diff --git a/x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/entity_analytics/enrichments.cy.ts b/x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/entity_analytics/enrichments.cy.ts deleted file mode 100644 index bbbd46cb5fb1c..0000000000000 --- a/x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/entity_analytics/enrichments.cy.ts +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { getNewRule } from '../../objects/rule'; -import { - HOST_RISK_HEADER_COLUMN, - USER_RISK_HEADER_COLUMN, - HOST_RISK_COLUMN, - USER_RISK_COLUMN, - ACTION_COLUMN, -} from '../../screens/alerts'; -import { ENRICHED_DATA_ROW } from '../../screens/alerts_details'; - -import { createRule } from '../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../tasks/api_calls/common'; -import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; -import { - expandFirstAlert, - scrollAlertTableColumnIntoView, - closeAlertFlyout, -} from '../../tasks/alerts'; - -import { login } from '../../tasks/login'; -import { visitWithTimeRange } from '../../tasks/navigation'; - -import { ALERTS_URL } from '../../urls/navigation'; -import { mockRiskEngineEnabled } from '../../tasks/entity_analytics'; - -const CURRENT_HOST_RISK_LEVEL = 'Current host risk level'; -const ORIGINAL_HOST_RISK_LEVEL = 'Original host risk level'; - -// this whole suite is failing on main -describe.skip('Enrichment', { tags: ['@ess'] }, () => { - before(() => { - cy.task('esArchiverUnload', { archiveName: 'risk_scores_new' }); - cy.task('esArchiverUnload', { archiveName: 'risk_scores_new_updated' }); - }); - - describe('Custom query rule', () => { - describe('from new risk scores', () => { - beforeEach(() => { - cy.task('esArchiverLoad', { archiveName: 'risk_scores_new' }); - deleteAlertsAndRules(); - createRule(getNewRule({ rule_id: 'rule1' })); - login(); - mockRiskEngineEnabled(); - visitWithTimeRange(ALERTS_URL); - waitForAlertsToPopulate(); - }); - - afterEach(() => { - cy.task('esArchiverUnload', { archiveName: 'risk_scores_new' }); - cy.task('esArchiverUnload', { archiveName: 'risk_scores_new_updated' }); - }); - - it('Should has enrichment fields risk', function () { - cy.get(HOST_RISK_HEADER_COLUMN).contains('Host Risk Level'); - cy.get(USER_RISK_HEADER_COLUMN).contains('User Risk Level'); - scrollAlertTableColumnIntoView(HOST_RISK_COLUMN); - cy.get(HOST_RISK_COLUMN).contains('Critical'); - scrollAlertTableColumnIntoView(USER_RISK_COLUMN); - cy.get(USER_RISK_COLUMN).contains('High'); - scrollAlertTableColumnIntoView(ACTION_COLUMN); - expandFirstAlert(); - cy.get(ENRICHED_DATA_ROW).contains('Critical'); - cy.get(ENRICHED_DATA_ROW).contains(CURRENT_HOST_RISK_LEVEL); - cy.get(ENRICHED_DATA_ROW).contains('Low').should('not.exist'); - cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_LEVEL).should('not.exist'); - - closeAlertFlyout(); - cy.task('esArchiverUnload', { archiveName: 'risk_scores_new' }); - cy.task('esArchiverLoad', { archiveName: 'risk_scores_new_updated' }); - expandFirstAlert(); - cy.get(ENRICHED_DATA_ROW).contains('Low'); - cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_LEVEL); - }); - }); - }); -}); diff --git a/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts.ts b/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts.ts index fd2953f7a94cc..582c3f057d020 100644 --- a/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts.ts +++ b/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts.ts @@ -83,18 +83,6 @@ export const ATTACH_ALERT_TO_CASE_BUTTON = '[data-test-subj="add-to-existing-cas export const ATTACH_TO_NEW_CASE_BUTTON = '[data-test-subj="add-to-new-case-action"]'; -export const HOST_RISK_HEADER_COLUMN = - '[data-test-subj="dataGridHeaderCell-host.risk.calculated_level"]'; - -export const HOST_RISK_COLUMN = '[data-gridcell-column-id="host.risk.calculated_level"]'; - -export const USER_RISK_HEADER_COLUMN = - '[data-test-subj="dataGridHeaderCell-user.risk.calculated_level"]'; - -export const USER_RISK_COLUMN = '[data-gridcell-column-id="user.risk.calculated_level"]'; - -export const ACTION_COLUMN = '[data-gridcell-column-id="expandColumn"]'; - export const DATAGRID_CHANGES_IN_PROGRESS = '[data-test-subj="body-data-grid"] .euiProgress'; export const EVENT_CONTAINER_TABLE_LOADING = '[data-test-subj="internalAlertsPageLoading"]'; diff --git a/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts_details.ts b/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts_details.ts index 582bdca9bc8e9..8bf9c7f67191c 100644 --- a/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts_details.ts +++ b/x-pack/solutions/security/test/security_solution_cypress/cypress/screens/alerts_details.ts @@ -32,5 +32,3 @@ export const THREAT_DETAILS_VIEW = export const UPDATE_ENRICHMENT_RANGE_BUTTON = '[data-test-subj="securitySolutionFlyoutThreatIntelligenceDetailsEnrichmentRefreshButton"]'; - -export const ENRICHED_DATA_ROW = `[data-test-subj='EnrichedDataRow']`; diff --git a/x-pack/solutions/security/test/security_solution_cypress/es_archives/risk_scores_new_updated/data.json b/x-pack/solutions/security/test/security_solution_cypress/es_archives/risk_scores_new_updated/data.json deleted file mode 100644 index 058c081b3ee6d..0000000000000 --- a/x-pack/solutions/security/test/security_solution_cypress/es_archives/risk_scores_new_updated/data.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "type": "doc", - "value": { - "id": "a4cf452c1e0375c3d4412cb550bd1783358468a3b3b777da4829d72c7d6fb74f", - "index": "risk-score.risk-score-latest-default", - "source": { - "@timestamp": "2021-03-10T14:51:05.766Z", - "host": { - "name": "siem-kibana", - "risk": { - "calculated_level": "Low", - "calculated_score_norm": 20, - "id_field": "host.name", - "id_value": "siem-kibana", - "calculated_score": 150, - "category_1_score": 150, - "category_1_count": 1, - "notes": [], - "inputs": [ - { - "id": "2e17f189-d77d-4537-8d84-592e29334493", - "index": ".internal.alerts-security.alerts-default-000001", - "description": "Alert from Rule: Rule 2", - "category": "category_1", - "risk_score": 70, - "timestamp": "2023-08-14T09:08:18.664Z" - } - ] - } - } - } - } -} - -{ - "type": "doc", - "value": { - "id": "a4cf452c1e0375c3d4412cb550bd1783358468b3123314829d72c7df6fb74", - "index": "risk-score.risk-score-latest-default", - "source": { - "@timestamp": "2021-03-10T14:52:05.766Z", - "user": { - "name": "test", - "risk": { - "calculated_score_norm": 60, - "calculated_level": "High", - "id_field": "user.name", - "id_value": "test", - "calculated_score": 150, - "category_1_score": 150, - "category_1_count": 1, - "notes": [], - "inputs": [ - { - "id": "eabbdefc23da981f2b74ab58b82622a97bb9878caa11bc914e2adfacc94780f1-d77d-4537-8d84-592e29334493", - "index": ".internal.alerts-security.alerts-default-000001", - "description": "Alert from Rule: Rule 2", - "category": "category_1", - "risk_score": 70, - "timestamp": "2023-08-14T09:08:18.664Z" - } - ] - } - } - } - } -} \ No newline at end of file diff --git a/x-pack/solutions/security/test/security_solution_cypress/es_archives/risk_scores_new_updated/mappings.json b/x-pack/solutions/security/test/security_solution_cypress/es_archives/risk_scores_new_updated/mappings.json deleted file mode 100644 index 35cb0031894d7..0000000000000 --- a/x-pack/solutions/security/test/security_solution_cypress/es_archives/risk_scores_new_updated/mappings.json +++ /dev/null @@ -1,136 +0,0 @@ -{ - - "type": "index", - "value": { - "index": "risk-score.risk-score-latest-default", - "mappings": { - "dynamic": "strict", - "properties": { - "@timestamp": { - "type": "date" - }, - "host": { - "properties": { - "name": { - "type": "keyword" - }, - "risk": { - "properties": { - "calculated_level": { - "type": "keyword" - }, - "calculated_score": { - "type": "float" - }, - "calculated_score_norm": { - "type": "float" - }, - "category_1_count": { - "type": "long" - }, - "category_1_score": { - "type": "float" - }, - "id_field": { - "type": "keyword" - }, - "id_value": { - "type": "keyword" - }, - "inputs": { - "properties": { - "category": { - "type": "keyword" - }, - "description": { - "type": "keyword" - }, - "id": { - "type": "keyword" - }, - "index": { - "type": "keyword" - }, - "risk_score": { - "type": "float" - }, - "timestamp": { - "type": "date" - } - } - }, - "notes": { - "type": "keyword" - } - } - } - } - }, - "user": { - "properties": { - "name": { - "type": "keyword" - }, - "risk": { - "properties": { - "calculated_level": { - "type": "keyword" - }, - "calculated_score": { - "type": "float" - }, - "calculated_score_norm": { - "type": "float" - }, - "category_1_count": { - "type": "long" - }, - "category_1_score": { - "type": "float" - }, - "id_field": { - "type": "keyword" - }, - "id_value": { - "type": "keyword" - }, - "inputs": { - "properties": { - "category": { - "type": "keyword" - }, - "description": { - "type": "keyword" - }, - "id": { - "type": "keyword" - }, - "index": { - "type": "keyword" - }, - "risk_score": { - "type": "float" - }, - "timestamp": { - "type": "date" - } - } - }, - "notes": { - "type": "keyword" - } - } - } - } - } - } - }, - "settings": { - "index": { - "auto_expand_replicas": "0-1", - "number_of_replicas": "0", - "number_of_shards": "1" - } - } - } - } \ No newline at end of file