0ecb33671 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts @@ -21,7 +21,7 @@ export function DetectionsPageObjectProvider({ getService, getPageObjects }: Ftr readonly pageObjects = pageObjects; readonly testSubjects = testSubjects; readonly retry = retry; - readonly defaultTimeout = defaultTimeoutMs; + readonly defaultTimeoutMs = defaultTimeoutMs; async navigateHome(): Promise { await this.navigateToDetectionsPage(); From 2017509ed126e8c1c61578bf096048ac19cecb62 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 15:45:12 +0200 Subject: [PATCH 41/42] do not return page objects as class instances --- .../page_objects/detections.ts | 161 ++++++++---------- .../page_objects/hosts.ts | 22 +-- .../page_objects/timeline.ts | 91 +++++----- 3 files changed, 123 insertions(+), 151 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts index 842c0ecb33671..5a81903288bc8 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts @@ -16,16 +16,10 @@ export function DetectionsPageObjectProvider({ getService, getPageObjects }: Ftr const retry = getService('retry'); const defaultTimeoutMs = getService('config').get('timeouts.waitFor'); - return new (class DetectionsTestService { - readonly find = find; - readonly pageObjects = pageObjects; - readonly testSubjects = testSubjects; - readonly retry = retry; - readonly defaultTimeoutMs = defaultTimeoutMs; - + return { async navigateHome(): Promise { await this.navigateToDetectionsPage(); - } + }, /** * Navigate to the Alerts list page. @@ -37,7 +31,7 @@ export function DetectionsPageObjectProvider({ getService, getPageObjects }: Ftr * navigateToAlerts(`query=(language:kuery,query:'host.hostname: "HOST-abc"')`) */ async navigateToAlerts(searchParams: string = ''): Promise { - await this.pageObjects.common.navigateToUrlWithBrowserHistory( + await pageObjects.common.navigateToUrlWithBrowserHistory( 'securitySolution', '/alerts', searchParams, @@ -45,129 +39,126 @@ export function DetectionsPageObjectProvider({ getService, getPageObjects }: Ftr ensureCurrentUrl: !Boolean(searchParams), } ); - await this.pageObjects.header.waitUntilLoadingHasFinished(); - } + await pageObjects.header.waitUntilLoadingHasFinished(); + }, async navigateToRules(): Promise { await this.navigateToDetectionsPage('rules'); - } + }, async navigateToCreateRule(): Promise { await this.navigateToDetectionsPage('rules/create'); - } + }, async replaceIndexPattern(): Promise { - const buttons = await this.find.allByCssSelector('[data-test-subj="comboBoxInput"] button'); + const buttons = await find.allByCssSelector('[data-test-subj="comboBoxInput"] button'); await buttons.map(async (button: WebElementWrapper) => await button.click()); - await this.testSubjects.setValue('comboBoxSearchInput', '*'); - } + await testSubjects.setValue('comboBoxSearchInput', '*'); + }, async openImportQueryModal(): Promise { - const element = await this.testSubjects.find('importQueryFromSavedTimeline'); + const element = await testSubjects.find('importQueryFromSavedTimeline'); await element.click(500); - await this.testSubjects.exists('open-timeline-modal-body-filter-default'); - } + await testSubjects.exists('open-timeline-modal-body-filter-default'); + }, async viewTemplatesInImportQueryModal(): Promise { - await this.pageObjects.common.clickAndValidate( + await pageObjects.common.clickAndValidate( 'open-timeline-modal-body-filter-template', 'timelines-table' ); - } + }, async closeImportQueryModal(): Promise { - await this.find.clickByCssSelector('.euiButtonIcon.euiModal__closeIcon'); - } + await find.clickByCssSelector('.euiButtonIcon.euiModal__closeIcon'); + }, async selectMachineLearningJob(): Promise { - await this.find.clickByCssSelector('[data-test-subj="mlJobSelect"] button'); - await this.find.clickByCssSelector('#high_distinct_count_error_message'); - } + await find.clickByCssSelector('[data-test-subj="mlJobSelect"] button'); + await find.clickByCssSelector('#high_distinct_count_error_message'); + }, async openAddFilterPopover(): Promise { - const addButtons = await this.testSubjects.findAll('addFilter'); + const addButtons = await testSubjects.findAll('addFilter'); await addButtons[1].click(); - await this.testSubjects.exists('saveFilter'); - } + await testSubjects.exists('saveFilter'); + }, async closeAddFilterPopover(): Promise { - await this.testSubjects.click('cancelSaveFilter'); - } + await testSubjects.click('cancelSaveFilter'); + }, async toggleFilterActions(): Promise { - const filterActions = await this.testSubjects.findAll('addFilter'); + const filterActions = await testSubjects.findAll('addFilter'); await filterActions[1].click(); - } + }, async toggleSavedQueries(): Promise { - const filterActions = await this.find.allByCssSelector( + const filterActions = await find.allByCssSelector( '[data-test-subj="saved-query-management-popover-button"]' ); await filterActions[1].click(); - } + }, async addNameAndDescription( name: string = 'test rule name', description: string = 'test rule description' ): Promise { - await this.find.setValue(`[aria-describedby="detectionEngineStepAboutRuleName"]`, name, 500); - await this.find.setValue( + await find.setValue(`[aria-describedby="detectionEngineStepAboutRuleName"]`, name, 500); + await find.setValue( `[aria-describedby="detectionEngineStepAboutRuleDescription"]`, description, 500 ); - } + }, async goBackToAllRules(): Promise { - await this.pageObjects.common.clickAndValidate( - 'ruleDetailsBackToAllRules', - 'create-new-rule' - ); - } + await pageObjects.common.clickAndValidate('ruleDetailsBackToAllRules', 'create-new-rule'); + }, async revealAdvancedSettings(): Promise { - await this.pageObjects.common.clickAndValidate( + await pageObjects.common.clickAndValidate( 'advancedSettings', 'detectionEngineStepAboutRuleReferenceUrls' ); - } + }, async preview(): Promise { - await this.pageObjects.common.clickAndValidate( + await pageObjects.common.clickAndValidate( 'previewSubmitButton', 'queryPreviewCustomHistogram', undefined, 500 ); - } + }, async continue(prefix: string): Promise { - await this.testSubjects.click(`${prefix}-continue`); - } + await testSubjects.click(`${prefix}-continue`); + }, async addCustomQuery(query: string): Promise { - await this.testSubjects.setValue('queryInput', query, undefined, 500); - } + await testSubjects.setValue('queryInput', query, undefined, 500); + }, async selectMLRule(): Promise { - await this.pageObjects.common.clickAndValidate('machineLearningRuleType', 'mlJobSelect'); - } + await pageObjects.common.clickAndValidate('machineLearningRuleType', 'mlJobSelect'); + }, async selectEQLRule(): Promise { - await this.pageObjects.common.clickAndValidate('eqlRuleType', 'eqlQueryBarTextInput'); - } + await pageObjects.common.clickAndValidate('eqlRuleType', 'eqlQueryBarTextInput'); + }, async selectIndicatorMatchRule(): Promise { - await this.pageObjects.common.clickAndValidate('threatMatchRuleType', 'comboBoxInput'); - } + await pageObjects.common.clickAndValidate('threatMatchRuleType', 'comboBoxInput'); + }, async selectThresholdRule(): Promise { - await this.pageObjects.common.clickAndValidate('thresholdRuleType', 'input'); - } + await pageObjects.common.clickAndValidate('thresholdRuleType', 'input'); + }, async ensureOnAlertsPage(): Promise { - await this.testSubjects.existOrFail('detectionsAlertsPage'); - } + await testSubjects.existOrFail('detectionsAlertsPage'); + }, /** * Opens the first alert on the Alerts List page for the given host name @@ -179,24 +170,18 @@ export function DetectionsPageObjectProvider({ getService, getPageObjects }: Ftr let foundAndHandled = false; // Get all event rows - const allEvents = await this.testSubjects.findService.allByCssSelector( + const allEvents = await testSubjects.findService.allByCssSelector( ALERT_TABLE_ROW_CSS_SELECTOR ); for (const eventRow of allEvents) { - const hostNameButton = await this.testSubjects.findDescendant( - 'host-details-button', - eventRow - ); + const hostNameButton = await testSubjects.findDescendant('host-details-button', eventRow); const eventRowHostName = (await hostNameButton.getVisibleText()).trim(); if (eventRowHostName === hostName) { - const expandAlertButton = await this.testSubjects.findDescendant( - 'expand-event', - eventRow - ); + const expandAlertButton = await testSubjects.findDescendant('expand-event', eventRow); await expandAlertButton.click(); - await this.testSubjects.existOrFail('eventDetails'); + await testSubjects.existOrFail('eventDetails'); foundAndHandled = true; break; } @@ -205,57 +190,57 @@ export function DetectionsPageObjectProvider({ getService, getPageObjects }: Ftr if (!foundAndHandled) { throw new Error(`no alerts found for host: ${hostName}`); } - } + }, /** * Opens the Response console from the alert Details. Alert details must be already opened/displayed */ async openResponseConsoleFromAlertDetails(): Promise { - await this.testSubjects.existOrFail('eventDetails'); - await this.testSubjects.click('securitySolutionFlyoutFooterDropdownButton'); - await this.testSubjects.clickWhenNotDisabled('endpointResponseActions-action-item'); - await this.testSubjects.existOrFail('consolePageOverlay'); - } + await testSubjects.existOrFail('eventDetails'); + await testSubjects.click('securitySolutionFlyoutFooterDropdownButton'); + await testSubjects.clickWhenNotDisabled('endpointResponseActions-action-item'); + await testSubjects.existOrFail('consolePageOverlay'); + }, /** * Clicks the refresh button on the Alerts page and waits for it to complete */ async clickRefresh(): Promise { await this.ensureOnAlertsPage(); - await this.testSubjects.click('querySubmitButton'); + await testSubjects.click('querySubmitButton'); // wait for refresh to complete - await this.retry.waitFor( + await retry.waitFor( 'Alerts pages refresh button to be enabled', async (): Promise => { - const refreshButton = await this.testSubjects.find('querySubmitButton'); + const refreshButton = await testSubjects.find('querySubmitButton'); return (await refreshButton.isDisplayed()) && (await refreshButton.isEnabled()); } ); - } + }, async waitForListToHaveAlerts(timeoutMs?: number): Promise { - await this.retry.waitForWithTimeout( + await retry.waitForWithTimeout( 'waiting for alerts to show up on alerts page', - timeoutMs ?? this.defaultTimeoutMs, + timeoutMs ?? defaultTimeoutMs, async (): Promise => { await this.clickRefresh(); - const allEventRows = await this.testSubjects.findService.allByCssSelector( + const allEventRows = await testSubjects.findService.allByCssSelector( ALERT_TABLE_ROW_CSS_SELECTOR ); return Boolean(allEventRows.length); } ); - } + }, async navigateToDetectionsPage(path: string = ''): Promise { const subUrl = `detections${path ? `/${path}` : ''}`; - await this.pageObjects.common.navigateToUrl('securitySolution', subUrl, { + awaitpageObjects.common.navigateToUrl('securitySolution', subUrl, { shouldUseHashForSubUrl: false, }); - } - })(); + }, + }; } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts index f445c9be8fddd..cbec100567c7b 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts @@ -13,21 +13,17 @@ export function HostsPageObjectProvider({ getService, getPageObjects }: FtrProvi const pageObjects = getPageObjects(['common', 'header']); const testSubjects = getService('testSubjects'); - return new (class HostsPageObject { - readonly find = find; - readonly pageObjects = pageObjects; - readonly testSubjects = testSubjects; - + return { async navigateToHostDetails(hostName: string): Promise { - await this.pageObjects.common.navigateToUrl('securitySolution', `hosts/${hostName}`, { + await pageObjects.common.navigateToUrl('securitySolution', `hosts/${hostName}`, { shouldUseHashForSubUrl: false, }); - await this.pageObjects.header.waitUntilLoadingHasFinished(); - } + await pageObjects.header.waitUntilLoadingHasFinished(); + }, async ensureOnHostDetails(): Promise { - await this.testSubjects.existOrFail('hostDetailsPage'); - } + await testSubjects.existOrFail('hostDetailsPage'); + }, /** * Returns an object with the Endpoint overview data, where the keys are the visible labels in the UI. @@ -35,7 +31,7 @@ export function HostsPageObjectProvider({ getService, getPageObjects }: FtrProvi */ async hostDetailsEndpointOverviewData(): Promise> { await this.ensureOnHostDetails(); - const endpointDescriptionLists: WebElementWrapper[] = await this.testSubjects.findAll( + const endpointDescriptionLists: WebElementWrapper[] = await testSubjects.findAll( 'endpoint-overview' ); @@ -62,6 +58,6 @@ export function HostsPageObjectProvider({ getService, getPageObjects }: FtrProvi } return data; - } - })(); + }, + }; } diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts index a1db95e1f737a..5676cda9c05e3 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/timeline.ts @@ -31,52 +31,46 @@ export function TimelinePageObjectProvider({ getService, getPageObjects }: FtrPr const defaultTimeoutMs = getService('config').get('timeouts.waitFor'); const logger = getService('log'); - return new (class TimelinePageObject { - readonly pageObjects = pageObjects; - readonly testSubjects = testSubjects; - readonly retry = retry; - readonly defaultTimeoutMs = defaultTimeoutMs; - readonly logger = logger; - + return { async navigateToTimelineList(): Promise { - await this.pageObjects.common.navigateToUrlWithBrowserHistory('securitySolutionTimelines'); - await this.pageObjects.header.waitUntilLoadingHasFinished(); - } + await pageObjects.common.navigateToUrlWithBrowserHistory('securitySolutionTimelines'); + await pageObjects.header.waitUntilLoadingHasFinished(); + }, /** * Ensure that the timeline bottom bar is accessible */ async ensureTimelineAccessible(): Promise { - await this.testSubjects.existOrFail(TIMELINE_BOTTOM_BAR_CONTAINER_TEST_SUBJ); - } + await testSubjects.existOrFail(TIMELINE_BOTTOM_BAR_CONTAINER_TEST_SUBJ); + }, async openTimelineFromBottomBar() { await this.ensureTimelineAccessible(); - await this.testSubjects.findService.clickByCssSelector( + await testSubjects.findService.clickByCssSelector( TIMELINE_CSS_SELECTOR.bottomBarTimelineTitle ); - } + }, async openTimelineById(id: string): Promise { await this.openTimelineFromBottomBar(); - await this.testSubjects.click('timeline-bottom-bar-open-timeline'); - await this.testSubjects.findService.clickByCssSelector( + await testSubjects.click('timeline-bottom-bar-open-timeline'); + await testSubjects.findService.clickByCssSelector( `${testSubjSelector('open-timeline-modal')} ${testSubjSelector(`timeline-title-${id}`)}` ); await this.ensureTimelineIsOpen(); - } + }, async closeTimeline(): Promise { - if (await this.testSubjects.exists(TIMELINE_CLOSE_BUTTON_TEST_SUBJ)) { - await this.testSubjects.click(TIMELINE_CLOSE_BUTTON_TEST_SUBJ); - await this.testSubjects.waitForHidden(TIMELINE_MODAL_PAGE_TEST_SUBJ); + if (await testSubjects.exists(TIMELINE_CLOSE_BUTTON_TEST_SUBJ)) { + await testSubjects.click(TIMELINE_CLOSE_BUTTON_TEST_SUBJ); + await testSubjects.waitForHidden(TIMELINE_MODAL_PAGE_TEST_SUBJ); } - } + }, async ensureTimelineIsOpen(): Promise { - await this.testSubjects.existOrFail(TIMELINE_MODAL_PAGE_TEST_SUBJ); - } + await testSubjects.existOrFail(TIMELINE_MODAL_PAGE_TEST_SUBJ); + }, /** * From a visible timeline, clicks the "view details" for an event on the list @@ -84,42 +78,39 @@ export function TimelinePageObjectProvider({ getService, getPageObjects }: FtrPr */ async showEventDetails(index: number = 0): Promise { await this.ensureTimelineIsOpen(); - await this.testSubjects.findService.clickByCssSelector( + await testSubjects.findService.clickByCssSelector( `${testSubjSelector('event')}:nth-child(${index + 1}) ${testSubjSelector('expand-event')}` ); - await this.testSubjects.existOrFail('eventDetails'); - } + await testSubjects.existOrFail('eventDetails'); + }, /** * Clicks the Refresh button at the top of the timeline page and waits for the refresh to complete */ async clickRefresh(): Promise { await this.ensureTimelineIsOpen(); - await this.pageObjects.header.waitUntilLoadingHasFinished(); + await pageObjects.header.waitUntilLoadingHasFinished(); await ( - await this.testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) + await testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) ).isEnabled(); - await this.testSubjects.findService.clickByCssSelector(TIMELINE_CSS_SELECTOR.refreshButton); - await this.retry.waitFor( - 'Timeline refresh button to be enabled', - async (): Promise => { - return ( - await this.testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) - ).isEnabled(); - } - ); - } + await testSubjects.findService.clickByCssSelector(TIMELINE_CSS_SELECTOR.refreshButton); + await retry.waitFor('Timeline refresh button to be enabled', async (): Promise => { + return ( + await testSubjects.findService.byCssSelector(TIMELINE_CSS_SELECTOR.refreshButton) + ).isEnabled(); + }); + }, /** * Check to see if the timeline has events in the list */ async hasEvents(): Promise { - const eventRows = await this.testSubjects.findService.allByCssSelector( + const eventRows = await testSubjects.findService.allByCssSelector( `${testSubjSelector(TIMELINE_MODAL_PAGE_TEST_SUBJ)} ${testSubjSelector('event')}` ); return eventRows.length > 0; - } + }, /** * Waits for events to be displayed in the timeline. It will click on the "Refresh" button to trigger a data fetch @@ -127,20 +118,20 @@ export function TimelinePageObjectProvider({ getService, getPageObjects }: FtrPr */ async waitForEvents(timeoutMs?: number): Promise { if (await this.hasEvents()) { - this.logger.info(`Timeline already has events displayed`); + logger.info(`Timeline already has events displayed`); return; } - await this.retry.waitForWithTimeout( + await retry.waitForWithTimeout( 'waiting for events to show up on timeline', - timeoutMs ?? this.defaultTimeoutMs, + timeoutMs ?? defaultTimeoutMs, async (): Promise => { await this.clickRefresh(); return this.hasEvents(); } ); - } + }, /** * Sets the date range on the timeline by clicking on a commonly used preset from the super date picker @@ -148,14 +139,14 @@ export function TimelinePageObjectProvider({ getService, getPageObjects }: FtrPr */ async setDateRange(range: keyof typeof DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP): Promise { await this.ensureTimelineIsOpen(); - await this.testSubjects.findService.clickByCssSelector( + await testSubjects.findService.clickByCssSelector( `${testSubjSelector(TIMELINE_TAB_QUERY_TEST_SUBJ)} ${testSubjSelector( 'superDatePickerToggleQuickMenuButton' )}` ); - await this.testSubjects.existOrFail('superDatePickerQuickMenu'); - await this.testSubjects.click(DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP[range]); - await this.testSubjects.missingOrFail('superDatePickerQuickMenu'); - } - })(); + await testSubjects.existOrFail('superDatePickerQuickMenu'); + await testSubjects.click(DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP[range]); + await testSubjects.missingOrFail('superDatePickerQuickMenu'); + }, + }; } From f90dcfb139e15e57a62691280e8e6f106d370fae Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Thu, 14 Aug 2025 16:23:51 +0200 Subject: [PATCH 42/42] fix TS error --- .../test/security_solution_endpoint/page_objects/detections.ts | 2 +- .../test/security_solution_endpoint/page_objects/hosts.ts | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts index 5a81903288bc8..9664c06347c34 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/detections.ts @@ -238,7 +238,7 @@ export function DetectionsPageObjectProvider({ getService, getPageObjects }: Ftr async navigateToDetectionsPage(path: string = ''): Promise { const subUrl = `detections${path ? `/${path}` : ''}`; - awaitpageObjects.common.navigateToUrl('securitySolution', subUrl, { + await pageObjects.common.navigateToUrl('securitySolution', subUrl, { shouldUseHashForSubUrl: false, }); }, diff --git a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts index cbec100567c7b..2f05b5159c450 100644 --- a/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts +++ b/x-pack/solutions/security/test/security_solution_endpoint/page_objects/hosts.ts @@ -9,7 +9,6 @@ import { WebElementWrapper } from '@kbn/ftr-common-functional-ui-services'; import { FtrProviderContext } from '../configs/ftr_provider_context'; export function HostsPageObjectProvider({ getService, getPageObjects }: FtrProviderContext) { - const find = getService('find'); const pageObjects = getPageObjects(['common', 'header']); const testSubjects = getService('testSubjects');