diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts.spec.ts deleted file mode 100644 index 82e214398f69a..0000000000000 --- a/x-pack/plugins/security_solution/cypress/integration/alerts.spec.ts +++ /dev/null @@ -1,263 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { newRule } from '../objects/rule'; -import { - ALERTS, - ALERTS_COUNT, - SELECTED_ALERTS, - SHOWING_ALERTS, - TAKE_ACTION_POPOVER_BTN, -} from '../screens/alerts'; - -import { - closeFirstAlert, - closeAlerts, - goToClosedAlerts, - goToOpenedAlerts, - openFirstAlert, - openAlerts, - selectNumberOfAlerts, - waitForAlertsPanelToBeLoaded, - waitForAlerts, - waitForAlertsToBeLoaded, - markInProgressFirstAlert, - goToInProgressAlerts, - waitForAlertsIndexToBeCreated, -} from '../tasks/alerts'; -import { createCustomRuleActivated } from '../tasks/api_calls/rules'; -import { cleanKibana } from '../tasks/common'; -import { waitForAlertsToPopulate } from '../tasks/create_new_rule'; -import { loginAndWaitForPage } from '../tasks/login'; -import { refreshPage } from '../tasks/security_header'; - -import { DETECTIONS_URL } from '../urls/navigation'; - -describe('Alerts', () => { - context('Closing alerts', () => { - beforeEach(() => { - cleanKibana(); - loginAndWaitForPage(DETECTIONS_URL); - waitForAlertsPanelToBeLoaded(); - waitForAlertsIndexToBeCreated(); - createCustomRuleActivated(newRule); - refreshPage(); - waitForAlertsToPopulate(); - }); - - it('Closes and opens alerts', () => { - const numberOfAlertsToBeClosed = 3; - cy.get(ALERTS_COUNT) - .invoke('text') - .then((numberOfAlerts) => { - cy.get(SHOWING_ALERTS).should('have.text', `Showing ${numberOfAlerts} alerts`); - - selectNumberOfAlerts(numberOfAlertsToBeClosed); - - cy.get(SELECTED_ALERTS).should( - 'have.text', - `Selected ${numberOfAlertsToBeClosed} alerts` - ); - - closeAlerts(); - waitForAlerts(); - - const expectedNumberOfAlertsAfterClosing = +numberOfAlerts - numberOfAlertsToBeClosed; - cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlertsAfterClosing.toString()); - - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${expectedNumberOfAlertsAfterClosing.toString()} alerts` - ); - - goToClosedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).should('have.text', numberOfAlertsToBeClosed.toString()); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${numberOfAlertsToBeClosed.toString()} alerts` - ); - cy.get(ALERTS).should('have.length', numberOfAlertsToBeClosed); - - const numberOfAlertsToBeOpened = 1; - selectNumberOfAlerts(numberOfAlertsToBeOpened); - - cy.get(SELECTED_ALERTS).should('have.text', `Selected ${numberOfAlertsToBeOpened} alert`); - - openAlerts(); - waitForAlerts(); - - const expectedNumberOfClosedAlertsAfterOpened = 2; - cy.get(ALERTS_COUNT).should( - 'have.text', - expectedNumberOfClosedAlertsAfterOpened.toString() - ); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${expectedNumberOfClosedAlertsAfterOpened.toString()} alerts` - ); - cy.get(ALERTS).should('have.length', expectedNumberOfClosedAlertsAfterOpened); - - goToOpenedAlerts(); - waitForAlerts(); - - const expectedNumberOfOpenedAlerts = - +numberOfAlerts - expectedNumberOfClosedAlertsAfterOpened; - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${expectedNumberOfOpenedAlerts.toString()} alerts` - ); - - cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfOpenedAlerts.toString()); - }); - }); - - it('Closes one alert when more than one opened alerts are selected', () => { - cy.get(ALERTS_COUNT) - .invoke('text') - .then((numberOfAlerts) => { - const numberOfAlertsToBeClosed = 1; - const numberOfAlertsToBeSelected = 3; - - cy.get(TAKE_ACTION_POPOVER_BTN).should('have.attr', 'disabled'); - selectNumberOfAlerts(numberOfAlertsToBeSelected); - cy.get(TAKE_ACTION_POPOVER_BTN).should('not.have.attr', 'disabled'); - - closeFirstAlert(); - waitForAlerts(); - - const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeClosed; - cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlerts.toString()); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${expectedNumberOfAlerts.toString()} alerts` - ); - - goToClosedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).should('have.text', numberOfAlertsToBeClosed.toString()); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${numberOfAlertsToBeClosed.toString()} alert` - ); - cy.get(ALERTS).should('have.length', numberOfAlertsToBeClosed); - }); - }); - }); - - context('Opening alerts', () => { - beforeEach(() => { - cleanKibana(); - loginAndWaitForPage(DETECTIONS_URL); - waitForAlertsPanelToBeLoaded(); - waitForAlertsIndexToBeCreated(); - createCustomRuleActivated(newRule); - refreshPage(); - waitForAlertsToPopulate(); - selectNumberOfAlerts(5); - - cy.get(SELECTED_ALERTS).should('have.text', `Selected 5 alerts`); - - closeAlerts(); - waitForAlerts(); - refreshPage(); - }); - - it('Open one alert when more than one closed alerts are selected', () => { - waitForAlertsToPopulate(); - - cy.get(ALERTS_COUNT) - .invoke('text') - .then((numberOfOpenedAlertsText) => { - const numberOfOpenedAlerts = parseInt(numberOfOpenedAlertsText, 10); - goToClosedAlerts(); - cy.get(ALERTS_COUNT) - .invoke('text') - .then((numberOfAlerts) => { - const numberOfAlertsToBeOpened = 1; - const numberOfAlertsToBeSelected = 3; - - cy.get(TAKE_ACTION_POPOVER_BTN).should('have.attr', 'disabled'); - selectNumberOfAlerts(numberOfAlertsToBeSelected); - cy.get(SELECTED_ALERTS).should( - 'have.text', - `Selected ${numberOfAlertsToBeSelected} alerts` - ); - - cy.get(TAKE_ACTION_POPOVER_BTN).should('not.have.attr', 'disabled'); - - openFirstAlert(); - waitForAlerts(); - - const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeOpened; - cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlerts.toString()); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${expectedNumberOfAlerts.toString()} alerts` - ); - - goToOpenedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).should( - 'have.text', - (numberOfOpenedAlerts + numberOfAlertsToBeOpened).toString() - ); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${(numberOfOpenedAlerts + numberOfAlertsToBeOpened).toString()} alerts` - ); - }); - }); - }); - }); - - context('Marking alerts as in-progress', () => { - beforeEach(() => { - cleanKibana(); - loginAndWaitForPage(DETECTIONS_URL); - waitForAlertsPanelToBeLoaded(); - waitForAlertsIndexToBeCreated(); - createCustomRuleActivated(newRule); - refreshPage(); - waitForAlertsToPopulate(); - }); - - it('Mark one alert in progress when more than one open alerts are selected', () => { - cy.get(ALERTS_COUNT) - .invoke('text') - .then((numberOfAlerts) => { - const numberOfAlertsToBeMarkedInProgress = 1; - const numberOfAlertsToBeSelected = 3; - - cy.get(TAKE_ACTION_POPOVER_BTN).should('have.attr', 'disabled'); - selectNumberOfAlerts(numberOfAlertsToBeSelected); - cy.get(TAKE_ACTION_POPOVER_BTN).should('not.have.attr', 'disabled'); - - markInProgressFirstAlert(); - waitForAlertsToBeLoaded(); - - const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeMarkedInProgress; - cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlerts.toString()); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${expectedNumberOfAlerts.toString()} alerts` - ); - - goToInProgressAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).should('have.text', numberOfAlertsToBeMarkedInProgress.toString()); - cy.get(SHOWING_ALERTS).should( - 'have.text', - `Showing ${numberOfAlertsToBeMarkedInProgress.toString()} alert` - ); - cy.get(ALERTS).should('have.length', numberOfAlertsToBeMarkedInProgress); - }); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_exceptions.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_exceptions.spec.ts deleted file mode 100644 index 44519adc25552..0000000000000 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_exceptions.spec.ts +++ /dev/null @@ -1,136 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { exception } from '../objects/exception'; -import { newRule } from '../objects/rule'; - -import { ALERTS_COUNT, NUMBER_OF_ALERTS } from '../screens/alerts'; -import { RULE_STATUS } from '../screens/create_new_rule'; - -import { - addExceptionFromFirstAlert, - goToClosedAlerts, - goToManageAlertsDetectionRules, - goToOpenedAlerts, - waitForAlertsIndexToBeCreated, -} from '../tasks/alerts'; -import { createCustomRule } from '../tasks/api_calls/rules'; -import { goToRuleDetails } from '../tasks/alerts_detection_rules'; -import { waitForAlertsToPopulate } from '../tasks/create_new_rule'; -import { esArchiverLoad, esArchiverUnload } from '../tasks/es_archiver'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; -import { - activatesRule, - addsException, - addsExceptionFromRuleSettings, - goToAlertsTab, - goToExceptionsTab, - removeException, - waitForTheRuleToBeExecuted, -} from '../tasks/rule_details'; -import { refreshPage } from '../tasks/security_header'; - -import { DETECTIONS_URL } from '../urls/navigation'; -import { cleanKibana } from '../tasks/common'; - -describe('Exceptions', () => { - const NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS = '1'; - beforeEach(() => { - cleanKibana(); - loginAndWaitForPageWithoutDateRange(DETECTIONS_URL); - waitForAlertsIndexToBeCreated(); - createCustomRule(newRule); - goToManageAlertsDetectionRules(); - goToRuleDetails(); - - cy.get(RULE_STATUS).should('have.text', '—'); - - esArchiverLoad('auditbeat_for_exceptions'); - activatesRule(); - waitForTheRuleToBeExecuted(); - waitForAlertsToPopulate(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); - }); - - afterEach(() => { - esArchiverUnload('auditbeat_for_exceptions'); - esArchiverUnload('auditbeat_for_exceptions2'); - }); - - context('From rule', () => { - it('Creates an exception and deletes it', () => { - goToExceptionsTab(); - addsExceptionFromRuleSettings(exception); - esArchiverLoad('auditbeat_for_exceptions2'); - waitForTheRuleToBeExecuted(); - goToAlertsTab(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); - - goToClosedAlerts(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); - - goToOpenedAlerts(); - waitForTheRuleToBeExecuted(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); - - goToExceptionsTab(); - removeException(); - refreshPage(); - goToAlertsTab(); - waitForTheRuleToBeExecuted(); - waitForAlertsToPopulate(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); - }); - }); - - context('From alert', () => { - it('Creates an exception and deletes it', () => { - addExceptionFromFirstAlert(); - addsException(exception); - esArchiverLoad('auditbeat_for_exceptions2'); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); - - goToClosedAlerts(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); - - goToOpenedAlerts(); - waitForTheRuleToBeExecuted(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); - - goToExceptionsTab(); - removeException(); - goToAlertsTab(); - waitForTheRuleToBeExecuted(); - waitForAlertsToPopulate(); - refreshPage(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_attach_to_case.spec.ts b/x-pack/plugins/security_solution/cypress/integration/cases/attach_timeline.spec.ts similarity index 83% rename from x-pack/plugins/security_solution/cypress/integration/timeline_attach_to_case.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/cases/attach_timeline.spec.ts index 745fa9085698f..b6d9ceea6628f 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_attach_to_case.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/cases/attach_timeline.spec.ts @@ -4,19 +4,19 @@ * you may not use this file except in compliance with the Elastic License. */ -import { loginAndWaitForTimeline } from '../tasks/login'; +import { loginAndWaitForTimeline } from '../../tasks/login'; import { attachTimelineToNewCase, attachTimelineToExistingCase, addNewCase, selectCase, -} from '../tasks/timeline'; -import { DESCRIPTION_INPUT, ADD_COMMENT_INPUT } from '../screens/create_new_case'; -import { case1 } from '../objects/case'; -import { timeline } from '../objects/timeline'; -import { createTimeline } from '../tasks/api_calls/timelines'; -import { cleanKibana } from '../tasks/common'; -import { createCase } from '../tasks/api_calls/cases'; +} from '../../tasks/timeline'; +import { DESCRIPTION_INPUT, ADD_COMMENT_INPUT } from '../../screens/create_new_case'; +import { case1 } from '../../objects/case'; +import { timeline } from '../../objects/timeline'; +import { createTimeline } from '../../tasks/api_calls/timelines'; +import { cleanKibana } from '../../tasks/common'; +import { createCase } from '../../tasks/api_calls/cases'; describe('attach timeline to case', () => { context('without cases created', () => { diff --git a/x-pack/plugins/security_solution/cypress/integration/cases_connector_options.spec.ts b/x-pack/plugins/security_solution/cypress/integration/cases/connector_options.spec.ts similarity index 84% rename from x-pack/plugins/security_solution/cypress/integration/cases_connector_options.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/cases/connector_options.spec.ts index e8fd69864cb3e..0d99589fb6f1a 100644 --- a/x-pack/plugins/security_solution/cypress/integration/cases_connector_options.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/cases/connector_options.spec.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; import { case1, connectorIds, @@ -13,18 +13,18 @@ import { ibmResilientConnectorOptions, jiraConnectorOptions, serviceNowConnectorOpions, -} from '../objects/case'; +} from '../../objects/case'; import { createCase, fillCasesMandatoryfields, fillIbmResilientConnectorOptions, fillJiraConnectorOptions, fillServiceNowConnectorOptions, -} from '../tasks/create_new_case'; -import { goToCreateNewCase } from '../tasks/all_cases'; -import { CASES_URL } from '../urls/navigation'; -import { CONNECTOR_CARD_DETAILS, CONNECTOR_TITLE } from '../screens/case_details'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/create_new_case'; +import { goToCreateNewCase } from '../../tasks/all_cases'; +import { CASES_URL } from '../../urls/navigation'; +import { CONNECTOR_CARD_DETAILS, CONNECTOR_TITLE } from '../../screens/case_details'; +import { cleanKibana } from '../../tasks/common'; describe('Cases connector incident fields', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/cases_connectors.spec.ts b/x-pack/plugins/security_solution/cypress/integration/cases/connectors.spec.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/integration/cases_connectors.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/cases/connectors.spec.ts index 1e7ee1788fd1c..9ed5e0f64cca4 100644 --- a/x-pack/plugins/security_solution/cypress/integration/cases_connectors.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/cases/connectors.spec.ts @@ -3,20 +3,20 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { serviceNowConnector } from '../objects/case'; +import { serviceNowConnector } from '../../objects/case'; -import { SERVICE_NOW_MAPPING, TOASTER } from '../screens/configure_cases'; +import { SERVICE_NOW_MAPPING, TOASTER } from '../../screens/configure_cases'; -import { goToEditExternalConnection } from '../tasks/all_cases'; -import { cleanKibana } from '../tasks/common'; +import { goToEditExternalConnection } from '../../tasks/all_cases'; +import { cleanKibana } from '../../tasks/common'; import { addServiceNowConnector, openAddNewConnectorOption, selectLastConnectorCreated, -} from '../tasks/configure_cases'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/configure_cases'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { CASES_URL } from '../urls/navigation'; +import { CASES_URL } from '../../urls/navigation'; describe('Cases connectors', () => { const configureResult = { diff --git a/x-pack/plugins/security_solution/cypress/integration/cases.spec.ts b/x-pack/plugins/security_solution/cypress/integration/cases/creation.spec.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/integration/cases.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/cases/creation.spec.ts index 9fa9d83ec85ea..a71f8d852fa20 100644 --- a/x-pack/plugins/security_solution/cypress/integration/cases.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/cases/creation.spec.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { case1 } from '../objects/case'; +import { case1 } from '../../objects/case'; import { ALL_CASES_CLOSE_ACTION, @@ -22,7 +22,7 @@ import { ALL_CASES_SERVICE_NOW_INCIDENT, ALL_CASES_TAGS, ALL_CASES_TAGS_COUNT, -} from '../screens/all_cases'; +} from '../../screens/all_cases'; import { CASE_DETAILS_DESCRIPTION, CASE_DETAILS_PAGE_TITLE, @@ -34,22 +34,22 @@ import { CASE_DETAILS_USERNAMES, PARTICIPANTS, REPORTER, -} from '../screens/case_details'; -import { TIMELINE_DESCRIPTION, TIMELINE_QUERY, TIMELINE_TITLE } from '../screens/timeline'; +} from '../../screens/case_details'; +import { TIMELINE_DESCRIPTION, TIMELINE_QUERY, TIMELINE_TITLE } from '../../screens/timeline'; -import { goToCaseDetails, goToCreateNewCase } from '../tasks/all_cases'; -import { createTimeline } from '../tasks/api_calls/timelines'; -import { openCaseTimeline } from '../tasks/case_details'; -import { cleanKibana } from '../tasks/common'; +import { goToCaseDetails, goToCreateNewCase } from '../../tasks/all_cases'; +import { createTimeline } from '../../tasks/api_calls/timelines'; +import { openCaseTimeline } from '../../tasks/case_details'; +import { cleanKibana } from '../../tasks/common'; import { attachTimeline, backToCases, createCase, fillCasesMandatoryfields, -} from '../tasks/create_new_case'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/create_new_case'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { CASES_URL } from '../urls/navigation'; +import { CASES_URL } from '../../urls/navigation'; describe('Cases', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/sourcerer.spec.ts b/x-pack/plugins/security_solution/cypress/integration/data_sources/sourcerer.spec.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/integration/sourcerer.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/data_sources/sourcerer.spec.ts index 91695e3f53fbb..8b5871a6a67db 100644 --- a/x-pack/plugins/security_solution/cypress/integration/sourcerer.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/data_sources/sourcerer.spec.ts @@ -4,10 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -import { loginAndWaitForPage } from '../tasks/login'; +import { loginAndWaitForPage } from '../../tasks/login'; -import { HOSTS_URL } from '../urls/navigation'; -import { waitForAllHostsToBeLoaded } from '../tasks/hosts/all_hosts'; +import { HOSTS_URL } from '../../urls/navigation'; +import { waitForAllHostsToBeLoaded } from '../../tasks/hosts/all_hosts'; import { clickOutOfSourcererTimeline, clickTimelineRadio, @@ -22,11 +22,11 @@ import { resetSourcerer, setSourcererOption, unsetSourcererOption, -} from '../tasks/sourcerer'; -import { openTimelineUsingToggle } from '../tasks/security_main'; -import { populateTimeline } from '../tasks/timeline'; -import { SERVER_SIDE_EVENT_COUNT } from '../screens/timeline'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/sourcerer'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; +import { populateTimeline } from '../../tasks/timeline'; +import { SERVER_SIDE_EVENT_COUNT } from '../../screens/timeline'; +import { cleanKibana } from '../../tasks/common'; describe('Sourcerer', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_callouts_readonly.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/alerts_detection_callouts_readonly.spec.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_callouts_readonly.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_alerts/alerts_detection_callouts_readonly.spec.ts index 5e501d2d51627..c88697502ed08 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_callouts_readonly.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/alerts_detection_callouts_readonly.spec.ts @@ -4,21 +4,21 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ROLES } from '../../common/test'; -import { DETECTIONS_RULE_MANAGEMENT_URL, DETECTIONS_URL } from '../urls/navigation'; -import { newRule } from '../objects/rule'; -import { PAGE_TITLE } from '../screens/common/page'; +import { ROLES } from '../../../common/test'; +import { DETECTIONS_RULE_MANAGEMENT_URL, DETECTIONS_URL } from '../../urls/navigation'; +import { newRule } from '../../objects/rule'; +import { PAGE_TITLE } from '../../screens/common/page'; import { login, loginAndWaitForPageWithoutDateRange, waitForPageWithoutDateRange, -} from '../tasks/login'; -import { waitForAlertsIndexToBeCreated } from '../tasks/alerts'; -import { goToRuleDetails } from '../tasks/alerts_detection_rules'; -import { createCustomRule, deleteCustomRule } from '../tasks/api_calls/rules'; -import { getCallOut, waitForCallOutToBeShown, dismissCallOut } from '../tasks/common/callouts'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/login'; +import { waitForAlertsIndexToBeCreated } from '../../tasks/alerts'; +import { goToRuleDetails } from '../../tasks/alerts_detection_rules'; +import { createCustomRule, deleteCustomRule } from '../../tasks/api_calls/rules'; +import { getCallOut, waitForCallOutToBeShown, dismissCallOut } from '../../tasks/common/callouts'; +import { cleanKibana } from '../../tasks/common'; const loadPageAsReadOnlyUser = (url: string) => { waitForPageWithoutDateRange(url, ROLES.reader); diff --git a/x-pack/plugins/security_solution/cypress/integration/detection_alerts/closing.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/closing.spec.ts new file mode 100644 index 0000000000000..3c0ffafac7267 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/closing.spec.ts @@ -0,0 +1,142 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { newRule } from '../../objects/rule'; +import { + ALERTS, + ALERTS_COUNT, + SELECTED_ALERTS, + SHOWING_ALERTS, + TAKE_ACTION_POPOVER_BTN, +} from '../../screens/alerts'; + +import { + closeFirstAlert, + closeAlerts, + goToClosedAlerts, + goToOpenedAlerts, + openAlerts, + selectNumberOfAlerts, + waitForAlertsPanelToBeLoaded, + waitForAlerts, + waitForAlertsIndexToBeCreated, +} from '../../tasks/alerts'; +import { createCustomRuleActivated } from '../../tasks/api_calls/rules'; +import { cleanKibana } from '../../tasks/common'; +import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { refreshPage } from '../../tasks/security_header'; + +import { DETECTIONS_URL } from '../../urls/navigation'; + +describe('Closing alerts', () => { + beforeEach(() => { + cleanKibana(); + loginAndWaitForPage(DETECTIONS_URL); + waitForAlertsPanelToBeLoaded(); + waitForAlertsIndexToBeCreated(); + createCustomRuleActivated(newRule); + refreshPage(); + waitForAlertsToPopulate(); + }); + + it('Closes and opens alerts', () => { + const numberOfAlertsToBeClosed = 3; + cy.get(ALERTS_COUNT) + .invoke('text') + .then((numberOfAlerts) => { + cy.get(SHOWING_ALERTS).should('have.text', `Showing ${numberOfAlerts} alerts`); + + selectNumberOfAlerts(numberOfAlertsToBeClosed); + + cy.get(SELECTED_ALERTS).should('have.text', `Selected ${numberOfAlertsToBeClosed} alerts`); + + closeAlerts(); + waitForAlerts(); + + const expectedNumberOfAlertsAfterClosing = +numberOfAlerts - numberOfAlertsToBeClosed; + cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlertsAfterClosing.toString()); + + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${expectedNumberOfAlertsAfterClosing.toString()} alerts` + ); + + goToClosedAlerts(); + waitForAlerts(); + + cy.get(ALERTS_COUNT).should('have.text', numberOfAlertsToBeClosed.toString()); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${numberOfAlertsToBeClosed.toString()} alerts` + ); + cy.get(ALERTS).should('have.length', numberOfAlertsToBeClosed); + + const numberOfAlertsToBeOpened = 1; + selectNumberOfAlerts(numberOfAlertsToBeOpened); + + cy.get(SELECTED_ALERTS).should('have.text', `Selected ${numberOfAlertsToBeOpened} alert`); + + openAlerts(); + waitForAlerts(); + + const expectedNumberOfClosedAlertsAfterOpened = 2; + cy.get(ALERTS_COUNT).should( + 'have.text', + expectedNumberOfClosedAlertsAfterOpened.toString() + ); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${expectedNumberOfClosedAlertsAfterOpened.toString()} alerts` + ); + cy.get(ALERTS).should('have.length', expectedNumberOfClosedAlertsAfterOpened); + + goToOpenedAlerts(); + waitForAlerts(); + + const expectedNumberOfOpenedAlerts = + +numberOfAlerts - expectedNumberOfClosedAlertsAfterOpened; + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${expectedNumberOfOpenedAlerts.toString()} alerts` + ); + + cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfOpenedAlerts.toString()); + }); + }); + + it('Closes one alert when more than one opened alerts are selected', () => { + cy.get(ALERTS_COUNT) + .invoke('text') + .then((numberOfAlerts) => { + const numberOfAlertsToBeClosed = 1; + const numberOfAlertsToBeSelected = 3; + + cy.get(TAKE_ACTION_POPOVER_BTN).should('have.attr', 'disabled'); + selectNumberOfAlerts(numberOfAlertsToBeSelected); + cy.get(TAKE_ACTION_POPOVER_BTN).should('not.have.attr', 'disabled'); + + closeFirstAlert(); + waitForAlerts(); + + const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeClosed; + cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlerts.toString()); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${expectedNumberOfAlerts.toString()} alerts` + ); + + goToClosedAlerts(); + waitForAlerts(); + + cy.get(ALERTS_COUNT).should('have.text', numberOfAlertsToBeClosed.toString()); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${numberOfAlertsToBeClosed.toString()} alert` + ); + cy.get(ALERTS).should('have.length', numberOfAlertsToBeClosed); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/detection_alerts/in_progress.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/in_progress.spec.ts new file mode 100644 index 0000000000000..b5532a934aeb1 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/in_progress.spec.ts @@ -0,0 +1,74 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { newRule } from '../../objects/rule'; +import { + ALERTS, + ALERTS_COUNT, + SHOWING_ALERTS, + TAKE_ACTION_POPOVER_BTN, +} from '../../screens/alerts'; + +import { + selectNumberOfAlerts, + waitForAlertsPanelToBeLoaded, + waitForAlerts, + waitForAlertsToBeLoaded, + markInProgressFirstAlert, + goToInProgressAlerts, + waitForAlertsIndexToBeCreated, +} from '../../tasks/alerts'; +import { createCustomRuleActivated } from '../../tasks/api_calls/rules'; +import { cleanKibana } from '../../tasks/common'; +import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { refreshPage } from '../../tasks/security_header'; + +import { DETECTIONS_URL } from '../../urls/navigation'; + +describe('Marking alerts as in-progress', () => { + beforeEach(() => { + cleanKibana(); + loginAndWaitForPage(DETECTIONS_URL); + waitForAlertsPanelToBeLoaded(); + waitForAlertsIndexToBeCreated(); + createCustomRuleActivated(newRule); + refreshPage(); + waitForAlertsToPopulate(); + }); + + it('Mark one alert in progress when more than one open alerts are selected', () => { + cy.get(ALERTS_COUNT) + .invoke('text') + .then((numberOfAlerts) => { + const numberOfAlertsToBeMarkedInProgress = 1; + const numberOfAlertsToBeSelected = 3; + + cy.get(TAKE_ACTION_POPOVER_BTN).should('have.attr', 'disabled'); + selectNumberOfAlerts(numberOfAlertsToBeSelected); + cy.get(TAKE_ACTION_POPOVER_BTN).should('not.have.attr', 'disabled'); + + markInProgressFirstAlert(); + waitForAlertsToBeLoaded(); + + const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeMarkedInProgress; + cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlerts.toString()); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${expectedNumberOfAlerts.toString()} alerts` + ); + + goToInProgressAlerts(); + waitForAlerts(); + + cy.get(ALERTS_COUNT).should('have.text', numberOfAlertsToBeMarkedInProgress.toString()); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${numberOfAlertsToBeMarkedInProgress.toString()} alert` + ); + cy.get(ALERTS).should('have.length', numberOfAlertsToBeMarkedInProgress); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_timeline.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/investigate_in_timeline.spec.ts similarity index 66% rename from x-pack/plugins/security_solution/cypress/integration/alerts_timeline.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_alerts/investigate_in_timeline.spec.ts index e42410f7fb38d..ed166881bbea6 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_timeline.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/investigate_in_timeline.spec.ts @@ -4,21 +4,21 @@ * you may not use this file except in compliance with the Elastic License. */ -import { newRule } from '../objects/rule'; -import { PROVIDER_BADGE } from '../screens/timeline'; +import { newRule } from '../../objects/rule'; +import { PROVIDER_BADGE } from '../../screens/timeline'; import { investigateFirstAlertInTimeline, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; -import { createCustomRuleActivated } from '../tasks/api_calls/rules'; -import { cleanKibana } from '../tasks/common'; -import { waitForAlertsToPopulate } from '../tasks/create_new_rule'; -import { loginAndWaitForPage } from '../tasks/login'; -import { refreshPage } from '../tasks/security_header'; +} from '../../tasks/alerts'; +import { createCustomRuleActivated } from '../../tasks/api_calls/rules'; +import { cleanKibana } from '../../tasks/common'; +import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { refreshPage } from '../../tasks/security_header'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Alerts timeline', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/detection_alerts/opening.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/opening.spec.ts new file mode 100644 index 0000000000000..4df6d15dd3f55 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/detection_alerts/opening.spec.ts @@ -0,0 +1,97 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { newRule } from '../../objects/rule'; +import { + ALERTS_COUNT, + SELECTED_ALERTS, + SHOWING_ALERTS, + TAKE_ACTION_POPOVER_BTN, +} from '../../screens/alerts'; + +import { + closeAlerts, + goToClosedAlerts, + goToOpenedAlerts, + openFirstAlert, + selectNumberOfAlerts, + waitForAlertsPanelToBeLoaded, + waitForAlerts, + waitForAlertsIndexToBeCreated, +} from '../../tasks/alerts'; +import { createCustomRuleActivated } from '../../tasks/api_calls/rules'; +import { cleanKibana } from '../../tasks/common'; +import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { refreshPage } from '../../tasks/security_header'; + +import { DETECTIONS_URL } from '../../urls/navigation'; + +describe('Opening alerts', () => { + beforeEach(() => { + cleanKibana(); + loginAndWaitForPage(DETECTIONS_URL); + waitForAlertsPanelToBeLoaded(); + waitForAlertsIndexToBeCreated(); + createCustomRuleActivated(newRule); + refreshPage(); + waitForAlertsToPopulate(); + selectNumberOfAlerts(5); + + cy.get(SELECTED_ALERTS).should('have.text', `Selected 5 alerts`); + + closeAlerts(); + waitForAlerts(); + refreshPage(); + }); + + it('Open one alert when more than one closed alerts are selected', () => { + waitForAlertsToPopulate(); + + cy.get(ALERTS_COUNT) + .invoke('text') + .then((numberOfOpenedAlertsText) => { + const numberOfOpenedAlerts = parseInt(numberOfOpenedAlertsText, 10); + goToClosedAlerts(); + cy.get(ALERTS_COUNT) + .invoke('text') + .then((numberOfAlerts) => { + const numberOfAlertsToBeOpened = 1; + const numberOfAlertsToBeSelected = 3; + + cy.get(TAKE_ACTION_POPOVER_BTN).should('have.attr', 'disabled'); + selectNumberOfAlerts(numberOfAlertsToBeSelected); + cy.get(SELECTED_ALERTS).should( + 'have.text', + `Selected ${numberOfAlertsToBeSelected} alerts` + ); + + cy.get(TAKE_ACTION_POPOVER_BTN).should('not.have.attr', 'disabled'); + + openFirstAlert(); + waitForAlerts(); + + const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeOpened; + cy.get(ALERTS_COUNT).should('have.text', expectedNumberOfAlerts.toString()); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${expectedNumberOfAlerts.toString()} alerts` + ); + + goToOpenedAlerts(); + waitForAlerts(); + + cy.get(ALERTS_COUNT).should( + 'have.text', + (numberOfOpenedAlerts + numberOfAlertsToBeOpened).toString() + ); + cy.get(SHOWING_ALERTS).should( + 'have.text', + `Showing ${(numberOfOpenedAlerts + numberOfAlertsToBeOpened).toString()} alerts` + ); + }); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/custom_query_rule.spec.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/custom_query_rule.spec.ts index 9ae29efc80b51..647d5cc9d5733 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/custom_query_rule.spec.ts @@ -4,8 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { formatMitreAttackDescription } from '../helpers/rules'; -import { newRule, existingRule, indexPatterns, editedRule, newOverrideRule } from '../objects/rule'; +import { formatMitreAttackDescription } from '../../helpers/rules'; +import { + newRule, + existingRule, + indexPatterns, + editedRule, + newOverrideRule, +} from '../../objects/rule'; import { ALERT_RULE_METHOD, ALERT_RULE_NAME, @@ -13,7 +19,7 @@ import { ALERT_RULE_SEVERITY, ALERT_RULE_VERSION, NUMBER_OF_ALERTS, -} from '../screens/alerts'; +} from '../../screens/alerts'; import { CUSTOM_RULES_BTN, @@ -24,7 +30,7 @@ import { RULE_SWITCH, SEVERITY, SHOWING_RULES_TEXT, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { ABOUT_CONTINUE_BTN, ABOUT_EDIT_BUTTON, @@ -41,7 +47,7 @@ import { SEVERITY_DROPDOWN, TAGS_CLEAR_BUTTON, TAGS_FIELD, -} from '../screens/create_new_rule'; +} from '../../screens/create_new_rule'; import { ADDITIONAL_LOOK_BACK_DETAILS, ABOUT_DETAILS, @@ -65,13 +71,13 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../screens/rule_details'; +} from '../../screens/rule_details'; import { goToManageAlertsDetectionRules, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { changeToThreeHundredRowsPerPage, deleteFirstRule, @@ -83,10 +89,10 @@ import { selectNumberOfRules, waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForRulesToBeLoaded, -} from '../tasks/alerts_detection_rules'; -import { createCustomRuleActivated } from '../tasks/api_calls/rules'; -import { createTimeline } from '../tasks/api_calls/timelines'; -import { cleanKibana, reload } from '../tasks/common'; +} from '../../tasks/alerts_detection_rules'; +import { createCustomRuleActivated } from '../../tasks/api_calls/rules'; +import { createTimeline } from '../../tasks/api_calls/timelines'; +import { cleanKibana, reload } from '../../tasks/common'; import { createAndActivateRule, fillAboutRule, @@ -98,11 +104,11 @@ import { goToScheduleStepTab, waitForAlertsToPopulate, waitForTheRuleToBeExecuted, -} from '../tasks/create_new_rule'; -import { saveEditedRule, waitForKibana } from '../tasks/edit_rule'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/create_new_rule'; +import { saveEditedRule, waitForKibana } from '../../tasks/edit_rule'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Custom detection rules creation', () => { const expectedUrls = newRule.referenceUrls.join(''); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/event_correlation_rule.spec.ts similarity index 92% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/event_correlation_rule.spec.ts index b4d39385cd411..e26c35ca6fb39 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/event_correlation_rule.spec.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { formatMitreAttackDescription } from '../helpers/rules'; -import { eqlRule, eqlSequenceRule, indexPatterns } from '../objects/rule'; +import { formatMitreAttackDescription } from '../../helpers/rules'; +import { eqlRule, eqlSequenceRule, indexPatterns } from '../../objects/rule'; import { ALERT_RULE_METHOD, @@ -14,7 +14,7 @@ import { ALERT_RULE_SEVERITY, ALERT_RULE_VERSION, NUMBER_OF_ALERTS, -} from '../screens/alerts'; +} from '../../screens/alerts'; import { CUSTOM_RULES_BTN, RISK_SCORE, @@ -23,7 +23,7 @@ import { RULES_TABLE, RULE_SWITCH, SEVERITY, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -47,13 +47,13 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../screens/rule_details'; +} from '../../screens/rule_details'; import { goToManageAlertsDetectionRules, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { changeToThreeHundredRowsPerPage, filterByCustomRules, @@ -61,9 +61,9 @@ import { goToRuleDetails, waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForRulesToBeLoaded, -} from '../tasks/alerts_detection_rules'; -import { createTimeline } from '../tasks/api_calls/timelines'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/alerts_detection_rules'; +import { createTimeline } from '../../tasks/api_calls/timelines'; +import { cleanKibana } from '../../tasks/common'; import { createAndActivateRule, fillAboutRuleAndContinue, @@ -72,10 +72,10 @@ import { selectEqlRuleType, waitForAlertsToPopulate, waitForTheRuleToBeExecuted, -} from '../tasks/create_new_rule'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/create_new_rule'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Detection rules, EQL', () => { const expectedUrls = eqlRule.referenceUrls.join(''); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_export.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/export_rule.spec.ts similarity index 71% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_export.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/export_rule.spec.ts index f33ecd3f49a8c..8e31418d72652 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_export.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/export_rule.spec.ts @@ -4,18 +4,18 @@ * you may not use this file except in compliance with the Elastic License. */ -import { expectedExportedRule, newRule } from '../objects/rule'; +import { expectedExportedRule, newRule } from '../../objects/rule'; import { goToManageAlertsDetectionRules, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; -import { exportFirstRule } from '../tasks/alerts_detection_rules'; -import { createCustomRule } from '../tasks/api_calls/rules'; -import { cleanKibana } from '../tasks/common'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/alerts'; +import { exportFirstRule } from '../../tasks/alerts_detection_rules'; +import { createCustomRule } from '../../tasks/api_calls/rules'; +import { cleanKibana } from '../../tasks/common'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Export rules', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_indicator_match.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/indicator_match_rule.spec.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_indicator_match.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/indicator_match_rule.spec.ts index 1f2793abcbf1f..37123dedfd661 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_indicator_match.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/indicator_match_rule.spec.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { formatMitreAttackDescription } from '../helpers/rules'; -import { newThreatIndicatorRule } from '../objects/rule'; +import { formatMitreAttackDescription } from '../../helpers/rules'; +import { newThreatIndicatorRule } from '../../objects/rule'; import { ALERT_RULE_METHOD, @@ -14,7 +14,7 @@ import { ALERT_RULE_SEVERITY, ALERT_RULE_VERSION, NUMBER_OF_ALERTS, -} from '../screens/alerts'; +} from '../../screens/alerts'; import { CUSTOM_RULES_BTN, RISK_SCORE, @@ -23,7 +23,7 @@ import { RULES_TABLE, RULE_SWITCH, SEVERITY, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -50,13 +50,13 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../screens/rule_details'; +} from '../../screens/rule_details'; import { goToManageAlertsDetectionRules, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { changeToThreeHundredRowsPerPage, filterByCustomRules, @@ -64,8 +64,8 @@ import { goToRuleDetails, waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForRulesToBeLoaded, -} from '../tasks/alerts_detection_rules'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/alerts_detection_rules'; +import { cleanKibana } from '../../tasks/common'; import { createAndActivateRule, fillAboutRuleAndContinue, @@ -74,11 +74,11 @@ import { selectIndicatorMatchType, waitForAlertsToPopulate, waitForTheRuleToBeExecuted, -} from '../tasks/create_new_rule'; -import { esArchiverLoad, esArchiverUnload } from '../tasks/es_archiver'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/create_new_rule'; +import { esArchiverLoad, esArchiverUnload } from '../../tasks/es_archiver'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Detection rules, Indicator Match', () => { const expectedUrls = newThreatIndicatorRule.referenceUrls.join(''); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/machine_learning_rule.spec.ts similarity index 90% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/machine_learning_rule.spec.ts index 1459a4be447a4..065c49fa5736d 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/machine_learning_rule.spec.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { formatMitreAttackDescription } from '../helpers/rules'; -import { machineLearningRule } from '../objects/rule'; +import { formatMitreAttackDescription } from '../../helpers/rules'; +import { machineLearningRule } from '../../objects/rule'; import { CUSTOM_RULES_BTN, @@ -15,7 +15,7 @@ import { RULES_ROW, RULES_TABLE, SEVERITY, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_RULE_DESCRIPTION, @@ -37,13 +37,13 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../screens/rule_details'; +} from '../../screens/rule_details'; import { goToManageAlertsDetectionRules, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { changeToThreeHundredRowsPerPage, filterByCustomRules, @@ -51,18 +51,18 @@ import { goToRuleDetails, waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForRulesToBeLoaded, -} from '../tasks/alerts_detection_rules'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/alerts_detection_rules'; +import { cleanKibana } from '../../tasks/common'; import { createAndActivateRule, fillAboutRuleAndContinue, fillDefineMachineLearningRuleAndContinue, fillScheduleRuleAndContinue, selectMachineLearningRuleType, -} from '../tasks/create_new_rule'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/create_new_rule'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Detection rules, machine learning', () => { const expectedUrls = machineLearningRule.referenceUrls.join(''); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/override.spec.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/override.spec.ts index 9c7074f48cf96..2c54559dea212 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/override.spec.ts @@ -4,8 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { formatMitreAttackDescription } from '../helpers/rules'; -import { indexPatterns, newOverrideRule, severitiesOverride, OverrideRule } from '../objects/rule'; +import { formatMitreAttackDescription } from '../../helpers/rules'; +import { + indexPatterns, + newOverrideRule, + severitiesOverride, + OverrideRule, +} from '../../objects/rule'; import { NUMBER_OF_ALERTS, @@ -14,7 +19,7 @@ import { ALERT_RULE_RISK_SCORE, ALERT_RULE_SEVERITY, ALERT_RULE_VERSION, -} from '../screens/alerts'; +} from '../../screens/alerts'; import { CUSTOM_RULES_BTN, @@ -24,7 +29,7 @@ import { RULES_ROW, RULES_TABLE, SEVERITY, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { ABOUT_INVESTIGATION_NOTES, ABOUT_DETAILS, @@ -53,14 +58,14 @@ import { TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, TIMESTAMP_OVERRIDE_DETAILS, -} from '../screens/rule_details'; +} from '../../screens/rule_details'; import { goToManageAlertsDetectionRules, sortRiskScore, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { changeToThreeHundredRowsPerPage, filterByCustomRules, @@ -68,9 +73,9 @@ import { goToRuleDetails, waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForRulesToBeLoaded, -} from '../tasks/alerts_detection_rules'; -import { createTimeline } from '../tasks/api_calls/timelines'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/alerts_detection_rules'; +import { createTimeline } from '../../tasks/api_calls/timelines'; +import { cleanKibana } from '../../tasks/common'; import { createAndActivateRule, fillAboutRuleWithOverrideAndContinue, @@ -78,10 +83,10 @@ import { fillScheduleRuleAndContinue, waitForAlertsToPopulate, waitForTheRuleToBeExecuted, -} from '../tasks/create_new_rule'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/create_new_rule'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Detection rules, override', () => { const expectedUrls = newOverrideRule.referenceUrls.join(''); diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_prebuilt.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/prebuilt_rules.spec.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_prebuilt.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/prebuilt_rules.spec.ts index 4d2efc47db483..a001ac99ad69c 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_prebuilt.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/prebuilt_rules.spec.ts @@ -11,13 +11,13 @@ import { RULES_ROW, RULES_TABLE, SHOWING_RULES_TEXT, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { goToManageAlertsDetectionRules, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { changeToThreeHundredRowsPerPage, deleteFirstRule, @@ -29,13 +29,13 @@ import { waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForPrebuiltDetectionRulesToBeLoaded, waitForRulesToBeLoaded, -} from '../tasks/alerts_detection_rules'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/alerts_detection_rules'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; -import { totalNumberOfPrebuiltRules } from '../objects/rule'; -import { cleanKibana } from '../tasks/common'; +import { totalNumberOfPrebuiltRules } from '../../objects/rule'; +import { cleanKibana } from '../../tasks/common'; describe('Alerts rules, prebuilt rules', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/sorting.spec.ts similarity index 88% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/sorting.spec.ts index 8becefffaea28..b354551a40d90 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/sorting.spec.ts @@ -10,13 +10,13 @@ import { SECOND_RULE, RULE_AUTO_REFRESH_IDLE_MODAL, FOURTH_RULE, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { goToManageAlertsDetectionRules, waitForAlertsPanelToBeLoaded, waitForAlertsIndexToBeCreated, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { activateRule, checkAllRulesIdleModal, @@ -26,14 +26,14 @@ import { sortByActivatedRules, waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForRuleToBeActivated, -} from '../tasks/alerts_detection_rules'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; -import { DEFAULT_RULE_REFRESH_INTERVAL_VALUE } from '../../common/constants'; +} from '../../tasks/alerts_detection_rules'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; +import { DEFAULT_RULE_REFRESH_INTERVAL_VALUE } from '../../../common/constants'; -import { DETECTIONS_URL } from '../urls/navigation'; -import { createCustomRule } from '../tasks/api_calls/rules'; -import { cleanKibana } from '../tasks/common'; -import { existingRule, newOverrideRule, newRule, newThresholdRule } from '../objects/rule'; +import { DETECTIONS_URL } from '../../urls/navigation'; +import { createCustomRule } from '../../tasks/api_calls/rules'; +import { cleanKibana } from '../../tasks/common'; +import { existingRule, newOverrideRule, newRule, newThresholdRule } from '../../objects/rule'; describe('Alerts detection rules', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts b/x-pack/plugins/security_solution/cypress/integration/detection_rules/threshold_rule.spec.ts similarity index 90% rename from x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/detection_rules/threshold_rule.spec.ts index c4b925a5566f0..4216dcff928e8 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/detection_rules/threshold_rule.spec.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { formatMitreAttackDescription } from '../helpers/rules'; -import { indexPatterns, newThresholdRule } from '../objects/rule'; +import { formatMitreAttackDescription } from '../../helpers/rules'; +import { indexPatterns, newThresholdRule } from '../../objects/rule'; import { ALERT_RULE_METHOD, @@ -14,7 +14,7 @@ import { ALERT_RULE_SEVERITY, ALERT_RULE_VERSION, NUMBER_OF_ALERTS, -} from '../screens/alerts'; +} from '../../screens/alerts'; import { CUSTOM_RULES_BTN, @@ -24,7 +24,7 @@ import { RULES_ROW, RULES_TABLE, SEVERITY, -} from '../screens/alerts_detection_rules'; +} from '../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -49,13 +49,13 @@ import { TAGS_DETAILS, THRESHOLD_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../screens/rule_details'; +} from '../../screens/rule_details'; import { goToManageAlertsDetectionRules, waitForAlertsIndexToBeCreated, waitForAlertsPanelToBeLoaded, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { changeToThreeHundredRowsPerPage, filterByCustomRules, @@ -63,9 +63,9 @@ import { goToRuleDetails, waitForLoadElasticPrebuiltDetectionRulesTableToBeLoaded, waitForRulesToBeLoaded, -} from '../tasks/alerts_detection_rules'; -import { createTimeline } from '../tasks/api_calls/timelines'; -import { cleanKibana } from '../tasks/common'; +} from '../../tasks/alerts_detection_rules'; +import { createTimeline } from '../../tasks/api_calls/timelines'; +import { cleanKibana } from '../../tasks/common'; import { createAndActivateRule, fillAboutRuleAndContinue, @@ -74,10 +74,10 @@ import { selectThresholdRuleType, waitForAlertsToPopulate, waitForTheRuleToBeExecuted, -} from '../tasks/create_new_rule'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +} from '../../tasks/create_new_rule'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { DETECTIONS_URL } from '../../urls/navigation'; describe('Detection rules, threshold', () => { const expectedUrls = newThresholdRule.referenceUrls.join(''); diff --git a/x-pack/plugins/security_solution/cypress/integration/exceptions/from_alert.spec.ts b/x-pack/plugins/security_solution/cypress/integration/exceptions/from_alert.spec.ts new file mode 100644 index 0000000000000..c313e42d02f08 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/exceptions/from_alert.spec.ts @@ -0,0 +1,96 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { exception } from '../../objects/exception'; +import { newRule } from '../../objects/rule'; + +import { ALERTS_COUNT, NUMBER_OF_ALERTS } from '../../screens/alerts'; +import { RULE_STATUS } from '../../screens/create_new_rule'; + +import { + addExceptionFromFirstAlert, + goToClosedAlerts, + goToManageAlertsDetectionRules, + goToOpenedAlerts, + waitForAlertsIndexToBeCreated, +} from '../../tasks/alerts'; +import { createCustomRule } from '../../tasks/api_calls/rules'; +import { goToRuleDetails } from '../../tasks/alerts_detection_rules'; +import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; +import { esArchiverLoad, esArchiverUnload } from '../../tasks/es_archiver'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; +import { + activatesRule, + addsException, + goToAlertsTab, + goToExceptionsTab, + removeException, + waitForTheRuleToBeExecuted, +} from '../../tasks/rule_details'; +import { refreshPage } from '../../tasks/security_header'; + +import { DETECTIONS_URL } from '../../urls/navigation'; +import { cleanKibana } from '../../tasks/common'; + +describe('From alert', () => { + const NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS = '1'; + + beforeEach(() => { + cleanKibana(); + loginAndWaitForPageWithoutDateRange(DETECTIONS_URL); + waitForAlertsIndexToBeCreated(); + createCustomRule(newRule); + goToManageAlertsDetectionRules(); + goToRuleDetails(); + + cy.get(RULE_STATUS).should('have.text', '—'); + + esArchiverLoad('auditbeat_for_exceptions'); + activatesRule(); + waitForTheRuleToBeExecuted(); + waitForAlertsToPopulate(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); + }); + + afterEach(() => { + esArchiverUnload('auditbeat_for_exceptions'); + esArchiverUnload('auditbeat_for_exceptions2'); + }); + + it('Creates an exception and deletes it', () => { + addExceptionFromFirstAlert(); + addsException(exception); + esArchiverLoad('auditbeat_for_exceptions2'); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); + + goToClosedAlerts(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); + + goToOpenedAlerts(); + waitForTheRuleToBeExecuted(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); + + goToExceptionsTab(); + removeException(); + goToAlertsTab(); + waitForTheRuleToBeExecuted(); + waitForAlertsToPopulate(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/exceptions/from_rule.spec.ts b/x-pack/plugins/security_solution/cypress/integration/exceptions/from_rule.spec.ts new file mode 100644 index 0000000000000..f7f56961a4309 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/exceptions/from_rule.spec.ts @@ -0,0 +1,98 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { exception } from '../../objects/exception'; +import { newRule } from '../../objects/rule'; + +import { ALERTS_COUNT, NUMBER_OF_ALERTS } from '../../screens/alerts'; +import { RULE_STATUS } from '../../screens/create_new_rule'; + +import { + goToClosedAlerts, + goToManageAlertsDetectionRules, + goToOpenedAlerts, + waitForAlertsIndexToBeCreated, +} from '../../tasks/alerts'; +import { createCustomRule } from '../../tasks/api_calls/rules'; +import { goToRuleDetails } from '../../tasks/alerts_detection_rules'; +import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; +import { esArchiverLoad, esArchiverUnload } from '../../tasks/es_archiver'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; +import { + activatesRule, + addsExceptionFromRuleSettings, + goToAlertsTab, + goToExceptionsTab, + removeException, + waitForTheRuleToBeExecuted, +} from '../../tasks/rule_details'; +import { refreshPage } from '../../tasks/security_header'; + +import { DETECTIONS_URL } from '../../urls/navigation'; +import { cleanKibana } from '../../tasks/common'; + +describe('From rule', () => { + const NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS = '1'; + beforeEach(() => { + cleanKibana(); + loginAndWaitForPageWithoutDateRange(DETECTIONS_URL); + waitForAlertsIndexToBeCreated(); + createCustomRule(newRule); + goToManageAlertsDetectionRules(); + goToRuleDetails(); + + cy.get(RULE_STATUS).should('have.text', '—'); + + esArchiverLoad('auditbeat_for_exceptions'); + activatesRule(); + waitForTheRuleToBeExecuted(); + waitForAlertsToPopulate(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); + }); + + afterEach(() => { + esArchiverUnload('auditbeat_for_exceptions'); + esArchiverUnload('auditbeat_for_exceptions2'); + }); + + it('Creates an exception and deletes it', () => { + goToExceptionsTab(); + addsExceptionFromRuleSettings(exception); + esArchiverLoad('auditbeat_for_exceptions2'); + waitForTheRuleToBeExecuted(); + goToAlertsTab(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); + + goToClosedAlerts(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); + + goToOpenedAlerts(); + waitForTheRuleToBeExecuted(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', '0'); + + goToExceptionsTab(); + removeException(); + refreshPage(); + goToAlertsTab(); + waitForTheRuleToBeExecuted(); + waitForAlertsToPopulate(); + refreshPage(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(NUMBER_OF_ALERTS).should('have.text', NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/navigation.spec.ts b/x-pack/plugins/security_solution/cypress/integration/header/navigation.spec.ts similarity index 88% rename from x-pack/plugins/security_solution/cypress/integration/navigation.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/header/navigation.spec.ts index c8e9af98fe6fd..08df444ba3875 100644 --- a/x-pack/plugins/security_solution/cypress/integration/navigation.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/header/navigation.spec.ts @@ -11,10 +11,10 @@ import { NETWORK, OVERVIEW, TIMELINES, -} from '../screens/security_header'; +} from '../../screens/security_header'; -import { loginAndWaitForPage } from '../tasks/login'; -import { navigateFromHeaderTo } from '../tasks/security_header'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { navigateFromHeaderTo } from '../../tasks/security_header'; import { DETECTIONS_URL, @@ -25,8 +25,11 @@ import { NETWORK_URL, OVERVIEW_URL, TIMELINES_URL, -} from '../urls/navigation'; -import { openKibanaNavigation, navigateFromKibanaCollapsibleTo } from '../tasks/kibana_navigation'; +} from '../../urls/navigation'; +import { + openKibanaNavigation, + navigateFromKibanaCollapsibleTo, +} from '../../tasks/kibana_navigation'; import { CASES_PAGE, DETECTIONS_PAGE, @@ -35,8 +38,8 @@ import { NETWORK_PAGE, OVERVIEW_PAGE, TIMELINES_PAGE, -} from '../screens/kibana_navigation'; -import { cleanKibana } from '../tasks/common'; +} from '../../screens/kibana_navigation'; +import { cleanKibana } from '../../tasks/common'; describe('top-level navigation common to all pages in the Security app', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/search_bar.spec.ts b/x-pack/plugins/security_solution/cypress/integration/header/search_bar.spec.ts similarity index 59% rename from x-pack/plugins/security_solution/cypress/integration/search_bar.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/header/search_bar.spec.ts index 7fcbc10f88b44..b5d7e0ab02fd3 100644 --- a/x-pack/plugins/security_solution/cypress/integration/search_bar.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/header/search_bar.spec.ts @@ -4,14 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { loginAndWaitForPage } from '../tasks/login'; -import { openAddFilterPopover, fillAddFilterForm } from '../tasks/search_bar'; -import { GLOBAL_SEARCH_BAR_FILTER_ITEM } from '../screens/search_bar'; -import { hostIpFilter } from '../objects/filter'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openAddFilterPopover, fillAddFilterForm } from '../../tasks/search_bar'; +import { GLOBAL_SEARCH_BAR_FILTER_ITEM } from '../../screens/search_bar'; +import { hostIpFilter } from '../../objects/filter'; -import { HOSTS_URL } from '../urls/navigation'; -import { waitForAllHostsToBeLoaded } from '../tasks/hosts/all_hosts'; -import { cleanKibana } from '../tasks/common'; +import { HOSTS_URL } from '../../urls/navigation'; +import { waitForAllHostsToBeLoaded } from '../../tasks/hosts/all_hosts'; +import { cleanKibana } from '../../tasks/common'; describe('SearchBar', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/events_viewer.spec.ts b/x-pack/plugins/security_solution/cypress/integration/hosts/events_viewer.spec.ts similarity index 88% rename from x-pack/plugins/security_solution/cypress/integration/events_viewer.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/hosts/events_viewer.spec.ts index 721ce277338f6..9ffb25a115639 100644 --- a/x-pack/plugins/security_solution/cypress/integration/events_viewer.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/hosts/events_viewer.spec.ts @@ -8,18 +8,18 @@ import { FIELDS_BROWSER_CHECKBOX, FIELDS_BROWSER_CONTAINER, FIELDS_BROWSER_SELECTED_CATEGORY_TITLE, -} from '../screens/fields_browser'; +} from '../../screens/fields_browser'; import { HEADER_SUBTITLE, HOST_GEO_CITY_NAME_HEADER, HOST_GEO_COUNTRY_NAME_HEADER, INSPECT_MODAL, -} from '../screens/hosts/events'; -import { HEADERS_GROUP } from '../screens/timeline'; +} from '../../screens/hosts/events'; +import { HEADERS_GROUP } from '../../screens/timeline'; -import { closeFieldsBrowser, filterFieldsBrowser } from '../tasks/fields_browser'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openEvents } from '../tasks/hosts/main'; +import { closeFieldsBrowser, filterFieldsBrowser } from '../../tasks/fields_browser'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openEvents } from '../../tasks/hosts/main'; import { addsHostGeoCityNameToHeader, addsHostGeoCountryNameToHeader, @@ -27,12 +27,12 @@ import { openEventsViewerFieldsBrowser, opensInspectQueryModal, waitsForEventsToBeLoaded, -} from '../tasks/hosts/events'; -import { clearSearchBar, kqlSearch } from '../tasks/security_header'; +} from '../../tasks/hosts/events'; +import { clearSearchBar, kqlSearch } from '../../tasks/security_header'; -import { HOSTS_URL } from '../urls/navigation'; -import { resetFields } from '../tasks/timeline'; -import { cleanKibana } from '../tasks/common'; +import { HOSTS_URL } from '../../urls/navigation'; +import { resetFields } from '../../tasks/timeline'; +import { cleanKibana } from '../../tasks/common'; const defaultHeadersInDefaultEcsCategory = [ { id: '@timestamp' }, diff --git a/x-pack/plugins/security_solution/cypress/integration/hosts/inspect.spec.ts b/x-pack/plugins/security_solution/cypress/integration/hosts/inspect.spec.ts new file mode 100644 index 0000000000000..82c1157099981 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/hosts/inspect.spec.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { INSPECT_HOSTS_BUTTONS_IN_SECURITY, INSPECT_MODAL } from '../../screens/inspect'; +import { cleanKibana } from '../../tasks/common'; + +import { closesModal, openStatsAndTables } from '../../tasks/inspect'; +import { loginAndWaitForPage } from '../../tasks/login'; + +import { HOSTS_URL } from '../../urls/navigation'; + +describe('Inspect', () => { + context('Hosts stats and tables', () => { + before(() => { + cleanKibana(); + loginAndWaitForPage(HOSTS_URL); + }); + afterEach(() => { + closesModal(); + }); + + INSPECT_HOSTS_BUTTONS_IN_SECURITY.forEach((table) => + it(`inspects the ${table.title}`, () => { + openStatsAndTables(table); + cy.get(INSPECT_MODAL).should('be.visible'); + }) + ); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/inspect.spec.ts b/x-pack/plugins/security_solution/cypress/integration/inspect.spec.ts deleted file mode 100644 index 6321be1e26151..0000000000000 --- a/x-pack/plugins/security_solution/cypress/integration/inspect.spec.ts +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { - INSPECT_HOSTS_BUTTONS_IN_SECURITY, - INSPECT_MODAL, - INSPECT_NETWORK_BUTTONS_IN_SECURITY, -} from '../screens/inspect'; -import { cleanKibana } from '../tasks/common'; - -import { closesModal, openStatsAndTables } from '../tasks/inspect'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openTimelineUsingToggle } from '../tasks/security_main'; -import { executeTimelineKQL, openTimelineInspectButton } from '../tasks/timeline'; - -import { HOSTS_URL, NETWORK_URL } from '../urls/navigation'; - -describe('Inspect', () => { - context('Hosts stats and tables', () => { - before(() => { - cleanKibana(); - loginAndWaitForPage(HOSTS_URL); - }); - afterEach(() => { - closesModal(); - }); - - INSPECT_HOSTS_BUTTONS_IN_SECURITY.forEach((table) => - it(`inspects the ${table.title}`, () => { - openStatsAndTables(table); - cy.get(INSPECT_MODAL).should('be.visible'); - }) - ); - }); - - context('Network stats and tables', () => { - before(() => { - cleanKibana(); - loginAndWaitForPage(NETWORK_URL); - }); - afterEach(() => { - closesModal(); - }); - - INSPECT_NETWORK_BUTTONS_IN_SECURITY.forEach((table) => - it(`inspects the ${table.title}`, () => { - openStatsAndTables(table); - cy.get(INSPECT_MODAL).should('be.visible'); - }) - ); - }); - - context('Timeline', () => { - it('inspects the timeline', () => { - const hostExistsQuery = 'host.name: *'; - loginAndWaitForPage(HOSTS_URL); - openTimelineUsingToggle(); - executeTimelineKQL(hostExistsQuery); - openTimelineInspectButton(); - cy.get(INSPECT_MODAL).should('be.visible'); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/integration/ml_conditional_links.spec.ts b/x-pack/plugins/security_solution/cypress/integration/ml/ml_conditional_links.spec.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/integration/ml_conditional_links.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/ml/ml_conditional_links.spec.ts index ecb6212b0a03a..dce3c8201049d 100644 --- a/x-pack/plugins/security_solution/cypress/integration/ml_conditional_links.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/ml/ml_conditional_links.spec.ts @@ -4,10 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -import { KQL_INPUT } from '../screens/security_header'; -import { cleanKibana } from '../tasks/common'; +import { KQL_INPUT } from '../../screens/security_header'; +import { cleanKibana } from '../../tasks/common'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; import { mlHostMultiHostKqlQuery, @@ -23,7 +23,7 @@ import { mlNetworkNullKqlQuery, mlNetworkSingleIpKqlQuery, mlNetworkSingleIpNullKqlQuery, -} from '../urls/ml_conditional_links'; +} from '../../urls/ml_conditional_links'; describe('ml conditional links', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/network/inspect.spec.ts b/x-pack/plugins/security_solution/cypress/integration/network/inspect.spec.ts new file mode 100644 index 0000000000000..58e71fb0af191 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/network/inspect.spec.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { INSPECT_MODAL, INSPECT_NETWORK_BUTTONS_IN_SECURITY } from '../../screens/inspect'; +import { cleanKibana } from '../../tasks/common'; + +import { closesModal, openStatsAndTables } from '../../tasks/inspect'; +import { loginAndWaitForPage } from '../../tasks/login'; + +import { NETWORK_URL } from '../../urls/navigation'; + +describe('Inspect', () => { + context('Network stats and tables', () => { + before(() => { + cleanKibana(); + loginAndWaitForPage(NETWORK_URL); + }); + afterEach(() => { + closesModal(); + }); + + INSPECT_NETWORK_BUTTONS_IN_SECURITY.forEach((table) => + it(`inspects the ${table.title}`, () => { + openStatsAndTables(table); + cy.get(INSPECT_MODAL).should('be.visible'); + }) + ); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/overview.spec.ts b/x-pack/plugins/security_solution/cypress/integration/overview/overview.spec.ts similarity index 75% rename from x-pack/plugins/security_solution/cypress/integration/overview.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/overview/overview.spec.ts index 0b1ee9f84f910..1ac379bf25f67 100644 --- a/x-pack/plugins/security_solution/cypress/integration/overview.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/overview/overview.spec.ts @@ -4,16 +4,16 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HOST_STATS, NETWORK_STATS, OVERVIEW_EMPTY_PAGE } from '../screens/overview'; +import { HOST_STATS, NETWORK_STATS, OVERVIEW_EMPTY_PAGE } from '../../screens/overview'; -import { expandHostStats, expandNetworkStats } from '../tasks/overview'; -import { loginAndWaitForPage } from '../tasks/login'; +import { expandHostStats, expandNetworkStats } from '../../tasks/overview'; +import { loginAndWaitForPage } from '../../tasks/login'; -import { OVERVIEW_URL } from '../urls/navigation'; +import { OVERVIEW_URL } from '../../urls/navigation'; -import overviewFixture from '../fixtures/overview_search_strategy.json'; -import emptyInstance from '../fixtures/empty_instance.json'; -import { cleanKibana } from '../tasks/common'; +import overviewFixture from '../../fixtures/overview_search_strategy.json'; +import emptyInstance from '../../fixtures/empty_instance.json'; +import { cleanKibana } from '../../tasks/common'; describe('Overview Page', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/pagination.spec.ts b/x-pack/plugins/security_solution/cypress/integration/pagination/pagination.spec.ts similarity index 80% rename from x-pack/plugins/security_solution/cypress/integration/pagination.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/pagination/pagination.spec.ts index 2896b2dbc36c6..94dd5083711cb 100644 --- a/x-pack/plugins/security_solution/cypress/integration/pagination.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/pagination/pagination.spec.ts @@ -4,18 +4,21 @@ * you may not use this file except in compliance with the Elastic License. */ -import { PROCESS_NAME_FIELD, UNCOMMON_PROCESSES_TABLE } from '../screens/hosts/uncommon_processes'; -import { FIRST_PAGE_SELECTOR, THIRD_PAGE_SELECTOR } from '../screens/pagination'; -import { cleanKibana } from '../tasks/common'; +import { + PROCESS_NAME_FIELD, + UNCOMMON_PROCESSES_TABLE, +} from '../../screens/hosts/uncommon_processes'; +import { FIRST_PAGE_SELECTOR, THIRD_PAGE_SELECTOR } from '../../screens/pagination'; +import { cleanKibana } from '../../tasks/common'; -import { waitForAuthenticationsToBeLoaded } from '../tasks/hosts/authentications'; -import { openAuthentications, openUncommonProcesses } from '../tasks/hosts/main'; -import { waitForUncommonProcessesToBeLoaded } from '../tasks/hosts/uncommon_processes'; -import { loginAndWaitForPage } from '../tasks/login'; -import { goToFirstPage, goToThirdPage } from '../tasks/pagination'; -import { refreshPage } from '../tasks/security_header'; +import { waitForAuthenticationsToBeLoaded } from '../../tasks/hosts/authentications'; +import { openAuthentications, openUncommonProcesses } from '../../tasks/hosts/main'; +import { waitForUncommonProcessesToBeLoaded } from '../../tasks/hosts/uncommon_processes'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { goToFirstPage, goToThirdPage } from '../../tasks/pagination'; +import { refreshPage } from '../../tasks/security_header'; -import { HOSTS_PAGE_TAB_URLS } from '../urls/navigation'; +import { HOSTS_PAGE_TAB_URLS } from '../../urls/navigation'; describe('Pagination', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_template_creation.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timeline_templates/creation.spec.ts similarity index 86% rename from x-pack/plugins/security_solution/cypress/integration/timeline_template_creation.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timeline_templates/creation.spec.ts index 5672a232e0485..88f4a5499c44b 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_template_creation.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timeline_templates/creation.spec.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { timeline } from '../objects/timeline'; +import { timeline } from '../../objects/timeline'; import { FAVORITE_TIMELINE, @@ -16,17 +16,17 @@ import { TIMELINE_DESCRIPTION, TIMELINE_QUERY, TIMELINE_TITLE, -} from '../screens/timeline'; +} from '../../screens/timeline'; import { TIMELINES_DESCRIPTION, TIMELINES_PINNED_EVENT_COUNT, TIMELINES_NOTES_COUNT, TIMELINES_FAVORITE, -} from '../screens/timelines'; -import { cleanKibana } from '../tasks/common'; +} from '../../screens/timelines'; +import { cleanKibana } from '../../tasks/common'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openTimelineUsingToggle } from '../tasks/security_main'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; import { addDescriptionToTimeline, addFilter, @@ -38,10 +38,10 @@ import { openTimelineTemplateFromSettings, populateTimeline, waitForTimelineChanges, -} from '../tasks/timeline'; -import { openTimeline } from '../tasks/timelines'; +} from '../../tasks/timeline'; +import { openTimeline } from '../../tasks/timelines'; -import { OVERVIEW_URL } from '../urls/navigation'; +import { OVERVIEW_URL } from '../../urls/navigation'; describe('Timeline Templates', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_templates_export.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timeline_templates/export.spec.ts similarity index 75% rename from x-pack/plugins/security_solution/cypress/integration/timeline_templates_export.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timeline_templates/export.spec.ts index cc526b53033a5..83fc643a1b115 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_templates_export.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timeline_templates/export.spec.ts @@ -4,16 +4,16 @@ * you may not use this file except in compliance with the Elastic License. */ -import { exportTimeline } from '../tasks/timelines'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +import { exportTimeline } from '../../tasks/timelines'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; import { expectedExportedTimelineTemplate, timeline as timelineTemplate, -} from '../objects/timeline'; +} from '../../objects/timeline'; -import { TIMELINE_TEMPLATES_URL } from '../urls/navigation'; -import { createTimelineTemplate } from '../tasks/api_calls/timelines'; -import { cleanKibana } from '../tasks/common'; +import { TIMELINE_TEMPLATES_URL } from '../../urls/navigation'; +import { createTimelineTemplate } from '../../tasks/api_calls/timelines'; +import { cleanKibana } from '../../tasks/common'; describe('Export timelines', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_creation.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/creation.spec.ts similarity index 86% rename from x-pack/plugins/security_solution/cypress/integration/timeline_creation.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/creation.spec.ts index 2cdbfef4f6588..2bfd2fbf0054c 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_creation.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/creation.spec.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { timeline } from '../objects/timeline'; +import { timeline } from '../../objects/timeline'; import { FAVORITE_TIMELINE, @@ -20,17 +20,17 @@ import { TIMELINE_QUERY, TIMELINE_TITLE, OPEN_TIMELINE_MODAL, -} from '../screens/timeline'; +} from '../../screens/timeline'; import { TIMELINES_DESCRIPTION, TIMELINES_PINNED_EVENT_COUNT, TIMELINES_NOTES_COUNT, TIMELINES_FAVORITE, -} from '../screens/timelines'; -import { cleanKibana } from '../tasks/common'; +} from '../../screens/timelines'; +import { cleanKibana } from '../../tasks/common'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openTimelineUsingToggle } from '../tasks/security_main'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; import { addFilter, addNameAndDescriptionToTimeline, @@ -42,10 +42,10 @@ import { pinFirstEvent, populateTimeline, waitForTimelineChanges, -} from '../tasks/timeline'; -import { openTimeline } from '../tasks/timelines'; +} from '../../tasks/timeline'; +import { openTimeline } from '../../tasks/timelines'; -import { OVERVIEW_URL } from '../urls/navigation'; +import { OVERVIEW_URL } from '../../urls/navigation'; describe('Timelines', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_data_providers.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/data_providers.spec.ts similarity index 86% rename from x-pack/plugins/security_solution/cypress/integration/timeline_data_providers.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/data_providers.spec.ts index 5c8fea7319fc3..ce942ca49f704 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_data_providers.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/data_providers.spec.ts @@ -9,22 +9,22 @@ import { TIMELINE_DATA_PROVIDERS_EMPTY, TIMELINE_DROPPED_DATA_PROVIDERS, TIMELINE_DATA_PROVIDERS_ACTION_MENU, -} from '../screens/timeline'; -import { HOSTS_NAMES_DRAGGABLE } from '../screens/hosts/all_hosts'; +} from '../../screens/timeline'; +import { HOSTS_NAMES_DRAGGABLE } from '../../screens/hosts/all_hosts'; import { dragAndDropFirstHostToTimeline, dragFirstHostToEmptyTimelineDataProviders, dragFirstHostToTimeline, waitForAllHostsToBeLoaded, -} from '../tasks/hosts/all_hosts'; +} from '../../tasks/hosts/all_hosts'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openTimelineUsingToggle } from '../tasks/security_main'; -import { closeTimeline, createNewTimeline } from '../tasks/timeline'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; +import { closeTimeline, createNewTimeline } from '../../tasks/timeline'; -import { HOSTS_URL } from '../urls/navigation'; -import { cleanKibana } from '../tasks/common'; +import { HOSTS_URL } from '../../urls/navigation'; +import { cleanKibana } from '../../tasks/common'; describe('timeline data providers', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timelines_export.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/export.spec.ts similarity index 75% rename from x-pack/plugins/security_solution/cypress/integration/timelines_export.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/export.spec.ts index cba9cfb2579f1..58e2f6633dad1 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timelines_export.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/export.spec.ts @@ -4,13 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { exportTimeline, waitForTimelinesPanelToBeLoaded } from '../tasks/timelines'; -import { loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +import { exportTimeline, waitForTimelinesPanelToBeLoaded } from '../../tasks/timelines'; +import { loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { TIMELINES_URL } from '../urls/navigation'; -import { createTimeline } from '../tasks/api_calls/timelines'; -import { expectedExportedTimeline, timeline } from '../objects/timeline'; -import { cleanKibana } from '../tasks/common'; +import { TIMELINES_URL } from '../../urls/navigation'; +import { createTimeline } from '../../tasks/api_calls/timelines'; +import { expectedExportedTimeline, timeline } from '../../objects/timeline'; +import { cleanKibana } from '../../tasks/common'; describe('Export timelines', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/fields_browser.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/fields_browser.spec.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/integration/fields_browser.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/fields_browser.spec.ts index 00ce40b10fd7c..826a788c4be54 100644 --- a/x-pack/plugins/security_solution/cypress/integration/fields_browser.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/fields_browser.spec.ts @@ -15,9 +15,9 @@ import { FIELDS_BROWSER_SELECTED_CATEGORY_TITLE, FIELDS_BROWSER_SELECTED_CATEGORY_COUNT, FIELDS_BROWSER_SYSTEM_CATEGORIES_COUNT, -} from '../screens/fields_browser'; -import { TIMELINE_FIELDS_BUTTON } from '../screens/timeline'; -import { cleanKibana } from '../tasks/common'; +} from '../../screens/fields_browser'; +import { TIMELINE_FIELDS_BUTTON } from '../../screens/timeline'; +import { cleanKibana } from '../../tasks/common'; import { addsHostGeoCityNameToTimeline, @@ -28,12 +28,12 @@ import { filterFieldsBrowser, removesMessageField, resetFields, -} from '../tasks/fields_browser'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openTimelineUsingToggle } from '../tasks/security_main'; -import { openTimelineFieldsBrowser, populateTimeline } from '../tasks/timeline'; +} from '../../tasks/fields_browser'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; +import { openTimelineFieldsBrowser, populateTimeline } from '../../tasks/timeline'; -import { HOSTS_URL } from '../urls/navigation'; +import { HOSTS_URL } from '../../urls/navigation'; const defaultHeaders = [ { id: '@timestamp' }, diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_flyout_button.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/flyout_button.spec.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/integration/timeline_flyout_button.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/flyout_button.spec.ts index a09f1c1875064..8f49c5b3d94fe 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_flyout_button.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/flyout_button.spec.ts @@ -4,24 +4,24 @@ * you may not use this file except in compliance with the Elastic License. */ -import { TIMELINE_BOTTOM_BAR_TOGGLE_BUTTON } from '../screens/security_main'; +import { TIMELINE_BOTTOM_BAR_TOGGLE_BUTTON } from '../../screens/security_main'; import { CREATE_NEW_TIMELINE, TIMELINE_DATA_PROVIDERS, TIMELINE_FLYOUT_HEADER, TIMELINE_SETTINGS_ICON, -} from '../screens/timeline'; -import { cleanKibana } from '../tasks/common'; +} from '../../screens/timeline'; +import { cleanKibana } from '../../tasks/common'; -import { dragFirstHostToTimeline, waitForAllHostsToBeLoaded } from '../tasks/hosts/all_hosts'; -import { loginAndWaitForPage } from '../tasks/login'; +import { dragFirstHostToTimeline, waitForAllHostsToBeLoaded } from '../../tasks/hosts/all_hosts'; +import { loginAndWaitForPage } from '../../tasks/login'; import { closeTimelineUsingCloseButton, closeTimelineUsingToggle, openTimelineUsingToggle, -} from '../tasks/security_main'; +} from '../../tasks/security_main'; -import { HOSTS_URL } from '../urls/navigation'; +import { HOSTS_URL } from '../../urls/navigation'; describe('timeline flyout button', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timelines/inspect.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/inspect.spec.ts new file mode 100644 index 0000000000000..7c41ec5b8142c --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/inspect.spec.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { INSPECT_MODAL } from '../../screens/inspect'; + +import { loginAndWaitForPage } from '../../tasks/login'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; +import { executeTimelineKQL, openTimelineInspectButton } from '../../tasks/timeline'; + +import { HOSTS_URL } from '../../urls/navigation'; + +describe('Inspect', () => { + context('Timeline', () => { + it('inspects the timeline', () => { + const hostExistsQuery = 'host.name: *'; + loginAndWaitForPage(HOSTS_URL); + openTimelineUsingToggle(); + executeTimelineKQL(hostExistsQuery); + openTimelineInspectButton(); + cy.get(INSPECT_MODAL).should('be.visible'); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_local_storage.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/local_storage.sepc.ts similarity index 68% rename from x-pack/plugins/security_solution/cypress/integration/timeline_local_storage.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/local_storage.sepc.ts index 155b0b6660998..4020de7c554a2 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_local_storage.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/local_storage.sepc.ts @@ -4,14 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { cleanKibana, reload } from '../tasks/common'; -import { loginAndWaitForPage } from '../tasks/login'; -import { HOSTS_URL } from '../urls/navigation'; -import { openEvents } from '../tasks/hosts/main'; -import { DRAGGABLE_HEADER } from '../screens/timeline'; -import { TABLE_COLUMN_EVENTS_MESSAGE } from '../screens/hosts/external_events'; -import { waitsForEventsToBeLoaded } from '../tasks/hosts/events'; -import { removeColumn } from '../tasks/timeline'; +import { cleanKibana, reload } from '../../tasks/common'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { HOSTS_URL } from '../../urls/navigation'; +import { openEvents } from '../../tasks/hosts/main'; +import { DRAGGABLE_HEADER } from '../../screens/timeline'; +import { TABLE_COLUMN_EVENTS_MESSAGE } from '../../screens/hosts/external_events'; +import { waitsForEventsToBeLoaded } from '../../tasks/hosts/events'; +import { removeColumn } from '../../tasks/timeline'; describe('persistent timeline', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_search_or_filter.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/search_or_filter.spec.ts similarity index 64% rename from x-pack/plugins/security_solution/cypress/integration/timeline_search_or_filter.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/search_or_filter.spec.ts index 54a717e7a29e7..69fc394f859ef 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_search_or_filter.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/search_or_filter.spec.ts @@ -4,14 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { SERVER_SIDE_EVENT_COUNT } from '../screens/timeline'; -import { cleanKibana } from '../tasks/common'; +import { SERVER_SIDE_EVENT_COUNT } from '../../screens/timeline'; +import { cleanKibana } from '../../tasks/common'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openTimelineUsingToggle } from '../tasks/security_main'; -import { executeTimelineKQL } from '../tasks/timeline'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; +import { executeTimelineKQL } from '../../tasks/timeline'; -import { HOSTS_URL } from '../urls/navigation'; +import { HOSTS_URL } from '../../urls/navigation'; describe('timeline search or filter KQL bar', () => { beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/timeline_toggle_column.spec.ts b/x-pack/plugins/security_solution/cypress/integration/timelines/toggle_column.spec.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/integration/timeline_toggle_column.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/timelines/toggle_column.spec.ts index b00739cbf17c2..4398ad9153986 100644 --- a/x-pack/plugins/security_solution/cypress/integration/timeline_toggle_column.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/timelines/toggle_column.spec.ts @@ -9,11 +9,11 @@ import { ID_TOGGLE_FIELD, TIMESTAMP_HEADER_FIELD, TIMESTAMP_TOGGLE_FIELD, -} from '../screens/timeline'; -import { cleanKibana } from '../tasks/common'; +} from '../../screens/timeline'; +import { cleanKibana } from '../../tasks/common'; -import { loginAndWaitForPage } from '../tasks/login'; -import { openTimelineUsingToggle } from '../tasks/security_main'; +import { loginAndWaitForPage } from '../../tasks/login'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; import { checkIdToggleField, closeTimeline, @@ -22,9 +22,9 @@ import { expandFirstTimelineEventDetails, populateTimeline, uncheckTimestampToggleField, -} from '../tasks/timeline'; +} from '../../tasks/timeline'; -import { HOSTS_URL } from '../urls/navigation'; +import { HOSTS_URL } from '../../urls/navigation'; describe('toggle column in timeline', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/url_compatibility.spec.ts b/x-pack/plugins/security_solution/cypress/integration/urls/compatibility.spec.ts similarity index 83% rename from x-pack/plugins/security_solution/cypress/integration/url_compatibility.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/urls/compatibility.spec.ts index 58ef4cd2d96ba..d815cd6aae15b 100644 --- a/x-pack/plugins/security_solution/cypress/integration/url_compatibility.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/urls/compatibility.spec.ts @@ -4,15 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ -import { loginAndWaitForPage, loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +import { loginAndWaitForPage, loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; -import { DETECTIONS } from '../urls/navigation'; -import { ABSOLUTE_DATE_RANGE } from '../urls/state'; +import { DETECTIONS } from '../../urls/navigation'; +import { ABSOLUTE_DATE_RANGE } from '../../urls/state'; import { DATE_PICKER_START_DATE_POPOVER_BUTTON, DATE_PICKER_END_DATE_POPOVER_BUTTON, -} from '../screens/date_picker'; -import { cleanKibana } from '../tasks/common'; +} from '../../screens/date_picker'; +import { cleanKibana } from '../../tasks/common'; const ABSOLUTE_DATE = { endTime: '2019-08-01T20:33:29.186Z', diff --git a/x-pack/plugins/security_solution/cypress/integration/url_state.spec.ts b/x-pack/plugins/security_solution/cypress/integration/urls/state.spec.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/integration/url_state.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/urls/state.spec.ts index 18f14e8d8b12f..3a7310dfd1091 100644 --- a/x-pack/plugins/security_solution/cypress/integration/url_state.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/urls/state.spec.ts @@ -10,13 +10,13 @@ import { DATE_PICKER_END_DATE_POPOVER_BUTTON_TIMELINE, DATE_PICKER_START_DATE_POPOVER_BUTTON, DATE_PICKER_START_DATE_POPOVER_BUTTON_TIMELINE, -} from '../screens/date_picker'; -import { HOSTS_NAMES } from '../screens/hosts/all_hosts'; -import { ANOMALIES_TAB } from '../screens/hosts/main'; -import { BREADCRUMBS, HOSTS, KQL_INPUT, NETWORK } from '../screens/security_header'; -import { TIMELINE_TITLE } from '../screens/timeline'; +} from '../../screens/date_picker'; +import { HOSTS_NAMES } from '../../screens/hosts/all_hosts'; +import { ANOMALIES_TAB } from '../../screens/hosts/main'; +import { BREADCRUMBS, HOSTS, KQL_INPUT, NETWORK } from '../../screens/security_header'; +import { TIMELINE_TITLE } from '../../screens/timeline'; -import { loginAndWaitForPage, loginAndWaitForPageWithoutDateRange } from '../tasks/login'; +import { loginAndWaitForPage, loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; import { setStartDate, setEndDate, @@ -24,21 +24,21 @@ import { setTimelineStartDate, setTimelineEndDate, updateTimelineDates, -} from '../tasks/date_picker'; -import { openFirstHostDetails, waitForAllHostsToBeLoaded } from '../tasks/hosts/all_hosts'; -import { openAllHosts } from '../tasks/hosts/main'; +} from '../../tasks/date_picker'; +import { openFirstHostDetails, waitForAllHostsToBeLoaded } from '../../tasks/hosts/all_hosts'; +import { openAllHosts } from '../../tasks/hosts/main'; -import { waitForIpsTableToBeLoaded } from '../tasks/network/flows'; -import { clearSearchBar, kqlSearch, navigateFromHeaderTo } from '../tasks/security_header'; -import { openTimelineUsingToggle } from '../tasks/security_main'; -import { addNameToTimeline, closeTimeline, populateTimeline } from '../tasks/timeline'; +import { waitForIpsTableToBeLoaded } from '../../tasks/network/flows'; +import { clearSearchBar, kqlSearch, navigateFromHeaderTo } from '../../tasks/security_header'; +import { openTimelineUsingToggle } from '../../tasks/security_main'; +import { addNameToTimeline, closeTimeline, populateTimeline } from '../../tasks/timeline'; -import { HOSTS_URL } from '../urls/navigation'; -import { ABSOLUTE_DATE_RANGE } from '../urls/state'; +import { HOSTS_URL } from '../../urls/navigation'; +import { ABSOLUTE_DATE_RANGE } from '../../urls/state'; -import { timeline } from '../objects/timeline'; -import { TIMELINE } from '../screens/create_new_case'; -import { cleanKibana } from '../tasks/common'; +import { timeline } from '../../objects/timeline'; +import { TIMELINE } from '../../screens/create_new_case'; +import { cleanKibana } from '../../tasks/common'; const ABSOLUTE_DATE = { endTime: '2019-08-01T20:33:29.186Z', diff --git a/x-pack/plugins/security_solution/cypress/integration/value_lists.spec.ts b/x-pack/plugins/security_solution/cypress/integration/value_lists/value_lists.spec.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/integration/value_lists.spec.ts rename to x-pack/plugins/security_solution/cypress/integration/value_lists/value_lists.spec.ts index 341ca31715356..c268ee37a969c 100644 --- a/x-pack/plugins/security_solution/cypress/integration/value_lists.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/value_lists/value_lists.spec.ts @@ -4,14 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ROLES } from '../../common/test'; -import { deleteRoleAndUser, loginAndWaitForPageWithoutDateRange } from '../tasks/login'; -import { DETECTIONS_URL } from '../urls/navigation'; +import { ROLES } from '../../../common/test'; +import { deleteRoleAndUser, loginAndWaitForPageWithoutDateRange } from '../../tasks/login'; +import { DETECTIONS_URL } from '../../urls/navigation'; import { waitForAlertsPanelToBeLoaded, waitForAlertsIndexToBeCreated, goToManageAlertsDetectionRules, -} from '../tasks/alerts'; +} from '../../tasks/alerts'; import { waitForListsIndexToBeCreated, waitForValueListsModalToBeLoaded, @@ -24,8 +24,12 @@ import { importValueList, deleteValueListsFile, exportValueList, -} from '../tasks/lists'; -import { VALUE_LISTS_TABLE, VALUE_LISTS_ROW, VALUE_LISTS_MODAL_ACTIVATOR } from '../screens/lists'; +} from '../../tasks/lists'; +import { + VALUE_LISTS_TABLE, + VALUE_LISTS_ROW, + VALUE_LISTS_MODAL_ACTIVATOR, +} from '../../screens/lists'; describe('value lists', () => { describe('management modal', () => {