diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/index.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/index.ts index 80c70bcb8f8cd..570956f3d6c06 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/index.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/index.ts @@ -9,5 +9,4 @@ export * from './asset_criticality'; export * from './risk_engine'; export * from './entity_store'; export * from './monitoring'; - export type { EntityAnalyticsPrivileges } from './common'; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/common.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/common.gen.ts similarity index 69% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/common.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/common.gen.ts index 7c5efb61280a3..5e889aaf596b6 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/common.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/common.gen.ts @@ -31,16 +31,16 @@ export const MonitoringEngineDescriptor = z.object({ status: PrivilegeMonitoringEngineStatus, }); -export type EngineComponentResource = z.infer; -export const EngineComponentResource = z.enum(['privmon_engine', 'index', 'task']); -export type EngineComponentResourceEnum = typeof EngineComponentResource.enum; -export const EngineComponentResourceEnum = EngineComponentResource.enum; +export type MonitoringEngineComponentResource = z.infer; +export const MonitoringEngineComponentResource = z.enum(['privmon_engine', 'index', 'task']); +export type MonitoringEngineComponentResourceEnum = typeof MonitoringEngineComponentResource.enum; +export const MonitoringEngineComponentResourceEnum = MonitoringEngineComponentResource.enum; -export type EngineComponentStatus = z.infer; -export const EngineComponentStatus = z.object({ +export type MonitoringEngineComponentStatus = z.infer; +export const MonitoringEngineComponentStatus = z.object({ id: z.string(), installed: z.boolean(), - resource: EngineComponentResource, + resource: MonitoringEngineComponentResource, health: z.enum(['green', 'yellow', 'red', 'unknown']).optional(), errors: z .array( diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/common.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/common.schema.yaml similarity index 88% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/common.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/common.schema.yaml index 3fc8ff6a04938..30027badc99aa 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/common.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/common.schema.yaml @@ -23,7 +23,7 @@ components: - disabled - not_installed - EngineComponentStatus: + MonitoringEngineComponentStatus: type: object required: - id @@ -35,7 +35,7 @@ components: installed: type: boolean resource: - $ref: "#/components/schemas/EngineComponentResource" + $ref: "#/components/schemas/MonitoringEngineComponentResource" health: type: string enum: @@ -53,7 +53,7 @@ components: message: type: string - EngineComponentResource: + MonitoringEngineComponentResource: type: string enum: - privmon_engine diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/delete.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/delete.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/delete.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/delete.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/delete.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/delete.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/delete.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/delete.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/disable.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/disable.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/disable.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/disable.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/disable.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/disable.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/disable.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/disable.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/index.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/index.ts new file mode 100644 index 0000000000000..8ce64495ec275 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/index.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './delete.gen'; +export * from './disable.gen'; +export * from './init.gen'; +export * from './schedule_now.gen'; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/init.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/init.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/init.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/init.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/init.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/init.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/init.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/init.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/schedule_now.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/schedule_now.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/schedule_now.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/schedule_now.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/schedule_now.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/schedule_now.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/engine/schedule_now.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/engine/schedule_now.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/health.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/health.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/health.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/health.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/health.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/health.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/health.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/health.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/index.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/index.ts index 597fa99d3bb30..9e97efdbb384e 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/index.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/index.ts @@ -5,4 +5,12 @@ * 2.0. */ +export * from './monitoring_entity_source/monitoring_entity_source.gen'; +export * from './privileged_access_detection'; +export * from './engine'; +export * from './users'; +export * from './common.gen'; +export * from './health.gen'; +export * from './privileges.gen'; export * from './search_indices.gen'; +export * from './create_index.gen'; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/index.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/index.ts new file mode 100644 index 0000000000000..8317bcd16ebc4 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './install.gen'; +export * from './status.gen'; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/install.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/install.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/install.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/install.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/install.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/install.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/install.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/install.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/status.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/status.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/status.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/status.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/status.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/status.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileged_access_detection/status.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileged_access_detection/status.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileges.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileges.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileges.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileges.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileges.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileges.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/privileges.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/privileges.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/common.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/common.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/common.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/common.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/common.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/common.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/common.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/common.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/create.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/create.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/create.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/create.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/create.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/create.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/create.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/create.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/delete.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/delete.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/delete.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/delete.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/delete.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/delete.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/delete.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/delete.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/index.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/index.ts new file mode 100644 index 0000000000000..259d897643685 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './common.gen'; +export * from './create.gen'; +export * from './delete.gen'; +export * from './list.gen'; +export * from './update.gen'; +export * from './upload_csv.gen'; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/list.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/list.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/list.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/list.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/list.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/list.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/list.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/list.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/update.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/update.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/update.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/update.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/update.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/update.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/update.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/update.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/upload_csv.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/upload_csv.gen.ts similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/upload_csv.gen.ts rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/upload_csv.gen.ts diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/upload_csv.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/upload_csv.schema.yaml similarity index 100% rename from x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/privilege_monitoring/users/upload_csv.schema.yaml rename to x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/monitoring/users/upload_csv.schema.yaml diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/index.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/index.ts index 98d62fd1b5a9e..a62672b831de3 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/index.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/risk_engine/index.ts @@ -17,3 +17,4 @@ export * from './entity_calculation_route.gen'; export * from './get_risk_engine_privileges.gen'; export * from './engine_cleanup_route.gen'; export * from './engine_configure_saved_object_route.gen'; +export * from './engine_schedule_now_route.gen'; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts index 30ceb264a86e6..abcfb57dc1f25 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts @@ -263,18 +263,14 @@ import type { CreatePrivilegesImportIndexRequestBodyInput, CreatePrivilegesImportIndexResponse, } from './entity_analytics/monitoring/create_index.gen'; -import type { - SearchPrivilegesIndicesRequestQueryInput, - SearchPrivilegesIndicesResponse, -} from './entity_analytics/monitoring/search_indices.gen'; import type { DeleteMonitoringEngineRequestQueryInput, DeleteMonitoringEngineResponse, -} from './entity_analytics/privilege_monitoring/engine/delete.gen'; -import type { DisableMonitoringEngineResponse } from './entity_analytics/privilege_monitoring/engine/disable.gen'; -import type { InitMonitoringEngineResponse } from './entity_analytics/privilege_monitoring/engine/init.gen'; -import type { ScheduleMonitoringEngineResponse } from './entity_analytics/privilege_monitoring/engine/schedule_now.gen'; -import type { PrivMonHealthResponse } from './entity_analytics/privilege_monitoring/health.gen'; +} from './entity_analytics/monitoring/engine/delete.gen'; +import type { DisableMonitoringEngineResponse } from './entity_analytics/monitoring/engine/disable.gen'; +import type { InitMonitoringEngineResponse } from './entity_analytics/monitoring/engine/init.gen'; +import type { ScheduleMonitoringEngineResponse } from './entity_analytics/monitoring/engine/schedule_now.gen'; +import type { PrivMonHealthResponse } from './entity_analytics/monitoring/health.gen'; import type { CreateEntitySourceRequestBodyInput, CreateEntitySourceResponse, @@ -286,28 +282,32 @@ import type { UpdateEntitySourceRequestParamsInput, UpdateEntitySourceRequestBodyInput, UpdateEntitySourceResponse, -} from './entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { InstallPrivilegedAccessDetectionPackageResponse } from './entity_analytics/privilege_monitoring/privileged_access_detection/install.gen'; -import type { GetPrivilegedAccessDetectionPackageStatusResponse } from './entity_analytics/privilege_monitoring/privileged_access_detection/status.gen'; -import type { PrivMonPrivilegesResponse } from './entity_analytics/privilege_monitoring/privileges.gen'; +} from './entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { InstallPrivilegedAccessDetectionPackageResponse } from './entity_analytics/monitoring/privileged_access_detection/install.gen'; +import type { GetPrivilegedAccessDetectionPackageStatusResponse } from './entity_analytics/monitoring/privileged_access_detection/status.gen'; +import type { PrivMonPrivilegesResponse } from './entity_analytics/monitoring/privileges.gen'; +import type { + SearchPrivilegesIndicesRequestQueryInput, + SearchPrivilegesIndicesResponse, +} from './entity_analytics/monitoring/search_indices.gen'; import type { CreatePrivMonUserRequestBodyInput, CreatePrivMonUserResponse, -} from './entity_analytics/privilege_monitoring/users/create.gen'; +} from './entity_analytics/monitoring/users/create.gen'; import type { DeletePrivMonUserRequestParamsInput, DeletePrivMonUserResponse, -} from './entity_analytics/privilege_monitoring/users/delete.gen'; +} from './entity_analytics/monitoring/users/delete.gen'; import type { ListPrivMonUsersRequestQueryInput, ListPrivMonUsersResponse, -} from './entity_analytics/privilege_monitoring/users/list.gen'; +} from './entity_analytics/monitoring/users/list.gen'; import type { UpdatePrivMonUserRequestParamsInput, UpdatePrivMonUserRequestBodyInput, UpdatePrivMonUserResponse, -} from './entity_analytics/privilege_monitoring/users/update.gen'; -import type { PrivmonBulkUploadUsersCSVResponse } from './entity_analytics/privilege_monitoring/users/upload_csv.gen'; +} from './entity_analytics/monitoring/users/update.gen'; +import type { PrivmonBulkUploadUsersCSVResponse } from './entity_analytics/monitoring/users/upload_csv.gen'; import type { CleanUpRiskEngineResponse } from './entity_analytics/risk_engine/engine_cleanup_route.gen'; import type { ConfigureRiskEngineSavedObjectRequestBodyInput, diff --git a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/constants.ts b/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/constants.ts index dba9c5fa017ee..af2c31d02217a 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/constants.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/constants.ts @@ -9,7 +9,8 @@ export * from './asset_criticality/constants'; export * from './risk_engine/constants'; export * from './risk_score/constants'; export * from './migrations/constants'; -export * from './privilege_monitoring/constants'; +export * from './privileged_user_monitoring/constants'; +export * from './entity_store/constants'; export const API_VERSIONS = { public: { diff --git a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privilege_monitoring/constants.ts b/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privilege_monitoring/constants.ts deleted file mode 100644 index 39f0405bb2dd8..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privilege_monitoring/constants.ts +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -// Static index names: may be more obvious and easier to manage. -export const privilegedMonitorBaseIndexName = '.entity_analytics.monitoring'; -export const ML_ANOMALIES_INDEX = '.ml-anomalies-shared'; - -// Default index for privileged monitoring users. -export const defaultMonitoringUsersIndex = (namespace: string) => - `entity_analytics.privileged_monitoring.${namespace}`; - -export const PRIVILEGE_MONITORING_PRIVILEGE_CHECK_API = - '/api/entity_analytics/monitoring/privileges/privileges'; diff --git a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/constants.ts b/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/constants.ts index 9d4fa22e47f9e..0e6bc6e5bc5f2 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/constants.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/constants.ts @@ -5,14 +5,38 @@ * 2.0. */ -export const PRIVMON_PUBLIC_URL = `/api/entity_analytics/monitoring` as const; -export const PRIVMON_ENGINE_PUBLIC_URL = `${PRIVMON_PUBLIC_URL}/engine` as const; -export const PRIVMON_USER_PUBLIC_CSV_UPLOAD_URL = `${PRIVMON_PUBLIC_URL}/users/_csv` as const; -export const PRIVMON_PUBLIC_INIT = `${PRIVMON_PUBLIC_URL}/engine/init` as const; -export const getPrivmonMonitoringSourceByIdUrl = (id: string) => - `${PRIVMON_PUBLIC_URL}/entity_source/${id}` as const; +// Static index names: may be more obvious and easier to manage. +export const PRIVMON_BASE_INDEX_NAME = '.entity_analytics.monitoring'; +export const ML_ANOMALIES_INDEX = '.ml-anomalies-shared'; +// CSV Upload export const PRIVMON_USERS_CSV_MAX_SIZE_BYTES = 1024 * 1024; // 1MB export const PRIVMON_USERS_CSV_SIZE_TOLERANCE_BYTES = 1024 * 50; // ~= 50kb export const PRIVMON_USERS_CSV_MAX_SIZE_BYTES_WITH_TOLERANCE = PRIVMON_USERS_CSV_MAX_SIZE_BYTES + PRIVMON_USERS_CSV_SIZE_TOLERANCE_BYTES; + +const MONITORING_URL = `/api/entity_analytics/monitoring` as const; + +// Monitoring users URLs +export const MONITORING_USERS_URL = `${MONITORING_URL}/users` as const; +export const MONITORING_USERS_CSV_UPLOAD_URL = `${MONITORING_USERS_URL}/_csv` as const; +export const MONITORING_USERS_LIST_URL = `${MONITORING_USERS_URL}/list` as const; + +// Monitoring entity source URLs +export const MONITORING_ENTITY_SOURCE_URL = `${MONITORING_URL}/entity_source` as const; +export const MONITORING_ENTITY_LIST_SOURCES_URL = `${MONITORING_ENTITY_SOURCE_URL}/list` as const; +export const getPrivmonMonitoringSourceByIdUrl = (id: string) => + `${MONITORING_ENTITY_SOURCE_URL}/${id}` as const; + +// Privilege Monitoring URLs +const PRIVMON_URL = `${MONITORING_URL}/privileges` as const; +export const PRIVMON_PRIVILEGE_CHECK_API = `${PRIVMON_URL}/privileges`; +export const PRIVMON_INDICES_URL = `${PRIVMON_URL}/indices` as const; +export const PRIVMON_HEALTH_URL = `${PRIVMON_URL}/health` as const; + +// Monitoring Engine URLs +const MONITORING_ENGINE_URL = `${MONITORING_URL}/engine` as const; +export const MONITORING_ENGINE_INIT_URL = `${MONITORING_ENGINE_URL}/init` as const; +export const MONITORING_ENGINE_SCHEDULE_NOW_URL = `${MONITORING_ENGINE_URL}/schedule_now` as const; +export const MONITORING_ENGINE_DELETE_URL = `${MONITORING_ENGINE_URL}/delete` as const; +export const MONITORING_ENGINE_DISABLE_URL = `${MONITORING_ENGINE_URL}/disable` as const; diff --git a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privilege_monitoring/utils.ts b/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/utils.ts similarity index 76% rename from x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privilege_monitoring/utils.ts rename to x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/utils.ts index 80ab7db5a7757..4ded42a79fb65 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privilege_monitoring/utils.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/entity_analytics/privileged_user_monitoring/utils.ts @@ -8,12 +8,16 @@ import { ML_ANOMALIES_INDEX, RISK_SCORE_INDEX_PATTERN, - privilegedMonitorBaseIndexName, + PRIVMON_BASE_INDEX_NAME, } from '../constants'; import { getAlertsIndex } from '../utils'; +// Default index for privileged monitoring users. +export const defaultMonitoringUsersIndex = (namespace: string) => + `entity_analytics.privileged_monitoring.${namespace}`; + export const getPrivilegedMonitorUsersIndex = (namespace: string) => - `${privilegedMonitorBaseIndexName}.users-${namespace}`; + `${PRIVMON_BASE_INDEX_NAME}.users-${namespace}`; // At the moment, this only includes the privileges required for reading dashboards. export const getPrivilegeUserMonitoringRequiredEsIndexPrivileges = (namespace: string) => ({ diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/api.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/api.ts index 38ba8c3cc497a..0b95f6e1e83f3 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/api.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/api.ts @@ -6,71 +6,63 @@ */ import { useMemo } from 'react'; -import type { PrivMonPrivilegesResponse } from '../../../common/api/entity_analytics/privilege_monitoring/privileges.gen'; import type { + AssetCriticalityRecord, CreateEntitySourceResponse, + CreatePrivilegesImportIndexResponse, + DisableRiskEngineResponse, + EnableRiskEngineResponse, + EntityAnalyticsPrivileges, + FindAssetCriticalityRecordsResponse, + InitMonitoringEngineResponse, + InitRiskEngineResponse, + ListEntitiesRequestQuery, + ListEntitiesResponse, ListEntitySourcesResponse, - UpdateEntitySourceResponse, -} from '../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { CreatePrivilegesImportIndexResponse } from '../../../common/api/entity_analytics/monitoring/create_index.gen'; -import type { PrivMonHealthResponse } from '../../../common/api/entity_analytics/privilege_monitoring/health.gen'; -import type { InitMonitoringEngineResponse } from '../../../common/api/entity_analytics/privilege_monitoring/engine/init.gen'; -import { - getPrivmonMonitoringSourceByIdUrl, - PRIVMON_PUBLIC_INIT, - PRIVMON_USER_PUBLIC_CSV_UPLOAD_URL, -} from '../../../common/entity_analytics/privileged_user_monitoring/constants'; -import type { PrivmonBulkUploadUsersCSVResponse } from '../../../common/api/entity_analytics/privilege_monitoring/users/upload_csv.gen'; -import { - ENTITY_STORE_INTERNAL_PRIVILEGES_URL, - LIST_ENTITIES_URL, -} from '../../../common/entity_analytics/entity_store/constants'; -import type { UploadAssetCriticalityRecordsResponse } from '../../../common/api/entity_analytics/asset_criticality/upload_asset_criticality_csv.gen'; -import type { DisableRiskEngineResponse } from '../../../common/api/entity_analytics/risk_engine/engine_disable_route.gen'; -import type { RiskEngineStatusResponse } from '../../../common/api/entity_analytics/risk_engine/engine_status_route.gen'; -import type { InitRiskEngineResponse } from '../../../common/api/entity_analytics/risk_engine/engine_init_route.gen'; -import type { EnableRiskEngineResponse } from '../../../common/api/entity_analytics/risk_engine/engine_enable_route.gen'; -import type { RiskEngineScheduleNowResponse } from '../../../common/api/entity_analytics/risk_engine/engine_schedule_now_route.gen'; -import type { - RiskScoresPreviewRequest, - RiskScoresPreviewResponse, -} from '../../../common/api/entity_analytics/risk_engine/preview_route.gen'; -import type { + PrivmonBulkUploadUsersCSVResponse, + PrivMonHealthResponse, + PrivMonPrivilegesResponse, + ReadRiskEngineSettingsResponse, + RiskEngineScheduleNowResponse, + RiskEngineStatusResponse, RiskScoresEntityCalculationRequest, RiskScoresEntityCalculationResponse, -} from '../../../common/api/entity_analytics/risk_engine/entity_calculation_route.gen'; -import type { - AssetCriticalityRecord, - EntityAnalyticsPrivileges, - FindAssetCriticalityRecordsResponse, + RiskScoresPreviewRequest, + RiskScoresPreviewResponse, SearchPrivilegesIndicesResponse, + UpdateEntitySourceResponse, + UploadAssetCriticalityRecordsResponse, } from '../../../common/api/entity_analytics'; import { - RISK_ENGINE_STATUS_URL, - RISK_SCORE_PREVIEW_URL, - RISK_ENGINE_ENABLE_URL, + API_VERSIONS, + ASSET_CRITICALITY_INTERNAL_PRIVILEGES_URL, + ASSET_CRITICALITY_PUBLIC_CSV_UPLOAD_URL, + ASSET_CRITICALITY_PUBLIC_LIST_URL, + ASSET_CRITICALITY_PUBLIC_URL, + ENTITY_STORE_INTERNAL_PRIVILEGES_URL, + getPrivmonMonitoringSourceByIdUrl, + LIST_ENTITIES_URL, + MONITORING_ENGINE_INIT_URL, + MONITORING_ENTITY_LIST_SOURCES_URL, + MONITORING_ENTITY_SOURCE_URL, + MONITORING_USERS_CSV_UPLOAD_URL, + PRIVMON_HEALTH_URL, + PRIVMON_INDICES_URL, + PRIVMON_PRIVILEGE_CHECK_API, + RISK_ENGINE_CLEANUP_URL, + RISK_ENGINE_CONFIGURE_SO_URL, RISK_ENGINE_DISABLE_URL, + RISK_ENGINE_ENABLE_URL, RISK_ENGINE_INIT_URL, RISK_ENGINE_PRIVILEGES_URL, - ASSET_CRITICALITY_INTERNAL_PRIVILEGES_URL, - ASSET_CRITICALITY_PUBLIC_URL, + RISK_ENGINE_SCHEDULE_NOW_URL, RISK_ENGINE_SETTINGS_URL, - ASSET_CRITICALITY_PUBLIC_CSV_UPLOAD_URL, + RISK_ENGINE_STATUS_URL, RISK_SCORE_ENTITY_CALCULATION_URL, - API_VERSIONS, - RISK_ENGINE_CLEANUP_URL, - RISK_ENGINE_SCHEDULE_NOW_URL, - RISK_ENGINE_CONFIGURE_SO_URL, - ASSET_CRITICALITY_PUBLIC_LIST_URL, - PRIVILEGE_MONITORING_PRIVILEGE_CHECK_API, + RISK_SCORE_PREVIEW_URL, } from '../../../common/constants'; import type { SnakeToCamelCase } from '../common/utils'; import { useKibana } from '../../common/lib/kibana/kibana_react'; -import type { ReadRiskEngineSettingsResponse } from '../../../common/api/entity_analytics/risk_engine'; -import { - type ListEntitiesRequestQuery, - type ListEntitiesResponse, -} from '../../../common/api/entity_analytics/entity_store/entities/list_entities.gen'; export interface DeleteAssetCriticalityResponse { deleted: true; @@ -218,17 +210,14 @@ export const useEntityAnalyticsRoutes = () => { query: string | undefined; signal?: AbortSignal; }) => - http.fetch( - '/api/entity_analytics/monitoring/privileges/indices', - { - version: API_VERSIONS.public.v1, - method: 'GET', - query: { - searchQuery: params.query, - }, - signal: params.signal, - } - ); + http.fetch(PRIVMON_INDICES_URL, { + version: API_VERSIONS.public.v1, + method: 'GET', + query: { + searchQuery: params.query, + }, + signal: params.signal, + }); /** * Create an index for privilege monitoring import @@ -238,26 +227,22 @@ export const useEntityAnalyticsRoutes = () => { mode: 'standard' | 'lookup'; signal?: AbortSignal; }) => - http.fetch( - '/api/entity_analytics/monitoring/privileges/indices', - { - version: API_VERSIONS.public.v1, - method: 'PUT', - body: JSON.stringify({ - name: params.name, - mode: params.mode, - }), - signal: params.signal, - } - ); + http.fetch(PRIVMON_INDICES_URL, { + version: API_VERSIONS.public.v1, + method: 'PUT', + body: JSON.stringify({ + name: params.name, + mode: params.mode, + }), + signal: params.signal, + }); /** * Register a data source for privilege monitoring engine */ const registerPrivMonMonitoredIndices = async (indexPattern: string | undefined) => - http.fetch('/api/entity_analytics/monitoring/entity_source', { + http.fetch(MONITORING_ENTITY_SOURCE_URL, { version: API_VERSIONS.public.v1, method: 'POST', - body: JSON.stringify({ type: 'index', name: ENTITY_SOURCE_NAME, @@ -384,7 +369,7 @@ export const useEntityAnalyticsRoutes = () => { * List all data source for privilege monitoring engine */ const listPrivMonMonitoredIndices = async ({ signal }: { signal?: AbortSignal }) => - http.fetch('/api/entity_analytics/monitoring/entity_source/list', { + http.fetch(MONITORING_ENTITY_LIST_SOURCES_URL, { version: API_VERSIONS.public.v1, method: 'GET', signal, @@ -405,7 +390,7 @@ export const useEntityAnalyticsRoutes = () => { const body = new FormData(); body.append('file', file); - return http.fetch(PRIVMON_USER_PUBLIC_CSV_UPLOAD_URL, { + return http.fetch(MONITORING_USERS_CSV_UPLOAD_URL, { version: API_VERSIONS.public.v1, method: 'POST', headers: { @@ -416,19 +401,19 @@ export const useEntityAnalyticsRoutes = () => { }; const initPrivilegedMonitoringEngine = (): Promise => - http.fetch(PRIVMON_PUBLIC_INIT, { + http.fetch(MONITORING_ENGINE_INIT_URL, { version: API_VERSIONS.public.v1, method: 'POST', }); const fetchPrivilegeMonitoringEngineStatus = (): Promise => - http.fetch('/api/entity_analytics/monitoring/privileges/health', { + http.fetch(PRIVMON_HEALTH_URL, { version: API_VERSIONS.public.v1, method: 'GET', }); const fetchPrivilegeMonitoringPrivileges = (): Promise => - http.fetch(PRIVILEGE_MONITORING_PRIVILEGE_CHECK_API, { + http.fetch(PRIVMON_PRIVILEGE_CHECK_API, { version: API_VERSIONS.public.v1, method: 'GET', }); diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_engine_status.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_engine_status.ts index 7cb3584155c5a..ea4dcfc3ccdc3 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_engine_status.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_engine_status.ts @@ -6,7 +6,7 @@ */ import { useQuery } from '@tanstack/react-query'; import type { SecurityAppError } from '@kbn/securitysolution-t-grid'; -import type { PrivMonHealthResponse } from '../../../../common/api/entity_analytics/privilege_monitoring/health.gen'; +import type { PrivMonHealthResponse } from '../../../../common/api/entity_analytics'; import { useEntityAnalyticsRoutes } from '../api'; export const usePrivilegedMonitoringEngineStatus = () => { diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_privileges.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_privileges.ts index 5593a9ae6380a..474c7797a3fe0 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_privileges.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/api/hooks/use_privileged_monitoring_privileges.ts @@ -6,7 +6,7 @@ */ import { useQuery } from '@tanstack/react-query'; import type { SecurityAppError } from '@kbn/securitysolution-t-grid'; -import type { PrivMonPrivilegesResponse } from '../../../../common/api/entity_analytics/privilege_monitoring/privileges.gen'; +import type { PrivMonPrivilegesResponse } from '../../../../common/api/entity_analytics'; import { useEntityAnalyticsRoutes } from '../api'; export const usePrivilegedMonitoringPrivileges = () => { diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/key_insights_panel/privileged_users_tile/esql_query.tsx b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/key_insights_panel/privileged_users_tile/esql_query.tsx index 23ef398af767b..d9d2239ac571f 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/key_insights_panel/privileged_users_tile/esql_query.tsx +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/key_insights_panel/privileged_users_tile/esql_query.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import { getPrivilegedMonitorUsersIndex } from '../../../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../../../common/entity_analytics/privileged_user_monitoring/utils'; export const getPrivilegedUsersEsqlCount = ( namespace: string diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_access_detection/pad_routes.tsx b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_access_detection/pad_routes.tsx index 5204dd2037f04..afe84f42ba012 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_access_detection/pad_routes.tsx +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_access_detection/pad_routes.tsx @@ -8,7 +8,7 @@ import { useMemo } from 'react'; import { API_VERSIONS } from '../../../../../../common/entity_analytics/constants'; import { useKibana } from '../../../../../common/lib/kibana'; -import type { GetPrivilegedAccessDetectionPackageStatusResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/privileged_access_detection/status.gen'; +import type { GetPrivilegedAccessDetectionPackageStatusResponse } from '../../../../../../common/api/entity_analytics'; const PRIVILEGED_ACCESS_DETECTION_INDEX_PATTERN = 'logs-*,ml_okta_multiple_user_sessions_pad.all,ml_windows_privilege_type_pad.all'; diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/esql_source_query.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/esql_source_query.ts index c7e4382ad6379..0d85bfb184f58 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/esql_source_query.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/esql_source_query.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import { getPrivilegedMonitorUsersJoin } from '../../queries/helpers'; export const getPrivilegedUsersQuery = (namespace: string, limit: number) => { diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/hooks.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/hooks.ts index 2c5f77f3685c6..8ada607d697f0 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/hooks.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/components/privileged_users_table/hooks.ts @@ -16,7 +16,7 @@ import type { TableItemType } from './types'; import { getPrivilegedUsersQuery } from './esql_source_query'; import { useGlobalFilterQuery } from '../../../../../common/hooks/use_global_filter_query'; import { useAssetCriticalityFetchList } from '../../../asset_criticality/use_asset_criticality'; -import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import type { CriticalityLevelWithUnassigned } from '../../../../../../common/entity_analytics/asset_criticality/types'; import type { EntityRiskScore } from '../../../../../../common/search_strategy'; import { useKibana } from '../../../../../common/lib/kibana'; diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/queries/helpers.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/queries/helpers.ts index fcac46eb6774e..9f2ecbf6e0f2b 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/queries/helpers.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring/queries/helpers.ts @@ -13,7 +13,7 @@ import type { ESQLProperNode } from '@kbn/esql-ast/src/types'; import { Parser } from '@kbn/esql-ast/src/parser/parser'; import { isAsExpression, isFieldExpression } from '@kbn/esql-ast/src/ast/is'; import * as E from 'fp-ts/Either'; -import { getPrivilegedMonitorUsersIndex } from '../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../common/entity_analytics/privileged_user_monitoring/utils'; export const getPrivilegedMonitorUsersJoin = ( namespace: string diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_manage_data_sources/hooks/manage_data_sources_query_hooks.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_manage_data_sources/hooks/manage_data_sources_query_hooks.ts index 89bd19e392522..4e6bf0faf6d98 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_manage_data_sources/hooks/manage_data_sources_query_hooks.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_manage_data_sources/hooks/manage_data_sources_query_hooks.ts @@ -7,7 +7,7 @@ import { useQuery } from '@tanstack/react-query'; import { getESQLResults } from '@kbn/esql-utils'; -import { getPrivilegedMonitorUsersIndex } from '../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import { esqlResponseToRecords } from '../../../../common/utils/esql'; import { useKibana } from '../../../../common/lib/kibana'; diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/components/error_step.tsx b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/components/error_step.tsx index a67f2509ab77e..9a0050993b31f 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/components/error_step.tsx +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/components/error_step.tsx @@ -19,7 +19,7 @@ import { import React from 'react'; import { FormattedMessage } from '@kbn/i18n-react'; import { css } from '@emotion/react'; -import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../../common/api/entity_analytics/privilege_monitoring/users/upload_csv.gen'; +import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../../common/api/entity_analytics'; import { buildAnnotationsFromError } from '../helpers'; export const PrivilegedUserMonitoringErrorStep: React.FC<{ diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.test.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.test.ts index 06742d461107c..ed62f2494c427 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.test.ts @@ -5,8 +5,7 @@ * 2.0. */ -import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/upload_csv.gen'; - +import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../common/api/entity_analytics'; import type { ReducerAction, ReducerState, ValidationStepState } from './reducer'; import { reducer } from './reducer'; import { FileUploaderSteps } from './types'; diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.ts b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.ts index e3a871b4f2535..b0e14755ab403 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.ts +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/privileged_user_monitoring_onboarding/components/file_uploader/reducer.ts @@ -5,7 +5,7 @@ * 2.0. */ -import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/upload_csv.gen'; +import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../common/api/entity_analytics'; import { FileUploaderSteps } from './types'; import type { ValidatedFile } from './types'; import { isFilePickerStep, isValidationStep } from './helpers'; diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/pages/entity_analytics_privileged_user_monitoring_page.tsx b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/pages/entity_analytics_privileged_user_monitoring_page.tsx index b672e5bd3de11..2dd97796b9290 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/pages/entity_analytics_privileged_user_monitoring_page.tsx +++ b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/pages/entity_analytics_privileged_user_monitoring_page.tsx @@ -16,11 +16,12 @@ import { } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n-react'; import { css } from '@emotion/react'; - import { i18n } from '@kbn/i18n'; -import { PrivilegeMonitoringEngineStatusEnum } from '../../../common/api/entity_analytics/privilege_monitoring/common.gen'; -import type { PrivMonHealthResponse } from '../../../common/api/entity_analytics/privilege_monitoring/health.gen'; -import type { InitMonitoringEngineResponse } from '../../../common/api/entity_analytics/privilege_monitoring/engine/init.gen'; +import { + PrivilegeMonitoringEngineStatusEnum, + type PrivMonHealthResponse, + type InitMonitoringEngineResponse, +} from '../../../common/api/entity_analytics'; import { SecurityPageName } from '../../app/types'; import { SecuritySolutionPageWrapper } from '../../common/components/page_wrapper'; import { SpyRoute } from '../../common/utils/route/spy_routes'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/check_if_entity_source_migration.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/check_if_entity_source_migration.ts index 174b345f96344..7b151f0f78924 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/check_if_entity_source_migration.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/check_if_entity_source_migration.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import type { MigratePrivMonDependencies } from './types'; export const shouldRunSourceMigrationFactory = diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/delete_user_with_source_indices.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/delete_user_with_source_indices.ts index 8c86e6e8d1503..046180209a30f 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/delete_user_with_source_indices.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/delete_user_with_source_indices.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import type { MigratePrivMonDependencies } from './types'; export const deleteUsersWithSourceIndexFactory = diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/source_index_update.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/source_index_update.ts index 81c40e959e234..d7a154626b932 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/source_index_update.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/migrations/source_index_update.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import type { MigratePrivMonDependencies } from './types'; export const migrateSourceIndexFactory = diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/monitoring_entity_source_data_client.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/monitoring_entity_source_data_client.ts index e3d3dbefa0dae..b0299ebc098f1 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/monitoring_entity_source_data_client.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/monitoring_entity_source_data_client.ts @@ -10,7 +10,7 @@ import type { CreateMonitoringEntitySource, MonitoringEntitySource, ListEntitySourcesRequestQuery, -} from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +} from '../../../../../common/api/entity_analytics'; import { MonitoringEntitySourceDescriptorClient } from '../saved_objects'; interface MonitoringEntitySourceDataClientOpts { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/sync/stale_users.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/sync/stale_users.ts index 2ec8305455811..33e4a8dd290dd 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/sync/stale_users.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/data_sources/sync/stale_users.ts @@ -5,7 +5,7 @@ * 2.0. */ -import type { MonitoredUserDoc } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/common.gen'; +import type { MonitoredUserDoc } from '../../../../../../common/api/entity_analytics'; import type { PrivilegeMonitoringDataClient } from '../../engine/data_client'; import type { PrivMonBulkUser } from '../../types'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/data_client.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/data_client.ts index ee323c89c866b..d71faaa942ffe 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/data_client.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/data_client.ts @@ -15,12 +15,10 @@ import type { SavedObjectsClientProviderOptions, KibanaRequest, } from '@kbn/core/server'; - import type { TaskManagerStartContract } from '@kbn/task-manager-plugin/server'; -import type { EngineComponentResource } from '../../../../../common/api/entity_analytics/privilege_monitoring/common.gen'; -import { getPrivilegedMonitorUsersIndex } from '../../../../../common/entity_analytics/privilege_monitoring/utils'; +import type { MonitoringEngineComponentResource } from '../../../../../common/api/entity_analytics'; +import { getPrivilegedMonitorUsersIndex } from '../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import type { ApiKeyManager } from '../auth/api_key'; - import { PrivilegeMonitoringEngineActions } from '../auditing/actions'; import { AUDIT_OUTCOME, AUDIT_TYPE, AUDIT_CATEGORY } from '../../audit'; import { monitoringEntitySourceType } from '../saved_objects'; @@ -63,7 +61,7 @@ export class PrivilegeMonitoringDataClient { public audit( action: PrivilegeMonitoringEngineActions, - resource: EngineComponentResource, + resource: MonitoringEngineComponentResource, msg: string, error?: Error ) { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.test.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.test.ts index 9d15bbd16573e..7a217434a56f8 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.test.ts @@ -17,7 +17,7 @@ import type { PrivilegeMonitoringGlobalDependencies } from './data_client'; import type { TaskManagerStartContract } from '@kbn/task-manager-plugin/server'; import type { InitialisationService } from './initialisation_service'; import { createInitialisationService } from './initialisation_service'; -import { EngineComponentResourceEnum } from '../../../../../common/api/entity_analytics/privilege_monitoring/common.gen'; +import { MonitoringEngineComponentResourceEnum } from '../../../../../common/api/entity_analytics'; import { PrivilegeMonitoringEngineActions } from '../auditing/actions'; const mockUpsertIndex = jest.fn(); @@ -124,7 +124,7 @@ describe('Privileged User Monitoring: Index Sync Service', () => { expect(mockAudit).toHaveBeenCalledWith( PrivilegeMonitoringEngineActions.INIT, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Failed to initialize privilege monitoring engine', expect.any(Error) ); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.ts index c0337a8c83903..b10d7aa510cc8 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/initialisation_service.ts @@ -6,12 +6,13 @@ */ import moment from 'moment'; - import type { SavedObjectsClientContract } from '@kbn/core/server'; -import type { CreateMonitoringEntitySource } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import { defaultMonitoringUsersIndex } from '../../../../../common/entity_analytics/privilege_monitoring/constants'; -import { EngineComponentResourceEnum } from '../../../../../common/api/entity_analytics/privilege_monitoring/common.gen'; -import type { InitMonitoringEngineResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/engine/init.gen'; +import { + MonitoringEngineComponentResourceEnum, + type CreateMonitoringEntitySource, + type InitMonitoringEngineResponse, +} from '../../../../../common/api/entity_analytics'; +import { defaultMonitoringUsersIndex } from '../../../../../common/entity_analytics/privileged_user_monitoring/utils'; import type { PrivilegeMonitoringDataClient } from './data_client'; import { PrivilegeMonitoringEngineActions } from '../auditing/actions'; import { PRIVILEGE_MONITORING_ENGINE_STATUS } from '../constants'; @@ -20,7 +21,6 @@ import { PRIVMON_ENGINE_RESOURCE_INIT_FAILURE_EVENT, } from '../../../telemetry/event_based/events'; import { createPrivmonIndexService } from './elasticsearch/indices'; - import { MonitoringEntitySourceDescriptorClient, PrivilegeMonitoringEngineDescriptorClient, @@ -53,7 +53,7 @@ export const createInitialisationService = (dataClient: PrivilegeMonitoringDataC dataClient.audit( PrivilegeMonitoringEngineActions.INIT, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Initializing privilege monitoring engine' ); @@ -85,7 +85,7 @@ export const createInitialisationService = (dataClient: PrivilegeMonitoringDataC dataClient.log('error', `Error initializing privilege monitoring engine: ${e}`); dataClient.audit( PrivilegeMonitoringEngineActions.INIT, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Failed to initialize privilege monitoring engine', e ); @@ -139,7 +139,7 @@ export const createInitialisationService = (dataClient: PrivilegeMonitoringDataC ); dataClient.audit( PrivilegeMonitoringEngineActions.INIT, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Failed to update default index source for privilege monitoring', e ); @@ -161,7 +161,7 @@ export const createInitialisationService = (dataClient: PrivilegeMonitoringDataC ); dataClient.audit( PrivilegeMonitoringEngineActions.INIT, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Failed to create default index source for privilege monitoring', e ); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/status_service.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/status_service.ts index f3c4c4cf1cfc1..60123c90fe1c3 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/status_service.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/engine/status_service.ts @@ -6,7 +6,7 @@ */ import type { SavedObjectsClientContract } from '@kbn/core/server'; -import { EngineComponentResourceEnum } from '../../../../../common/api/entity_analytics/privilege_monitoring/common.gen'; +import { MonitoringEngineComponentResourceEnum } from '../../../../../common/api/entity_analytics'; import { PrivilegeMonitoringEngineDescriptorClient } from '../saved_objects'; import type { PrivilegeMonitoringDataClient } from './data_client'; import { PRIVILEGE_MONITORING_ENGINE_STATUS } from '../constants'; @@ -64,7 +64,7 @@ export const createEngineStatusService = ( dataClient.audit( PrivilegeMonitoringEngineActions.DISABLE, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Privilege Monitoring Engine disabled' ); dataClient.log('info', 'Privileged Monitoring Engine disabled successfully'); @@ -78,7 +78,7 @@ export const createEngineStatusService = ( dataClient.audit( PrivilegeMonitoringEngineActions.DISABLE, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Failed to disable Privileged Monitoring Engine', e ); @@ -100,7 +100,7 @@ export const createEngineStatusService = ( dataClient.audit( PrivilegeMonitoringEngineActions.SCHEDULE_NOW, - EngineComponentResourceEnum.privmon_engine, + MonitoringEngineComponentResourceEnum.privmon_engine, 'Privilege Monitoring Engine scheduled for immediate run' ); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/migrations/update_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/migrations/update_entity_source.ts index 3275c80ac7a45..a37ef7054c02f 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/migrations/update_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/migrations/update_entity_source.ts @@ -9,7 +9,7 @@ import { asyncForEach } from '@kbn/std'; import { first } from 'lodash/fp'; import type { EntityAnalyticsMigrationsParams } from '../../migrations'; import { monitoringEntitySourceTypeName } from '../saved_objects/monitoring_entity_source_type'; -import type { MonitoringEntitySource } from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { MonitoringEntitySource } from '../../../../../common/api/entity_analytics'; import { getApiKeyManager } from '../auth/api_key'; import { deleteUsersWithSourceIndexFactory } from '../data_sources/migrations/delete_user_with_source_indices'; import { migrateSourceIndexFactory } from '../data_sources/migrations/source_index_update'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privilege_monitoring_privileges.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privilege_monitoring_privileges.ts index d720a4efec6b9..d0fe7d2f7240b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privilege_monitoring_privileges.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privilege_monitoring_privileges.ts @@ -7,7 +7,7 @@ import type { KibanaRequest } from '@kbn/core/server'; import type { SecurityPluginStart } from '@kbn/security-plugin/server'; -import { getPrivilegeUserMonitoringRequiredEsIndexPrivileges } from '../../../../common/entity_analytics/privilege_monitoring/utils'; +import { getPrivilegeUserMonitoringRequiredEsIndexPrivileges } from '../../../../common/entity_analytics/privileged_user_monitoring/utils'; import { checkAndFormatPrivileges } from '../utils/check_and_format_privileges'; export const getReadPrivilegeUserMonitoringPrivileges = async ( diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privileged_access_detection/pad_package_installation_client.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privileged_access_detection/pad_package_installation_client.ts index ccee3c2f172e8..2d8c05e975fb9 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privileged_access_detection/pad_package_installation_client.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/privileged_access_detection/pad_package_installation_client.ts @@ -14,7 +14,6 @@ import { getInstalledPackages, getPackages, } from '@kbn/fleet-plugin/server/services/epm/packages'; - import type { ElasticsearchClient, IScopedClusterClient, @@ -24,7 +23,7 @@ import type { import type { DataViewsService } from '@kbn/data-views-plugin/common'; import type { MlJobStats } from '@elastic/elasticsearch/lib/api/types'; import type { Installable, RegistrySearchResult } from '@kbn/fleet-plugin/common'; -import type { GetPrivilegedAccessDetectionPackageStatusResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/privileged_access_detection/status.gen'; +import type { GetPrivilegedAccessDetectionPackageStatusResponse } from '../../../../../common/api/entity_analytics'; interface PadPackageInstallationClientOpts { logger: Logger; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/create_index.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/create_index.ts index 0791831acbaa3..885dfb0465bad 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/create_index.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/create_index.ts @@ -9,11 +9,12 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; import { buildRouteValidationWithZod } from '@kbn/zod-helpers'; -import { CreatePrivilegesImportIndexRequestBody } from '../../../../../common/api/entity_analytics/monitoring/create_index.gen'; +import { CreatePrivilegesImportIndexRequestBody } from '../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + PRIVMON_INDICES_URL, } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled'; @@ -26,7 +27,7 @@ export const createPrivilegeMonitoringIndicesRoute = ( router.versioned .put({ access: 'public', - path: '/api/entity_analytics/monitoring/privileges/indices', + path: PRIVMON_INDICES_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/delete.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/delete.ts index 6fd339a5fb337..b6cd5da8145b1 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/delete.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/delete.ts @@ -10,21 +10,26 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes'; import { transformError } from '@kbn/securitysolution-es-utils'; import { buildRouteValidationWithZod } from '@kbn/zod-helpers'; -import { DeleteEntityEngineRequestQuery } from '../../../../../common/api/entity_analytics'; -import type { DeleteMonitoringEngineResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; -import { API_VERSIONS, APP_ID } from '../../../../../common/constants'; +import { + DeleteEntityEngineRequestQuery, + type DeleteMonitoringEngineResponse, +} from '../../../../../common/api/entity_analytics'; +import { + API_VERSIONS, + APP_ID, + MONITORING_ENGINE_DELETE_URL, +} from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { createEngineCrudService } from '../engine/crud_service'; export const deletePrivilegeMonitoringEngineRoute = ( router: EntityAnalyticsRoutesDeps['router'], - logger: Logger, - config: EntityAnalyticsRoutesDeps['config'] + logger: Logger ) => { router.versioned .delete({ access: 'public', - path: '/api/entity_analytics/monitoring/engine/delete', + path: MONITORING_ENGINE_DELETE_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/disable.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/disable.ts index 4bf4554dfcfcf..5e0bf93b4ef65 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/disable.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/disable.ts @@ -8,12 +8,12 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { transformError } from '@kbn/securitysolution-es-utils'; - -import type { DisableMonitoringEngineResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/engine/disable.gen'; +import type { DisableMonitoringEngineResponse } from '../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_ENGINE_DISABLE_URL, } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled'; @@ -21,13 +21,12 @@ import { createEngineStatusService } from '../engine/status_service'; export const disablePrivilegeMonitoringEngineRoute = ( router: EntityAnalyticsRoutesDeps['router'], - logger: Logger, - config: EntityAnalyticsRoutesDeps['config'] + logger: Logger ) => { router.versioned .post({ access: 'public', - path: '/api/entity_analytics/monitoring/engine/disable', + path: MONITORING_ENGINE_DISABLE_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/health.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/health.ts index b1ff7c7d61a86..b724a3f61ee7d 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/health.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/health.ts @@ -8,12 +8,12 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; - -import type { PrivMonHealthResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/health.gen'; +import type { PrivMonHealthResponse } from '../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + PRIVMON_HEALTH_URL, } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled'; @@ -21,13 +21,12 @@ import { createEngineStatusService } from '../engine/status_service'; export const healthCheckPrivilegeMonitoringRoute = ( router: EntityAnalyticsRoutesDeps['router'], - logger: Logger, - config: EntityAnalyticsRoutesDeps['config'] + logger: Logger ) => { router.versioned .get({ access: 'public', - path: '/api/entity_analytics/monitoring/privileges/health', + path: PRIVMON_HEALTH_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/init.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/init.ts index c7b38e8aa1f4e..0b07175b99413 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/init.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/init.ts @@ -8,12 +8,12 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; - -import type { InitMonitoringEngineResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/engine/init.gen'; +import type { InitMonitoringEngineResponse } from '../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_ENGINE_INIT_URL, } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled'; @@ -29,7 +29,7 @@ export const initPrivilegeMonitoringEngineRoute = ( router.versioned .post({ access: 'public', - path: '/api/entity_analytics/monitoring/engine/init', + path: MONITORING_ENGINE_INIT_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/create.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/create.ts new file mode 100644 index 0000000000000..e5c09f1511994 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/create.ts @@ -0,0 +1,95 @@ +/* eslint-disable @kbn/eslint/require-license-header */ + +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; +import { transformError } from '@kbn/securitysolution-es-utils'; +import type { IKibanaResponse, Logger } from '@kbn/core/server'; +import { + API_VERSIONS, + APP_ID, + ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_ENTITY_SOURCE_URL, +} from '../../../../../../common/constants'; +import type { EntityAnalyticsRoutesDeps } from '../../../types'; +import { + CreateEntitySourceRequestBody, + type CreateEntitySourceResponse, +} from '../../../../../../common/api/entity_analytics'; +import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; +import { createEngineStatusService } from '../../engine/status_service'; +import { PrivilegeMonitoringApiKeyType } from '../../auth/saved_object'; +import { monitoringEntitySourceType } from '../../saved_objects/monitoring_entity_source_type'; +import { PRIVILEGE_MONITORING_ENGINE_STATUS } from '../../constants'; + +export const createMonitoringEntitySourceRoute = ( + router: EntityAnalyticsRoutesDeps['router'], + logger: Logger +) => { + router.versioned + .post({ + access: 'public', + path: MONITORING_ENTITY_SOURCE_URL, + security: { + authz: { + requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], + }, + }, + }) + .addVersion( + { + version: API_VERSIONS.public.v1, + validate: { + request: { + body: CreateEntitySourceRequestBody, + }, + }, + }, + async (context, request, response): Promise> => { + const siemResponse = buildSiemResponse(response); + + try { + await assertAdvancedSettingsEnabled( + await context.core, + ENABLE_PRIVILEGED_USER_MONITORING_SETTING + ); + + const secSol = await context.securitySolution; + const client = secSol.getMonitoringEntitySourceDataClient(); + + const body = await client.init(request.body); + const privMonDataClient = await secSol.getPrivilegeMonitoringDataClient(); + const soClient = privMonDataClient.getScopedSoClient(request, { + includedHiddenTypes: [ + PrivilegeMonitoringApiKeyType.name, + monitoringEntitySourceType.name, + ], + }); + + const statusService = createEngineStatusService(privMonDataClient, soClient); + const engineStatus = await statusService.get(); + + try { + if (engineStatus.status === PRIVILEGE_MONITORING_ENGINE_STATUS.STARTED) { + await statusService.scheduleNow(); + } + } catch (e) { + logger.warn(`[Privilege Monitoring] Error scheduling task, received ${e.message}`); + } + return response.ok({ body }); + } catch (e) { + const error = transformError(e); + logger.error(`Error creating monitoring entity source sync config: ${error.message}`); + return siemResponse.error({ + statusCode: error.statusCode, + body: error.message, + }); + } + } + ); +}; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/get.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/get.ts new file mode 100644 index 0000000000000..44cf73f05d283 --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/get.ts @@ -0,0 +1,72 @@ +/* eslint-disable @kbn/eslint/require-license-header */ + +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; +import { transformError } from '@kbn/securitysolution-es-utils'; +import type { IKibanaResponse, Logger } from '@kbn/core/server'; +import { + API_VERSIONS, + APP_ID, + ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_ENTITY_SOURCE_URL, +} from '../../../../../../common/constants'; +import type { EntityAnalyticsRoutesDeps } from '../../../types'; +import { + type GetEntitySourceResponse, + GetEntitySourceRequestParams, +} from '../../../../../../common/api/entity_analytics'; +import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; + +export const getMonitoringEntitySourceRoute = ( + router: EntityAnalyticsRoutesDeps['router'], + logger: Logger, + config: EntityAnalyticsRoutesDeps['config'] +) => { + router.versioned + .get({ + access: 'public', + path: `${MONITORING_ENTITY_SOURCE_URL}/{id}`, + security: { + authz: { + requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], + }, + }, + }) + .addVersion( + { + version: API_VERSIONS.public.v1, + validate: { + request: { + params: GetEntitySourceRequestParams, + }, + }, + }, + async (context, request, response): Promise> => { + const siemResponse = buildSiemResponse(response); + + try { + await assertAdvancedSettingsEnabled( + await context.core, + ENABLE_PRIVILEGED_USER_MONITORING_SETTING + ); + const secSol = await context.securitySolution; + const client = secSol.getMonitoringEntitySourceDataClient(); + const body = await client.get(request.params.id); + return response.ok({ body }); + } catch (e) { + const error = transformError(e); + logger.error(`Error getting monitoring entity source sync config: ${error.message}`); + return siemResponse.error({ + statusCode: error.statusCode, + body: error.message, + }); + } + } + ); +}; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/index.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/index.ts index f695af1141936..51bd82438baee 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/index.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/index.ts @@ -5,5 +5,4 @@ * 2.0. */ -export * from './monitoring_entity_source'; -export * from './list'; +export { registerMonitoringEntitySourceRoutes } from './register_monitoring_entity_source_routes'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/list.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/list.ts index 04b2334acc9ad..639b98b4d9ccb 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/list.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/list.ts @@ -13,23 +13,23 @@ import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_ENTITY_LIST_SOURCES_URL, } from '../../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../../types'; import { ListEntitySourcesRequestQuery, type ListEntitySourcesResponse, -} from '../../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +} from '../../../../../../common/api/entity_analytics'; import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; export const listMonitoringEntitySourceRoute = ( router: EntityAnalyticsRoutesDeps['router'], - logger: Logger, - config: EntityAnalyticsRoutesDeps['config'] + logger: Logger ) => { router.versioned .get({ access: 'public', - path: '/api/entity_analytics/monitoring/entity_source/list', + path: MONITORING_ENTITY_LIST_SOURCES_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/monitoring_entity_source.ts deleted file mode 100644 index af530a0334e2f..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/monitoring_entity_source.ts +++ /dev/null @@ -1,196 +0,0 @@ -/* eslint-disable @kbn/eslint/require-license-header */ - -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; -import { transformError } from '@kbn/securitysolution-es-utils'; -import type { IKibanaResponse, Logger } from '@kbn/core/server'; -import { - API_VERSIONS, - APP_ID, - ENABLE_PRIVILEGED_USER_MONITORING_SETTING, -} from '../../../../../../common/constants'; -import type { EntityAnalyticsRoutesDeps } from '../../../types'; -import { - CreateEntitySourceRequestBody, - UpdateEntitySourceRequestBody, - type CreateEntitySourceResponse, - type GetEntitySourceResponse, - type UpdateEntitySourceResponse, - GetEntitySourceRequestParams, - UpdateEntitySourceRequestParams, -} from '../../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; -import { createEngineStatusService } from '../../engine/status_service'; -import { PrivilegeMonitoringApiKeyType } from '../../auth/saved_object'; -import { monitoringEntitySourceType } from '../../saved_objects/monitoring_entity_source_type'; -import { PRIVILEGE_MONITORING_ENGINE_STATUS } from '../../constants'; - -export const monitoringEntitySourceRoute = ( - router: EntityAnalyticsRoutesDeps['router'], - logger: Logger, - config: EntityAnalyticsRoutesDeps['config'] -) => { - router.versioned - .post({ - access: 'public', - path: '/api/entity_analytics/monitoring/entity_source', - security: { - authz: { - requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], - }, - }, - }) - .addVersion( - { - version: API_VERSIONS.public.v1, - validate: { - request: { - body: CreateEntitySourceRequestBody, - }, - }, - }, - async (context, request, response): Promise> => { - const siemResponse = buildSiemResponse(response); - - try { - await assertAdvancedSettingsEnabled( - await context.core, - ENABLE_PRIVILEGED_USER_MONITORING_SETTING - ); - - const secSol = await context.securitySolution; - const client = secSol.getMonitoringEntitySourceDataClient(); - - const body = await client.init(request.body); - const privMonDataClient = await secSol.getPrivilegeMonitoringDataClient(); - const soClient = privMonDataClient.getScopedSoClient(request, { - includedHiddenTypes: [ - PrivilegeMonitoringApiKeyType.name, - monitoringEntitySourceType.name, - ], - }); - - const statusService = createEngineStatusService(privMonDataClient, soClient); - const engineStatus = await statusService.get(); - - try { - if (engineStatus.status === PRIVILEGE_MONITORING_ENGINE_STATUS.STARTED) { - await statusService.scheduleNow(); - } - } catch (e) { - logger.warn(`[Privilege Monitoring] Error scheduling task, received ${e.message}`); - } - return response.ok({ body }); - } catch (e) { - const error = transformError(e); - logger.error(`Error creating monitoring entity source sync config: ${error.message}`); - return siemResponse.error({ - statusCode: error.statusCode, - body: error.message, - }); - } - } - ); - router.versioned - .get({ - access: 'public', - path: '/api/entity_analytics/monitoring/entity_source/{id}', - security: { - authz: { - requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], - }, - }, - }) - .addVersion( - { - version: API_VERSIONS.public.v1, - validate: { - request: { - params: GetEntitySourceRequestParams, - }, - }, - }, - async (context, request, response): Promise> => { - const siemResponse = buildSiemResponse(response); - - try { - const secSol = await context.securitySolution; - const client = secSol.getMonitoringEntitySourceDataClient(); - const body = await client.get(request.params.id); - return response.ok({ body }); - } catch (e) { - const error = transformError(e); - logger.error(`Error getting monitoring entity source sync config: ${error.message}`); - return siemResponse.error({ - statusCode: error.statusCode, - body: error.message, - }); - } - } - ); - - router.versioned - .put({ - access: 'public', - path: '/api/entity_analytics/monitoring/entity_source/{id}', - security: { - authz: { - requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], - }, - }, - }) - .addVersion( - { - version: API_VERSIONS.public.v1, - validate: { - request: { - body: UpdateEntitySourceRequestBody, - params: UpdateEntitySourceRequestParams, - }, - }, - }, - async (context, request, response): Promise> => { - const siemResponse = buildSiemResponse(response); - - try { - const secSol = await context.securitySolution; - const client = secSol.getMonitoringEntitySourceDataClient(); - const body = await client.update({ ...request.body, id: request.params.id }); - - const privMonDataClient = secSol.getPrivilegeMonitoringDataClient(); - const soClient = privMonDataClient.getScopedSoClient(request, { - includedHiddenTypes: [ - PrivilegeMonitoringApiKeyType.name, - monitoringEntitySourceType.name, - ], - }); - - const statusService = createEngineStatusService(privMonDataClient, soClient); - const engineStatus = await statusService.get(); - - try { - if (engineStatus.status === PRIVILEGE_MONITORING_ENGINE_STATUS.STARTED) { - await statusService.scheduleNow(); - } - } catch (e) { - logger.warn(`[Privilege Monitoring] Error scheduling task, received ${e.message}`); - } - - return response.ok({ body }); - } catch (e) { - const error = transformError(e); - logger.error(`Error creating monitoring entity source sync config: ${error.message}`); - return siemResponse.error({ - statusCode: error.statusCode, - body: error.message, - }); - } - } - ); -}; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/register_monitoring_entity_source_routes.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/register_monitoring_entity_source_routes.ts new file mode 100644 index 0000000000000..d9ad4d4febd5f --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/register_monitoring_entity_source_routes.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { EntityAnalyticsRoutesDeps } from '../../../types'; +import { createMonitoringEntitySourceRoute } from './create'; +import { getMonitoringEntitySourceRoute } from './get'; +import { updateMonitoringEntitySourceRoute } from './update'; +import { listMonitoringEntitySourceRoute } from './list'; + +export const registerMonitoringEntitySourceRoutes = ({ + router, + logger, + config, +}: EntityAnalyticsRoutesDeps) => { + createMonitoringEntitySourceRoute(router, logger); + getMonitoringEntitySourceRoute(router, logger, config); + updateMonitoringEntitySourceRoute(router, logger, config); + listMonitoringEntitySourceRoute(router, logger); +}; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/update.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/update.ts new file mode 100644 index 0000000000000..5536d5a9d697f --- /dev/null +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/monitoring_entity_source/update.ts @@ -0,0 +1,98 @@ +/* eslint-disable @kbn/eslint/require-license-header */ + +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; +import { transformError } from '@kbn/securitysolution-es-utils'; +import type { IKibanaResponse, Logger } from '@kbn/core/server'; +import { + API_VERSIONS, + APP_ID, + ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_ENTITY_SOURCE_URL, +} from '../../../../../../common/constants'; +import type { EntityAnalyticsRoutesDeps } from '../../../types'; +import { + UpdateEntitySourceRequestBody, + type UpdateEntitySourceResponse, + UpdateEntitySourceRequestParams, +} from '../../../../../../common/api/entity_analytics'; +import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; +import { createEngineStatusService } from '../../engine/status_service'; +import { PrivilegeMonitoringApiKeyType } from '../../auth/saved_object'; +import { monitoringEntitySourceType } from '../../saved_objects/monitoring_entity_source_type'; +import { PRIVILEGE_MONITORING_ENGINE_STATUS } from '../../constants'; + +export const updateMonitoringEntitySourceRoute = ( + router: EntityAnalyticsRoutesDeps['router'], + logger: Logger, + config: EntityAnalyticsRoutesDeps['config'] +) => { + router.versioned + .put({ + access: 'public', + path: `${MONITORING_ENTITY_SOURCE_URL}/{id}`, + security: { + authz: { + requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], + }, + }, + }) + .addVersion( + { + version: API_VERSIONS.public.v1, + validate: { + request: { + body: UpdateEntitySourceRequestBody, + params: UpdateEntitySourceRequestParams, + }, + }, + }, + async (context, request, response): Promise> => { + const siemResponse = buildSiemResponse(response); + + try { + await assertAdvancedSettingsEnabled( + await context.core, + ENABLE_PRIVILEGED_USER_MONITORING_SETTING + ); + const secSol = await context.securitySolution; + const client = secSol.getMonitoringEntitySourceDataClient(); + const body = await client.update({ ...request.body, id: request.params.id }); + + const privMonDataClient = secSol.getPrivilegeMonitoringDataClient(); + const soClient = privMonDataClient.getScopedSoClient(request, { + includedHiddenTypes: [ + PrivilegeMonitoringApiKeyType.name, + monitoringEntitySourceType.name, + ], + }); + + const statusService = createEngineStatusService(privMonDataClient, soClient); + const engineStatus = await statusService.get(); + + try { + if (engineStatus.status === PRIVILEGE_MONITORING_ENGINE_STATUS.STARTED) { + await statusService.scheduleNow(); + } + } catch (e) { + logger.warn(`[Privilege Monitoring] Error scheduling task, received ${e.message}`); + } + + return response.ok({ body }); + } catch (e) { + const error = transformError(e); + logger.error(`Error creating monitoring entity source sync config: ${error.message}`); + return siemResponse.error({ + statusCode: error.statusCode, + body: error.message, + }); + } + } + ); +}; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_get_installation_status.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_get_installation_status.ts index 71623b644017b..7ac7561128d97 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_get_installation_status.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_get_installation_status.ts @@ -9,7 +9,7 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; -import type { GetPrivilegedAccessDetectionPackageStatusResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/privileged_access_detection/status.gen'; +import type { GetPrivilegedAccessDetectionPackageStatusResponse } from '../../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID } from '../../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../../types'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_install.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_install.ts index 83c99ecebb384..0a99bfcbe8818 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_install.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileged_access_detection/pad_install.ts @@ -9,7 +9,7 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; -import type { InstallPrivilegedAccessDetectionPackageResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/privileged_access_detection/install.gen'; +import type { InstallPrivilegedAccessDetectionPackageResponse } from '../../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileges.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileges.ts index e6251356c12b5..011ab2d3dda28 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileges.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/privileges.ts @@ -8,12 +8,8 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; -import type { PrivMonPrivilegesResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/privileges.gen'; -import { - API_VERSIONS, - APP_ID, - PRIVILEGE_MONITORING_PRIVILEGE_CHECK_API, -} from '../../../../../common/constants'; +import type { PrivMonPrivilegesResponse } from '../../../../../common/api/entity_analytics'; +import { API_VERSIONS, APP_ID, PRIVMON_PRIVILEGE_CHECK_API } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { getReadPrivilegeUserMonitoringPrivileges } from '../privilege_monitoring_privileges'; @@ -25,7 +21,7 @@ export const privilegesCheckPrivilegeMonitoringRoute = ( router.versioned .get({ access: 'public', - path: PRIVILEGE_MONITORING_PRIVILEGE_CHECK_API, + path: PRIVMON_PRIVILEGE_CHECK_API, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts index 35c1c4dfeabe7..bb2593cd28487 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/register_privilege_monitoring_routes.ts @@ -10,10 +10,7 @@ import { createPrivilegeMonitoringIndicesRoute } from './create_index'; import { healthCheckPrivilegeMonitoringRoute } from './health'; import { initPrivilegeMonitoringEngineRoute } from './init'; import { scheduleNowMonitoringEngineRoute } from './schedule_now'; -import { - monitoringEntitySourceRoute, - listMonitoringEntitySourceRoute, -} from './monitoring_entity_source'; +import { registerMonitoringEntitySourceRoutes } from './monitoring_entity_source'; import { searchPrivilegeMonitoringIndicesRoute } from './search_indices'; import { @@ -40,17 +37,16 @@ export const registerPrivilegeMonitoringRoutes = ({ padGetStatusRoute(router, logger, config); initPrivilegeMonitoringEngineRoute(router, logger, config); scheduleNowMonitoringEngineRoute(router, logger, config); - deletePrivilegeMonitoringEngineRoute(router, logger, config); - healthCheckPrivilegeMonitoringRoute(router, logger, config); + deletePrivilegeMonitoringEngineRoute(router, logger); + healthCheckPrivilegeMonitoringRoute(router, logger); privilegesCheckPrivilegeMonitoringRoute(router, logger, getStartServices); searchPrivilegeMonitoringIndicesRoute(router, logger); createPrivilegeMonitoringIndicesRoute(router, logger); - monitoringEntitySourceRoute(router, logger, config); - listMonitoringEntitySourceRoute(router, logger, config); createUserRoute(router, logger); deleteUserRoute(router, logger); listUsersRoute(router, logger); updateUserRoute(router, logger); uploadUsersCSVRoute(router, logger, config); - disablePrivilegeMonitoringEngineRoute(router, logger, config); + disablePrivilegeMonitoringEngineRoute(router, logger); + registerMonitoringEntitySourceRoutes({ router, logger, config, getStartServices }); }; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/schedule_now.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/schedule_now.ts index 52bb5a1b9500e..4ab7d158805fa 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/schedule_now.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/schedule_now.ts @@ -8,11 +8,12 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; -import type { ScheduleMonitoringEngineResponse } from '../../../../../common/api/entity_analytics/privilege_monitoring/engine/schedule_now.gen'; +import type { ScheduleMonitoringEngineResponse } from '../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_ENGINE_SCHEDULE_NOW_URL, } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled'; @@ -28,7 +29,7 @@ export const scheduleNowMonitoringEngineRoute = ( router.versioned .post({ access: 'public', - path: '/api/entity_analytics/monitoring/engine/schedule_now', + path: MONITORING_ENGINE_SCHEDULE_NOW_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/search_indices.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/search_indices.ts index 01ca80c577fdd..9a2f0226653da 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/search_indices.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/search_indices.ts @@ -14,6 +14,7 @@ import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + PRIVMON_INDICES_URL, } from '../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { SearchPrivilegesIndicesRequestQuery } from '../../../../../common/api/entity_analytics/monitoring'; @@ -30,7 +31,7 @@ export const searchPrivilegeMonitoringIndicesRoute = ( router.versioned .get({ access: 'public', - path: '/api/entity_analytics/monitoring/privileges/indices', + path: PRIVMON_INDICES_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/create.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/create.ts index 04f57bf8d3a2d..54b384411918b 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/create.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/create.ts @@ -8,13 +8,15 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; - -import { CreatePrivMonUserRequestBody } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/create.gen'; -import type { CreatePrivMonUserResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/create.gen'; +import { + CreatePrivMonUserRequestBody, + type CreatePrivMonUserResponse, +} from '../../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_USERS_URL, } from '../../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../../types'; import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; @@ -24,7 +26,7 @@ export const createUserRoute = (router: EntityAnalyticsRoutesDeps['router'], log router.versioned .post({ access: 'public', - path: '/api/entity_analytics/monitoring/users', + path: MONITORING_USERS_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/delete.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/delete.ts index d3b9d8d1a1a09..76712e62204c8 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/delete.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/delete.ts @@ -8,13 +8,15 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; - -import { DeletePrivMonUserRequestParams } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/delete.gen'; -import type { DeletePrivMonUserResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/delete.gen'; +import { + DeletePrivMonUserRequestParams, + type DeletePrivMonUserResponse, +} from '../../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_USERS_URL, } from '../../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../../types'; import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; @@ -24,7 +26,7 @@ export const deleteUserRoute = (router: EntityAnalyticsRoutesDeps['router'], log router.versioned .delete({ access: 'public', - path: '/api/entity_analytics/monitoring/users/{id}', + path: `${MONITORING_USERS_URL}/{id}`, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/list.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/list.ts index e5aed98061873..5aa88bb2e1a86 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/list.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/list.ts @@ -9,12 +9,15 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server'; import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; -import { ListPrivMonUsersRequestQuery } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/list.gen'; -import type { ListPrivMonUsersResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import { + ListPrivMonUsersRequestQuery, + type ListPrivMonUsersResponse, +} from '../../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_USERS_LIST_URL, } from '../../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../../types'; import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; @@ -24,7 +27,7 @@ export const listUsersRoute = (router: EntityAnalyticsRoutesDeps['router'], logg router.versioned .get({ access: 'public', - path: '/api/entity_analytics/monitoring/users/list', + path: MONITORING_USERS_LIST_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/update.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/update.ts index 8bc46335139a8..42ea498ffe893 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/update.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/update.ts @@ -12,11 +12,12 @@ import { transformError } from '@kbn/securitysolution-es-utils'; import { UpdatePrivMonUserRequestParams, UpdatePrivMonUserRequestBody, -} from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/update.gen'; +} from '../../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, ENABLE_PRIVILEGED_USER_MONITORING_SETTING, + MONITORING_USERS_URL, } from '../../../../../../common/constants'; import type { EntityAnalyticsRoutesDeps } from '../../../types'; import { assertAdvancedSettingsEnabled } from '../../../utils/assert_advanced_setting_enabled'; @@ -26,7 +27,7 @@ export const updateUserRoute = (router: EntityAnalyticsRoutesDeps['router'], log router.versioned .put({ access: 'public', - path: '/api/entity_analytics/monitoring/users/{id}', + path: `${MONITORING_USERS_URL}/{id}`, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/upload_csv.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/upload_csv.ts index 461f0f076a602..74964d22563ae 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/upload_csv.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/routes/users/upload_csv.ts @@ -10,10 +10,13 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils'; import { transformError } from '@kbn/securitysolution-es-utils'; import { schema } from '@kbn/config-schema'; -import { PRIVMON_USERS_CSV_MAX_SIZE_BYTES_WITH_TOLERANCE } from '../../../../../../common/entity_analytics/privileged_user_monitoring/constants'; +import { + MONITORING_USERS_CSV_UPLOAD_URL, + PRIVMON_USERS_CSV_MAX_SIZE_BYTES_WITH_TOLERANCE, +} from '../../../../../../common/entity_analytics/privileged_user_monitoring/constants'; import type { HapiReadableStream } from '../../../../../types'; import type { ConfigType } from '../../../../../config'; -import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/upload_csv.gen'; +import type { PrivmonBulkUploadUsersCSVResponse } from '../../../../../../common/api/entity_analytics'; import { API_VERSIONS, APP_ID, @@ -31,7 +34,7 @@ export const uploadUsersCSVRoute = ( router.versioned .post({ access: 'public', - path: '/api/entity_analytics/monitoring/users/_csv', + path: MONITORING_USERS_CSV_UPLOAD_URL, security: { authz: { requiredPrivileges: ['securitySolution', `${APP_ID}-entity-analytics`], @@ -85,7 +88,6 @@ export const uploadUsersCSVRoute = ( return response.ok({ body }); } catch (e) { - // TODO TEST THIS ERROR SCENARIO const error = transformError(e); logger.error(`Error uploading users via CSV: ${error.message}`); return siemResponse.error({ diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/monitoring_entity_source.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/monitoring_entity_source.ts index 07b5284f19804..240a8274f64fd 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/monitoring_entity_source.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/monitoring_entity_source.ts @@ -9,7 +9,7 @@ import type { CreateMonitoringEntitySource, ListEntitySourcesRequestQuery, MonitoringEntitySource, -} from '../../../../../common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +} from '../../../../../common/api/entity_analytics'; import { monitoringEntitySourceTypeName } from './monitoring_entity_source_type'; export interface MonitoringEntitySourceDependencies { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/privilege_monitoring.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/privilege_monitoring.ts index ee96819f7e0c4..eed0181a4957a 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/privilege_monitoring.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/saved_objects/privilege_monitoring.ts @@ -7,7 +7,7 @@ import type { SavedObjectsClientContract, SavedObjectsFindResponse } from '@kbn/core/server'; -import type { MonitoringEngineDescriptor } from '../../../../../common/api/entity_analytics/privilege_monitoring/common.gen'; +import type { MonitoringEngineDescriptor } from '../../../../../common/api/entity_analytics'; import { privilegeMonitoringTypeName } from './privilege_monitoring_type'; import { PRIVILEGE_MONITORING_ENGINE_STATUS } from '../constants'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/query_existing_users.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/query_existing_users.ts index 7d77317e9a1b0..fc13e33c21189 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/query_existing_users.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/query_existing_users.ts @@ -8,7 +8,7 @@ import type { ElasticsearchClient } from '@kbn/core/server'; import { isRight, type Either } from 'fp-ts/Either'; -import type { MonitoredUserDoc } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/common.gen'; +import type { MonitoredUserDoc } from '../../../../../../common/api/entity_analytics'; import type { Batch, BulkPrivMonUser, BulkProcessingError } from './types'; export const queryExistingUsers = diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/soft_delete_omitted_users.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/soft_delete_omitted_users.ts index 0da461ae86bf2..43821254852a1 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/soft_delete_omitted_users.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/soft_delete_omitted_users.ts @@ -6,7 +6,7 @@ */ import type { ElasticsearchClient } from '@kbn/core/server'; -import type { MonitoredUserDoc } from '../../../../../../common/api/entity_analytics/privilege_monitoring/users/common.gen'; +import type { MonitoredUserDoc } from '../../../../../../common/api/entity_analytics'; import type { BulkProcessingError, BulkProcessingResults, Options } from './types'; export interface SoftDeletionResults { diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/privileged_users_crud.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/privileged_users_crud.ts index 8b655f464214c..250cdf77eff82 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/privileged_users_crud.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/privileged_users_crud.ts @@ -7,12 +7,12 @@ import { merge } from 'lodash'; import { fromKueryExpression, toElasticsearchQuery } from '@kbn/es-query'; -import type { UpdatePrivMonUserRequestBody } from '../../../../../common/api/entity_analytics/privilege_monitoring/users/update.gen'; -import type { MonitoredUserDoc } from '../../../../../common/api/entity_analytics/privilege_monitoring/users/common.gen'; import type { + UpdatePrivMonUserRequestBody, + MonitoredUserDoc, CreatePrivMonUserRequestBody, CreatePrivMonUserResponse, -} from '../../../../../common/api/entity_analytics/privilege_monitoring/users/create.gen'; +} from '../../../../../common/api/entity_analytics'; import type { PrivilegeMonitoringDataClient } from '../engine/data_client'; import type { PrivMonUserSource } from '../types'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/search.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/search.ts index bfd77c2b91cde..820e01a09b2de 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/search.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/search.ts @@ -6,7 +6,7 @@ */ import type { SortResults } from '@elastic/elasticsearch/lib/api/types'; -import type { MonitoredUserDoc } from '../../../../../common/api/entity_analytics/privilege_monitoring/users/common.gen'; +import type { MonitoredUserDoc } from '../../../../../common/api/entity_analytics'; import type { PrivilegeMonitoringDataClient } from '../engine/data_client'; export type SearchService = ReturnType; diff --git a/x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts b/x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts index 9c74abcd86a40..527fe1bad7c33 100644 --- a/x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts +++ b/x-pack/solutions/security/test/api_integration/services/security_solution_api.gen.ts @@ -32,9 +32,9 @@ import type { CreateDashboardMigrationDashboardsRequestParamsInput, CreateDashboardMigrationDashboardsRequestBodyInput, } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; -import type { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { CreatePrivilegesImportIndexRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/create_index.gen'; -import type { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/create.gen'; +import type { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/create.gen'; import type { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; import type { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { @@ -51,10 +51,10 @@ import type { DeleteEntityEngineRequestQueryInput, DeleteEntityEngineRequestParamsInput, } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; -import type { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; +import type { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/engine/delete.gen'; import type { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; -import type { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/delete.gen'; +import type { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/delete.gen'; import type { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; import type { DeleteRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; @@ -98,7 +98,7 @@ import type { GetEndpointSuggestionsRequestBodyInput, } from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; import type { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; -import type { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; import type { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; import type { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; @@ -140,8 +140,8 @@ import type { } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; import type { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; -import type { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import type { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/list.gen'; import type { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; import type { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; import type { @@ -182,11 +182,11 @@ import type { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security- import type { UpdateEntitySourceRequestParamsInput, UpdateEntitySourceRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { UpdatePrivMonUserRequestParamsInput, UpdatePrivMonUserRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/update.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/update.gen'; import type { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; import type { UpdateRuleMigrationRequestParamsInput, diff --git a/x-pack/solutions/security/test/functional/services/security_solution_api.gen.ts b/x-pack/solutions/security/test/functional/services/security_solution_api.gen.ts index a2a47d3aa00dc..7cc5bb649a40a 100644 --- a/x-pack/solutions/security/test/functional/services/security_solution_api.gen.ts +++ b/x-pack/solutions/security/test/functional/services/security_solution_api.gen.ts @@ -19,7 +19,6 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST, } from '@kbn/core-http-common'; import { replaceParams } from '@kbn/openapi-common/shared'; -import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; import type { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; import type { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; @@ -33,9 +32,9 @@ import type { CreateDashboardMigrationDashboardsRequestParamsInput, CreateDashboardMigrationDashboardsRequestBodyInput, } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; -import type { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { CreatePrivilegesImportIndexRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/create_index.gen'; -import type { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/create.gen'; +import type { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/create.gen'; import type { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; import type { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { @@ -52,10 +51,10 @@ import type { DeleteEntityEngineRequestQueryInput, DeleteEntityEngineRequestParamsInput, } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; -import type { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; +import type { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/engine/delete.gen'; import type { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; -import type { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/delete.gen'; +import type { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/delete.gen'; import type { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; import type { DeleteRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; @@ -86,6 +85,11 @@ import type { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security import type { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; import type { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; import type { GetDashboardMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import type { + GetDashboardMigrationResourcesRequestQueryInput, + GetDashboardMigrationResourcesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import type { GetDashboardMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; import type { GetDashboardMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; import type { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; import type { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; @@ -94,7 +98,7 @@ import type { GetEndpointSuggestionsRequestBodyInput, } from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; import type { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; -import type { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; import type { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; import type { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; @@ -136,8 +140,8 @@ import type { } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; import type { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; -import type { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import type { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/list.gen'; import type { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; import type { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; import type { @@ -173,11 +177,11 @@ import type { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security- import type { UpdateEntitySourceRequestParamsInput, UpdateEntitySourceRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { UpdatePrivMonUserRequestParamsInput, UpdatePrivMonUserRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/update.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/update.gen'; import type { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; import type { UpdateRuleMigrationRequestParamsInput, @@ -195,10 +199,16 @@ import type { UpdateWorkflowInsightRequestParamsInput, UpdateWorkflowInsightRequestBodyInput, } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import type { + UpsertDashboardMigrationResourcesRequestParamsInput, + UpsertDashboardMigrationResourcesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; import type { UpsertRuleMigrationResourcesRequestParamsInput, UpsertRuleMigrationResourcesRequestBodyInput, } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; + +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; import type { FtrProviderContext } from '../ftr_provider_context'; export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { @@ -712,8 +722,12 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .send(props.body as object); }, /** - * Download a file from an endpoint. - */ + * Download a file from an endpoint. +> info +> To construct a `file_id`, combine the `action_id` and `agent_id` values using a dot separator: +> {`file_id`} = {`action_id`}`.`{`agent_id`} + + */ endpointFileDownload(props: EndpointFileDownloadProps, kibanaSpace: string = 'default') { return supertest .get( @@ -727,8 +741,12 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, /** - * Get information for the specified file using the file ID. - */ + * Get information for the specified file using the file ID. +> info +> To construct a `file_id`, combine the `action_id` and `agent_id` values using a dot separator: +> {`file_id`} = {`action_id`}`.`{`agent_id`} + + */ endpointFileInfo(props: EndpointFileInfoProps, kibanaSpace: string = 'default') { return supertest .get( @@ -1015,6 +1033,49 @@ finalize it. .set(ELASTIC_HTTP_VERSION_HEADER, '1') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, + /** + * Retrieves resources for an existing SIEM dashboards migration + */ + getDashboardMigrationResources( + props: GetDashboardMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/resources', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Identifies missing resources from all the dashboards of an existing SIEM dashboard migration + */ + getDashboardMigrationResourcesMissing( + props: GetDashboardMigrationResourcesMissingProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/resources/missing', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, /** * Retrieves the dashboard migrations stats for given migrations stored in the system */ @@ -1806,6 +1867,15 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(props.body as object); }, + scheduleMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/schedule_now', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, /** * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. */ @@ -2077,6 +2147,28 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .set(ELASTIC_HTTP_VERSION_HEADER, '1') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, + /** + * Creates or updates resources for an existing SIEM dashboards migration + */ + upsertDashboardMigrationResources( + props: UpsertDashboardMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/resources', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, /** * Creates or updates resources for an existing SIEM rules migration */ @@ -2246,6 +2338,13 @@ export interface GetAssetCriticalityRecordProps { export interface GetDashboardMigrationProps { params: GetDashboardMigrationRequestParamsInput; } +export interface GetDashboardMigrationResourcesProps { + query: GetDashboardMigrationResourcesRequestQueryInput; + params: GetDashboardMigrationResourcesRequestParamsInput; +} +export interface GetDashboardMigrationResourcesMissingProps { + params: GetDashboardMigrationResourcesMissingRequestParamsInput; +} export interface GetDashboardMigrationStatsProps { params: GetDashboardMigrationStatsRequestParamsInput; } @@ -2445,6 +2544,10 @@ export interface UpdateWorkflowInsightProps { params: UpdateWorkflowInsightRequestParamsInput; body: UpdateWorkflowInsightRequestBodyInput; } +export interface UpsertDashboardMigrationResourcesProps { + params: UpsertDashboardMigrationResourcesRequestParamsInput; + body: UpsertDashboardMigrationResourcesRequestBodyInput; +} export interface UpsertRuleMigrationResourcesProps { params: UpsertRuleMigrationResourcesRequestParamsInput; body: UpsertRuleMigrationResourcesRequestBodyInput; diff --git a/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts index 4a4de29872431..a74459f4a1ddb 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/config/services/security_solution_api.gen.ts @@ -19,7 +19,6 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST, } from '@kbn/core-http-common'; import { replaceParams } from '@kbn/openapi-common/shared'; -import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; import type { AlertsMigrationCleanupRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen'; import type { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen'; @@ -33,9 +32,9 @@ import type { CreateDashboardMigrationDashboardsRequestParamsInput, CreateDashboardMigrationDashboardsRequestBodyInput, } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; -import type { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { CreateEntitySourceRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { CreatePrivilegesImportIndexRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/create_index.gen'; -import type { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/create.gen'; +import type { CreatePrivMonUserRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/create.gen'; import type { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; import type { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { @@ -52,10 +51,10 @@ import type { DeleteEntityEngineRequestQueryInput, DeleteEntityEngineRequestParamsInput, } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen'; -import type { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/engine/delete.gen'; +import type { DeleteEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { DeleteMonitoringEngineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/engine/delete.gen'; import type { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen'; -import type { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/delete.gen'; +import type { DeletePrivMonUserRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/delete.gen'; import type { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen'; import type { DeleteRuleMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen'; @@ -86,6 +85,11 @@ import type { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security import type { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen'; import type { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen'; import type { GetDashboardMigrationRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import type { + GetDashboardMigrationResourcesRequestQueryInput, + GetDashboardMigrationResourcesRequestParamsInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; +import type { GetDashboardMigrationResourcesMissingRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; import type { GetDashboardMigrationStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; import type { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen'; import type { GetEndpointMetadataListRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/metadata/get_metadata.gen'; @@ -94,7 +98,7 @@ import type { GetEndpointSuggestionsRequestBodyInput, } from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen'; import type { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen'; -import type { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { GetEntitySourceRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { GetEntityStoreStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/status.gen'; import type { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen'; import type { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen'; @@ -136,8 +140,8 @@ import type { } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; import type { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen'; import type { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen'; -import type { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; -import type { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import type { ListEntitySourcesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { ListPrivMonUsersRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/list.gen'; import type { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen'; import type { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen'; import type { @@ -173,11 +177,11 @@ import type { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security- import type { UpdateEntitySourceRequestParamsInput, UpdateEntitySourceRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen'; import type { UpdatePrivMonUserRequestParamsInput, UpdatePrivMonUserRequestBodyInput, -} from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/update.gen'; +} from '@kbn/security-solution-plugin/common/api/entity_analytics/monitoring/users/update.gen'; import type { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen'; import type { UpdateRuleMigrationRequestParamsInput, @@ -195,10 +199,16 @@ import type { UpdateWorkflowInsightRequestParamsInput, UpdateWorkflowInsightRequestBodyInput, } from '@kbn/security-solution-plugin/common/api/endpoint/workflow_insights/workflow_insights.gen'; +import type { + UpsertDashboardMigrationResourcesRequestParamsInput, + UpsertDashboardMigrationResourcesRequestBodyInput, +} from '@kbn/security-solution-plugin/common/siem_migrations/model/api/dashboards/dashboard_migration.gen'; import type { UpsertRuleMigrationResourcesRequestParamsInput, UpsertRuleMigrationResourcesRequestBodyInput, } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rule_migration.gen'; + +import { getRouteUrlForSpace } from '@kbn/spaces-plugin/common'; import type { FtrProviderContext } from '../../ftr_provider_context'; export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) { @@ -712,8 +722,12 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .send(props.body as object); }, /** - * Download a file from an endpoint. - */ + * Download a file from an endpoint. +> info +> To construct a `file_id`, combine the `action_id` and `agent_id` values using a dot separator: +> {`file_id`} = {`action_id`}`.`{`agent_id`} + + */ endpointFileDownload(props: EndpointFileDownloadProps, kibanaSpace: string = 'default') { return supertest .get( @@ -727,8 +741,12 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, /** - * Get information for the specified file using the file ID. - */ + * Get information for the specified file using the file ID. +> info +> To construct a `file_id`, combine the `action_id` and `agent_id` values using a dot separator: +> {`file_id`} = {`action_id`}`.`{`agent_id`} + + */ endpointFileInfo(props: EndpointFileInfoProps, kibanaSpace: string = 'default') { return supertest .get( @@ -1015,6 +1033,49 @@ finalize it. .set(ELASTIC_HTTP_VERSION_HEADER, '1') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, + /** + * Retrieves resources for an existing SIEM dashboards migration + */ + getDashboardMigrationResources( + props: GetDashboardMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/resources', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(props.query); + }, + /** + * Identifies missing resources from all the dashboards of an existing SIEM dashboard migration + */ + getDashboardMigrationResourcesMissing( + props: GetDashboardMigrationResourcesMissingProps, + kibanaSpace: string = 'default' + ) { + return supertest + .get( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/resources/missing', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, /** * Retrieves the dashboard migrations stats for given migrations stored in the system */ @@ -1806,6 +1867,15 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(props.body as object); }, + scheduleMonitoringEngine(kibanaSpace: string = 'default') { + return supertest + .post( + getRouteUrlForSpace('/api/entity_analytics/monitoring/engine/schedule_now', kibanaSpace) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, /** * Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality. */ @@ -2077,6 +2147,28 @@ The difference between the `id` and `rule_id` is that the `id` is a unique rule .set(ELASTIC_HTTP_VERSION_HEADER, '1') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, + /** + * Creates or updates resources for an existing SIEM dashboards migration + */ + upsertDashboardMigrationResources( + props: UpsertDashboardMigrationResourcesProps, + kibanaSpace: string = 'default' + ) { + return supertest + .post( + getRouteUrlForSpace( + replaceParams( + '/internal/siem_migrations/dashboards/{migration_id}/resources', + props.params + ), + kibanaSpace + ) + ) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, /** * Creates or updates resources for an existing SIEM rules migration */ @@ -2246,6 +2338,13 @@ export interface GetAssetCriticalityRecordProps { export interface GetDashboardMigrationProps { params: GetDashboardMigrationRequestParamsInput; } +export interface GetDashboardMigrationResourcesProps { + query: GetDashboardMigrationResourcesRequestQueryInput; + params: GetDashboardMigrationResourcesRequestParamsInput; +} +export interface GetDashboardMigrationResourcesMissingProps { + params: GetDashboardMigrationResourcesMissingRequestParamsInput; +} export interface GetDashboardMigrationStatsProps { params: GetDashboardMigrationStatsRequestParamsInput; } @@ -2445,6 +2544,10 @@ export interface UpdateWorkflowInsightProps { params: UpdateWorkflowInsightRequestParamsInput; body: UpdateWorkflowInsightRequestBodyInput; } +export interface UpsertDashboardMigrationResourcesProps { + params: UpsertDashboardMigrationResourcesRequestParamsInput; + body: UpsertDashboardMigrationResourcesRequestBodyInput; +} export interface UpsertRuleMigrationResourcesProps { params: UpsertRuleMigrationResourcesRequestParamsInput; body: UpsertRuleMigrationResourcesRequestBodyInput; diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts index 7dae0365d5e21..ed001ca71fd0c 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/api.ts @@ -6,7 +6,7 @@ */ import expect from '@kbn/expect'; -import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics'; import type { FtrProviderContext } from '../../../../../ftr_provider_context'; import { PrivMonUtils } from './utils'; import { enablePrivmonSetting, disablePrivmonSetting } from '../../../utils'; diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/cross_source_sync.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/cross_source_sync.ts index 9806229515a6d..049f4be77ef0a 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/cross_source_sync.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/cross_source_sync.ts @@ -6,7 +6,7 @@ */ import expect from 'expect'; -import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics'; import type { FtrProviderContext } from '../../../../../ftr_provider_context'; import { PrivMonUtils } from './utils'; import { enablePrivmonSetting, disablePrivmonSetting } from '../../../utils'; diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/migrations.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/migrations.ts index 9d8513cd3a3e6..9b12cc50636ee 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/migrations.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/migrations.ts @@ -6,8 +6,8 @@ */ import expect from 'expect'; -import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; -import { getPrivilegedMonitorUsersIndex } from '@kbn/security-solution-plugin/common/entity_analytics/privilege_monitoring/utils'; +import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics'; +import { getPrivilegedMonitorUsersIndex } from '@kbn/security-solution-plugin/common/entity_analytics/privileged_user_monitoring/utils'; import { asyncForEach } from '@kbn/std'; import type { FtrProviderContext } from '../../../../../ftr_provider_context'; import { entityAnalyticsRouteHelpersFactory } from '../../../utils/entity_analytics'; diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/task.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/task.ts index 441e8a51e3065..5c8069114b067 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/task.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/task.ts @@ -6,8 +6,10 @@ */ import expect from 'expect'; -import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; -import type { CreateEntitySourceResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen'; +import type { + ListPrivMonUsersResponse, + CreateEntitySourceResponse, +} from '@kbn/security-solution-plugin/common/api/entity_analytics'; import type { FtrProviderContext } from '../../../../../ftr_provider_context'; import { PrivMonUtils } from './utils'; import { enablePrivmonSetting, disablePrivmonSetting } from '../../../utils'; diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts index 2867c58fe3ceb..574a1a6325548 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/monitoring/trial_license_complete_tier/privileged_users/utils.ts @@ -9,8 +9,13 @@ import { ELASTIC_HTTP_VERSION_HEADER, X_ELASTIC_INTERNAL_ORIGIN_REQUEST, } from '@kbn/core-http-common/src/constants'; -import { API_VERSIONS } from '@kbn/security-solution-plugin/common/constants'; -import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics/privilege_monitoring/users/list.gen'; +import { + API_VERSIONS, + MONITORING_ENGINE_INIT_URL, + MONITORING_ENGINE_SCHEDULE_NOW_URL, + MONITORING_USERS_CSV_UPLOAD_URL, +} from '@kbn/security-solution-plugin/common/constants'; +import type { ListPrivMonUsersResponse } from '@kbn/security-solution-plugin/common/api/entity_analytics'; import type { TaskStatus } from '@kbn/task-manager-plugin/server'; import { routeWithNamespace, waitFor } from '../../../../../config/services/detections_response'; import type { FtrProviderContext } from '../../../../../ftr_provider_context'; @@ -49,7 +54,7 @@ export const PrivMonUtils = ( password: string; }) => { return await supertestWithoutAuth - .post(routeWithNamespace('/api/entity_analytics/monitoring/engine/init', namespace)) + .post(routeWithNamespace(MONITORING_ENGINE_INIT_URL, namespace)) .auth(username, password) .set('kbn-xsrf', 'true') .set('elastic-api-version', API_VERSIONS.public.v1) @@ -63,7 +68,7 @@ export const PrivMonUtils = ( ) => { const file = fileContent instanceof Buffer ? fileContent : Buffer.from(fileContent); return supertest - .post(routeWithNamespace('/api/entity_analytics/monitoring/users/_csv', namespace)) + .post(routeWithNamespace(MONITORING_USERS_CSV_UPLOAD_URL, namespace)) .set('kbn-xsrf', 'true') .set(ELASTIC_HTTP_VERSION_HEADER, API_VERSIONS.public.v1) .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') @@ -83,7 +88,7 @@ export const PrivMonUtils = ( }, ignoreConflict: ${!!ignoreConflict}` ); return supertest - .post(routeWithNamespace('/api/entity_analytics/monitoring/engine/schedule_now', namespace)) + .post(routeWithNamespace(MONITORING_ENGINE_SCHEDULE_NOW_URL, namespace)) .set('kbn-xsrf', 'true') .set(ELASTIC_HTTP_VERSION_HEADER, API_VERSIONS.public.v1) .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') diff --git a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts index c6db5461cebd9..06f2846c84264 100644 --- a/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts +++ b/x-pack/solutions/security/test/security_solution_api_integration/test_suites/entity_analytics/utils/privilege_monitoring.ts @@ -6,14 +6,17 @@ */ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { SupertestWithoutAuthProviderType } from '@kbn/ftr-common-functional-services'; -import { API_VERSIONS } from '@kbn/security-solution-plugin/common/constants'; +import { + API_VERSIONS, + PRIVMON_PRIVILEGE_CHECK_API, +} from '@kbn/security-solution-plugin/common/constants'; export const privilegeMonitoringRouteHelpersFactoryNoAuth = ( supertestWithoutAuth: SupertestWithoutAuthProviderType ) => ({ privilegesForUser: async ({ username, password }: { username: string; password: string }) => await supertestWithoutAuth - .get('/api/entity_analytics/monitoring/privileges/privileges') + .get(PRIVMON_PRIVILEGE_CHECK_API) .auth(username, password) .set('elastic-api-version', API_VERSIONS.public.v1) .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') diff --git a/x-pack/solutions/security/test/security_solution_cypress/cypress/tasks/privileged_user_monitoring.ts b/x-pack/solutions/security/test/security_solution_cypress/cypress/tasks/privileged_user_monitoring.ts index 4c04325d5b8e2..1008fdb6901d3 100644 --- a/x-pack/solutions/security/test/security_solution_cypress/cypress/tasks/privileged_user_monitoring.ts +++ b/x-pack/solutions/security/test/security_solution_cypress/cypress/tasks/privileged_user_monitoring.ts @@ -5,13 +5,14 @@ * 2.0. */ +import { MONITORING_ENGINE_DELETE_URL } from '@kbn/security-solution-plugin/common/entity_analytics/privileged_user_monitoring/constants'; import { getDataTestSubjectSelector } from '../helpers/common'; import { rootRequest } from './api_calls/common'; export const deletePrivMonEngine = () => { return rootRequest({ method: 'DELETE', - url: `/api/entity_analytics/monitoring/engine/delete`, + url: MONITORING_ENGINE_DELETE_URL, failOnStatusCode: false, timeout: 300000, });