WIP

x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/kpi/index.ts

@@ -14,9 +14,9 @@ import { HostsKpiHostsStrategyResponse } from './hosts';
 import { HostsKpiUniqueIpsStrategyResponse } from './unique_ips';
 
 export enum HostsKpiQueries {
-  authentications = 'hostsKpiAuthentications',
-  hosts = 'hostsKpiHosts',
-  uniqueIps = 'hostsKpiUniqueIps',
+  kpiAuthentications = 'hostsKpiAuthentications',
+  kpiHosts = 'hostsKpiHosts',
+  kpiUniqueIps = 'hostsKpiUniqueIps',
 }
 
 export type HostsKpiStrategyResponse =

x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts

@@ -114,11 +114,11 @@ export type StrategyResponseType<T extends FactoryQueryTypes> = T extends HostsQ
   ? HostFirstLastSeenStrategyResponse
   : T extends HostsQueries.uncommonProcesses
   ? HostUncommonProcessesStrategyResponse
-  : T extends HostsKpiQueries.authentications
+  : T extends HostsKpiQueries.kpiAuthentications
   ? HostsKpiAuthenticationsStrategyResponse
-  : T extends HostsKpiQueries.hosts
+  : T extends HostsKpiQueries.kpiHosts
   ? HostsKpiHostsStrategyResponse
-  : T extends HostsKpiQueries.uniqueIps
+  : T extends HostsKpiQueries.kpiUniqueIps
   ? HostsKpiUniqueIpsStrategyResponse
   : T extends NetworkQueries.details
   ? NetworkDetailsStrategyResponse
@@ -162,11 +162,11 @@ export type StrategyRequestType<T extends FactoryQueryTypes> = T extends HostsQu
   ? HostFirstLastSeenRequestOptions
   : T extends HostsQueries.uncommonProcesses
   ? HostUncommonProcessesRequestOptions
-  : T extends HostsKpiQueries.authentications
+  : T extends HostsKpiQueries.kpiAuthentications
   ? HostsKpiAuthenticationsRequestOptions
-  : T extends HostsKpiQueries.hosts
+  : T extends HostsKpiQueries.kpiHosts
   ? HostsKpiHostsRequestOptions
-  : T extends HostsKpiQueries.uniqueIps
+  : T extends HostsKpiQueries.kpiUniqueIps
   ? HostsKpiUniqueIpsRequestOptions
   : T extends NetworkQueries.details
   ? NetworkDetailsRequestOptions

x-pack/plugins/security_solution/public/hosts/containers/kpi_hosts/authentications/index.tsx

@@ -56,7 +56,7 @@ export const useHostsKpiAuthentications = ({
     HostsKpiAuthenticationsRequestOptions
   >({
     defaultIndex,
-    factoryQueryType: HostsKpiQueries.authentications,
+    factoryQueryType: HostsKpiQueries.kpiAuthentications,
     filterQuery: createFilter(filterQuery),
     id: ID,
     timerange: {

x-pack/plugins/security_solution/public/hosts/containers/kpi_hosts/hosts/index.tsx

@@ -53,7 +53,7 @@ export const useHostsKpiHosts = ({
   const [loading, setLoading] = useState(false);
   const [hostsKpiHostsRequest, setHostsKpiHostsRequest] = useState<HostsKpiHostsRequestOptions>({
     defaultIndex,
-    factoryQueryType: HostsKpiQueries.hosts,
+    factoryQueryType: HostsKpiQueries.kpiHosts,
     filterQuery: createFilter(filterQuery),
     id: ID,
     timerange: {

x-pack/plugins/security_solution/public/hosts/containers/kpi_hosts/unique_ips/index.tsx

@@ -56,7 +56,7 @@ export const useHostsKpiUniqueIps = ({
     HostsKpiUniqueIpsRequestOptions
   >({
     defaultIndex,
-    factoryQueryType: HostsKpiQueries.uniqueIps,
+    factoryQueryType: HostsKpiQueries.kpiUniqueIps,
     filterQuery: createFilter(filterQuery),
     id: ID,
     timerange: {

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/index.ts

@@ -31,7 +31,7 @@ export const hostsFactory: Record<
   [HostsQueries.firstLastSeen]: firstLastSeenHost,
   [HostsQueries.uncommonProcesses]: uncommonProcesses,
   [HostsQueries.authentications]: authentications,
-  [HostsKpiQueries.authentications]: hostsKpiAuthentications,
-  [HostsKpiQueries.hosts]: hostsKpiHosts,
-  [HostsKpiQueries.uniqueIps]: hostsKpiUniqueIps,
+  [HostsKpiQueries.kpiAuthentications]: hostsKpiAuthentications,
+  [HostsKpiQueries.kpiHosts]: hostsKpiHosts,
+  [HostsKpiQueries.kpiUniqueIps]: hostsKpiUniqueIps,
 };

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/authentications/index.ts

@@ -17,7 +17,7 @@ import { SecuritySolutionFactory } from '../../../types';
 import { buildHostsKpiAuthenticationsQuery } from './query.hosts_kpi_authentications.dsl';
 import { formatAuthenticationsHistogramData } from './helpers';
 
-export const hostsKpiAuthentications: SecuritySolutionFactory<HostsKpiQueries.authentications> = {
+export const hostsKpiAuthentications: SecuritySolutionFactory<HostsKpiQueries.kpiAuthentications> = {
   buildDsl: (options: HostsKpiAuthenticationsRequestOptions) =>
     buildHostsKpiAuthenticationsQuery(options),
   parse: async (

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/authentications/query.hosts_kpi_authentications.dsl.ts

@@ -36,13 +36,11 @@ export const buildHostsKpiAuthenticationsQuery = ({
     },
   ];
 
-  const dslQuery = [
-    {
-      index: defaultIndex,
-      allowNoIndices: true,
-      ignoreUnavailable: true,
-    },
-    {
+  const dslQuery = {
+    index: defaultIndex,
+    allowNoIndices: true,
+    ignoreUnavailable: true,
+    body: {
       aggs: {
         authentication_success: {
           filter: {
@@ -97,6 +95,7 @@ export const buildHostsKpiAuthenticationsQuery = ({
       size: 0,
       track_total_hits: false,
     },
-  ];
+  };
+
   return dslQuery;
 };

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/hosts/index.ts

@@ -17,7 +17,7 @@ import { SecuritySolutionFactory } from '../../../types';
 import { buildHostsKpiHostsQuery } from './query.hosts_kpi_hosts.dsl';
 import { formatGeneralHistogramData } from '../common';
 
-export const hostsKpiHosts: SecuritySolutionFactory<HostsKpiQueries.hosts> = {
+export const hostsKpiHosts: SecuritySolutionFactory<HostsKpiQueries.kpiHosts> = {
   buildDsl: (options: HostsKpiHostsRequestOptions) => buildHostsKpiHostsQuery(options),
   parse: async (
     options: HostsKpiHostsRequestOptions,

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/hosts/query.hosts_kpi_hosts.dsl.ts

@@ -36,13 +36,11 @@ export const buildHostsKpiHostsQuery = ({
     },
   ];
 
-  const dslQuery = [
-    {
-      index: defaultIndex,
-      allowNoIndices: true,
-      ignoreUnavailable: true,
-    },
-    {
+  const dslQuery = {
+    index: defaultIndex,
+    allowNoIndices: true,
+    ignoreUnavailable: true,
+    body: {
       aggs: {
         authentication_success: {
           filter: {
@@ -97,6 +95,7 @@ export const buildHostsKpiHostsQuery = ({
       size: 0,
       track_total_hits: false,
     },
-  ];
+  };
+
   return dslQuery;
 };

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/index.ts

@@ -4,21 +4,7 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-import {
-  FactoryQueryTypes,
-  HostsKpiQueries,
-} from '../../../../../../common/search_strategy/security_solution';
-
-import { SecuritySolutionFactory } from '../../types';
-import { hostsKpiAuthentications } from './authentications';
-import { hostsKpiHosts } from './hosts';
-import { hostsKpiUniqueIps } from './unique_ips';
-
-export const hostsKpiFactory: Record<
-  HostsKpiQueries,
-  SecuritySolutionFactory<FactoryQueryTypes>
-> = {
-  [HostsKpiQueries.authentications]: hostsKpiAuthentications,
-  [HostsKpiQueries.hosts]: hostsKpiHosts,
-  [HostsKpiQueries.uniqueIps]: hostsKpiUniqueIps,
-};
+export * from './authentications';
+export * from './common';
+export * from './hosts';
+export * from './unique_ips';

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/unique_ips/index.ts

@@ -17,7 +17,7 @@ import { SecuritySolutionFactory } from '../../../types';
 import { buildHostsKpiUniqueIpsQuery } from './query.hosts_kpi_unique_ips.dsl';
 import { formatGeneralHistogramData } from '../common';
 
-export const hostsKpiUniqueIps: SecuritySolutionFactory<HostsKpiQueries.uniqueIps> = {
+export const hostsKpiUniqueIps: SecuritySolutionFactory<HostsKpiQueries.kpiUniqueIps> = {
   buildDsl: (options: HostsKpiUniqueIpsRequestOptions) => buildHostsKpiUniqueIpsQuery(options),
   parse: async (
     options: HostsKpiUniqueIpsRequestOptions,

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/unique_ips/query.hosts_kpi_unique_ips.dsl.ts

@@ -25,13 +25,11 @@ export const buildHostsKpiUniqueIpsQuery = ({
     },
   ];
 
-  const dslQuery = [
-    {
-      index: defaultIndex,
-      allowNoIndices: true,
-      ignoreUnavailable: true,
-    },
-    {
+  const dslQuery = {
+    index: defaultIndex,
+    allowNoIndices: true,
+    ignoreUnavailable: true,
+    body: {
       aggregations: {
         unique_source_ips: {
           cardinality: {
@@ -78,7 +76,7 @@ export const buildHostsKpiUniqueIpsQuery = ({
       size: 0,
       track_total_hits: false,
     },
-  ];
+  };
 
   return dslQuery;
 };