-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Osquery] Add support for osquery pack integration assets #128109
[Osquery] Add support for osquery pack integration assets #128109
Conversation
Pinging @elastic/security-asset-management (Team:Asset Management) |
Pinging @elastic/fleet (Team:Fleet) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Core changes are only 1 file related to testing. LGTM 👍 Thanks for using i18n across the whole PR :)
…nager-prebuilt-packs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🌞 👍
…nager-prebuilt-packs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to update Fleet's API integration tests to ensure that these asset types are correctly installed. Changes needed:
- Add some
osquery-pack-asset
objects to the "all_assets" test package:x-pack/test/fleet_api_integration/apis/fixtures/test_packages/all_assets
- Update the test file with assertions that the expected packs are installed and uninstalled in
x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts
…nager-prebuilt-packs
…nager-prebuilt-packs # Conflicts: # x-pack/plugins/osquery/public/packs/types.ts
…nager-prebuilt-packs
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
kibana-docker LGTM
022ae12
to
19d3808
Compare
@elasticmachine merge upstream |
Thank you for the review @joshdover. Please let me know if I have followed that properly 🙂 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for making those changes. I think we still need one more assertion in install_remove_assets.ts
. Specifically there should be an assertion that the objects are deleted around here: https://github.com/elastic/kibana/blob/35775c91572ac434f22e9e23d166f48f6f46a7ed/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts#L205
After that this should be good to go.
@joshdover 🟢 ? :) |
💛 Build succeeded, but was flakyTest Failures
Metrics [docs]Module Count
Async chunks
Page load bundle
Saved Objects .kibana field count
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: |
Summary
Add prebuilt packs from https://github.com/osquery/osquery/tree/master/packs
Migrate Filebeat Osquery module dashboard to fit into the new integration data structure
Integration PR elastic/integrations#2851