diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 23cc432f2f509..1709c6a16def1 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -76741,7 +76741,7 @@ paths: minimum: 0 type: integer maxLogsPerWindowCapBehavior: - default: defer + default: drop enum: - defer - drop diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index 381b7b7435db8..d3d2fd686332f 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -81950,7 +81950,7 @@ paths: minimum: 0 type: integer maxLogsPerWindowCapBehavior: - default: defer + default: drop enum: - defer - drop diff --git a/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/ccs_logs_extraction_client.test.ts b/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/ccs_logs_extraction_client.test.ts index f428ceab02467..9e300fce412fb 100644 --- a/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/ccs_logs_extraction_client.test.ts +++ b/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/ccs_logs_extraction_client.test.ts @@ -80,7 +80,7 @@ describe('CcsLogsExtractionClient', () => { // behavior is exercised by the dedicated tests at the end of this describe block. maxTimeWindowSize: '999d', maxLogsPerWindow: 0, - maxLogsPerWindowCapBehavior: 'defer' as const, + maxLogsPerWindowCapBehavior: 'drop' as const, }; beforeEach(() => { diff --git a/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/logs_extraction_client.test.ts b/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/logs_extraction_client.test.ts index 16879bdecf3ae..083d72bcd6001 100644 --- a/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/logs_extraction_client.test.ts +++ b/x-pack/solutions/security/plugins/entity_store/server/domain/logs_extraction/logs_extraction_client.test.ts @@ -982,7 +982,7 @@ describe('LogsExtractionClient', () => { delay: '1m', maxTimeWindowSize: '999d', maxLogsPerWindow: overrides.maxLogsPerWindow, - maxLogsPerWindowCapBehavior: overrides.maxLogsPerWindowCapBehavior ?? 'defer', + maxLogsPerWindowCapBehavior: overrides.maxLogsPerWindowCapBehavior ?? 'drop', }), } as EntityStoreGlobalState; mockGlobalStateClient.find.mockResolvedValue(globalState); diff --git a/x-pack/solutions/security/plugins/entity_store/server/domain/saved_objects/global_state/constants.ts b/x-pack/solutions/security/plugins/entity_store/server/domain/saved_objects/global_state/constants.ts index ebc83d13d3321..69e9a933d40dd 100644 --- a/x-pack/solutions/security/plugins/entity_store/server/domain/saved_objects/global_state/constants.ts +++ b/x-pack/solutions/security/plugins/entity_store/server/domain/saved_objects/global_state/constants.ts @@ -20,7 +20,7 @@ export const LOG_EXTRACTION_TIMEOUT_DEFAULT = '59s'; export const LOG_EXTRACTION_MAX_TIME_WINDOW_SIZE_DEFAULT = '15m'; // Max total raw log documents to process per task run; 0 = no cap export const LOG_EXTRACTION_MAX_LOGS_PER_WINDOW_DEFAULT = 500_000; -export const LOG_EXTRACTION_CAP_BEHAVIOR_DEFAULT = 'defer' as const; +export const LOG_EXTRACTION_CAP_BEHAVIOR_DEFAULT = 'drop' as const; export type LogExtractionConfig = z.infer; export const LogExtractionConfig = z.object({