From 77f1e17fc6c892f06de1d0190b8c6aeba0e6b4a1 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Tue, 19 May 2020 11:24:53 -0400 Subject: [PATCH 1/2] [SIEMDPOINT] Move endpoint to siem (#66907) * adds the stuff * keeps moving stuff * finishes moving the stuff * moves tests * fix type * try moving it all at once. BROKEN * move endpoint to siem * fix package coming from endpoint * missing scripts + change url * fix eslint * temporary disable functional testing for endpoint * fix api integration types * allow api integration test + comment functional test * fix internationalization * fix internationalization II * fix jest test * fix x-pack test * fix i18n * fix api integration * fix circular dependency * add new dependency to cypress test Co-authored-by: Davis Plumlee Co-authored-by: oatkiller Co-authored-by: Elastic Machine --- .../plugins/endpoint/common/schema/README.md | 6 - x-pack/plugins/endpoint/kibana.json | 9 - x-pack/plugins/endpoint/package.json | 18 - .../public/applications/endpoint/README.md | 28 - .../public/applications/endpoint/index.tsx | 30 - .../applications/endpoint/store/action.ts | 21 - .../endpoint/store/alerts/index.ts | 8 - .../endpoint/store/hosts/index.ts | 9 - .../store/immutable_combine_reducers.ts | 13 - .../applications/endpoint/store/index.ts | 84 --- .../applications/endpoint/store/reducer.ts | 20 - .../public/applications/endpoint/types.ts | 395 ----------- .../view/alerts/details/overview/index.tsx | 123 ---- .../view/alerts/hooks/use_alerts_selector.ts | 12 - .../endpoint/view/alerts/resolver.tsx | 38 -- .../alerts/test_helpers/render_alert_page.tsx | 59 -- .../applications/endpoint/view/app_root.tsx | 59 -- .../view/components/header_navigation.tsx | 78 --- .../models/process_event_test_helpers.ts | 49 -- .../embeddables/resolver/view/edge_line.tsx | 78 --- .../resolver/view/graph_controls.tsx | 155 ----- .../resolver/view/process_event_dot.tsx | 603 ----------------- x-pack/plugins/endpoint/public/index.ts | 21 - x-pack/plugins/endpoint/public/plugin.ts | 71 -- x-pack/plugins/endpoint/server/index.ts | 26 - x-pack/plugins/endpoint/server/plugin.test.ts | 59 -- x-pack/plugins/endpoint/server/plugin.ts | 108 --- .../server/routes/alerts/details/index.ts | 8 - .../server/routes/alerts/list/index.ts | 7 - .../endpoint/server/routes/alerts/types.ts | 99 --- .../endpoint/server/routes/index_pattern.ts | 43 -- x-pack/plugins/endpoint/yarn.lock | 1 - .../common/endpoint}/generate_data.test.ts | 0 .../common/endpoint}/generate_data.ts | 6 +- .../common/endpoint}/models/event.ts | 0 .../common/endpoint}/models/policy_config.ts | 0 .../common/endpoint}/schema/policy.ts | 0 .../common/endpoint}/schema/resolver.ts | 0 .../common => siem/common/endpoint}/types.ts | 108 +-- .../endpoint_alerts}/alert_constants.ts | 0 .../endpoint_alerts}/schema/alert_index.ts | 26 +- .../endpoint_alerts}/schema/index_pattern.ts | 0 .../siem/common/endpoint_alerts/types.ts | 272 ++++++++ x-pack/plugins/siem/kibana.json | 2 + x-pack/plugins/siem/package.json | 8 +- x-pack/plugins/siem/public/app/app.tsx | 5 +- .../view => siem/public/app/home}/setup.tsx | 6 +- x-pack/plugins/siem/public/app/index.tsx | 2 +- x-pack/plugins/siem/public/app/routes.tsx | 19 +- x-pack/plugins/siem/public/app/types.ts | 27 +- .../__snapshots__/link_to_app.test.tsx.snap | 0 .../__snapshots__/page_view.test.tsx.snap | 44 +- .../endpoint}/formatted_date_time.tsx | 0 .../components/endpoint}/link_to_app.test.tsx | 24 +- .../components/endpoint}/link_to_app.tsx | 6 +- .../components/endpoint}/page_view.test.tsx | 22 +- .../common/components/endpoint}/page_view.tsx | 5 + .../components/endpoint}/route_capture.tsx | 7 +- .../navigation/breadcrumbs/index.ts | 2 +- .../siem/public/common/hooks/api/api.tsx | 2 +- ..._navigate_by_router_event_handler.test.tsx | 5 +- .../use_navigate_by_router_event_handler.ts | 0 .../use_navigate_to_app_event_handler.ts | 2 +- .../public/common/lib/kibana/kibana_react.ts | 2 +- .../siem/public/common/lib/telemetry/index.ts | 2 +- .../mock/endpoint}/app_context_render.tsx | 51 +- .../mock/endpoint}/app_root_provider.tsx | 14 +- .../mock/endpoint}/dependencies_start_mock.ts | 0 .../public/common/mock/endpoint}/index.ts | 0 .../siem/public/common/mock/global_state.ts | 13 + .../plugins/siem/public/common/mock/utils.ts | 8 + .../siem/public/common/store/actions.ts | 13 + .../plugins/siem/public/common/store/index.ts | 14 + .../siem/public/common/store/reducer.ts | 36 +- .../public/common}/store/routing/action.ts | 5 +- .../public/common}/store/routing/index.ts | 0 .../plugins/siem/public/common/store/store.ts | 19 +- .../public/common}/store/test_utils.ts | 8 +- .../plugins/siem/public/common/store/types.ts | 105 +++ .../index.ts => siem/public/common/types.ts} | 6 +- .../utils}/clone_http_fetch_query.test.ts | 4 +- .../common/utils}/clone_http_fetch_query.ts | 4 +- .../components}/formatted_date.tsx | 2 + .../siem/public/endpoint_alerts/index.ts | 39 ++ .../endpoint_alerts}/models/index_pattern.ts | 4 +- .../public/endpoint_alerts/routes.tsx} | 13 +- .../public/endpoint_alerts/store}/action.ts | 4 +- .../store}/alert_details.test.ts | 19 +- .../endpoint_alerts/store}/alert_list.test.ts | 13 +- .../store}/alert_list_pagination.test.ts | 27 +- .../public/endpoint_alerts/store/index.ts | 20 + .../endpoint_alerts/store}/middleware.ts | 17 +- .../store}/mock_alert_result_list.ts | 6 +- .../public/endpoint_alerts/store}/reducer.ts | 10 +- .../endpoint_alerts/store}/selectors.ts | 16 +- .../view}/alert_details.test.tsx | 17 +- .../endpoint_alerts/view}/details/index.ts | 0 .../view}/details/metadata/file_accordion.tsx | 36 +- .../details/metadata/general_accordion.tsx | 25 +- .../view}/details/metadata/hash_accordion.tsx | 12 +- .../view}/details/metadata/host_accordion.tsx | 61 +- .../view}/details/metadata/index.ts | 0 .../metadata/source_process_accordion.tsx | 42 +- .../source_process_token_accordion.tsx | 17 +- .../view/details/overview/index.tsx | 125 ++++ .../view}/details/overview/metadata_panel.tsx | 4 +- .../details/overview/take_action_dropdown.tsx | 10 +- .../endpoint_alerts/view/formatted_date.tsx | 24 + .../view/hooks/use_alerts_selector.ts | 17 + .../endpoint_alerts/view}/index.test.tsx | 27 +- .../public/endpoint_alerts/view}/index.tsx | 42 +- .../view}/index_search_bar.tsx | 16 +- .../public/endpoint_alerts/view/resolver.tsx | 39 ++ .../view/test_helpers/render_alert_page.tsx | 63 ++ .../view}/url_from_query_params.ts | 9 +- .../siem/public/endpoint_hosts/index.ts | 38 ++ .../public/endpoint_hosts/routes.tsx} | 13 +- .../public/endpoint_hosts/store}/action.ts | 4 +- .../store}/host_pagination.test.ts | 27 +- .../endpoint_hosts/store}/index.test.ts | 2 +- .../siem/public/endpoint_hosts/store/index.ts | 22 + .../endpoint_hosts/store}/middleware.test.ts | 18 +- .../endpoint_hosts/store}/middleware.ts | 10 +- .../store}/mock_host_result_list.ts | 4 +- .../public/endpoint_hosts/store}/reducer.ts | 11 +- .../public/endpoint_hosts/store}/selectors.ts | 8 +- .../siem/public/endpoint_hosts/types.ts | 57 ++ .../details/components/flyout_sub_header.tsx | 2 + .../view}/details/host_details.tsx | 34 +- .../endpoint_hosts/view}/details/index.tsx | 24 +- .../view}/details/policy_response.tsx | 23 +- .../details/policy_response_friendly_names.ts | 61 +- .../public/endpoint_hosts/view}/hooks.ts | 9 +- .../endpoint_hosts/view}/host_constants.ts | 2 +- .../endpoint_hosts/view}/index.test.tsx | 25 +- .../public/endpoint_hosts/view}/index.tsx | 48 +- .../view}/url_from_query_params.ts | 9 +- .../siem/public/endpoint_policy/details.ts | 41 ++ .../siem/public/endpoint_policy/list.ts | 41 ++ .../models/policy_details_config.ts | 2 +- .../siem/public/endpoint_policy/routes.tsx | 18 + .../store/policy_details/action.ts | 7 +- .../store/policy_details/index.test.ts | 2 +- .../store/policy_details/index.ts | 22 + .../store/policy_details/middleware.ts | 11 +- .../store/policy_details/reducer.ts | 10 +- .../store/policy_details/selectors.ts | 4 +- .../store/policy_list/action.ts | 4 +- .../store/policy_list/index.test.ts | 65 +- .../store/policy_list/index.ts | 21 + .../store/policy_list/middleware.ts | 9 +- .../store/policy_list/reducer.ts | 9 +- .../store/policy_list/selectors.ts | 2 +- .../store/policy_list/services/ingest.test.ts | 4 +- .../store/policy_list/services/ingest.ts | 6 +- .../store/policy_list/test_mock_utils.ts | 2 +- .../siem/public/endpoint_policy/types.ts | 173 +++++ .../endpoint_policy/view}/agents_summary.tsx | 10 +- .../public/endpoint_policy/view}/index.ts | 0 .../view}/policy_details.test.tsx | 11 +- .../endpoint_policy/view}/policy_details.tsx | 67 +- .../view}/policy_forms/config_form.tsx | 6 +- .../view}/policy_forms/events/checkbox.tsx | 12 +- .../view}/policy_forms/events/index.tsx | 0 .../view}/policy_forms/events/linux.tsx | 24 +- .../view}/policy_forms/events/mac.tsx | 26 +- .../view}/policy_forms/events/windows.tsx | 42 +- .../policy_forms/protections/malware.tsx | 36 +- .../endpoint_policy/view}/policy_hooks.ts | 7 +- .../endpoint_policy/view}/policy_list.tsx | 33 +- .../endpoint_policy/view}/vertical_divider.ts | 2 +- x-pack/plugins/siem/public/index.ts | 3 +- x-pack/plugins/siem/public/plugin.tsx | 86 +-- .../public}/resolver/documentation/camera.md | 0 .../public}/resolver/embeddable.tsx | 2 +- .../public}/resolver/factory.ts | 4 +- .../public}/resolver/index.ts | 0 .../public}/resolver/lib/math.ts | 0 .../public}/resolver/lib/matrix3.test.ts | 0 .../public}/resolver/lib/matrix3.ts | 0 .../resolver/lib/transformation.test.ts | 0 .../public}/resolver/lib/transformation.ts | 0 .../public}/resolver/lib/tree_sequencers.ts | 0 .../public}/resolver/lib/vector2.ts | 0 .../resolver/models/indexed_process_tree.ts | 2 +- .../resolver/models/process_event.test.ts | 3 +- .../public}/resolver/models/process_event.ts | 4 +- .../models/process_event_test_helpers.ts | 42 ++ .../public}/resolver/store/actions.ts | 2 +- .../public}/resolver/store/camera/action.ts | 0 .../resolver/store/camera/animation.test.ts | 0 .../public}/resolver/store/camera/index.ts | 0 .../camera/inverse_projection_matrix.test.ts | 0 .../public}/resolver/store/camera/methods.ts | 0 .../resolver/store/camera/panning.test.ts | 0 .../store/camera/projection_matrix.test.ts | 0 .../public}/resolver/store/camera/reducer.ts | 0 .../resolver/store/camera/scale_to_zoom.ts | 0 .../store/camera/scaling_constants.ts | 0 .../resolver/store/camera/selectors.ts | 0 .../resolver/store/camera/test_helpers.ts | 0 .../resolver/store/camera/zooming.test.ts | 0 .../data/__snapshots__/graphing.test.ts.snap | 0 .../public}/resolver/store/data/action.ts | 2 +- .../resolver/store/data/graphing.test.ts | 2 +- .../public}/resolver/store/data/index.ts | 0 .../public}/resolver/store/data/reducer.ts | 0 .../public}/resolver/store/data/sample.ts | 0 .../resolver/store/data/selectors.test.ts | 118 ++-- .../public}/resolver/store/data/selectors.ts | 7 +- .../public}/resolver/store/index.ts | 6 +- .../public}/resolver/store/methods.ts | 2 +- .../public}/resolver/store/middleware.ts | 11 +- .../public}/resolver/store/reducer.ts | 0 .../public}/resolver/store/selectors.ts | 0 .../public}/resolver/store/ui/selectors.ts | 0 .../public}/resolver/types.ts | 4 +- .../public}/resolver/view/defs.tsx | 36 +- .../siem/public/resolver/view/edge_line.tsx | 80 +++ .../public/resolver/view/graph_controls.tsx | 188 ++++++ .../public}/resolver/view/index.tsx | 12 +- .../public}/resolver/view/panel.tsx | 45 +- .../resolver/view/process_event_dot.tsx | 614 ++++++++++++++++++ .../resolver/view/side_effect_context.ts | 0 .../resolver/view/side_effect_simulator.ts | 0 .../public}/resolver/view/submenu.tsx | 360 +++++----- .../public}/resolver/view/use_camera.test.tsx | 2 +- .../public}/resolver/view/use_camera.ts | 0 .../resolver/view/use_resolver_dispatch.ts | 0 x-pack/plugins/siem/public/types.ts | 47 ++ .../scripts/endpoint}/README.md | 2 +- .../scripts/endpoint}/alert_mapping.json | 0 .../scripts/endpoint}/cli_tsconfig.json | 3 +- .../scripts/endpoint}/event_mapping.json | 0 .../scripts/endpoint}/policy_mapping.json | 0 .../scripts/endpoint}/resolver_generator.ts | 10 +- x-pack/plugins/siem/server/config.ts | 13 + .../endpoint/alerts/handlers}/alerts.test.ts | 10 +- .../alerts/handlers/details/index.ts} | 8 +- .../handlers}/details/lib/pagination.ts | 18 +- .../alerts/handlers}/details/schemas.ts | 0 .../endpoint/alerts/handlers/index_pattern.ts | 28 + .../endpoint/alerts/handlers}/lib/alert_id.ts | 0 .../endpoint/alerts/handlers}/lib/error.ts | 1 + .../endpoint/alerts/handlers}/lib/index.ts | 13 +- .../alerts/handlers}/lib/pagination.ts | 2 +- .../endpoint/alerts/handlers/list/index.ts} | 2 +- .../alerts/handlers}/list/lib/index.ts | 10 +- .../alerts/handlers}/list/lib/pagination.ts | 7 +- .../server/endpoint/alerts}/index_pattern.ts | 8 +- .../server/endpoint/alerts/routes.ts} | 24 +- .../server/endpoint}/config.test.ts | 0 .../server => siem/server/endpoint}/config.ts | 0 .../endpoint_app_context_services.test.ts | 0 .../endpoint_app_context_services.ts | 4 +- .../server => siem/server/endpoint}/mocks.ts | 4 +- .../server/endpoint}/routes/metadata/index.ts | 12 +- .../routes/metadata/metadata.test.ts | 18 +- .../routes/metadata/query_builders.test.ts | 10 +- .../routes/metadata/query_builders.ts | 6 +- .../endpoint}/routes/policy/handlers.test.ts | 14 +- .../endpoint}/routes/policy/handlers.ts | 2 +- .../server/endpoint}/routes/policy/index.ts | 2 +- .../endpoint}/routes/policy/service.test.ts | 2 +- .../server/endpoint}/routes/policy/service.ts | 2 +- .../server/endpoint}/routes/resolver.ts | 2 +- .../endpoint}/routes/resolver/ancestry.ts | 2 +- .../endpoint}/routes/resolver/children.ts | 2 +- .../endpoint}/routes/resolver/events.ts | 2 +- .../endpoint}/routes/resolver/queries/base.ts | 4 +- .../routes/resolver/queries/children.test.ts | 0 .../routes/resolver/queries/children.ts | 0 .../routes/resolver/queries/events.test.ts | 0 .../routes/resolver/queries/events.ts | 2 +- .../queries/legacy_event_index_pattern.ts | 0 .../routes/resolver/queries/lifecycle.test.ts | 0 .../routes/resolver/queries/lifecycle.ts | 2 +- .../routes/resolver/queries/stats.test.ts | 0 .../routes/resolver/queries/stats.ts | 6 +- .../server/endpoint}/routes/resolver/tree.ts | 2 +- .../endpoint}/routes/resolver/utils/fetch.ts | 2 +- .../routes/resolver/utils/pagination.ts | 16 +- .../endpoint}/routes/resolver/utils/tree.ts | 4 +- .../test_data/all_metadata_data.json | 0 .../server => siem/server/endpoint}/types.ts | 4 +- .../routes/__mocks__/index.ts | 6 + x-pack/plugins/siem/server/plugin.ts | 40 +- .../translations/translations/ja-JP.json | 195 +++--- .../translations/translations/zh-CN.json | 195 +++--- x-pack/scripts/functional_tests.js | 3 +- .../endpoint/{alerts.ts => alerts/index.ts} | 6 +- .../endpoint/{ => alerts}/index_pattern.ts | 2 +- .../api_integration/apis/endpoint/index.ts | 2 +- .../apis/features/features/features.ts | 1 - .../apis/security/privileges.ts | 1 - .../apis/security/privileges_basic.ts | 1 - x-pack/test/api_integration/config.js | 4 +- .../apis/{alerts.ts => alerts/index.ts} | 2 +- .../apis/{ => alerts}/index_pattern.ts | 2 +- .../apis/index.ts | 2 +- x-pack/test/functional_endpoint/config.ts | 1 - .../services/endpoint_policy.ts | 4 +- x-pack/test/plugin_functional/config.ts | 1 - x-pack/test/reporting/configs/chromium_api.js | 1 - x-pack/test/siem_cypress/config.ts | 3 + yarn.lock | 10 - 306 files changed, 3899 insertions(+), 3750 deletions(-) delete mode 100644 x-pack/plugins/endpoint/common/schema/README.md delete mode 100644 x-pack/plugins/endpoint/kibana.json delete mode 100644 x-pack/plugins/endpoint/package.json delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/README.md delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/index.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/types.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx delete mode 100644 x-pack/plugins/endpoint/public/index.ts delete mode 100644 x-pack/plugins/endpoint/public/plugin.ts delete mode 100644 x-pack/plugins/endpoint/server/index.ts delete mode 100644 x-pack/plugins/endpoint/server/plugin.test.ts delete mode 100644 x-pack/plugins/endpoint/server/plugin.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/alerts/details/index.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/alerts/list/index.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/alerts/types.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/index_pattern.ts delete mode 120000 x-pack/plugins/endpoint/yarn.lock rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/generate_data.test.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/generate_data.ts (99%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/models/event.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/models/policy_config.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/schema/policy.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/schema/resolver.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/types.ts (86%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint_alerts}/alert_constants.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint_alerts}/schema/alert_index.ts (78%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint_alerts}/schema/index_pattern.ts (100%) create mode 100644 x-pack/plugins/siem/common/endpoint_alerts/types.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/app/home}/setup.tsx (87%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/__snapshots__/link_to_app.test.tsx.snap (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/__snapshots__/page_view.test.tsx.snap (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/common/components/endpoint}/formatted_date_time.tsx (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/link_to_app.test.tsx (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/link_to_app.tsx (83%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/page_view.test.tsx (80%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/page_view.tsx (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/common/components/endpoint}/route_capture.tsx (77%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hooks => siem/public/common/hooks/endpoint}/use_navigate_by_router_event_handler.test.tsx (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hooks => siem/public/common/hooks/endpoint}/use_navigate_by_router_event_handler.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hooks => siem/public/common/hooks/endpoint}/use_navigate_to_app_event_handler.ts (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/mocks => siem/public/common/mock/endpoint}/app_context_render.tsx (54%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/common/mock/endpoint}/app_root_provider.tsx (83%) rename x-pack/plugins/{endpoint/public/applications/endpoint/mocks => siem/public/common/mock/endpoint}/dependencies_start_mock.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/mocks => siem/public/common/mock/endpoint}/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/common}/store/routing/action.ts (68%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/common}/store/routing/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/common}/store/test_utils.ts (95%) rename x-pack/plugins/{endpoint/server/routes/alerts/details/lib/index.ts => siem/public/common/types.ts} (72%) rename x-pack/plugins/{endpoint/public/common => siem/public/common/utils}/clone_http_fetch_query.test.ts (85%) rename x-pack/plugins/{endpoint/public/common => siem/public/common/utils}/clone_http_fetch_query.ts (82%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/components}/formatted_date.tsx (93%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_alerts}/models/index_pattern.ts (78%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/policy_list/index.ts => siem/public/endpoint_alerts/routes.tsx} (50%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/action.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/alert_details.test.ts (83%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/alert_list.test.ts (85%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/alert_list_pagination.test.ts (80%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/store/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/middleware.ts (79%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/mock_alert_result_list.ts (89%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/reducer.ts (82%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/selectors.ts (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/alert_details.test.tsx (87%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/file_accordion.tsx (60%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/general_accordion.tsx (64%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/hash_accordion.tsx (70%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/host_accordion.tsx (50%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/source_process_accordion.tsx (58%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/source_process_token_accordion.tsx (68%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/index.tsx rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/overview/metadata_panel.tsx (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/overview/take_action_dropdown.tsx (83%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/index.test.tsx (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/index.tsx (81%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/index_search_bar.tsx (87%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/url_from_query_params.ts (74%) create mode 100644 x-pack/plugins/siem/public/endpoint_hosts/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/store/policy_details/index.ts => siem/public/endpoint_hosts/routes.tsx} (51%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/action.ts (93%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/host_pagination.test.ts (91%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/index.test.ts (98%) create mode 100644 x-pack/plugins/siem/public/endpoint_hosts/store/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/middleware.test.ts (86%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/middleware.ts (91%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/mock_host_result_list.ts (90%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/reducer.ts (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/selectors.ts (95%) create mode 100644 x-pack/plugins/siem/public/endpoint_hosts/types.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/components/flyout_sub_header.tsx (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/host_details.tsx (76%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/index.tsx (86%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/policy_response.tsx (95%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/policy_response_friendly_names.ts (54%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/hooks.ts (78%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/host_constants.ts (87%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/index.test.tsx (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/index.tsx (76%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/url_from_query_params.ts (58%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/details.ts create mode 100644 x-pack/plugins/siem/public/endpoint_policy/list.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/models/policy_details_config.ts (97%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/routes.tsx rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/action.ts (86%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/index.test.ts (97%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/middleware.ts (88%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/reducer.ts (91%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/selectors.ts (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/action.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/index.test.ts (80%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/middleware.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/reducer.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/selectors.ts (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/services/ingest.test.ts (94%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/services/ingest.ts (93%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/test_mock_utils.ts (93%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/types.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/agents_summary.tsx (82%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_details.test.tsx (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_details.tsx (74%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/config_form.tsx (93%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/checkbox.tsx (80%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/index.tsx (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/linux.tsx (74%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/mac.tsx (71%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/windows.tsx (67%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/protections/malware.tsx (79%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_hooks.ts (63%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_list.tsx (79%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/vertical_divider.ts (91%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/documentation/camera.md (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/embeddable.tsx (93%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/factory.ts (85%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/index.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/math.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/matrix3.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/matrix3.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/transformation.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/transformation.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/tree_sequencers.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/vector2.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/models/indexed_process_tree.ts (98%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/models/process_event.test.ts (92%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/models/process_event.ts (95%) create mode 100644 x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/actions.ts (98%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/action.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/animation.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/index.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/inverse_projection_matrix.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/methods.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/panning.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/projection_matrix.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/reducer.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/scale_to_zoom.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/scaling_constants.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/selectors.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/test_helpers.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/zooming.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/__snapshots__/graphing.test.ts.snap (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/action.ts (94%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/graphing.test.ts (99%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/index.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/reducer.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/sample.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/selectors.test.ts (95%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/selectors.ts (99%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/index.ts (82%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/methods.ts (93%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/middleware.ts (93%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/reducer.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/selectors.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/ui/selectors.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/types.ts (98%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/defs.tsx (95%) create mode 100644 x-pack/plugins/siem/public/resolver/view/edge_line.tsx create mode 100644 x-pack/plugins/siem/public/resolver/view/graph_controls.tsx rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/index.tsx (94%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/panel.tsx (77%) create mode 100644 x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/side_effect_context.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/side_effect_simulator.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/submenu.tsx (51%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/use_camera.test.tsx (99%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/use_camera.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/use_resolver_dispatch.ts (100%) create mode 100644 x-pack/plugins/siem/public/types.ts rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/README.md (97%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/alert_mapping.json (100%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/cli_tsconfig.json (68%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/event_mapping.json (100%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/policy_mapping.json (100%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/resolver_generator.ts (93%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/alerts.test.ts (89%) rename x-pack/plugins/{endpoint/server/routes/alerts/details/handlers.ts => siem/server/endpoint/alerts/handlers/details/index.ts} (89%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/details/lib/pagination.ts (81%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/details/schemas.ts (100%) create mode 100644 x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/alert_id.ts (100%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/error.ts (82%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/index.ts (90%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/pagination.ts (89%) rename x-pack/plugins/{endpoint/server/routes/alerts/list/handlers.ts => siem/server/endpoint/alerts/handlers/list/index.ts} (93%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/list/lib/index.ts (93%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/list/lib/pagination.ts (93%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint/alerts}/index_pattern.ts (91%) rename x-pack/plugins/{endpoint/server/routes/alerts/index.ts => siem/server/endpoint/alerts/routes.ts} (50%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/config.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/config.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/endpoint_app_context_services.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/endpoint_app_context_services.ts (91%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/mocks.ts (96%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/index.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/metadata.test.ts (95%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/query_builders.test.ts (91%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/query_builders.ts (88%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/handlers.test.ts (90%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/handlers.ts (93%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/index.ts (90%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/service.test.ts (86%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/service.ts (97%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver.ts (96%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/ancestry.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/children.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/events.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/base.ts (91%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/children.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/children.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/events.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/events.ts (95%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/legacy_event_index_pattern.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/lifecycle.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/lifecycle.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/stats.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/stats.ts (93%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/tree.ts (95%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/utils/fetch.ts (97%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/utils/pagination.ts (83%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/utils/tree.ts (98%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/test_data/all_metadata_data.json (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/types.ts (86%) rename x-pack/test/api_integration/apis/endpoint/{alerts.ts => alerts/index.ts} (98%) rename x-pack/test/api_integration/apis/endpoint/{ => alerts}/index_pattern.ts (94%) rename x-pack/test/endpoint_api_integration_no_ingest/apis/{alerts.ts => alerts/index.ts} (93%) rename x-pack/test/endpoint_api_integration_no_ingest/apis/{ => alerts}/index_pattern.ts (90%) diff --git a/x-pack/plugins/endpoint/common/schema/README.md b/x-pack/plugins/endpoint/common/schema/README.md deleted file mode 100644 index 42abedd647e6b..0000000000000 --- a/x-pack/plugins/endpoint/common/schema/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# Schemas - -These schemas are used to validate, coerce, and provide types for the comms between the client, server, and ES. - -# Future work -In the future, we may be able to locate these under 'server'. diff --git a/x-pack/plugins/endpoint/kibana.json b/x-pack/plugins/endpoint/kibana.json deleted file mode 100644 index 4b48c83fb0e7c..0000000000000 --- a/x-pack/plugins/endpoint/kibana.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "id": "endpoint", - "version": "1.0.0", - "kibanaVersion": "kibana", - "configPath": ["xpack", "endpoint"], - "requiredPlugins": ["features", "embeddable", "data", "dataEnhanced", "ingestManager"], - "server": true, - "ui": true -} diff --git a/x-pack/plugins/endpoint/package.json b/x-pack/plugins/endpoint/package.json deleted file mode 100644 index fc4f4bd586bef..0000000000000 --- a/x-pack/plugins/endpoint/package.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "author": "Elastic", - "name": "endpoint", - "version": "0.0.0", - "private": true, - "license": "Elastic-License", - "scripts": { - "test:generate": "ts-node --project scripts/cli_tsconfig.json scripts/resolver_generator.ts" - }, - "dependencies": { - "react-redux": "^7.1.0" - }, - "devDependencies": { - "@types/seedrandom": ">=2.0.0 <4.0.0", - "@types/react-redux": "^7.1.0", - "redux-devtools-extension": "^2.13.8" - } -} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/README.md b/x-pack/plugins/endpoint/public/applications/endpoint/README.md deleted file mode 100644 index 25bfd615d1d2c..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/README.md +++ /dev/null @@ -1,28 +0,0 @@ -# Endpoint application -This application provides the user interface for the Elastic Endpoint - -# Architecture -The application consists of a _view_ written in React and a _model_ written in Redux. - -# Modules -We structure the modules to match the architecture. `view` contains the _view_ (all React) code. `store` contains the _model_. - -This section covers the conventions of each top level module. - -# `mocks` -This contains helper code for unit tests. - -## `models` -This contains domain models. By convention, each submodule here contains methods for a single type. Domain model classes would also live here. - -## `store` -This contains the _model_ of the application. All Redux and Redux middleware code (including API interactions) happen here. This module also contains the types and interfaces defining Redux actions. Each action type or interface should be commented and if it has fields, each field should be commented. Comments should be of `tsdoc` style. - -## `view` -This contains the code which renders elements to the DOM. All React code goes here. - -## `index.tsx` -This exports `renderApp` which instantiates the React view with the _model_. - -## `types.ts` -This contains the types and interfaces. All `export`ed types or interfaces (except ones defining Redux actions, which live in `store`) should be here. Each type or interface should have a `tsdoc` style comment. Interfaces should have `tsdoc` comments on each field and types which have fields should do the same. diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx deleted file mode 100644 index a1999c056bf59..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import * as React from 'react'; -import ReactDOM from 'react-dom'; -import { CoreStart, AppMountParameters } from 'kibana/public'; -import { EndpointPluginStartDependencies } from '../../plugin'; -import { appStoreFactory } from './store'; -import { AppRoot } from './view/app_root'; - -/** - * This module will be loaded asynchronously to reduce the bundle size of your plugin's main bundle. - */ -export function renderApp( - coreStart: CoreStart, - depsStart: EndpointPluginStartDependencies, - { element, history }: AppMountParameters -) { - const store = appStoreFactory({ coreStart, depsStart }); - ReactDOM.render( - , - element - ); - return () => { - ReactDOM.unmountComponentAtNode(element); - }; -} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts deleted file mode 100644 index a32ecb4b45561..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { HostAction } from './hosts'; -import { AlertAction } from './alerts'; -import { RoutingAction } from './routing'; -import { PolicyListAction } from './policy_list'; -import { PolicyDetailsAction } from './policy_details'; - -/** - * The entire set of redux actions recognized by our reducer. - */ -export type AppAction = - | HostAction - | AlertAction - | RoutingAction - | PolicyListAction - | PolicyDetailsAction; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts deleted file mode 100644 index 5545218d9abd6..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts +++ /dev/null @@ -1,8 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { alertListReducer } from './reducer'; -export { AlertAction } from './action'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts deleted file mode 100644 index e80d7a82dc8cb..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { hostListReducer } from './reducer'; -export { HostAction } from './action'; -export { hostMiddlewareFactory } from './middleware'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts deleted file mode 100644 index 6895f0106fb5d..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts +++ /dev/null @@ -1,13 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { combineReducers } from 'redux'; -import { ImmutableCombineReducers } from '../types'; - -/** - * Works the same as `combineReducers` from `redux`, but uses the `ImmutableCombineReducers` type. - */ -export const immutableCombineReducers: ImmutableCombineReducers = combineReducers; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts deleted file mode 100644 index a4d0b3a8b9815..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { createStore, compose, applyMiddleware, Store } from 'redux'; -import { CoreStart } from 'kibana/public'; -import { appReducer } from './reducer'; -import { alertMiddlewareFactory } from './alerts/middleware'; -import { hostMiddlewareFactory } from './hosts'; -import { policyListMiddlewareFactory } from './policy_list'; -import { policyDetailsMiddlewareFactory } from './policy_details'; -import { ImmutableMiddlewareFactory, SubstateMiddlewareFactory } from '../types'; -import { EndpointPluginStartDependencies } from '../../../plugin'; - -const composeWithReduxDevTools = (window as any).__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ - ? (window as any).__REDUX_DEVTOOLS_EXTENSION_COMPOSE__({ name: 'EndpointApp' }) - : compose; - -export const substateMiddlewareFactory: SubstateMiddlewareFactory = (selector, middleware) => { - return api => { - const substateAPI = { - ...api, - // Return just the substate instead of global state. - getState() { - return selector(api.getState()); - }, - }; - return middleware(substateAPI); - }; -}; - -/** - * @param middlewareDeps Optionally create the store without any middleware. This is useful for testing the store w/o side effects. - */ -export const appStoreFactory: (middlewareDeps?: { - /** - * Allow middleware to communicate with Kibana core. - */ - coreStart: CoreStart; - /** - * Give middleware access to plugin start dependencies. - */ - depsStart: EndpointPluginStartDependencies; - /** - * Any additional Redux Middlewares - * (should only be used for testing - example: to inject the action spy middleware) - */ - additionalMiddleware?: Array>; -}) => Store = middlewareDeps => { - let middleware; - if (middlewareDeps) { - const { coreStart, depsStart, additionalMiddleware = [] } = middlewareDeps; - middleware = composeWithReduxDevTools( - applyMiddleware( - substateMiddlewareFactory( - globalState => globalState.hostList, - hostMiddlewareFactory(coreStart, depsStart) - ), - substateMiddlewareFactory( - globalState => globalState.policyList, - policyListMiddlewareFactory(coreStart, depsStart) - ), - substateMiddlewareFactory( - globalState => globalState.policyDetails, - policyDetailsMiddlewareFactory(coreStart, depsStart) - ), - substateMiddlewareFactory( - globalState => globalState.alertList, - alertMiddlewareFactory(coreStart, depsStart) - ), - // Additional Middleware should go last - ...additionalMiddleware - ) - ); - } else { - // Create the store without any middleware. This is useful for testing the store w/o side effects. - middleware = undefined; - } - const store = createStore(appReducer, middleware); - - return store; -}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts deleted file mode 100644 index 2f77c380d9387..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { hostListReducer } from './hosts'; -import { AppAction } from './action'; -import { alertListReducer } from './alerts'; -import { GlobalState, ImmutableReducer } from '../types'; -import { policyListReducer } from './policy_list'; -import { policyDetailsReducer } from './policy_details'; -import { immutableCombineReducers } from './immutable_combine_reducers'; - -export const appReducer: ImmutableReducer = immutableCombineReducers({ - hostList: hostListReducer, - alertList: alertListReducer, - policyList: policyListReducer, - policyDetails: policyDetailsReducer, -}); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/types.ts b/x-pack/plugins/endpoint/public/applications/endpoint/types.ts deleted file mode 100644 index 8b401f80b2fdd..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/types.ts +++ /dev/null @@ -1,395 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { - Dispatch, - Action as ReduxAction, - AnyAction as ReduxAnyAction, - Action, - Middleware, -} from 'redux'; -import { IIndexPattern } from 'src/plugins/data/public'; -import { - HostMetadata, - AlertData, - AlertResultList, - Immutable, - AlertDetails, - MalwareFields, - UIPolicyConfig, - PolicyData, - HostPolicyResponse, - HostInfo, -} from '../../../common/types'; -import { EndpointPluginStartDependencies } from '../../plugin'; -import { AppAction } from './store/action'; -import { CoreStart } from '../../../../../../src/core/public'; -import { - GetAgentStatusResponse, - GetDatasourcesResponse, - GetOneDatasourceResponse, - UpdateDatasourceResponse, -} from '../../../../ingest_manager/common'; - -export { AppAction }; - -/** - * like redux's `MiddlewareAPI` but `getState` returns an `Immutable` version of - * state and `dispatch` accepts `Immutable` versions of actions. - */ -export interface ImmutableMiddlewareAPI { - dispatch: Dispatch>; - getState(): Immutable; -} - -/** - * Like redux's `Middleware` but without the ability to mutate actions or state. - * Differences: - * * `getState` returns an `Immutable` version of state - * * `dispatch` accepts `Immutable` versions of actions - * * `action`s received will be `Immutable` - */ -export type ImmutableMiddleware = ( - api: ImmutableMiddlewareAPI -) => (next: Dispatch>) => (action: Immutable) => unknown; - -/** - * Takes application-standard middleware dependencies - * and returns a redux middleware. - * Middleware will be of the `ImmutableMiddleware` variety. Not able to directly - * change actions or state. - */ -export type ImmutableMiddlewareFactory = ( - coreStart: CoreStart, - depsStart: EndpointPluginStartDependencies -) => ImmutableMiddleware; - -/** - * Simple type for a redux selector. - */ -type Selector = (state: S) => R; - -/** - * Takes a selector and an `ImmutableMiddleware`. The - * middleware's version of `getState` will receive - * the result of the selector instead of the global state. - * - * This allows middleware to have knowledge of only a subsection of state. - * - * `selector` returns an `Immutable` version of the substate. - * `middleware` must be an `ImmutableMiddleware`. - * - * Returns a regular middleware, meant to be used with `applyMiddleware`. - */ -export type SubstateMiddlewareFactory = ( - selector: Selector>, - middleware: ImmutableMiddleware -) => Middleware<{}, GlobalState, Dispatch>>; - -export interface HostState { - /** list of host **/ - hosts: HostInfo[]; - /** number of items per page */ - pageSize: number; - /** which page to show */ - pageIndex: number; - /** total number of hosts returned */ - total: number; - /** list page is retrieving data */ - loading: boolean; - /** api error from retrieving host list */ - error?: ServerApiError; - /** details data for a specific host */ - details?: Immutable; - /** details page is retrieving data */ - detailsLoading: boolean; - /** api error from retrieving host details */ - detailsError?: ServerApiError; - /** Holds the Policy Response for the Host currently being displayed in the details */ - policyResponse?: HostPolicyResponse; - /** policyResponse is being retrieved */ - policyResponseLoading: boolean; - /** api error from retrieving the policy response */ - policyResponseError?: ServerApiError; - /** current location info */ - location?: Immutable; -} - -/** - * Query params on the host page parsed from the URL - */ -export interface HostIndexUIQueryParams { - /** Selected host id shows host details flyout */ - selected_host?: string; - /** How many items to show in list */ - page_size?: string; - /** Which page to show */ - page_index?: string; - /** show the policy response or host details */ - show?: string; -} - -export interface ServerApiError { - statusCode: number; - error: string; - message: string; -} - -/** - * Policy list store state - */ -export interface PolicyListState { - /** Array of policy items */ - policyItems: PolicyData[]; - /** API error if loading data failed */ - apiError?: ServerApiError; - /** total number of policies */ - total: number; - /** Number of policies per page */ - pageSize: number; - /** page number (zero based) */ - pageIndex: number; - /** data is being retrieved from server */ - isLoading: boolean; - /** current location information */ - location?: Immutable; -} - -/** - * Policy details store state - */ -export interface PolicyDetailsState { - /** A single policy item */ - policyItem?: PolicyData; - /** API error if loading data failed */ - apiError?: ServerApiError; - isLoading: boolean; - /** current location of the application */ - location?: Immutable; - /** A summary of stats for the agents associated with a given Fleet Agent Configuration */ - agentStatusSummary: GetAgentStatusResponse['results']; - /** Status of an update to the policy */ - updateStatus?: { - success: boolean; - error?: ServerApiError; - }; -} - -/** - * The URL search params that are supported by the Policy List page view - */ -export interface PolicyListUrlSearchParams { - page_index: number; - page_size: number; -} - -/** - * Endpoint Policy configuration - */ -export interface PolicyConfig { - windows: { - events: { - dll_and_driver_load: boolean; - dns: boolean; - file: boolean; - network: boolean; - process: boolean; - registry: boolean; - security: boolean; - }; - malware: MalwareFields; - logging: { - stdout: string; - file: string; - }; - advanced: PolicyConfigAdvancedOptions; - }; - mac: { - events: { - file: boolean; - process: boolean; - network: boolean; - }; - malware: MalwareFields; - logging: { - stdout: string; - file: string; - }; - advanced: PolicyConfigAdvancedOptions; - }; - linux: { - events: { - file: boolean; - process: boolean; - network: boolean; - }; - logging: { - stdout: string; - file: string; - }; - advanced: PolicyConfigAdvancedOptions; - }; -} - -interface PolicyConfigAdvancedOptions { - elasticsearch: { - indices: { - control: string; - event: string; - logging: string; - }; - kernel: { - connect: boolean; - process: boolean; - }; - }; -} - -/** OS used in Policy */ -export enum OS { - windows = 'windows', - mac = 'mac', - linux = 'linux', -} - -/** - * Returns the keys of an object whose values meet a criteria. - * Ex) interface largeNestedObject = { - * a: { - * food: Foods; - * toiletPaper: true; - * }; - * b: { - * food: Foods; - * streamingServices: Streams; - * }; - * c: {}; - * } - * - * type hasFoods = KeysByValueCriteria; - * The above type will be: [a, b] only, and will not include c. - * - */ -export type KeysByValueCriteria = { - [K in keyof O]: O[K] extends Criteria ? K : never; -}[keyof O]; - -/** Returns an array of the policy OSes that have a malware protection field */ -export type MalwareProtectionOSes = KeysByValueCriteria; - -export interface GlobalState { - readonly hostList: HostState; - readonly alertList: AlertListState; - readonly policyList: PolicyListState; - readonly policyDetails: PolicyDetailsState; -} - -/** - * A better type for createStructuredSelector. This doesn't support the options object. - */ -export type CreateStructuredSelector = < - SelectorMap extends { [key: string]: (...args: never[]) => unknown } ->( - selectorMap: SelectorMap -) => ( - state: SelectorMap[keyof SelectorMap] extends (state: infer State) => unknown ? State : never -) => { - [Key in keyof SelectorMap]: ReturnType; -}; - -export interface EndpointAppLocation { - pathname: string; - search: string; - hash: string; - key?: string; -} - -interface AlertsSearchBarState { - patterns: IIndexPattern[]; -} - -export type AlertListData = AlertResultList; - -export interface AlertListState { - /** Array of alert items. */ - readonly alerts: Immutable; - - /** The total number of alerts on the page. */ - readonly total: number; - - /** Number of alerts per page. */ - readonly pageSize: number; - - /** Page number, starting at 0. */ - readonly pageIndex: number; - - /** Current location object from React Router history. */ - readonly location?: Immutable; - - /** Specific Alert data to be shown in the details view */ - readonly alertDetails?: Immutable; - - /** Search bar state including indexPatterns */ - readonly searchBar: AlertsSearchBarState; -} - -/** - * Gotten by parsing the URL from the browser. Used to calculate the new URL when changing views. - */ -export interface AlertingIndexUIQueryParams { - /** - * How many items to show in list. - */ - page_size?: string; - /** - * Which page to show. If `page_index` is 1, show page 2. - */ - page_index?: string; - /** - * If any value is present, show the alert detail view for the selected alert. Should be an ID for an alert event. - */ - selected_alert?: string; - query?: string; - date_range?: string; - filters?: string; -} - -export interface GetPolicyListResponse extends GetDatasourcesResponse { - items: PolicyData[]; -} - -export interface GetPolicyResponse extends GetOneDatasourceResponse { - item: PolicyData; -} - -export interface UpdatePolicyResponse extends UpdateDatasourceResponse { - item: PolicyData; -} - -/** - * Like `Reducer` from `redux` but it accepts immutable versions of `state` and `action`. - * Use this type for all Reducers in order to help enforce our pattern of immutable state. - */ -export type ImmutableReducer = ( - state: Immutable | undefined, - action: Immutable -) => State | Immutable; - -/** - * A alternate interface for `redux`'s `combineReducers`. Will work with the same underlying implementation, - * but will enforce that `Immutable` versions of `state` and `action` are received. - */ -export type ImmutableCombineReducers = ( - reducers: ImmutableReducersMapObject -) => ImmutableReducer; - -/** - * Like `redux`'s `ReducersMapObject` (which is used by `combineReducers`) but enforces that - * the `state` and `action` received are `Immutable` versions. - */ -type ImmutableReducersMapObject = { - [K in keyof S]: ImmutableReducer; -}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx deleted file mode 100644 index 0ec5a855c8615..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import React, { memo, useMemo } from 'react'; -import styled from 'styled-components'; -import { i18n } from '@kbn/i18n'; -import { FormattedMessage } from '@kbn/i18n/react'; -import { - EuiSpacer, - EuiTitle, - EuiText, - EuiHealth, - EuiTabbedContent, - EuiTabbedContentTab, -} from '@elastic/eui'; -import { useAlertListSelector } from '../../hooks/use_alerts_selector'; -import * as selectors from '../../../../store/alerts/selectors'; -import { MetadataPanel } from './metadata_panel'; -import { FormattedDate } from '../../formatted_date'; -import { AlertDetailResolver } from '../../resolver'; -import { ResolverEvent } from '../../../../../../../common/types'; -import { TakeActionDropdown } from './take_action_dropdown'; - -export const AlertDetailsOverview = styled( - memo(() => { - const alertDetailsData = useAlertListSelector(selectors.selectedAlertDetailsData); - if (alertDetailsData === undefined) { - return null; - } - - const tabs: EuiTabbedContentTab[] = useMemo(() => { - return [ - { - id: 'overviewMetadata', - 'data-test-subj': 'overviewMetadata', - name: i18n.translate( - 'xpack.endpoint.application.endpoint.alertDetails.overview.tabs.overview', - { - defaultMessage: 'Overview', - } - ), - content: ( - <> - - - - ), - }, - { - id: 'overviewResolver', - 'data-test-subj': 'overviewResolverTab', - name: i18n.translate( - 'xpack.endpoint.application.endpoint.alertDetails.overview.tabs.resolver', - { - defaultMessage: 'Resolver', - } - ), - content: ( - <> - - - - ), - }, - ]; - }, [alertDetailsData]); - - return ( - <> -
- -

- -

-
- - -

- , - }} - /> -

-
- - - Endpoint Status:{' '} - - {' '} - - - - - {' '} - - - - - -
- - - ); - }) -)` - height: 100%; - width: 100%; -`; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts deleted file mode 100644 index d3962f908757c..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts +++ /dev/null @@ -1,12 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { useSelector } from 'react-redux'; -import { GlobalState, AlertListState } from '../../../types'; - -export function useAlertListSelector(selector: (state: AlertListState) => TSelected) { - return useSelector((state: GlobalState) => selector(state.alertList)); -} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx deleted file mode 100644 index d32ad4dd9defc..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React from 'react'; -import styled from 'styled-components'; -import { Provider } from 'react-redux'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; -import { Resolver } from '../../../../embeddables/resolver/view'; -import { EndpointPluginServices } from '../../../../plugin'; -import { ResolverEvent } from '../../../../../common/types'; -import { storeFactory } from '../../../../embeddables/resolver/store'; - -export const AlertDetailResolver = styled( - React.memo( - ({ className, selectedEvent }: { className?: string; selectedEvent?: ResolverEvent }) => { - const context = useKibana(); - const { store } = storeFactory(context); - - return ( -
- - - -
- ); - } - ) -)` - height: 100%; - width: 100%; - display: flex; - flex-grow: 1; - /* gross demo hack */ - min-height: calc(100vh - 505px); -`; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx deleted file mode 100644 index 6311671407610..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import React from 'react'; -import * as reactTestingLibrary from '@testing-library/react'; -import { Provider } from 'react-redux'; -import { I18nProvider } from '@kbn/i18n/react'; -import { createMemoryHistory } from 'history'; -import { Router } from 'react-router-dom'; -import { AlertIndex } from '../index'; -import { appStoreFactory } from '../../../store'; -import { KibanaContextProvider } from '../../../../../../../../../src/plugins/kibana_react/public'; -import { RouteCapture } from '../../route_capture'; -import { depsStartMock } from '../../../mocks'; - -/** - * Create a 'history' instance that is only in-memory and causes no side effects to the testing environment. - */ -const history = createMemoryHistory(); -/** - * Create a store, with the middleware disabled. We don't want side effects being created by our code in this test. - */ -const store = appStoreFactory(); - -const depsStart = depsStartMock(); -depsStart.data.ui.SearchBar.mockImplementation(() =>
); - -export const alertPageTestRender = { - store, - history, - depsStart, - - /** - * Render the test component, use this after setting up anything in `beforeEach`. - */ - render: () => { - /** - * Provide the store via `Provider`, and i18n APIs via `I18nProvider`. - * Use react-router via `Router`, passing our in-memory `history` instance. - * Use `RouteCapture` to emit url-change actions when the URL is changed. - * Finally, render the `AlertIndex` component which we are testing. - */ - return reactTestingLibrary.render( - - - - - - - - - - - - ); - }, -}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx deleted file mode 100644 index f9634c63deefb..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import * as React from 'react'; -import { FormattedMessage } from '@kbn/i18n/react'; -import { Route, Switch } from 'react-router-dom'; -import { Store } from 'redux'; -import { AlertIndex } from './alerts'; -import { HostList } from './hosts'; -import { PolicyList } from './policy'; -import { PolicyDetails } from './policy'; -import { HeaderNavigation } from './components/header_navigation'; -import { AppRootProvider } from './app_root_provider'; -import { Setup } from './setup'; -import { EndpointPluginStartDependencies } from '../../../plugin'; -import { ScopedHistory, CoreStart } from '../../../../../../../src/core/public'; - -interface RouterProps { - history: ScopedHistory; - store: Store; - coreStart: CoreStart; - depsStart: EndpointPluginStartDependencies; -} - -/** - * The root of the Endpoint application react view. - */ -export const AppRoot: React.FunctionComponent = React.memo( - ({ history, store, coreStart, depsStart }) => { - return ( - - - - - ( -

- -

- )} - /> - - - - - ( - - )} - /> -
-
- ); - } -); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx deleted file mode 100644 index 7475229853698..0000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React, { memo, useMemo } from 'react'; -import { i18n } from '@kbn/i18n'; -import { EuiTabs, EuiTab } from '@elastic/eui'; -import { useLocation } from 'react-router-dom'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; -import { Immutable } from '../../../../../common/types'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; - -interface NavTabs { - name: string; - id: string; - href: string; -} - -const navTabs: Immutable = [ - { - id: 'home', - name: i18n.translate('xpack.endpoint.headerNav.home', { - defaultMessage: 'Home', - }), - href: '/', - }, - { - id: 'hosts', - name: i18n.translate('xpack.endpoint.headerNav.hosts', { - defaultMessage: 'Hosts', - }), - href: '/hosts', - }, - { - id: 'alerts', - name: i18n.translate('xpack.endpoint.headerNav.alerts', { - defaultMessage: 'Alerts', - }), - href: '/alerts', - }, - { - id: 'policies', - name: i18n.translate('xpack.endpoint.headerNav.policies', { - defaultMessage: 'Policies', - }), - href: '/policy', - }, -]; - -const NavTab = memo<{ tab: NavTabs }>(({ tab }) => { - const { pathname } = useLocation(); - const { services } = useKibana(); - const onClickHandler = useNavigateByRouterEventHandler(tab.href); - const BASE_PATH = services.application.getUrlForApp('endpoint'); - - return ( - - {tab.name} - - ); -}); - -export const HeaderNavigation: React.FunctionComponent = React.memo(() => { - const tabList = useMemo(() => { - return navTabs.map((tab, index) => { - return ; - }); - }, []); - - return {tabList}; -}); diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts b/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts deleted file mode 100644 index e88837d325108..0000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { LegacyEndpointEvent } from '../../../../common/types'; - -type DeepPartial = { [K in keyof T]?: DeepPartial }; -/** - * Creates a mock process event given the 'parts' argument, which can - * include all or some process event fields as determined by the ProcessEvent type. - * The only field that must be provided is the event's 'node_id' field. - * The other fields are populated by the function unless provided in 'parts' - */ -export function mockProcessEvent(parts: { - endgame: { - unique_pid: LegacyEndpointEvent['endgame']['unique_pid']; - unique_ppid?: LegacyEndpointEvent['endgame']['unique_ppid']; - process_name?: LegacyEndpointEvent['endgame']['process_name']; - event_subtype_full?: LegacyEndpointEvent['endgame']['event_subtype_full']; - event_type_full?: LegacyEndpointEvent['endgame']['event_type_full']; - } & DeepPartial; -}): LegacyEndpointEvent { - const { endgame: dataBuffer } = parts; - return { - endgame: { - ...dataBuffer, - event_timestamp: 1, - event_type: 1, - unique_ppid: 0, - unique_pid: 1, - machine_id: '', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - process_name: '', - process_path: '', - timestamp_utc: '', - serial_event_id: 1, - }, - '@timestamp': 1582233383000, - agent: { - type: '', - id: '', - version: '', - }, - ...parts, - }; -} diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx b/x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx deleted file mode 100644 index fbd40dda9adfd..0000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React from 'react'; -import styled from 'styled-components'; -import { applyMatrix3, distance, angle } from '../lib/vector2'; -import { Vector2, Matrix3 } from '../types'; - -/** - * A placeholder line segment view that connects process nodes. - */ -export const EdgeLine = styled( - React.memo( - ({ - className, - startPosition, - endPosition, - projectionMatrix, - }: { - /** - * A className string provided by `styled` - */ - className?: string; - /** - * The postion of first point in the line segment. In 'world' coordinates. - */ - startPosition: Vector2; - /** - * The postion of second point in the line segment. In 'world' coordinates. - */ - endPosition: Vector2; - /** - * projectionMatrix which can be used to convert `startPosition` and `endPosition` to screen coordinates. - */ - projectionMatrix: Matrix3; - }) => { - /** - * Convert the start and end positions, which are in 'world' coordinates, - * to `left` and `top` css values. - */ - const screenStart = applyMatrix3(startPosition, projectionMatrix); - const screenEnd = applyMatrix3(endPosition, projectionMatrix); - - /** - * We render the line using a short, long, `div` element. The length of this `div` - * should be the same as the distance between the start and end points. - */ - const length = distance(screenStart, screenEnd); - - const style = { - left: screenStart[0] + 'px', - top: screenStart[1] + 'px', - width: length + 'px', - /** - * Transform from the left of the div, as the left side of the `div` is positioned - * at the start point of the line segment. - */ - transformOrigin: 'top left', - /** - * Translate the `div` in the y axis to accomodate for the height of the `div`. - * Also rotate the `div` in the z axis so that it's angle matches the angle - * between the start and end points. - */ - transform: `translateY(-50%) rotateZ(${angle(screenStart, screenEnd)}rad)`, - }; - return
; - } - ) -)` - position: absolute; - height: 3px; - background-color: #d4d4d4; - color: #333333; - contain: strict; -`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx b/x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx deleted file mode 100644 index a1cd003949a22..0000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React, { useCallback, useMemo, useContext } from 'react'; -import styled from 'styled-components'; -import { EuiRange, EuiPanel, EuiIcon } from '@elastic/eui'; -import { useSelector, useDispatch } from 'react-redux'; -import { SideEffectContext } from './side_effect_context'; -import { ResolverAction, Vector2 } from '../types'; -import * as selectors from '../store/selectors'; - -/** - * Controls for zooming, panning, and centering in Resolver - */ -export const GraphControls = styled( - React.memo( - ({ - className, - }: { - /** - * A className string provided by `styled` - */ - className?: string; - }) => { - const dispatch: (action: ResolverAction) => unknown = useDispatch(); - const scalingFactor = useSelector(selectors.scalingFactor); - const { timestamp } = useContext(SideEffectContext); - - const handleZoomAmountChange = useCallback( - (event: React.ChangeEvent | React.MouseEvent) => { - const valueAsNumber = parseFloat( - (event as React.ChangeEvent).target.value - ); - if (isNaN(valueAsNumber) === false) { - dispatch({ - type: 'userSetZoomLevel', - payload: valueAsNumber, - }); - } - }, - [dispatch] - ); - - const handleCenterClick = useCallback(() => { - dispatch({ - type: 'userSetPositionOfCamera', - payload: [0, 0], - }); - }, [dispatch]); - - const handleZoomOutClick = useCallback(() => { - dispatch({ - type: 'userClickedZoomOut', - }); - }, [dispatch]); - - const handleZoomInClick = useCallback(() => { - dispatch({ - type: 'userClickedZoomIn', - }); - }, [dispatch]); - - const [handleNorth, handleEast, handleSouth, handleWest] = useMemo(() => { - const directionVectors: readonly Vector2[] = [ - [0, 1], - [1, 0], - [0, -1], - [-1, 0], - ]; - return directionVectors.map(direction => { - return () => { - const action: ResolverAction = { - type: 'userNudgedCamera', - payload: { direction, time: timestamp() }, - }; - dispatch(action); - }; - }); - }, [dispatch, timestamp]); - - return ( -
- -
- -
-
- - - -
-
- -
-
- - - - - -
- ); - } - ) -)` - background-color: #d4d4d4; - color: #333333; - - .zoom-controls { - display: flex; - flex-direction: column; - align-items: center; - padding: 5px 0px; - - .zoom-slider { - width: 20px; - height: 150px; - margin: 5px 0px 2px 0px; - - input[type='range'] { - width: 150px; - height: 20px; - transform-origin: 75px 75px; - transform: rotate(-90deg); - } - } - } - .panning-controls { - text-align: center; - } -`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx b/x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx deleted file mode 100644 index ceba05ed21b50..0000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx +++ /dev/null @@ -1,603 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React, { useCallback, useMemo } from 'react'; -import styled from 'styled-components'; -import { i18n } from '@kbn/i18n'; -import { - htmlIdGenerator, - EuiI18nNumber, - EuiKeyboardAccessible, - EuiFlexGroup, - EuiFlexItem, -} from '@elastic/eui'; -import { useSelector } from 'react-redux'; -import { NodeSubMenu, subMenuAssets } from './submenu'; -import { applyMatrix3 } from '../lib/vector2'; -import { - Vector2, - Matrix3, - AdjacentProcessMap, - ResolverProcessType, - RelatedEventEntryWithStatsOrWaiting, -} from '../types'; -import { SymbolIds, NamedColors } from './defs'; -import { ResolverEvent } from '../../../../common/types'; -import { useResolverDispatch } from './use_resolver_dispatch'; -import * as eventModel from '../../../../common/models/event'; -import * as processModel from '../models/process_event'; -import * as selectors from '../store/selectors'; - -const nodeAssets = { - runningProcessCube: { - cubeSymbol: `#${SymbolIds.runningProcessCube}`, - labelBackground: NamedColors.labelBackgroundRunningProcess, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.runningProcess', { - defaultMessage: 'Running Process', - }), - }, - runningTriggerCube: { - cubeSymbol: `#${SymbolIds.runningTriggerCube}`, - labelBackground: NamedColors.labelBackgroundRunningTrigger, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.runningTrigger', { - defaultMessage: 'Running Trigger', - }), - }, - terminatedProcessCube: { - cubeSymbol: `#${SymbolIds.terminatedProcessCube}`, - labelBackground: NamedColors.labelBackgroundTerminatedProcess, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.terminatedProcess', { - defaultMessage: 'Terminated Process', - }), - }, - terminatedTriggerCube: { - cubeSymbol: `#${SymbolIds.terminatedTriggerCube}`, - labelBackground: NamedColors.labelBackgroundTerminatedTrigger, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.terminatedTrigger', { - defaultMessage: 'Terminated Trigger', - }), - }, -}; - -/** - * Take a gross `schemaName` and return a beautiful translated one. - */ -const getDisplayName: (schemaName: string) => string = function nameInSchemaToDisplayName( - schemaName: string -) { - const displayNameRecord: Record = { - application: i18n.translate('xpack.endpoint.resolver.applicationEventTypeDisplayName', { - defaultMessage: 'Application', - }), - apm: i18n.translate('xpack.endpoint.resolver.apmEventTypeDisplayName', { - defaultMessage: 'APM', - }), - audit: i18n.translate('xpack.endpoint.resolver.auditEventTypeDisplayName', { - defaultMessage: 'Audit', - }), - authentication: i18n.translate('xpack.endpoint.resolver.authenticationEventTypeDisplayName', { - defaultMessage: 'Authentication', - }), - certificate: i18n.translate('xpack.endpoint.resolver.certificateEventTypeDisplayName', { - defaultMessage: 'Certificate', - }), - cloud: i18n.translate('xpack.endpoint.resolver.cloudEventTypeDisplayName', { - defaultMessage: 'Cloud', - }), - database: i18n.translate('xpack.endpoint.resolver.databaseEventTypeDisplayName', { - defaultMessage: 'Database', - }), - driver: i18n.translate('xpack.endpoint.resolver.driverEventTypeDisplayName', { - defaultMessage: 'Driver', - }), - email: i18n.translate('xpack.endpoint.resolver.emailEventTypeDisplayName', { - defaultMessage: 'Email', - }), - file: i18n.translate('xpack.endpoint.resolver.fileEventTypeDisplayName', { - defaultMessage: 'File', - }), - host: i18n.translate('xpack.endpoint.resolver.hostEventTypeDisplayName', { - defaultMessage: 'Host', - }), - iam: i18n.translate('xpack.endpoint.resolver.iamEventTypeDisplayName', { - defaultMessage: 'IAM', - }), - iam_group: i18n.translate('xpack.endpoint.resolver.iam_groupEventTypeDisplayName', { - defaultMessage: 'IAM Group', - }), - intrusion_detection: i18n.translate( - 'xpack.endpoint.resolver.intrusion_detectionEventTypeDisplayName', - { - defaultMessage: 'Intrusion Detection', - } - ), - malware: i18n.translate('xpack.endpoint.resolver.malwareEventTypeDisplayName', { - defaultMessage: 'Malware', - }), - network_flow: i18n.translate('xpack.endpoint.resolver.network_flowEventTypeDisplayName', { - defaultMessage: 'Network Flow', - }), - network: i18n.translate('xpack.endpoint.resolver.networkEventTypeDisplayName', { - defaultMessage: 'Network', - }), - package: i18n.translate('xpack.endpoint.resolver.packageEventTypeDisplayName', { - defaultMessage: 'Package', - }), - process: i18n.translate('xpack.endpoint.resolver.processEventTypeDisplayName', { - defaultMessage: 'Process', - }), - registry: i18n.translate('xpack.endpoint.resolver.registryEventTypeDisplayName', { - defaultMessage: 'Registry', - }), - session: i18n.translate('xpack.endpoint.resolver.sessionEventTypeDisplayName', { - defaultMessage: 'Session', - }), - service: i18n.translate('xpack.endpoint.resolver.serviceEventTypeDisplayName', { - defaultMessage: 'Service', - }), - socket: i18n.translate('xpack.endpoint.resolver.socketEventTypeDisplayName', { - defaultMessage: 'Socket', - }), - vulnerability: i18n.translate('xpack.endpoint.resolver.vulnerabilityEventTypeDisplayName', { - defaultMessage: 'Vulnerability', - }), - web: i18n.translate('xpack.endpoint.resolver.webEventTypeDisplayName', { - defaultMessage: 'Web', - }), - alert: i18n.translate('xpack.endpoint.resolver.alertEventTypeDisplayName', { - defaultMessage: 'Alert', - }), - security: i18n.translate('xpack.endpoint.resolver.securityEventTypeDisplayName', { - defaultMessage: 'Security', - }), - dns: i18n.translate('xpack.endpoint.resolver.dnsEventTypeDisplayName', { - defaultMessage: 'DNS', - }), - clr: i18n.translate('xpack.endpoint.resolver.clrEventTypeDisplayName', { - defaultMessage: 'CLR', - }), - image_load: i18n.translate('xpack.endpoint.resolver.image_loadEventTypeDisplayName', { - defaultMessage: 'Image Load', - }), - powershell: i18n.translate('xpack.endpoint.resolver.powershellEventTypeDisplayName', { - defaultMessage: 'Powershell', - }), - wmi: i18n.translate('xpack.endpoint.resolver.wmiEventTypeDisplayName', { - defaultMessage: 'WMI', - }), - api: i18n.translate('xpack.endpoint.resolver.apiEventTypeDisplayName', { - defaultMessage: 'API', - }), - user: i18n.translate('xpack.endpoint.resolver.userEventTypeDisplayName', { - defaultMessage: 'User', - }), - }; - return ( - displayNameRecord[schemaName] || - i18n.translate('xpack.endpoint.resolver.userEventTypeDisplayUnknown', { - defaultMessage: 'Unknown', - }) - ); -}; - -/** - * An artifact that represents a process node and the things associated with it in the Resolver - */ -export const ProcessEventDot = styled( - React.memo( - ({ - className, - position, - event, - projectionMatrix, - adjacentNodeMap, - relatedEvents, - }: { - /** - * A `className` string provided by `styled` - */ - className?: string; - /** - * The positon of the process node, in 'world' coordinates. - */ - position: Vector2; - /** - * An event which contains details about the process node. - */ - event: ResolverEvent; - /** - * projectionMatrix which can be used to convert `position` to screen coordinates. - */ - projectionMatrix: Matrix3; - /** - * map of what nodes are "adjacent" to this one in "up, down, previous, next" directions - */ - adjacentNodeMap: AdjacentProcessMap; - /** - * A collection of events related to the current node and statistics (e.g. counts indexed by event type) - * to provide the user some visibility regarding the contents thereof. - */ - relatedEvents?: RelatedEventEntryWithStatsOrWaiting; - }) => { - /** - * Convert the position, which is in 'world' coordinates, to screen coordinates. - */ - const [left, top] = applyMatrix3(position, projectionMatrix); - - const [magFactorX] = projectionMatrix; - - const selfId = adjacentNodeMap.self; - - const activeDescendantId = useSelector(selectors.uiActiveDescendantId); - const selectedDescendantId = useSelector(selectors.uiSelectedDescendantId); - - const logicalProcessNodeViewWidth = 360; - const logicalProcessNodeViewHeight = 120; - /** - * The `left` and `top` values represent the 'center' point of the process node. - * Since the view has content to the left and above the 'center' point, offset the - * position to accomodate for that. This aligns the logical center of the process node - * with the correct position on the map. - */ - const processNodeViewXOffset = -0.172413 * logicalProcessNodeViewWidth * magFactorX; - const processNodeViewYOffset = -0.73684 * logicalProcessNodeViewHeight * magFactorX; - - const nodeViewportStyle = useMemo( - () => ({ - left: `${left + processNodeViewXOffset}px`, - top: `${top + processNodeViewYOffset}px`, - // Width of symbol viewport scaled to fit - width: `${logicalProcessNodeViewWidth * magFactorX}px`, - // Height according to symbol viewbox AR - height: `${logicalProcessNodeViewHeight * magFactorX}px`, - }), - [left, magFactorX, processNodeViewXOffset, processNodeViewYOffset, top] - ); - - /** - * Type in non-SVG components scales as follows: - * (These values were adjusted to match the proportions in the comps provided by UX/Design) - * 18.75 : The smallest readable font size at which labels/descriptions can be read. Font size will not scale below this. - * 12.5 : A 'slope' at which the font size will scale w.r.t. to zoom level otherwise - */ - const minimumFontSize = 18.75; - const slopeOfFontScale = 12.5; - const fontSizeAdjustmentForScale = magFactorX > 1 ? slopeOfFontScale * (magFactorX - 1) : 0; - const scaledTypeSize = minimumFontSize + fontSizeAdjustmentForScale; - - const markerBaseSize = 15; - const markerSize = markerBaseSize; - const markerPositionOffset = -markerBaseSize / 2; - - /** - * An element that should be animated when the node is clicked. - */ - const animationTarget: { - current: - | (SVGAnimationElement & { - /** - * `beginElement` is by [w3](https://www.w3.org/TR/SVG11/animate.html#__smil__ElementTimeControl__beginElement) - * but missing in [TSJS-lib-generator](https://github.com/microsoft/TSJS-lib-generator/blob/15a4678e0ef6de308e79451503e444e9949ee849/inputfiles/addedTypes.json#L1819) - */ - beginElement: () => void; - }) - | null; - } = React.createRef(); - const { cubeSymbol, labelBackground, descriptionText } = nodeAssets[nodeType(event)]; - const resolverNodeIdGenerator = useMemo(() => htmlIdGenerator('resolverNode'), []); - - const nodeId = useMemo(() => resolverNodeIdGenerator(selfId), [ - resolverNodeIdGenerator, - selfId, - ]); - const labelId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); - const descriptionId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); - const isActiveDescendant = nodeId === activeDescendantId; - const isSelectedDescendant = nodeId === selectedDescendantId; - - const dispatch = useResolverDispatch(); - - const handleFocus = useCallback(() => { - dispatch({ - type: 'userFocusedOnResolverNode', - payload: { - nodeId, - }, - }); - }, [dispatch, nodeId]); - - const handleClick = useCallback(() => { - if (animationTarget.current !== null) { - (animationTarget.current as any).beginElement(); - } - dispatch({ - type: 'userSelectedResolverNode', - payload: { - nodeId, - }, - }); - }, [animationTarget, dispatch, nodeId]); - - const handleRelatedEventRequest = useCallback(() => { - dispatch({ - type: 'userRequestedRelatedEventData', - payload: event, - }); - }, [dispatch, event]); - - const handleRelatedAlertsRequest = useCallback(() => { - dispatch({ - type: 'userSelectedRelatedAlerts', - payload: event, - }); - }, [dispatch, event]); - /** - * Enumerates the stats for related events to display with the node as options, - * generally in the form `number of related events in category` `category title` - * e.g. "10 DNS", "230 File" - */ - const relatedEventOptions = useMemo(() => { - if (relatedEvents === 'error') { - // Return an empty set of options if there was an error requesting them - return []; - } - const relatedStats = typeof relatedEvents === 'object' && relatedEvents.stats; - if (!relatedStats) { - // Return an empty set of options if there are no stats to report - return []; - } - // If we have entries to show, map them into options to display in the selectable list - return Object.entries(relatedStats).map(statsEntry => { - const displayName = getDisplayName(statsEntry[0]); - return { - prefix: , - optionTitle: `${displayName}`, - action: () => { - dispatch({ - type: 'userSelectedRelatedEventCategory', - payload: { - subject: event, - category: statsEntry[0], - }, - }); - }, - }; - }); - }, [relatedEvents, dispatch, event]); - - const relatedEventStatusOrOptions = (() => { - if (!relatedEvents) { - // If related events have not yet been requested - return subMenuAssets.initialMenuStatus; - } - if (relatedEvents === 'error') { - // If there was an error when we tried to request the events - return subMenuAssets.menuError; - } - if (relatedEvents === 'waitingForRelatedEventData') { - // If we're waiting for events to be returned - // Pass on the waiting symbol - return relatedEvents; - } - return relatedEventOptions; - })(); - - /* eslint-disable jsx-a11y/click-events-have-key-events */ - /** - * Key event handling (e.g. 'Enter'/'Space') is provisioned by the `EuiKeyboardAccessible` component - */ - return ( - -
- - - - - - - - -
-
- {descriptionText} -
-
= 2 ? 'euiButton' : 'euiButton euiButton--small'} - data-test-subject="nodeLabel" - id={labelId} - style={{ - backgroundColor: labelBackground, - padding: '.15rem 0', - textAlign: 'center', - maxWidth: '20rem', - minWidth: '12rem', - width: '60%', - overflow: 'hidden', - whiteSpace: 'nowrap', - textOverflow: 'ellipsis', - contain: 'content', - margin: '.25rem 0 .35rem 0', - }} - > - - {eventModel.eventName(event)} - -
- {magFactorX >= 2 && ( - - - - - - - - - )} -
-
-
- ); - /* eslint-enable jsx-a11y/click-events-have-key-events */ - } - ) -)` - position: absolute; - text-align: left; - font-size: 10px; - user-select: none; - box-sizing: border-box; - border-radius: 10%; - white-space: nowrap; - will-change: left, top, width, height; - contain: layout; - min-width: 280px; - min-height: 90px; - overflow-y: visible; - - //dasharray & dashoffset should be equal to "pull" the stroke back - //when it is transitioned. - //The value is tuned to look good when animated, but to preserve - //the effect, it should always be _at least_ the length of the stroke - & .backing { - stroke-dasharray: 500; - stroke-dashoffset: 500; - } - &[aria-current] .backing { - transition-property: stroke-dashoffset; - transition-duration: 1s; - stroke-dashoffset: 0; - } - - & .related-dropdown { - width: 4.5em; - } - & .euiSelectableList-bordered { - border-top-right-radius: 0px; - border-top-left-radius: 0px; - } - & .euiSelectableListItem { - background-color: black; - } - & .euiSelectableListItem path { - fill: white; - } - & .euiSelectableListItem__text { - color: white; - } -`; - -const processTypeToCube: Record = { - processCreated: 'runningProcessCube', - processRan: 'runningProcessCube', - processTerminated: 'terminatedProcessCube', - unknownProcessEvent: 'runningProcessCube', - processCausedAlert: 'runningTriggerCube', - unknownEvent: 'runningProcessCube', -}; - -function nodeType(processEvent: ResolverEvent): keyof typeof nodeAssets { - const processType = processModel.eventType(processEvent); - - if (processType in processTypeToCube) { - return processTypeToCube[processType]; - } - return 'runningProcessCube'; -} diff --git a/x-pack/plugins/endpoint/public/index.ts b/x-pack/plugins/endpoint/public/index.ts deleted file mode 100644 index e6a7683efd9a3..0000000000000 --- a/x-pack/plugins/endpoint/public/index.ts +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { PluginInitializer } from 'kibana/public'; -import { - EndpointPlugin, - EndpointPluginStart, - EndpointPluginSetup, - EndpointPluginStartDependencies, - EndpointPluginSetupDependencies, -} from './plugin'; - -export const plugin: PluginInitializer< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies -> = () => new EndpointPlugin(); diff --git a/x-pack/plugins/endpoint/public/plugin.ts b/x-pack/plugins/endpoint/public/plugin.ts deleted file mode 100644 index 9964454add801..0000000000000 --- a/x-pack/plugins/endpoint/public/plugin.ts +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { Plugin, CoreSetup, AppMountParameters, CoreStart } from 'kibana/public'; -import { EmbeddableSetup } from 'src/plugins/embeddable/public'; -import { DataPublicPluginStart } from 'src/plugins/data/public'; -import { i18n } from '@kbn/i18n'; -import { IngestManagerStart } from '../../ingest_manager/public'; -import { ResolverEmbeddableFactory } from './embeddables/resolver'; - -export type EndpointPluginStart = void; -export type EndpointPluginSetup = void; -export interface EndpointPluginSetupDependencies { - embeddable: EmbeddableSetup; - data: DataPublicPluginStart; -} -export interface EndpointPluginStartDependencies { - data: DataPublicPluginStart; - ingestManager: IngestManagerStart; -} - -/** - * Functionality that the endpoint plugin uses from core. - */ -export interface EndpointPluginServices extends Partial { - http: CoreStart['http']; - overlays: CoreStart['overlays'] | undefined; - notifications: CoreStart['notifications'] | undefined; - data: DataPublicPluginStart; -} - -export class EndpointPlugin - implements - Plugin< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies - > { - public setup( - core: CoreSetup, - plugins: EndpointPluginSetupDependencies - ) { - core.application.register({ - id: 'endpoint', - title: i18n.translate('xpack.endpoint.pluginTitle', { - defaultMessage: 'Endpoint', - }), - euiIconType: 'securityApp', - async mount(params: AppMountParameters) { - const [coreStart, depsStart] = await core.getStartServices(); - const { renderApp } = await import('./applications/endpoint'); - return renderApp(coreStart, depsStart, params); - }, - }); - - const resolverEmbeddableFactory = new ResolverEmbeddableFactory(); - - plugins.embeddable.registerEmbeddableFactory( - resolverEmbeddableFactory.type, - resolverEmbeddableFactory - ); - } - - public start() {} - - public stop() {} -} diff --git a/x-pack/plugins/endpoint/server/index.ts b/x-pack/plugins/endpoint/server/index.ts deleted file mode 100644 index ae603b7e44449..0000000000000 --- a/x-pack/plugins/endpoint/server/index.ts +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { PluginInitializer, PluginInitializerContext } from 'src/core/server'; -import { - EndpointPlugin, - EndpointPluginStart, - EndpointPluginSetup, - EndpointPluginStartDependencies, - EndpointPluginSetupDependencies, -} from './plugin'; -import { EndpointConfigSchema } from './config'; - -export const config = { - schema: EndpointConfigSchema, -}; - -export const plugin: PluginInitializer< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies -> = (initializerContext: PluginInitializerContext) => new EndpointPlugin(initializerContext); diff --git a/x-pack/plugins/endpoint/server/plugin.test.ts b/x-pack/plugins/endpoint/server/plugin.test.ts deleted file mode 100644 index 215b26942bcdb..0000000000000 --- a/x-pack/plugins/endpoint/server/plugin.test.ts +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { - EndpointPlugin, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies, -} from './plugin'; -import { coreMock } from '../../../../src/core/server/mocks'; -import { PluginSetupContract } from '../../features/server'; -import { createMockIngestManagerStartContract } from './mocks'; - -describe('test endpoint plugin', () => { - let plugin: EndpointPlugin; - let mockCoreSetup: ReturnType; - let mockCoreStart: ReturnType; - let mockedEndpointPluginSetupDependencies: jest.Mocked; - let mockedEndpointPluginStartDependencies: jest.Mocked; - let mockedPluginSetupContract: jest.Mocked; - beforeEach(() => { - plugin = new EndpointPlugin( - coreMock.createPluginInitializerContext({ - cookieName: 'sid', - sessionTimeout: 1500, - }) - ); - - mockCoreSetup = coreMock.createSetup(); - mockCoreStart = coreMock.createStart(); - mockedPluginSetupContract = { - registerFeature: jest.fn(), - getFeatures: jest.fn(), - getFeaturesUICapabilities: jest.fn(), - }; - }); - - it('test properly setup plugin', async () => { - mockedEndpointPluginSetupDependencies = { - features: mockedPluginSetupContract, - }; - await plugin.setup(mockCoreSetup, mockedEndpointPluginSetupDependencies); - expect(mockedPluginSetupContract.registerFeature).toBeCalledTimes(1); - expect(mockCoreSetup.http.createRouter).toBeCalledTimes(1); - expect(() => plugin.getEndpointAppContextService().getIndexPatternRetriever()).toThrow(Error); - expect(() => plugin.getEndpointAppContextService().getAgentService()).toThrow(Error); - }); - - it('test properly start plugin', async () => { - mockedEndpointPluginStartDependencies = { - ingestManager: createMockIngestManagerStartContract(''), - }; - await plugin.start(mockCoreStart, mockedEndpointPluginStartDependencies); - expect(plugin.getEndpointAppContextService().getAgentService()).toBeTruthy(); - expect(plugin.getEndpointAppContextService().getIndexPatternRetriever()).toBeTruthy(); - }); -}); diff --git a/x-pack/plugins/endpoint/server/plugin.ts b/x-pack/plugins/endpoint/server/plugin.ts deleted file mode 100644 index ff10b9c0416f9..0000000000000 --- a/x-pack/plugins/endpoint/server/plugin.ts +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { Plugin, CoreSetup, PluginInitializerContext, Logger, CoreStart } from 'kibana/server'; -import { first } from 'rxjs/operators'; -import { PluginSetupContract as FeaturesPluginSetupContract } from '../../features/server'; -import { createConfig$, EndpointConfigType } from './config'; -import { EndpointAppContext } from './types'; - -import { registerAlertRoutes } from './routes/alerts'; -import { registerResolverRoutes } from './routes/resolver'; -import { registerIndexPatternRoute } from './routes/index_pattern'; -import { registerEndpointRoutes } from './routes/metadata'; -import { IngestIndexPatternRetriever } from './index_pattern'; -import { IngestManagerStartContract } from '../../ingest_manager/server'; -import { EndpointAppContextService } from './endpoint_app_context_services'; -import { registerPolicyRoutes } from './routes/policy'; - -export type EndpointPluginStart = void; -export type EndpointPluginSetup = void; -export interface EndpointPluginStartDependencies { - ingestManager: IngestManagerStartContract; -} - -export interface EndpointPluginSetupDependencies { - features: FeaturesPluginSetupContract; -} - -export class EndpointPlugin - implements - Plugin< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies - > { - private readonly logger: Logger; - private readonly endpointAppContextService: EndpointAppContextService = new EndpointAppContextService(); - constructor(private readonly initializerContext: PluginInitializerContext) { - this.logger = this.initializerContext.logger.get('endpoint'); - } - - public getEndpointAppContextService(): EndpointAppContextService { - return this.endpointAppContextService; - } - - public setup(core: CoreSetup, plugins: EndpointPluginSetupDependencies) { - plugins.features.registerFeature({ - id: 'endpoint', - name: 'Endpoint', - icon: 'bug', - navLinkId: 'endpoint', - app: ['endpoint', 'kibana'], - privileges: { - all: { - app: ['endpoint', 'kibana'], - api: ['resolver'], - savedObject: { - all: [], - read: [], - }, - ui: ['save'], - }, - read: { - app: ['endpoint', 'kibana'], - api: [], - savedObject: { - all: [], - read: [], - }, - ui: [], - }, - }, - }); - const endpointContext = { - logFactory: this.initializerContext.logger, - service: this.endpointAppContextService, - config: (): Promise => { - return createConfig$(this.initializerContext) - .pipe(first()) - .toPromise(); - }, - } as EndpointAppContext; - const router = core.http.createRouter(); - registerEndpointRoutes(router, endpointContext); - registerResolverRoutes(router, endpointContext); - registerAlertRoutes(router, endpointContext); - registerIndexPatternRoute(router, endpointContext); - registerPolicyRoutes(router, endpointContext); - } - - public start(core: CoreStart, plugins: EndpointPluginStartDependencies) { - this.logger.debug('Starting plugin'); - this.endpointAppContextService.start({ - indexPatternRetriever: new IngestIndexPatternRetriever( - plugins.ingestManager.esIndexPatternService, - this.initializerContext.logger - ), - agentService: plugins.ingestManager.agentService, - }); - } - public stop() { - this.logger.debug('Stopping plugin'); - this.endpointAppContextService.stop(); - } -} diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/index.ts b/x-pack/plugins/endpoint/server/routes/alerts/details/index.ts deleted file mode 100644 index 3939594fe465c..0000000000000 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/index.ts +++ /dev/null @@ -1,8 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { alertDetailsReqSchema } from './schemas'; -export { alertDetailsHandlerWrapper } from './handlers'; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/index.ts b/x-pack/plugins/endpoint/server/routes/alerts/list/index.ts deleted file mode 100644 index cf72ea4d199de..0000000000000 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/index.ts +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { alertListHandlerWrapper } from './handlers'; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/types.ts b/x-pack/plugins/endpoint/server/routes/alerts/types.ts deleted file mode 100644 index 5aefc35b5758f..0000000000000 --- a/x-pack/plugins/endpoint/server/routes/alerts/types.ts +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { Query, Filter, TimeRange } from '../../../../../../src/plugins/data/server'; -import { JsonObject } from '../../../../../../src/plugins/kibana_utils/public'; -import { AlertAPIOrdering } from '../../../common/types'; - -/** - * Sort parameters for alerts in ES. - */ -export interface AlertSortParam { - [key: string]: { - order: AlertAPIOrdering; - missing?: UndefinedResultPosition; - }; -} - -/** - * Sort array for alerts. - */ -export type AlertSort = [AlertSortParam, AlertSortParam]; - -/** - * Cursor-based pagination params. - */ -export type SearchCursor = [string, string]; - -/** - * Request metadata used in searching alerts. - */ -export interface AlertSearchQuery { - pageSize: number; - pageIndex?: number; - fromIndex?: number; - query: Query; - filters: Filter[]; - dateRange?: TimeRange; - sort: string; - order: AlertAPIOrdering; - searchAfter?: SearchCursor; - searchBefore?: SearchCursor; - emptyStringIsUndefined?: boolean; -} - -/** - * ES request body for alerts. - */ -export interface AlertSearchRequest { - track_total_hits: number; - query: JsonObject; - sort: AlertSort; - search_after?: SearchCursor; -} - -/** - * Request for alerts. - */ -export interface AlertSearchRequestWrapper { - index: string; - size: number; - from?: number; - body: AlertSearchRequest; -} - -/** - * Request params for alert details. - */ -export interface AlertDetailsRequestParams { - id: string; -} - -/** - * Request params for alert queries. - * - * Must match exactly the values that the API receives. - */ -export interface AlertListRequestQuery { - page_index?: number; - page_size: number; - query?: string; - filters?: string; - date_range: string; - sort: string; - order: AlertAPIOrdering; - after?: SearchCursor; - before?: SearchCursor; - empty_string_is_undefined?: boolean; -} - -/** - * Indicates whether undefined results are sorted to the beginning (_first) or end (_last) - * of a result set. - */ -export enum UndefinedResultPosition { - first = '_first', - last = '_last', -} diff --git a/x-pack/plugins/endpoint/server/routes/index_pattern.ts b/x-pack/plugins/endpoint/server/routes/index_pattern.ts deleted file mode 100644 index 7e78caaf178e4..0000000000000 --- a/x-pack/plugins/endpoint/server/routes/index_pattern.ts +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { IRouter, Logger, RequestHandler } from 'kibana/server'; -import { EndpointAppContext } from '../types'; -import { IndexPatternGetParamsResult } from '../../common/types'; -import { AlertConstants } from '../../common/alert_constants'; -import { indexPatternGetParamsSchema } from '../../common/schema/index_pattern'; - -function handleIndexPattern( - log: Logger, - endpointAppContext: EndpointAppContext -): RequestHandler { - return async (context, req, res) => { - try { - const indexRetriever = endpointAppContext.service.getIndexPatternRetriever(); - return res.ok({ - body: { - indexPattern: await indexRetriever.getIndexPattern(context, req.params.datasetPath), - }, - }); - } catch (error) { - log.warn(error); - return res.notFound({ body: error }); - } - }; -} - -export function registerIndexPatternRoute(router: IRouter, endpointAppContext: EndpointAppContext) { - const log = endpointAppContext.logFactory.get('index_pattern'); - - router.get( - { - path: `${AlertConstants.INDEX_PATTERN_ROUTE}/{datasetPath}`, - validate: { params: indexPatternGetParamsSchema }, - options: { authRequired: true }, - }, - handleIndexPattern(log, endpointAppContext) - ); -} diff --git a/x-pack/plugins/endpoint/yarn.lock b/x-pack/plugins/endpoint/yarn.lock deleted file mode 120000 index 6e09764ec763b..0000000000000 --- a/x-pack/plugins/endpoint/yarn.lock +++ /dev/null @@ -1 +0,0 @@ -../../../yarn.lock \ No newline at end of file diff --git a/x-pack/plugins/endpoint/common/generate_data.test.ts b/x-pack/plugins/siem/common/endpoint/generate_data.test.ts similarity index 100% rename from x-pack/plugins/endpoint/common/generate_data.test.ts rename to x-pack/plugins/siem/common/endpoint/generate_data.test.ts diff --git a/x-pack/plugins/endpoint/common/generate_data.ts b/x-pack/plugins/siem/common/endpoint/generate_data.ts similarity index 99% rename from x-pack/plugins/endpoint/common/generate_data.ts rename to x-pack/plugins/siem/common/endpoint/generate_data.ts index c701845477242..9e3b5a22f1607 100644 --- a/x-pack/plugins/endpoint/common/generate_data.ts +++ b/x-pack/plugins/siem/common/endpoint/generate_data.ts @@ -442,6 +442,7 @@ export class EndpointDocGenerator { lineage.length === generations + 1 ) { lineage.pop(); + // eslint-disable-next-line no-continue continue; } // Otherwise, add a child and any nodes associated with it @@ -738,9 +739,10 @@ export class EndpointDocGenerator { } private *randomNGenerator(max: number, count: number) { - while (count > 0) { + let iCount = count; + while (iCount > 0) { yield this.randomN(max); - count--; + iCount = iCount - 1; } } diff --git a/x-pack/plugins/endpoint/common/models/event.ts b/x-pack/plugins/siem/common/endpoint/models/event.ts similarity index 100% rename from x-pack/plugins/endpoint/common/models/event.ts rename to x-pack/plugins/siem/common/endpoint/models/event.ts diff --git a/x-pack/plugins/endpoint/common/models/policy_config.ts b/x-pack/plugins/siem/common/endpoint/models/policy_config.ts similarity index 100% rename from x-pack/plugins/endpoint/common/models/policy_config.ts rename to x-pack/plugins/siem/common/endpoint/models/policy_config.ts diff --git a/x-pack/plugins/endpoint/common/schema/policy.ts b/x-pack/plugins/siem/common/endpoint/schema/policy.ts similarity index 100% rename from x-pack/plugins/endpoint/common/schema/policy.ts rename to x-pack/plugins/siem/common/endpoint/schema/policy.ts diff --git a/x-pack/plugins/endpoint/common/schema/resolver.ts b/x-pack/plugins/siem/common/endpoint/schema/resolver.ts similarity index 100% rename from x-pack/plugins/endpoint/common/schema/resolver.ts rename to x-pack/plugins/siem/common/endpoint/schema/resolver.ts diff --git a/x-pack/plugins/endpoint/common/types.ts b/x-pack/plugins/siem/common/endpoint/types.ts similarity index 86% rename from x-pack/plugins/endpoint/common/types.ts rename to x-pack/plugins/siem/common/endpoint/types.ts index 3d096eab5c4f2..43c7e20445d5d 100644 --- a/x-pack/plugins/endpoint/common/types.ts +++ b/x-pack/plugins/siem/common/endpoint/types.ts @@ -4,11 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { SearchResponse } from 'elasticsearch'; -import { TypeOf } from '@kbn/config-schema'; -import { alertingIndexGetQuerySchema } from './schema/alert_index'; -import { indexPatternGetParamsSchema } from './schema/index_pattern'; -import { Datasource, NewDatasource } from '../../ingest_manager/common'; +import { Datasource, NewDatasource } from '../../../ingest_manager/common'; + +export interface AppLocation { + pathname: string; + search: string; + hash: string; + key?: string; +} /** * A deep readonly type that will make all children of a given object readonly recursively @@ -30,11 +33,6 @@ type ImmutableMap = ReadonlyMap, Immutable>; type ImmutableSet = ReadonlySet>; type ImmutableObject = { readonly [K in keyof T]: Immutable }; -/** - * Values for the Alert APIs 'order' and 'direction' parameters. - */ -export type AlertAPIOrdering = 'asc' | 'desc'; - export interface ResolverNodeStats { totalEvents: number; totalAlerts: number; @@ -60,46 +58,6 @@ export interface ResolverNode { stats?: ResolverNodeStats; } -/** - * Returned by 'api/endpoint/alerts' - */ -export interface AlertResultList { - /** - * The alerts restricted by page size. - */ - alerts: AlertData[]; - - /** - * The total number of alerts on the page. - */ - total: number; - - /** - * The size of the requested page. - */ - request_page_size: number; - - /** - * The index of the requested page, starting at 0. - */ - request_page_index?: number; - - /** - * The offset of the requested page, starting at 0. - */ - result_from_index?: number; - - /** - * A cursor-based URL for the next page. - */ - next: string | null; - - /** - * A cursor-based URL for the previous page. - */ - prev: string | null; -} - /** * Returned by the server via /api/endpoint/metadata */ @@ -271,24 +229,6 @@ export type AlertEvent = Immutable<{ dll?: DllFields[]; }>; -interface AlertMetadata { - id: string; - - // Alert Details Pagination - next: string | null; - prev: string | null; -} - -interface AlertState { - state: { - host_metadata: HostMetadata; - }; -} - -export type AlertData = AlertEvent & AlertMetadata; - -export type AlertDetails = AlertData & AlertState; - /** * The status of the host */ @@ -337,19 +277,6 @@ export type HostMetadata = Immutable<{ host: Host; }>; -/** - * Represents `total` response from Elasticsearch after ES 7.0. - */ -export interface ESTotal { - value: number; - relation: string; -} - -/** - * `Hits` array in responses from ES search API. - */ -export type AlertHits = SearchResponse['hits']['hits']; - export interface LegacyEndpointEvent { '@timestamp': number; endgame: { @@ -427,7 +354,7 @@ export type ResolverEvent = EndpointEvent | LegacyEndpointEvent; * Note that because the types coming from `@kbn/config-schema`'s schemas sometimes have deeply nested * `Type` types, we process the result of `TypeOf` instead, as this will be consistent. */ -type KbnConfigSchemaInputTypeOf = T extends Record +export type KbnConfigSchemaInputTypeOf = T extends Record ? KbnConfigSchemaInputObjectTypeOf< T > /** `schema.number()` accepts strings, so this type should accept them as well. */ @@ -468,23 +395,6 @@ type KbnConfigSchemaNonOptionalProps> = Pi }[keyof Props] >; -/** - * Query params to pass to the alert API when fetching new data. - */ -export type AlertingIndexGetQueryInput = KbnConfigSchemaInputTypeOf< - TypeOf ->; - -/** - * Result of the validated query params when handling alert index requests. - */ -export type AlertingIndexGetQueryResult = TypeOf; - -/** - * Result of the validated params when handling an index pattern request. - */ -export type IndexPatternGetParamsResult = TypeOf; - /** * Endpoint Policy configuration */ diff --git a/x-pack/plugins/endpoint/common/alert_constants.ts b/x-pack/plugins/siem/common/endpoint_alerts/alert_constants.ts similarity index 100% rename from x-pack/plugins/endpoint/common/alert_constants.ts rename to x-pack/plugins/siem/common/endpoint_alerts/alert_constants.ts diff --git a/x-pack/plugins/endpoint/common/schema/alert_index.ts b/x-pack/plugins/siem/common/endpoint_alerts/schema/alert_index.ts similarity index 78% rename from x-pack/plugins/endpoint/common/schema/alert_index.ts rename to x-pack/plugins/siem/common/endpoint_alerts/schema/alert_index.ts index cffc00661515f..6794eea20066b 100644 --- a/x-pack/plugins/endpoint/common/schema/alert_index.ts +++ b/x-pack/plugins/siem/common/endpoint_alerts/schema/alert_index.ts @@ -47,7 +47,7 @@ export const alertingIndexGetQuerySchema = schema.object( try { decode(value); } catch (err) { - return i18n.translate('xpack.endpoint.alerts.errors.bad_rison', { + return i18n.translate('xpack.siem.endpoint.alerts.errors.bad_rison', { defaultMessage: 'must be a valid rison-encoded string', }); } @@ -62,7 +62,7 @@ export const alertingIndexGetQuerySchema = schema.object( try { decode(value); } catch (err) { - return i18n.translate('xpack.endpoint.alerts.errors.bad_rison', { + return i18n.translate('xpack.siem.endpoint.alerts.errors.bad_rison', { defaultMessage: 'must be a valid rison-encoded string', }); } @@ -77,7 +77,7 @@ export const alertingIndexGetQuerySchema = schema.object( try { decode(value); } catch (err) { - return i18n.translate('xpack.endpoint.alerts.errors.bad_rison', { + return i18n.translate('xpack.siem.endpoint.alerts.errors.bad_rison', { defaultMessage: 'must be a valid rison-encoded string', }); } @@ -88,22 +88,28 @@ export const alertingIndexGetQuerySchema = schema.object( { validate(value) { if (value.after !== undefined && value.page_index !== undefined) { - return i18n.translate('xpack.endpoint.alerts.errors.page_index_cannot_be_used_with_after', { - defaultMessage: '[page_index] cannot be used with [after]', - }); + return i18n.translate( + 'xpack.siem.endpoint.alerts.errors.page_index_cannot_be_used_with_after', + { + defaultMessage: '[page_index] cannot be used with [after]', + } + ); } if (value.before !== undefined && value.page_index !== undefined) { return i18n.translate( - 'xpack.endpoint.alerts.errors.page_index_cannot_be_used_with_before', + 'xpack.siem.endpoint.alerts.errors.page_index_cannot_be_used_with_before', { defaultMessage: '[page_index] cannot be used with [before]', } ); } if (value.before !== undefined && value.after !== undefined) { - return i18n.translate('xpack.endpoint.alerts.errors.before_cannot_be_used_with_after', { - defaultMessage: '[before] cannot be used with [after]', - }); + return i18n.translate( + 'xpack.siem.endpoint.alerts.errors.before_cannot_be_used_with_after', + { + defaultMessage: '[before] cannot be used with [after]', + } + ); } }, } diff --git a/x-pack/plugins/endpoint/common/schema/index_pattern.ts b/x-pack/plugins/siem/common/endpoint_alerts/schema/index_pattern.ts similarity index 100% rename from x-pack/plugins/endpoint/common/schema/index_pattern.ts rename to x-pack/plugins/siem/common/endpoint_alerts/schema/index_pattern.ts diff --git a/x-pack/plugins/siem/common/endpoint_alerts/types.ts b/x-pack/plugins/siem/common/endpoint_alerts/types.ts new file mode 100644 index 0000000000000..2ba8353b09c88 --- /dev/null +++ b/x-pack/plugins/siem/common/endpoint_alerts/types.ts @@ -0,0 +1,272 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SearchResponse } from 'elasticsearch'; +import { TypeOf } from '@kbn/config-schema'; +import { IIndexPattern, TimeRange, Filter, Query } from 'src/plugins/data/public'; +import { JsonObject } from 'src/plugins/kibana_utils/common'; +import { alertingIndexGetQuerySchema } from './schema/alert_index'; +import { indexPatternGetParamsSchema } from './schema/index_pattern'; +import { + HostMetadata, + AlertEvent, + KbnConfigSchemaInputTypeOf, + AppLocation, +} from '../endpoint/types'; + +/** + * A deep readonly type that will make all children of a given object readonly recursively + */ +export type Immutable = T extends undefined | null | boolean | string | number + ? T + : unknown extends T + ? unknown + : T extends Array + ? ImmutableArray + : T extends Map + ? ImmutableMap + : T extends Set + ? ImmutableSet + : ImmutableObject; + +type ImmutableArray = ReadonlyArray>; +type ImmutableMap = ReadonlyMap, Immutable>; +type ImmutableSet = ReadonlySet>; +type ImmutableObject = { readonly [K in keyof T]: Immutable }; + +/** + * Values for the Alert APIs 'order' and 'direction' parameters. + */ +export type AlertAPIOrdering = 'asc' | 'desc'; + +/** + * Returned by 'api/endpoint/alerts' + */ +export interface AlertResultList { + /** + * The alerts restricted by page size. + */ + alerts: AlertData[]; + + /** + * The total number of alerts on the page. + */ + total: number; + + /** + * The size of the requested page. + */ + request_page_size: number; + + /** + * The index of the requested page, starting at 0. + */ + request_page_index?: number; + + /** + * The offset of the requested page, starting at 0. + */ + result_from_index?: number; + + /** + * A cursor-based URL for the next page. + */ + next: string | null; + + /** + * A cursor-based URL for the previous page. + */ + prev: string | null; +} + +interface AlertMetadata { + id: string; + + // Alert Details Pagination + next: string | null; + prev: string | null; +} + +interface AlertState { + state: { + host_metadata: HostMetadata; + }; +} + +export type AlertData = AlertEvent & AlertMetadata; + +export type AlertDetails = AlertData & AlertState; + +/** + * Represents `total` response from Elasticsearch after ES 7.0. + */ +export interface ESTotal { + value: number; + relation: string; +} + +/** + * `Hits` array in responses from ES search API. + */ +export type AlertHits = SearchResponse['hits']['hits']; + +/** + * Query params to pass to the alert API when fetching new data. + */ +export type AlertingIndexGetQueryInput = KbnConfigSchemaInputTypeOf< + TypeOf +>; + +/** + * Result of the validated query params when handling alert index requests. + */ +export type AlertingIndexGetQueryResult = TypeOf; + +/** + * Result of the validated params when handling an index pattern request. + */ +export type IndexPatternGetParamsResult = TypeOf; + +interface AlertsSearchBarState { + patterns: IIndexPattern[]; +} + +export type AlertListData = AlertResultList; + +export interface AlertListState { + /** Array of alert items. */ + readonly alerts: Immutable; + + /** The total number of alerts on the page. */ + readonly total: number; + + /** Number of alerts per page. */ + readonly pageSize: number; + + /** Page number, starting at 0. */ + readonly pageIndex: number; + + /** Current location object from React Router history. */ + readonly location?: Immutable; + + /** Specific Alert data to be shown in the details view */ + readonly alertDetails?: Immutable; + + /** Search bar state including indexPatterns */ + readonly searchBar: AlertsSearchBarState; +} + +/** + * Gotten by parsing the URL from the browser. Used to calculate the new URL when changing views. + */ +export interface AlertingIndexUIQueryParams { + /** + * How many items to show in list. + */ + page_size?: string; + /** + * Which page to show. If `page_index` is 1, show page 2. + */ + page_index?: string; + /** + * If any value is present, show the alert detail view for the selected alert. Should be an ID for an alert event. + */ + selected_alert?: string; + query?: string; + date_range?: string; + filters?: string; +} + +/** + * Sort parameters for alerts in ES. + */ +export interface AlertSortParam { + [key: string]: { + order: AlertAPIOrdering; + missing?: UndefinedResultPosition; + }; +} + +/** + * Sort array for alerts. + */ +export type AlertSort = [AlertSortParam, AlertSortParam]; + +/** + * Cursor-based pagination params. + */ +export type SearchCursor = [string, string]; + +/** + * Request metadata used in searching alerts. + */ +export interface AlertSearchQuery { + pageSize: number; + pageIndex?: number; + fromIndex?: number; + query: Query; + filters: Filter[]; + dateRange?: TimeRange; + sort: string; + order: AlertAPIOrdering; + searchAfter?: SearchCursor; + searchBefore?: SearchCursor; + emptyStringIsUndefined?: boolean; +} + +/** + * ES request body for alerts. + */ +export interface AlertSearchRequest { + track_total_hits: number; + query: JsonObject; + sort: AlertSort; + search_after?: SearchCursor; +} + +/** + * Request for alerts. + */ +export interface AlertSearchRequestWrapper { + index: string; + size: number; + from?: number; + body: AlertSearchRequest; +} + +/** + * Request params for alert details. + */ +export interface AlertDetailsRequestParams { + id: string; +} + +/** + * Request params for alert queries. + * + * Must match exactly the values that the API receives. + */ +export interface AlertListRequestQuery { + page_index?: number; + page_size: number; + query?: string; + filters?: string; + date_range: string; + sort: string; + order: AlertAPIOrdering; + after?: SearchCursor; + before?: SearchCursor; + empty_string_is_undefined?: boolean; +} + +/** + * Indicates whether undefined results are sorted to the beginning (_first) or end (_last) + * of a result set. + */ +export enum UndefinedResultPosition { + first = '_first', + last = '_last', +} diff --git a/x-pack/plugins/siem/kibana.json b/x-pack/plugins/siem/kibana.json index 39e50838c1c97..1106781fd45e4 100644 --- a/x-pack/plugins/siem/kibana.json +++ b/x-pack/plugins/siem/kibana.json @@ -7,9 +7,11 @@ "actions", "alerting", "data", + "dataEnhanced", "embeddable", "features", "home", + "ingestManager", "inspector", "licensing", "maps", diff --git a/x-pack/plugins/siem/package.json b/x-pack/plugins/siem/package.json index a055d011a5cbb..6dc3aa3a5021e 100644 --- a/x-pack/plugins/siem/package.json +++ b/x-pack/plugins/siem/package.json @@ -9,13 +9,17 @@ "build-graphql-types": "node scripts/generate_types_from_graphql.js", "cypress:open": "cypress open --config-file ./cypress/cypress.json", "cypress:run": "cypress run --browser chrome --headless --spec ./cypress/integration/**/*.spec.ts --config-file ./cypress/cypress.json --reporter ../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json; status=$?; ../../node_modules/.bin/mochawesome-merge --reportDir ../../../target/kibana-siem/cypress/results > ../../../target/kibana-siem/cypress/results/output.json; ../../../node_modules/.bin/marge ../../../target/kibana-siem/cypress/results/output.json --reportDir ../../../target/kibana-siem/cypress/results; mkdir -p ../../../target/junit && cp ../../../target/kibana-siem/cypress/results/*.xml ../../../target/junit/ && exit $status;", - "cypress:run-as-ci": "node ../../../scripts/functional_tests --config ../../test/siem_cypress/config.ts" + "cypress:run-as-ci": "node ../../../scripts/functional_tests --config ../../test/siem_cypress/config.ts", + "test:generate": "ts-node --project scripts/endpoint/cli_tsconfig.json scripts/endpoint/resolver_generator.ts" }, "devDependencies": { "@types/lodash": "^4.14.110" }, "dependencies": { "lodash": "^4.17.15", - "react-markdown": "^4.0.6" + "querystring": "^0.2.0", + "react-markdown": "^4.0.6", + "redux-devtools-extension": "^2.13.8", + "@types/seedrandom": ">=2.0.0 <4.0.0" } } diff --git a/x-pack/plugins/siem/public/app/app.tsx b/x-pack/plugins/siem/public/app/app.tsx index 7aef91380b522..732b1883b9b77 100644 --- a/x-pack/plugins/siem/public/app/app.tsx +++ b/x-pack/plugins/siem/public/app/app.tsx @@ -24,7 +24,7 @@ import { DEFAULT_DARK_MODE } from '../../common/constants'; import { ErrorToastDispatcher } from '../common/components/error_toast_dispatcher'; import { compose } from '../common/lib/compose/kibana_compose'; import { AppFrontendLibs, AppApolloClient } from '../common/lib/lib'; -import { StartServices } from '../plugin'; +import { StartServices } from '../types'; import { PageRouter } from './routes'; import { createStore, createInitialState } from '../common/store'; import { GlobalToaster, ManageGlobalToaster } from '../common/components/toasters'; @@ -80,7 +80,8 @@ const StartAppComponent: FC = ({ subPlugins, ...libs }) => { const store = createStore( createInitialState(subPluginsStore.initialState), subPluginsStore.reducer, - libs$.pipe(pluck('apolloClient')) + libs$.pipe(pluck('apolloClient')), + subPluginsStore.middlewares ); const [darkMode] = useUiSetting$(DEFAULT_DARK_MODE); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/setup.tsx b/x-pack/plugins/siem/public/app/home/setup.tsx similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/setup.tsx rename to x-pack/plugins/siem/public/app/home/setup.tsx index a826e1f30f75d..a88b6a36100db 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/setup.tsx +++ b/x-pack/plugins/siem/public/app/home/setup.tsx @@ -6,18 +6,18 @@ import * as React from 'react'; import { i18n } from '@kbn/i18n'; import { NotificationsStart } from 'kibana/public'; -import { IngestManagerStart } from '../../../../../ingest_manager/public'; +import { IngestManagerStart } from '../../../../ingest_manager/public'; export const Setup: React.FunctionComponent<{ ingestManager: IngestManagerStart; notifications: NotificationsStart; }> = ({ ingestManager, notifications }) => { React.useEffect(() => { - const defaultText = i18n.translate('xpack.endpoint.ingestToastMessage', { + const defaultText = i18n.translate('xpack.siem.endpoint.ingestToastMessage', { defaultMessage: 'Ingest Manager failed during its setup.', }); - const title = i18n.translate('xpack.endpoint.ingestToastTitle', { + const title = i18n.translate('xpack.siem.endpoint.ingestToastTitle', { defaultMessage: 'App failed to initialize', }); diff --git a/x-pack/plugins/siem/public/app/index.tsx b/x-pack/plugins/siem/public/app/index.tsx index d69be6e09e614..13d06bd1a98c2 100644 --- a/x-pack/plugins/siem/public/app/index.tsx +++ b/x-pack/plugins/siem/public/app/index.tsx @@ -9,7 +9,7 @@ import { render, unmountComponentAtNode } from 'react-dom'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { AppMountParameters } from '../../../../../src/core/public'; -import { StartServices } from '../plugin'; +import { StartServices } from '../types'; import { SiemApp } from './app'; import { SecuritySubPlugins } from './types'; diff --git a/x-pack/plugins/siem/public/app/routes.tsx b/x-pack/plugins/siem/public/app/routes.tsx index ed3565df5f507..d1395813d39f4 100644 --- a/x-pack/plugins/siem/public/app/routes.tsx +++ b/x-pack/plugins/siem/public/app/routes.tsx @@ -11,6 +11,7 @@ import { Route, Router, Switch } from 'react-router-dom'; import { NotFoundPage } from './404'; import { HomePage } from './home'; import { ManageRoutesSpy } from '../common/utils/route/manage_spy_routes'; +import { RouteCapture } from '../common/components/endpoint/route_capture'; interface RouterProps { history: History; @@ -20,14 +21,16 @@ interface RouterProps { const PageRouterComponent: FC = ({ history, subPluginRoutes }) => ( - - - - - - - - + + + + + + + + + + ); diff --git a/x-pack/plugins/siem/public/app/types.ts b/x-pack/plugins/siem/public/app/types.ts index 5fe4b5a8d8227..1fcbc5ba25f8f 100644 --- a/x-pack/plugins/siem/public/app/types.ts +++ b/x-pack/plugins/siem/public/app/types.ts @@ -4,12 +4,18 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Reducer, AnyAction } from 'redux'; +import { Reducer, AnyAction, Middleware, Dispatch } from 'redux'; import { NavTab } from '../common/components/navigation/types'; import { HostsState } from '../hosts/store'; import { NetworkState } from '../network/store'; import { TimelineState } from '../timelines/store/timeline/types'; +import { ImmutableReducer, State } from '../common/store'; +import { Immutable } from '../../common/endpoint/types'; +import { AlertListState } from '../../common/endpoint_alerts/types'; +import { AppAction } from '../common/store/actions'; +import { HostState } from '../endpoint_hosts/types'; +import { PolicyDetailsState, PolicyListState } from '../endpoint_policy/types'; export enum SiemPageName { overview = 'overview', @@ -33,13 +39,21 @@ export type SiemNavTab = Record; export interface SecuritySubPluginStore { initialState: Record; reducer: Record>; + middleware?: Middleware<{}, State, Dispatch>>; } export interface SecuritySubPlugin { routes: React.ReactElement[]; } -type SecuritySubPluginKeyStore = 'hosts' | 'network' | 'timeline'; +type SecuritySubPluginKeyStore = + | 'hosts' + | 'network' + | 'timeline' + | 'hostList' + | 'alertList' + | 'policyDetails' + | 'policyList'; export interface SecuritySubPluginWithStore extends SecuritySubPlugin { store: SecuritySubPluginStore; @@ -51,11 +65,20 @@ export interface SecuritySubPlugins extends SecuritySubPlugin { hosts: HostsState; network: NetworkState; timeline: TimelineState; + alertList: Immutable; + hostList: Immutable; + policyDetails: Immutable; + policyList: Immutable; }; reducer: { hosts: Reducer; network: Reducer; timeline: Reducer; + alertList: ImmutableReducer; + hostList: ImmutableReducer; + policyDetails: ImmutableReducer; + policyList: ImmutableReducer; }; + middlewares: Array>>>; }; } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/link_to_app.test.tsx.snap b/x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/link_to_app.test.tsx.snap similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/link_to_app.test.tsx.snap rename to x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/link_to_app.test.tsx.snap diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/page_view.test.tsx.snap b/x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/page_view.test.tsx.snap similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/page_view.test.tsx.snap rename to x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/page_view.test.tsx.snap index 36b602a1e6784..35a42acf7e1fb 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/page_view.test.tsx.snap +++ b/x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/page_view.test.tsx.snap @@ -21,7 +21,7 @@ exports[`PageView component should display body header custom element 1`] = ` background: none; } - body header @@ -88,7 +88,7 @@ exports[`PageView component should display body header custom element 1`] = `
- + `; exports[`PageView component should display body header wrapped in EuiTitle 1`] = ` @@ -112,7 +112,7 @@ exports[`PageView component should display body header wrapped in EuiTitle 1`] = background: none; } - @@ -150,7 +150,7 @@ exports[`PageView component should display body header wrapped in EuiTitle 1`] = className="euiPageContentHeaderSection" data-test-subj="pageViewBodyTitleArea" > - +

- +

@@ -182,7 +182,7 @@ exports[`PageView component should display body header wrapped in EuiTitle 1`] = - + `; exports[`PageView component should display header left and right 1`] = ` @@ -206,7 +206,7 @@ exports[`PageView component should display header left and right 1`] = ` background: none; } - - + @@ -248,7 +248,7 @@ exports[`PageView component should display header left and right 1`] = ` page title - + - + `; exports[`PageView component should display only body if not header props used 1`] = ` @@ -315,7 +315,7 @@ exports[`PageView component should display only body if not header props used 1` background: none; } - - + `; exports[`PageView component should display only header left 1`] = ` @@ -383,7 +383,7 @@ exports[`PageView component should display only header left 1`] = ` background: none; } - @@ -413,7 +413,7 @@ exports[`PageView component should display only header left 1`] = ` className="euiPageHeaderSection" data-test-subj="pageViewHeaderLeft" > - + @@ -424,7 +424,7 @@ exports[`PageView component should display only header left 1`] = ` page title - + @@ -457,7 +457,7 @@ exports[`PageView component should display only header left 1`] = ` - + `; exports[`PageView component should display only header right but include an empty left side 1`] = ` @@ -481,7 +481,7 @@ exports[`PageView component should display only header right but include an empt background: none; } - @@ -552,7 +552,7 @@ exports[`PageView component should display only header right but include an empt - + `; exports[`PageView component should pass through EuiPage props 1`] = ` @@ -576,7 +576,7 @@ exports[`PageView component should pass through EuiPage props 1`] = ` background: none; } - - + `; exports[`PageView component should use custom element for header left and not wrap in EuiTitle 1`] = ` @@ -661,7 +661,7 @@ exports[`PageView component should use custom element for header left and not wr background: none; } - title here @@ -730,5 +730,5 @@ exports[`PageView component should use custom element for header left and not wr - + `; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/formatted_date_time.tsx b/x-pack/plugins/siem/public/common/components/endpoint/formatted_date_time.tsx similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/formatted_date_time.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/formatted_date_time.tsx diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.test.tsx b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.test.tsx similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.test.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/link_to_app.test.tsx index 2d4d1ca8a1b5b..0c3467d8f363c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.test.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.test.tsx @@ -8,8 +8,8 @@ import React from 'react'; import { mount } from 'enzyme'; import { LinkToApp } from './link_to_app'; import { CoreStart } from 'kibana/public'; -import { KibanaContextProvider } from '../../../../../../../../src/plugins/kibana_react/public'; -import { coreMock } from '../../../../../../../../src/core/public/mocks'; +import { KibanaContextProvider } from '../../../../../../../src/plugins/kibana_react/public'; +import { coreMock } from '../../../../../../../src/core/public/mocks'; type LinkToAppOnClickMock = jest.Mock< Return, @@ -31,13 +31,13 @@ describe('LinkToApp component', () => { }); it('should render with minimum input', () => { - expect(render(link)).toMatchSnapshot(); + expect(render({'link'})).toMatchSnapshot(); }); it('should render with href', () => { expect( render( - link + {'link'} ) ).toMatchSnapshot(); @@ -47,7 +47,7 @@ describe('LinkToApp component', () => { const spyOnClickHandler: LinkToAppOnClickMock = jest.fn(_event => {}); const renderResult = render( - link + {'link'} ); @@ -65,7 +65,7 @@ describe('LinkToApp component', () => { it('should navigate to App with specific path', () => { const renderResult = render( - link + {'link'} ); renderResult.find('EuiLink').simulate('click', { button: 0 }); @@ -84,7 +84,7 @@ describe('LinkToApp component', () => { color="primary" data-test-subj="my-test-subject" > - link + {'link'} ); expect(renderResult.find('EuiLink').props()).toEqual({ @@ -103,7 +103,7 @@ describe('LinkToApp component', () => { }); const renderResult = render( - link + {'link'} ); expect(() => renderResult.find('EuiLink').simulate('click')).toThrow(); @@ -116,21 +116,21 @@ describe('LinkToApp component', () => { }); const renderResult = render( - link + {'link'} ); renderResult.find('EuiLink').simulate('click', { button: 0 }); expect(fakeCoreStart.application.navigateToApp).not.toHaveBeenCalled(); }); it('should not to navigate if it was not left click', () => { - const renderResult = render(link); + const renderResult = render({'link'}); renderResult.find('EuiLink').simulate('click', { button: 1 }); expect(fakeCoreStart.application.navigateToApp).not.toHaveBeenCalled(); }); it('should not to navigate if it includes an anchor target', () => { const renderResult = render( - link + {'link'} ); renderResult.find('EuiLink').simulate('click', { button: 0 }); @@ -139,7 +139,7 @@ describe('LinkToApp component', () => { it('should not to navigate if if meta|alt|ctrl|shift keys are pressed', () => { const renderResult = render( - link + {'link'} ); const euiLink = renderResult.find('EuiLink'); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.tsx b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.tsx similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/link_to_app.tsx index 6a3cf5e78f4bf..d6d8859b280b8 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.tsx @@ -5,15 +5,15 @@ */ import React, { memo, MouseEventHandler } from 'react'; -import { EuiLink } from '@elastic/eui'; -import { EuiLinkProps } from '@elastic/eui'; -import { useNavigateToAppEventHandler } from '../hooks/use_navigate_to_app_event_handler'; +import { EuiLink, EuiLinkProps } from '@elastic/eui'; +import { useNavigateToAppEventHandler } from '../../hooks/endpoint/use_navigate_to_app_event_handler'; type LinkToAppProps = EuiLinkProps & { /** the app id - normally the value of the `id` in that plugin's `kibana.json` */ appId: string; /** Any app specific path (route) */ appPath?: string; + // eslint-disable-next-line @typescript-eslint/no-explicit-any appState?: any; onClick?: MouseEventHandler; }; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.test.tsx b/x-pack/plugins/siem/public/common/components/endpoint/page_view.test.tsx similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.test.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/page_view.test.tsx index 4007477a088fa..2c14f66b64865 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.test.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/page_view.test.tsx @@ -7,20 +7,20 @@ import React from 'react'; import { mount } from 'enzyme'; import { PageView } from './page_view'; -import { EuiThemeProvider } from '../../../../../../../legacy/common/eui_styled_components'; +import { EuiThemeProvider } from '../../../../../../legacy/common/eui_styled_components'; describe('PageView component', () => { const render = (ui: Parameters[0]) => mount(ui, { wrappingComponent: EuiThemeProvider }); it('should display only body if not header props used', () => { - expect(render(body content)).toMatchSnapshot(); + expect(render({'body content'})).toMatchSnapshot(); }); it('should display header left and right', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -29,7 +29,7 @@ describe('PageView component', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -38,7 +38,7 @@ describe('PageView component', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -46,8 +46,8 @@ describe('PageView component', () => { it(`should use custom element for header left and not wrap in EuiTitle`, () => { expect( render( - title here

}> - body content + {'title here'}

}> + {'body content'}
) ).toMatchSnapshot(); @@ -56,7 +56,7 @@ describe('PageView component', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -64,8 +64,8 @@ describe('PageView component', () => { it('should display body header custom element', () => { expect( render( - body header

}> - body content + {'body header'}

}> + {'body content'}
) ).toMatchSnapshot(); @@ -80,7 +80,7 @@ describe('PageView component', () => { aria-label="test-aria-label-here" data-test-subj="test-data-test-subj-here" > - body content + {'body content'}
) ).toMatchSnapshot(); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.tsx b/x-pack/plugins/siem/public/common/components/endpoint/page_view.tsx similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/page_view.tsx index 6da352b68f890..b2b8078c3fe97 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/page_view.tsx @@ -56,6 +56,8 @@ export const PageViewHeaderTitle = memo<{ children: ReactNode }>(({ children }) ); }); +PageViewHeaderTitle.displayName = 'PageViewHeaderTitle'; + /** * The `PageView` component used to render `bodyHeader` when it is set as a `string` * Can be used when wanting to customize the `bodyHeader` value but still use the standard @@ -70,6 +72,7 @@ export const PageViewBodyHeaderTitle = memo<{ children: ReactNode }>( ); } ); +PageViewBodyHeaderTitle.displayName = 'PageViewBodyHeaderTitle'; /** * Page View layout for use in Endpoint @@ -135,3 +138,5 @@ export const PageView = memo< ); }); + +PageView.displayName = 'PageView'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/route_capture.tsx b/x-pack/plugins/siem/public/common/components/endpoint/route_capture.tsx similarity index 77% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/route_capture.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/route_capture.tsx index 28d2019b56888..7340d639070ab 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/route_capture.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/route_capture.tsx @@ -7,15 +7,18 @@ import React, { memo } from 'react'; import { useLocation } from 'react-router-dom'; import { useDispatch } from 'react-redux'; -import { EndpointAppLocation, AppAction } from '../types'; +import { AppLocation } from '../../../../common/endpoint/types'; +import { AppAction } from '../../store/actions'; /** * This component should be used above all routes, but below the Provider. * It dispatches actions when the URL is changed. */ export const RouteCapture = memo(({ children }) => { - const location: EndpointAppLocation = useLocation(); + const location: AppLocation = useLocation(); const dispatch: (action: AppAction) => unknown = useDispatch(); dispatch({ type: 'userChangedUrl', payload: location }); return <>{children}; }); + +RouteCapture.displayName = 'RouteCapture'; diff --git a/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts b/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts index 16ae1b1e096ca..a202407b1270c 100644 --- a/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts +++ b/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts @@ -9,7 +9,7 @@ import { getOr, omit } from 'lodash/fp'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { ChromeBreadcrumb } from '../../../../../../../../src/core/public'; import { APP_NAME } from '../../../../../common/constants'; -import { StartServices } from '../../../../plugin'; +import { StartServices } from '../../../../types'; import { getBreadcrumbs as getHostDetailsBreadcrumbs } from '../../../../hosts/pages/details/utils'; import { getBreadcrumbs as getIPDetailsBreadcrumbs } from '../../../../network/pages/ip_details'; import { getBreadcrumbs as getCaseDetailsBreadcrumbs } from '../../../../cases/pages/utils'; diff --git a/x-pack/plugins/siem/public/common/hooks/api/api.tsx b/x-pack/plugins/siem/public/common/hooks/api/api.tsx index 12863bffcf515..4c2cf031f781f 100644 --- a/x-pack/plugins/siem/public/common/hooks/api/api.tsx +++ b/x-pack/plugins/siem/public/common/hooks/api/api.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { StartServices } from '../../../plugin'; +import { StartServices } from '../../../types'; import { IndexPatternSavedObject, IndexPatternSavedObjectAttributes } from '../types'; /** diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.test.tsx b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.test.tsx similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.test.tsx rename to x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.test.tsx index b1f09617f0174..f7e433361118f 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.test.tsx +++ b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.test.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import React from 'react'; -import { AppContextTestRender, createAppRootMockRenderer } from '../../mocks'; +import { AppContextTestRender, createAppRootMockRenderer } from '../../mock/endpoint'; import { useNavigateByRouterEventHandler } from './use_navigate_by_router_event_handler'; import { act, fireEvent, cleanup } from '@testing-library/react'; @@ -19,6 +19,7 @@ describe('useNavigateByRouterEventHandler hook', () => { let renderResult: ReturnType; let linkEle: HTMLAnchorElement; let clickHandlerSpy: ClickHandlerMock; + // eslint-disable-next-line react/display-name const Link = React.memo<{ routeTo: Parameters[0]; onClick?: Parameters[1]; @@ -26,7 +27,7 @@ describe('useNavigateByRouterEventHandler hook', () => { const onClickHandler = useNavigateByRouterEventHandler(routeTo, onClick); return (
- mock link + {'mock link'} ); }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.ts b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.ts rename to x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_to_app_event_handler.ts b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_to_app_event_handler.ts rename to x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts index ec9a8691c481e..5fbfa5e0e58a8 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_to_app_event_handler.ts +++ b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts @@ -6,7 +6,7 @@ import { MouseEventHandler, useCallback } from 'react'; import { ApplicationStart } from 'kibana/public'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; type NavigateToAppHandlerProps = Parameters; type EventHandlerCallback = MouseEventHandler; diff --git a/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts b/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts index 42738c6bbe7d8..075f06084384b 100644 --- a/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts +++ b/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts @@ -12,7 +12,7 @@ import { useUiSetting$, withKibana, } from '../../../../../../../src/plugins/kibana_react/public'; -import { StartServices } from '../../../plugin'; +import { StartServices } from '../../../types'; export type KibanaContext = KibanaReactContextValue; export interface WithKibanaProps { diff --git a/x-pack/plugins/siem/public/common/lib/telemetry/index.ts b/x-pack/plugins/siem/public/common/lib/telemetry/index.ts index 0ed524c2ae548..e79ef0d128225 100644 --- a/x-pack/plugins/siem/public/common/lib/telemetry/index.ts +++ b/x-pack/plugins/siem/public/common/lib/telemetry/index.ts @@ -6,7 +6,7 @@ import { METRIC_TYPE, UiStatsMetricType } from '@kbn/analytics'; -import { SetupPlugins } from '../../../plugin'; +import { SetupPlugins } from '../../../types'; export { telemetryMiddleware } from './middleware'; export { METRIC_TYPE }; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/app_context_render.tsx b/x-pack/plugins/siem/public/common/mock/endpoint/app_context_render.tsx similarity index 54% rename from x-pack/plugins/endpoint/public/applications/endpoint/mocks/app_context_render.tsx rename to x-pack/plugins/siem/public/common/mock/endpoint/app_context_render.tsx index 639b1f7252d7f..73ac5fdf51529 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/app_context_render.tsx +++ b/x-pack/plugins/siem/public/common/mock/endpoint/app_context_render.tsx @@ -7,12 +7,20 @@ import React from 'react'; import { createMemoryHistory } from 'history'; import { render as reactRender, RenderOptions, RenderResult } from '@testing-library/react'; -import { appStoreFactory } from '../store'; +import { Store } from 'redux'; + import { coreMock } from '../../../../../../../src/core/public/mocks'; -import { EndpointPluginStartDependencies } from '../../../plugin'; +import { StartPlugins } from '../../../types'; import { depsStartMock } from './dependencies_start_mock'; -import { AppRootProvider } from '../view/app_root_provider'; -import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../store/test_utils'; +import { MiddlewareActionSpyHelper, createSpyMiddleware } from '../../store/test_utils'; +import { apolloClientObservable } from '../test_providers'; +import { createStore, State, substateMiddlewareFactory } from '../../store'; +import { hostMiddlewareFactory } from '../../../endpoint_hosts/store/middleware'; +import { policyListMiddlewareFactory } from '../../../endpoint_policy/store/policy_list/middleware'; +import { policyDetailsMiddlewareFactory } from '../../../endpoint_policy/store/policy_details/middleware'; +import { alertMiddlewareFactory } from '../../../endpoint_alerts/store/middleware'; +import { AppRootProvider } from './app_root_provider'; +import { SUB_PLUGINS_REDUCER, mockGlobalState } from '..'; type UiRender = (ui: React.ReactElement, options?: RenderOptions) => RenderResult; @@ -20,15 +28,16 @@ type UiRender = (ui: React.ReactElement, options?: RenderOptions) => RenderResul * Mocked app root context renderer */ export interface AppContextTestRender { - store: ReturnType; + store: Store; history: ReturnType; coreStart: ReturnType; - depsStart: EndpointPluginStartDependencies; + depsStart: Pick; middlewareSpy: MiddlewareActionSpyHelper; /** * A wrapper around `AppRootContext` component. Uses the mocked modules as input to the * `AppRootContext` */ + // eslint-disable-next-line @typescript-eslint/no-explicit-any AppWrapper: React.FC; /** * Renders the given UI within the created `AppWrapper` providing the given UI a mocked @@ -48,12 +57,28 @@ export const createAppRootMockRenderer = (): AppContextTestRender => { const coreStart = coreMock.createStart({ basePath: '/mock' }); const depsStart = depsStartMock(); const middlewareSpy = createSpyMiddleware(); - const store = appStoreFactory({ - coreStart, - depsStart, - additionalMiddleware: [middlewareSpy.actionSpyMiddleware], - }); - const AppWrapper: React.FunctionComponent<{ children: React.ReactElement }> = ({ children }) => ( + const state: State = mockGlobalState; + const store = createStore(state, SUB_PLUGINS_REDUCER, apolloClientObservable, [ + substateMiddlewareFactory( + globalState => globalState.hostList, + hostMiddlewareFactory(coreStart, depsStart) + ), + substateMiddlewareFactory( + globalState => globalState.policyList, + policyListMiddlewareFactory(coreStart, depsStart) + ), + substateMiddlewareFactory( + globalState => globalState.policyDetails, + policyDetailsMiddlewareFactory(coreStart, depsStart) + ), + substateMiddlewareFactory( + globalState => globalState.alertList, + alertMiddlewareFactory(coreStart, depsStart) + ), + middlewareSpy.actionSpyMiddleware, + ]); + + const AppWrapper: React.FC<{ children: React.ReactElement }> = ({ children }) => ( {children} @@ -61,7 +86,7 @@ export const createAppRootMockRenderer = (): AppContextTestRender => { const render: UiRender = (ui, options) => { // @ts-ignore return reactRender(ui, { - wrapper: AppWrapper, + wrapper: AppWrapper as React.ComponentType, ...options, }); }; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root_provider.tsx b/x-pack/plugins/siem/public/common/mock/endpoint/app_root_provider.tsx similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/app_root_provider.tsx rename to x-pack/plugins/siem/public/common/mock/endpoint/app_root_provider.tsx index ca27831ee90b5..73c0f00573911 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root_provider.tsx +++ b/x-pack/plugins/siem/public/common/mock/endpoint/app_root_provider.tsx @@ -9,22 +9,22 @@ import { Provider } from 'react-redux'; import { I18nProvider } from '@kbn/i18n/react'; import { Router } from 'react-router-dom'; import { History } from 'history'; -import { CoreStart } from 'kibana/public'; import { useObservable } from 'react-use'; +import { Store } from 'redux'; import { EuiThemeProvider } from '../../../../../../legacy/common/eui_styled_components'; import { KibanaContextProvider } from '../../../../../../../src/plugins/kibana_react/public'; -import { appStoreFactory } from '../store'; -import { RouteCapture } from './route_capture'; -import { EndpointPluginStartDependencies } from '../../../plugin'; +import { RouteCapture } from '../../components/endpoint/route_capture'; +import { StartPlugins } from '../../../types'; +import { CoreStart } from '../../../../../../../src/core/public'; /** * Provides the context for rendering the endpoint app */ export const AppRootProvider = memo<{ - store: ReturnType; + store: Store; history: History; coreStart: CoreStart; - depsStart: EndpointPluginStartDependencies; + depsStart: Pick; children: ReactNode | ReactNode[]; }>( ({ @@ -56,3 +56,5 @@ export const AppRootProvider = memo<{ ); } ); + +AppRootProvider.displayName = 'AppRootProvider'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/dependencies_start_mock.ts b/x-pack/plugins/siem/public/common/mock/endpoint/dependencies_start_mock.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/mocks/dependencies_start_mock.ts rename to x-pack/plugins/siem/public/common/mock/endpoint/dependencies_start_mock.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/index.ts b/x-pack/plugins/siem/public/common/mock/endpoint/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/mocks/index.ts rename to x-pack/plugins/siem/public/common/mock/endpoint/index.ts diff --git a/x-pack/plugins/siem/public/common/mock/global_state.ts b/x-pack/plugins/siem/public/common/mock/global_state.ts index e215aa7403ec9..63dd6dddfa9c5 100644 --- a/x-pack/plugins/siem/public/common/mock/global_state.ts +++ b/x-pack/plugins/siem/public/common/mock/global_state.ts @@ -25,6 +25,15 @@ import { } from '../../../common/constants'; import { networkModel } from '../../network/store'; import { TimelineType } from '../../../common/types/timeline'; +import { initialPolicyListState } from '../../endpoint_policy/store/policy_list/reducer'; +import { initialAlertListState } from '../../endpoint_alerts/store/reducer'; +import { initialPolicyDetailsState } from '../../endpoint_policy/store/policy_details/reducer'; +import { initialHostListState } from '../../endpoint_hosts/store/reducer'; + +const policyList = initialPolicyListState(); +const alertList = initialAlertListState(); +const policyDetails = initialPolicyDetailsState(); +const hostList = initialHostListState(); export const mockGlobalState: State = { app: { @@ -225,4 +234,8 @@ export const mockGlobalState: State = { }, }, }, + alertList, + hostList, + policyList, + policyDetails, }; diff --git a/x-pack/plugins/siem/public/common/mock/utils.ts b/x-pack/plugins/siem/public/common/mock/utils.ts index 2b54bf83c0a9b..68c52e493898f 100644 --- a/x-pack/plugins/siem/public/common/mock/utils.ts +++ b/x-pack/plugins/siem/public/common/mock/utils.ts @@ -7,6 +7,10 @@ import { hostsReducer } from '../../hosts/store'; import { networkReducer } from '../../network/store'; import { timelineReducer } from '../../timelines/store/timeline/reducer'; +import { hostListReducer } from '../../endpoint_hosts/store'; +import { alertListReducer } from '../../endpoint_alerts/store'; +import { policyListReducer } from '../../endpoint_policy/store/policy_list'; +import { policyDetailsReducer } from '../../endpoint_policy/store/policy_details'; interface Global extends NodeJS.Global { // eslint-disable-next-line @typescript-eslint/no-explicit-any @@ -19,4 +23,8 @@ export const SUB_PLUGINS_REDUCER = { hosts: hostsReducer, network: networkReducer, timeline: timelineReducer, + hostList: hostListReducer, + alertList: alertListReducer, + policyList: policyListReducer, + policyDetails: policyDetailsReducer, }; diff --git a/x-pack/plugins/siem/public/common/store/actions.ts b/x-pack/plugins/siem/public/common/store/actions.ts index 8a6c292c4893a..a51b075dc7514 100644 --- a/x-pack/plugins/siem/public/common/store/actions.ts +++ b/x-pack/plugins/siem/public/common/store/actions.ts @@ -4,6 +4,19 @@ * you may not use this file except in compliance with the Elastic License. */ +import { HostAction } from '../../endpoint_hosts/store/action'; +import { AlertAction } from '../../endpoint_alerts/store/action'; +import { PolicyListAction } from '../../endpoint_policy/store/policy_list'; +import { PolicyDetailsAction } from '../../endpoint_policy/store/policy_details'; + export { appActions } from './app'; export { dragAndDropActions } from './drag_and_drop'; export { inputsActions } from './inputs'; +import { RoutingAction } from './routing'; + +export type AppAction = + | HostAction + | AlertAction + | RoutingAction + | PolicyListAction + | PolicyDetailsAction; diff --git a/x-pack/plugins/siem/public/common/store/index.ts b/x-pack/plugins/siem/public/common/store/index.ts index 8f5c4449308e2..57162eaae842a 100644 --- a/x-pack/plugins/siem/public/common/store/index.ts +++ b/x-pack/plugins/siem/public/common/store/index.ts @@ -9,5 +9,19 @@ export * from './reducer'; export * from './selectors'; import { createStore, getStore } from './store'; +import { SubstateMiddlewareFactory } from './types'; export { createStore, getStore }; + +export const substateMiddlewareFactory: SubstateMiddlewareFactory = (selector, middleware) => { + return api => { + const substateAPI = { + ...api, + // Return just the substate instead of global state. + getState() { + return selector(api.getState()); + }, + }; + return middleware(substateAPI); + }; +}; diff --git a/x-pack/plugins/siem/public/common/store/reducer.ts b/x-pack/plugins/siem/public/common/store/reducer.ts index da1dcd3ea9e73..570e851a3aa5e 100644 --- a/x-pack/plugins/siem/public/common/store/reducer.ts +++ b/x-pack/plugins/siem/public/common/store/reducer.ts @@ -13,8 +13,28 @@ import { createInitialInputsState, initialInputsState, inputsReducer, InputsStat import { HostsPluginState, HostsPluginReducer } from '../../hosts/store'; import { NetworkPluginState, NetworkPluginReducer } from '../../network/store'; import { TimelinePluginState, TimelinePluginReducer } from '../../timelines/store/timeline'; +import { + EndpointAlertsPluginState, + EndpointAlertsPluginReducer, +} from '../../endpoint_alerts/store'; +import { EndpointHostsPluginState, EndpointHostsPluginReducer } from '../../endpoint_hosts/store'; +import { + EndpointPolicyDetailsStatePluginState, + EndpointPolicyDetailsStatePluginReducer, +} from '../../endpoint_policy/store/policy_details'; +import { + EndpointPolicyListStatePluginState, + EndpointPolicyListStatePluginReducer, +} from '../../endpoint_policy/store/policy_list'; -export interface State extends HostsPluginState, NetworkPluginState, TimelinePluginState { +export interface State + extends HostsPluginState, + NetworkPluginState, + TimelinePluginState, + EndpointAlertsPluginState, + EndpointHostsPluginState, + EndpointPolicyDetailsStatePluginState, + EndpointPolicyListStatePluginState { app: AppState; dragAndDrop: DragAndDropState; inputs: InputsState; @@ -26,10 +46,20 @@ export const initialState: Pick = { inputs: initialInputsState, }; -type SubPluginsInitState = HostsPluginState & NetworkPluginState & TimelinePluginState; +type SubPluginsInitState = HostsPluginState & + NetworkPluginState & + TimelinePluginState & + EndpointAlertsPluginState & + EndpointHostsPluginState & + EndpointPolicyDetailsStatePluginState & + EndpointPolicyListStatePluginState; export type SubPluginsInitReducer = HostsPluginReducer & NetworkPluginReducer & - TimelinePluginReducer; + TimelinePluginReducer & + EndpointAlertsPluginReducer & + EndpointHostsPluginReducer & + EndpointPolicyDetailsStatePluginReducer & + EndpointPolicyListStatePluginReducer; export const createInitialState = (pluginsInitState: SubPluginsInitState): State => ({ ...initialState, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts b/x-pack/plugins/siem/public/common/store/routing/action.ts similarity index 68% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts rename to x-pack/plugins/siem/public/common/store/routing/action.ts index fd72a02b33588..ae5e4eb32d476 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts +++ b/x-pack/plugins/siem/public/common/store/routing/action.ts @@ -4,12 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Immutable } from '../../../../../common/types'; -import { EndpointAppLocation } from '../../types'; +import { AppLocation, Immutable } from '../../../../common/endpoint/types'; interface UserChangedUrl { readonly type: 'userChangedUrl'; - readonly payload: Immutable; + readonly payload: Immutable; } export type RoutingAction = UserChangedUrl; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts b/x-pack/plugins/siem/public/common/store/routing/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts rename to x-pack/plugins/siem/public/common/store/routing/index.ts diff --git a/x-pack/plugins/siem/public/common/store/store.ts b/x-pack/plugins/siem/public/common/store/store.ts index ea7cb417fb24b..10ea61828ed36 100644 --- a/x-pack/plugins/siem/public/common/store/store.ts +++ b/x-pack/plugins/siem/public/common/store/store.ts @@ -4,7 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Action, applyMiddleware, compose, createStore as createReduxStore, Store } from 'redux'; +import { + Action, + applyMiddleware, + compose, + createStore as createReduxStore, + Store, + Middleware, + Dispatch, +} from 'redux'; import { createEpicMiddleware } from 'redux-observable'; import { Observable } from 'rxjs'; @@ -16,6 +24,8 @@ import { inputsSelectors } from './inputs'; import { State, SubPluginsInitReducer, createReducer } from './reducer'; import { createRootEpic } from './epic'; import { AppApolloClient } from '../lib/lib'; +import { AppAction } from './actions'; +import { Immutable } from '../../../common/endpoint/types'; type ComposeType = typeof compose; declare global { @@ -28,7 +38,8 @@ export { SubPluginsInitReducer }; export const createStore = ( state: State, pluginsReducer: SubPluginsInitReducer, - apolloClient: Observable + apolloClient: Observable, + additionalMiddleware?: Array>>> ): Store => { const composeEnhancers = window.__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ || compose; @@ -49,7 +60,9 @@ export const createStore = ( store = createReduxStore( createReducer(pluginsReducer), state, - composeEnhancers(applyMiddleware(epicMiddleware, telemetryMiddleware)) + composeEnhancers( + applyMiddleware(epicMiddleware, telemetryMiddleware, ...(additionalMiddleware ?? [])) + ) ); epicMiddleware.run(createRootEpic()); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/test_utils.ts b/x-pack/plugins/siem/public/common/store/test_utils.ts similarity index 95% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/test_utils.ts rename to x-pack/plugins/siem/public/common/store/test_utils.ts index df17cf8cf6638..74d65ee5b589b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/test_utils.ts +++ b/x-pack/plugins/siem/public/common/store/test_utils.ts @@ -5,12 +5,14 @@ */ import { Dispatch } from 'redux'; -import { AppAction, GlobalState, ImmutableMiddlewareFactory } from '../types'; +import { State } from './reducer'; +import { AppAction } from './actions'; +import { ImmutableMiddlewareFactory } from './types'; /** * Utilities for testing Redux middleware */ -export interface MiddlewareActionSpyHelper { +export interface MiddlewareActionSpyHelper { /** * Returns a promise that is fulfilled when the given action is dispatched or a timeout occurs. * The `action` will given to the promise `resolve` thus allowing for checks to be done. @@ -67,7 +69,7 @@ export interface MiddlewareActionSpyHelper(): MiddlewareActionSpyHelper => { type ActionWatcher = (action: A) => void; diff --git a/x-pack/plugins/siem/public/common/store/types.ts b/x-pack/plugins/siem/public/common/store/types.ts index 2c679ba41116e..0a1010ea87fca 100644 --- a/x-pack/plugins/siem/public/common/store/types.ts +++ b/x-pack/plugins/siem/public/common/store/types.ts @@ -4,6 +4,20 @@ * you may not use this file except in compliance with the Elastic License. */ +import { + Dispatch, + Action as ReduxAction, + AnyAction as ReduxAnyAction, + Action, + Middleware, +} from 'redux'; + +import { CoreStart } from '../../../../../../src/core/public'; +import { Immutable } from '../../../common/endpoint_alerts/types'; +import { State } from './reducer'; +import { StartPlugins } from '../../types'; +import { AppAction } from './actions'; + export type KueryFilterQueryKind = 'kuery' | 'lucene'; export interface KueryFilterQuery { @@ -15,3 +29,94 @@ export interface SerializedFilterQuery { kuery: KueryFilterQuery | null; serializedQuery: string; } + +/** + * like redux's `MiddlewareAPI` but `getState` returns an `Immutable` version of + * state and `dispatch` accepts `Immutable` versions of actions. + */ +export interface ImmutableMiddlewareAPI { + dispatch: Dispatch>; + getState(): Immutable; +} + +/** + * Like redux's `Middleware` but without the ability to mutate actions or state. + * Differences: + * * `getState` returns an `Immutable` version of state + * * `dispatch` accepts `Immutable` versions of actions + * * `action`s received will be `Immutable` + */ +export type ImmutableMiddleware = ( + api: ImmutableMiddlewareAPI +) => (next: Dispatch>) => (action: Immutable) => unknown; + +/** + * Takes application-standard middleware dependencies + * and returns a redux middleware. + * Middleware will be of the `ImmutableMiddleware` variety. Not able to directly + * change actions or state. + */ +export type ImmutableMiddlewareFactory = ( + coreStart: CoreStart, + depsStart: Pick +) => ImmutableMiddleware; + +/** + * Simple type for a redux selector. + */ +type Selector = (state: S) => R; + +/** + * Takes a selector and an `ImmutableMiddleware`. The + * middleware's version of `getState` will receive + * the result of the selector instead of the global state. + * + * This allows middleware to have knowledge of only a subsection of state. + * + * `selector` returns an `Immutable` version of the substate. + * `middleware` must be an `ImmutableMiddleware`. + * + * Returns a regular middleware, meant to be used with `applyMiddleware`. + */ +export type SubstateMiddlewareFactory = ( + selector: Selector>, + middleware: ImmutableMiddleware +) => Middleware<{}, State, Dispatch>>; + +/** + * Like `Reducer` from `redux` but it accepts immutable versions of `state` and `action`. + * Use this type for all Reducers in order to help enforce our pattern of immutable state. + */ +export type ImmutableReducer = ( + state: Immutable | undefined, + action: Immutable +) => State | Immutable; + +/** + * A alternate interface for `redux`'s `combineReducers`. Will work with the same underlying implementation, + * but will enforce that `Immutable` versions of `state` and `action` are received. + */ +export type ImmutableCombineReducers = ( + reducers: ImmutableReducersMapObject +) => ImmutableReducer; + +/** + * Like `redux`'s `ReducersMapObject` (which is used by `combineReducers`) but enforces that + * the `state` and `action` received are `Immutable` versions. + */ +type ImmutableReducersMapObject = { + [K in keyof S]: ImmutableReducer; +}; + +/** + * A better type for createStructuredSelector. This doesn't support the options object. + */ +export type CreateStructuredSelector = < + SelectorMap extends { [key: string]: (...args: never[]) => unknown } +>( + selectorMap: SelectorMap +) => ( + state: SelectorMap[keyof SelectorMap] extends (state: infer State) => unknown ? State : never +) => { + [Key in keyof SelectorMap]: ReturnType; +}; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/index.ts b/x-pack/plugins/siem/public/common/types.ts similarity index 72% rename from x-pack/plugins/endpoint/server/routes/alerts/details/lib/index.ts rename to x-pack/plugins/siem/public/common/types.ts index 20ae25f7aa849..f83bb71790884 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/index.ts +++ b/x-pack/plugins/siem/public/common/types.ts @@ -4,4 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -export { AlertDetailsPagination } from './pagination'; +export interface ServerApiError { + statusCode: number; + error: string; + message: string; +} diff --git a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.test.ts b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.test.ts similarity index 85% rename from x-pack/plugins/endpoint/public/common/clone_http_fetch_query.test.ts rename to x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.test.ts index 9ac6b8b29f462..f70c2e8b63885 100644 --- a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.test.ts +++ b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.test.ts @@ -5,8 +5,8 @@ */ import { cloneHttpFetchQuery } from './clone_http_fetch_query'; -import { Immutable } from '../../common/types'; -import { HttpFetchQuery } from '../../../../../src/core/public'; +import { HttpFetchQuery } from '../../../../../../src/core/public'; +import { Immutable } from '../../../common/endpoint/types'; describe('cloneHttpFetchQuery', () => { it('can clone complex queries', () => { diff --git a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.ts b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.ts similarity index 82% rename from x-pack/plugins/endpoint/public/common/clone_http_fetch_query.ts rename to x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.ts index fdf1d6603830a..bfa433dc9f9ac 100644 --- a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.ts +++ b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.ts @@ -4,9 +4,9 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Immutable } from '../../common/types'; +import { Immutable } from '../../../common/endpoint_alerts/types'; -import { HttpFetchQuery } from '../../../../../src/core/public'; +import { HttpFetchQuery } from '../../../../../../src/core/public'; export function cloneHttpFetchQuery(query: Immutable): HttpFetchQuery { const clone: HttpFetchQuery = {}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/formatted_date.tsx b/x-pack/plugins/siem/public/endpoint_alerts/components/formatted_date.tsx similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/formatted_date.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/components/formatted_date.tsx index 731bd31b26cef..4b9bce4d42eb5 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/formatted_date.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/components/formatted_date.tsx @@ -20,3 +20,5 @@ export const FormattedDate = memo(({ timestamp }: { timestamp: number }) => { /> ); }); + +FormattedDate.displayName = 'FormattedDate'; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/index.ts new file mode 100644 index 0000000000000..a1f730e209dc2 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/index.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getEndpointAlertsRoutes } from './routes'; +import { Immutable } from '../../common/endpoint/types'; +import { initialAlertListState, alertListReducer } from './store/reducer'; +import { AlertListState } from '../../common/endpoint_alerts/types'; +import { alertMiddlewareFactory } from './store/middleware'; +import { substateMiddlewareFactory } from '../common/store'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; + +export class EndpointAlerts { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'alertList', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.alertList, + alertMiddlewareFactory(core, { data, ingestManager }) + ); + + return { + routes: getEndpointAlertsRoutes(), + store: { + initialState: { alertList: initialAlertListState() }, + reducer: { alertList: alertListReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/models/index_pattern.ts b/x-pack/plugins/siem/public/endpoint_alerts/models/index_pattern.ts similarity index 78% rename from x-pack/plugins/endpoint/public/applications/endpoint/models/index_pattern.ts rename to x-pack/plugins/siem/public/endpoint_alerts/models/index_pattern.ts index 0cae054432f96..8daaa3fef7a29 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/models/index_pattern.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/models/index_pattern.ts @@ -5,8 +5,8 @@ */ import { all } from 'deepmerge'; -import { Immutable } from '../../../../common/types'; -import { IIndexPattern } from '../../../../../../../src/plugins/data/common'; +import { IIndexPattern } from 'src/plugins/data/public'; +import { Immutable } from '../../../common/endpoint_alerts/types'; /** * Model for the `IIndexPattern` interface exported by the `data` plugin. diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/routes.tsx similarity index 50% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.ts rename to x-pack/plugins/siem/public/endpoint_alerts/routes.tsx index 8086acc41d2bd..60df7f5d47129 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/routes.tsx @@ -4,6 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -export { policyListReducer } from './reducer'; -export { PolicyListAction } from './action'; -export { policyListMiddlewareFactory } from './middleware'; +import React from 'react'; +import { Route } from 'react-router-dom'; + +import { AlertIndex } from './view'; + +export const getEndpointAlertsRoutes = () => [ + + + , +]; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/action.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/action.ts index 80b7fd87e13be..ae103edaa5a2b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/action.ts @@ -5,8 +5,8 @@ */ import { IIndexPattern } from 'src/plugins/data/public'; -import { Immutable, AlertDetails } from '../../../../../common/types'; -import { AlertListData } from '../../types'; +// import { Immutable } from '../../../common/types'; +import { AlertDetails, AlertListData, Immutable } from '../../../common/endpoint_alerts/types'; interface ServerReturnedAlertsData { readonly type: 'serverReturnedAlertsData'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_details.test.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_details.test.ts similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_details.test.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/alert_details.test.ts index feac8944f476b..c6f3de73aa2b3 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_details.test.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_details.test.ts @@ -5,19 +5,20 @@ */ import { Store, createStore, applyMiddleware } from 'redux'; -import { History } from 'history'; +import { createBrowserHistory, History } from 'history'; + +import { coreMock } from '../../../../../../src/core/public/mocks'; +import { AlertListState, Immutable } from '../../../common/endpoint_alerts/types'; +import { depsStartMock, DepsStartMock } from '../../common/mock/endpoint'; + import { alertListReducer } from './reducer'; -import { AlertListState } from '../../types'; + import { alertMiddlewareFactory } from './middleware'; -import { AppAction } from '../action'; -import { coreMock } from 'src/core/public/mocks'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { createBrowserHistory } from 'history'; + import { mockAlertResultList } from './mock_alert_result_list'; -import { Immutable } from '../../../../../common/types'; describe('alert details tests', () => { - let store: Store, Immutable>; + let store: Store; let coreStart: ReturnType; let depsStart: DepsStartMock; let history: History; @@ -56,7 +57,7 @@ describe('alert details tests', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/alerts', + pathname: '/endpoint-alerts', search: '?selected_alert=q9ncfh4q9ctrmc90umcq4', }, }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list.test.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list.test.ts similarity index 85% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list.test.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/alert_list.test.ts index 84281813312e0..9acf22d4cefe2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list.test.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list.test.ts @@ -5,20 +5,17 @@ */ import { Store, createStore, applyMiddleware } from 'redux'; -import { History } from 'history'; +import { History, createBrowserHistory } from 'history'; import { alertListReducer } from './reducer'; -import { AlertListState } from '../../types'; +import { AlertListState, AlertResultList, Immutable } from '../../../common/endpoint_alerts/types'; import { alertMiddlewareFactory } from './middleware'; -import { AppAction } from '../action'; import { coreMock } from 'src/core/public/mocks'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { AlertResultList, Immutable } from '../../../../../common/types'; +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; import { isOnAlertPage } from './selectors'; -import { createBrowserHistory } from 'history'; import { mockAlertResultList } from './mock_alert_result_list'; describe('alert list tests', () => { - let store: Store, Immutable>; + let store: Store; let coreStart: ReturnType; let depsStart: DepsStartMock; let history: History; @@ -59,7 +56,7 @@ describe('alert list tests', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/alerts', + pathname: '/endpoint-alerts', }, }); }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list_pagination.test.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list_pagination.test.ts similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list_pagination.test.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/alert_list_pagination.test.ts index 4cc86e9c0449c..3ba7d830ccf4a 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list_pagination.test.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list_pagination.test.ts @@ -4,21 +4,28 @@ * you may not use this file except in compliance with the Elastic License. */ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + import { Store, createStore, applyMiddleware } from 'redux'; -import { History } from 'history'; -import { alertListReducer } from './reducer'; -import { AlertListState, AlertingIndexUIQueryParams } from '../../types'; +import { History, createBrowserHistory } from 'history'; + +import { coreMock } from '../../../../../../src/core/public/mocks'; + +import { AlertingIndexUIQueryParams } from '../../../common/endpoint_alerts/types'; +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; + import { alertMiddlewareFactory } from './middleware'; -import { AppAction } from '../action'; -import { coreMock } from 'src/core/public/mocks'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { createBrowserHistory } from 'history'; + +import { alertListReducer } from './reducer'; import { uiQueryParams } from './selectors'; -import { urlFromQueryParams } from '../../view/alerts/url_from_query_params'; -import { Immutable } from '../../../../../common/types'; +import { urlFromQueryParams } from '../view/url_from_query_params'; describe('alert list pagination', () => { - let store: Store, Immutable>; + let store: Store; let coreStart: ReturnType; let depsStart: DepsStartMock; let history: History; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/store/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/index.ts new file mode 100644 index 0000000000000..dd97d60c532b0 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/index.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AlertListState, Immutable } from '../../../common/endpoint_alerts/types'; +import { ImmutableReducer } from '../../common/store'; +import { AppAction } from '../../common/store/actions'; + +export { alertListReducer } from './reducer'; +export { AlertAction } from './action'; + +export interface EndpointAlertsPluginState { + alertList: Immutable; +} + +export interface EndpointAlertsPluginReducer { + alertList: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/middleware.ts similarity index 79% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/middleware.ts index 6bc728db99819..f217cfcdfb5a7 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/middleware.ts @@ -4,14 +4,19 @@ * you may not use this file except in compliance with the Elastic License. */ -import { IIndexPattern } from 'src/plugins/data/public'; -import { AlertResultList, AlertDetails } from '../../../../../common/types'; -import { ImmutableMiddlewareFactory, AlertListState } from '../../types'; +import { IIndexPattern } from '../../../../../../src/plugins/data/public'; +import { + AlertResultList, + AlertDetails, + AlertListState, +} from '../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../common/endpoint_alerts/alert_constants'; +import { ImmutableMiddlewareFactory } from '../../common/store'; +import { cloneHttpFetchQuery } from '../../common/utils/clone_http_fetch_query'; import { isOnAlertPage, apiQueryParams, hasSelectedAlert, uiQueryParams } from './selectors'; -import { cloneHttpFetchQuery } from '../../../../common/clone_http_fetch_query'; -import { AlertConstants } from '../../../../../common/alert_constants'; +import { Immutable } from '../../../common/endpoint/types'; -export const alertMiddlewareFactory: ImmutableMiddlewareFactory = ( +export const alertMiddlewareFactory: ImmutableMiddlewareFactory> = ( coreStart, depsStart ) => { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/mock_alert_result_list.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/mock_alert_result_list.ts similarity index 89% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/mock_alert_result_list.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/mock_alert_result_list.ts index 6a13e0f92471b..88bba2b7a2474 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/mock_alert_result_list.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/mock_alert_result_list.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { AlertResultList, AlertDetails } from '../../../../../common/types'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; +import { AlertResultList, AlertDetails } from '../../../common/endpoint_alerts/types'; export const mockAlertResultList: (options?: { total?: number; @@ -30,7 +30,7 @@ export const mockAlertResultList: (options?: { alerts.push({ ...generator.generateAlert(new Date().getTime() + index * 1000), ...{ - id: 'xDUYMHABAJk0XnHd8rrd' + index, + id: `xDUYMHABAJk0XnHd8rrd${index}`, prev: null, next: null, }, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/reducer.ts similarity index 82% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/reducer.ts index 52b91dcae7d70..3e79ad4d1c614 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/reducer.ts @@ -4,11 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ -import { AlertListState, ImmutableReducer } from '../../types'; -import { AppAction } from '../action'; -import { Immutable } from '../../../../../common/types'; +import { Immutable, AlertListState } from '../../../common/endpoint_alerts/types'; +import { ImmutableReducer } from '../../common/store'; +import { AppAction } from '../../common/store/actions'; -const initialState = (): Immutable => { +export const initialAlertListState = (): Immutable => { return { alerts: [], alertDetails: undefined, @@ -23,7 +23,7 @@ const initialState = (): Immutable => { }; export const alertListReducer: ImmutableReducer = ( - state = initialState(), + state = initialAlertListState(), action ) => { if (action.type === 'serverReturnedAlertsData') { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/selectors.ts similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/selectors.ts index cc362c3701956..0e9de70f7b415 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/selectors.ts @@ -4,15 +4,23 @@ * you may not use this file except in compliance with the Elastic License. */ +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; import { createSelector, createStructuredSelector as createStructuredSelectorWithBadType, } from 'reselect'; import { encode, decode } from 'rison-node'; -import { Query, TimeRange, Filter } from 'src/plugins/data/public'; -import { AlertListState, AlertingIndexUIQueryParams, CreateStructuredSelector } from '../../types'; -import { Immutable, AlertingIndexGetQueryInput } from '../../../../../common/types'; + +import { Query, TimeRange, Filter } from '../../../../../../src/plugins/data/public'; + +import { + Immutable, + AlertingIndexGetQueryInput, + AlertListState, + AlertingIndexUIQueryParams, +} from '../../../common/endpoint_alerts/types'; +import { CreateStructuredSelector } from '../../common/store'; const createStructuredSelector: CreateStructuredSelector = createStructuredSelectorWithBadType; @@ -36,7 +44,7 @@ export const alertListPagination = createStructuredSelector({ * Returns a boolean based on whether or not the user is on the alerts page */ export const isOnAlertPage = (state: Immutable): boolean => { - return state.location ? state.location.pathname === '/alerts' : false; + return state.location ? state.location.pathname === '/endpoint-alerts' : false; }; /** diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/alert_details.test.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/alert_details.test.tsx similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/alert_details.test.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/alert_details.test.tsx index e3639bf1cacbc..cb44176d6b4c3 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/alert_details.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/alert_details.test.tsx @@ -5,21 +5,22 @@ */ import * as reactTestingLibrary from '@testing-library/react'; -import { appStoreFactory } from '../../store'; -import { fireEvent } from '@testing-library/react'; import { MemoryHistory } from 'history'; -import { AppAction } from '../../types'; -import { mockAlertDetailsResult } from '../../store/alerts/mock_alert_result_list'; +import { Store } from 'redux'; + +import { mockAlertDetailsResult } from '../store/mock_alert_result_list'; import { alertPageTestRender } from './test_helpers/render_alert_page'; +import { AppAction } from '../../common/store/actions'; +import { State } from '../../common/store/reducer'; describe('when the alert details flyout is open', () => { let render: () => reactTestingLibrary.RenderResult; let history: MemoryHistory; - let store: ReturnType; + let store: Store; beforeEach(async () => { // Creates the render elements for the tests to use - ({ render, history, store } = alertPageTestRender); + ({ render, history, store } = alertPageTestRender()); }); describe('when the alerts details flyout is open', () => { beforeEach(() => { @@ -50,7 +51,7 @@ describe('when the alert details flyout is open', () => { 'alertDetailTakeActionDropdownButton' ); if (takeActionButton) { - fireEvent.click(takeActionButton); + reactTestingLibrary.fireEvent.click(takeActionButton); } }); it('should display the correct fields in the dropdown', async () => { @@ -64,7 +65,7 @@ describe('when the alert details flyout is open', () => { renderResult = render(); const overviewTab = await renderResult.findByTestId('overviewMetadata'); if (overviewTab) { - fireEvent.click(overviewTab); + reactTestingLibrary.fireEvent.click(overviewTab); } }); it('should render all accordion panels', async () => { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/details/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/index.ts rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/index.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/file_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/file_accordion.tsx similarity index 60% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/file_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/file_accordion.tsx index 26f1985368465..1009bec0cec0e 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/file_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/file_accordion.tsx @@ -6,56 +6,62 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; import { FormattedDate } from '../../formatted_date'; export const FileAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileName', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileName', { defaultMessage: 'File Name', }), description: alertData.file.name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.filePath', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.filePath', { defaultMessage: 'File Path', }), description: alertData.file.path, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileSize', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileSize', { defaultMessage: 'File Size', }), description: alertData.file.size, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileCreated', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileCreated', { defaultMessage: 'File Created', }), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileModified', { - defaultMessage: 'File Modified', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.fileModified', + { + defaultMessage: 'File Modified', + } + ), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileAccessed', { - defaultMessage: 'File Accessed', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.fileAccessed', + { + defaultMessage: 'File Accessed', + } + ), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.signer', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.signer', { defaultMessage: 'Signer', }), description: alertData.file.code_signature.subject_name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.owner', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.owner', { defaultMessage: 'Owner', }), description: alertData.file.owner, @@ -67,7 +73,7 @@ export const FileAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +FileAccordion.displayName = 'FileAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/general_accordion.tsx similarity index 64% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/general_accordion.tsx index 79cb61693056c..fc0d38188fd27 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/general_accordion.tsx @@ -6,44 +6,47 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; import { FormattedDate } from '../../formatted_date'; export const GeneralAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.alertType', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.alertType', { defaultMessage: 'Alert Type', }), description: alertData.event.category, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.eventType', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.eventType', { defaultMessage: 'Event Type', }), description: alertData.event.kind, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.status', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.status', { defaultMessage: 'Status', }), description: 'TODO', }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.dateCreated', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.dateCreated', { defaultMessage: 'Date Created', }), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.malwareScore', { - defaultMessage: 'MalwareScore', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.malwareScore', + { + defaultMessage: 'MalwareScore', + } + ), description: alertData.file.malware_classification.score, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileName', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileName', { defaultMessage: 'File Name', }), description: alertData.file.name, @@ -54,7 +57,7 @@ export const GeneralAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +GeneralAccordion.displayName = 'GeneralAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/hash_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/hash_accordion.tsx similarity index 70% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/hash_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/hash_accordion.tsx index 4a2f7378a36ed..ae62bd80b73bc 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/hash_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/hash_accordion.tsx @@ -6,25 +6,25 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; export const HashAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.md5', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.md5', { defaultMessage: 'MD5', }), description: alertData.file.hash.md5, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha1', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha1', { defaultMessage: 'SHA1', }), description: alertData.file.hash.sha1, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha256', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha256', { defaultMessage: 'SHA256', }), description: alertData.file.hash.sha256, @@ -36,7 +36,7 @@ export const HashAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +HashAccordion.displayName = 'HashAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/host_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/host_accordion.tsx similarity index 50% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/host_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/host_accordion.tsx index e332c96192fab..70723efd97b8c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/host_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/host_accordion.tsx @@ -5,60 +5,75 @@ */ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; -import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { EuiHealth } from '@elastic/eui'; +import { EuiAccordion, EuiDescriptionList, EuiHealth } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import { Immutable, AlertDetails } from '../../../../../../../common/types'; + +import { Immutable, AlertDetails } from '../../../../../common/endpoint_alerts/types'; export const HostAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostNameCurrent', { - defaultMessage: 'Host Name (Current)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostNameCurrent', + { + defaultMessage: 'Host Name (Current)', + } + ), description: alertData.state.host_metadata.host.hostname, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostNameOriginal', { - defaultMessage: 'Host Name (At time of alert)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostNameOriginal', + { + defaultMessage: 'Host Name (At time of alert)', + } + ), description: alertData.host.hostname, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostIPCurrent', { - defaultMessage: 'Host IP (Current)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostIPCurrent', + { + defaultMessage: 'Host IP (Current)', + } + ), description: alertData.state.host_metadata.host.ip.join(', '), }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostIPOriginal', { - defaultMessage: 'Host IP (At time of alert)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostIPOriginal', + { + defaultMessage: 'Host IP (At time of alert)', + } + ), description: alertData.host.ip.join(', '), }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.currentStatus', { - defaultMessage: 'Current Status', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.currentStatus', + { + defaultMessage: 'Current Status', + } + ), description: ( {' '} ), }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.osCurrent', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.osCurrent', { defaultMessage: 'OS (Current)', }), description: alertData.state.host_metadata.host.os.name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.osOriginal', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.osOriginal', { defaultMessage: 'OS (At time of alert)', }), description: alertData.host.os.name, @@ -70,7 +85,7 @@ export const HostAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +HostAccordion.displayName = 'HostAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/index.ts rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/index.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_accordion.tsx similarity index 58% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_accordion.tsx index 538562bfbbc06..607327a49de1c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_accordion.tsx @@ -6,73 +6,79 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; export const SourceProcessAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.processID', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.processID', { defaultMessage: 'Process ID', }), description: alertData.process.pid, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.processName', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.processName', { defaultMessage: 'Process Name', }), description: alertData.process.name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.processPath', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.processPath', { defaultMessage: 'Process Path', }), description: alertData.process.executable, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.md5', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.md5', { defaultMessage: 'MD5', }), description: alertData.process.hash.md5, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha1', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha1', { defaultMessage: 'SHA1', }), description: alertData.process.hash.sha1, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha256', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha256', { defaultMessage: 'SHA256', }), description: alertData.process.hash.sha256, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.malwareScore', { - defaultMessage: 'MalwareScore', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.malwareScore', + { + defaultMessage: 'MalwareScore', + } + ), description: alertData.process.malware_classification?.score || '-', }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.parentProcessID', { - defaultMessage: 'Parent Process ID', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.parentProcessID', + { + defaultMessage: 'Parent Process ID', + } + ), description: alertData.process.parent?.pid || '-', }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.signer', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.signer', { defaultMessage: 'Signer', }), description: alertData.process.code_signature.subject_name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.username', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.username', { defaultMessage: 'Username', }), description: alertData.process.token.user, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.domain', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.domain', { defaultMessage: 'Domain', }), description: alertData.process.token.domain, @@ -84,7 +90,7 @@ export const SourceProcessAccordion = memo(({ alertData }: { alertData: Immutabl ); }); + +SourceProcessAccordion.displayName = 'SourceProcessAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_token_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_token_accordion.tsx similarity index 68% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_token_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_token_accordion.tsx index 00755673d3f82..9be494d92a88d 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_token_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_token_accordion.tsx @@ -6,22 +6,25 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; export const SourceProcessTokenAccordion = memo( ({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sid', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sid', { defaultMessage: 'SID', }), description: alertData.process.token.sid, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.integrityLevel', { - defaultMessage: 'Integrity Level', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.integrityLevel', + { + defaultMessage: 'Integrity Level', + } + ), description: alertData.process.token.integrity_level, }, ]; @@ -31,7 +34,7 @@ export const SourceProcessTokenAccordion = memo( { + const alertDetailsData = useAlertListSelector(selectors.selectedAlertDetailsData); + if (alertDetailsData === undefined) { + return null; + } + + const tabs: EuiTabbedContentTab[] = useMemo(() => { + return [ + { + id: 'overviewMetadata', + 'data-test-subj': 'overviewMetadata', + name: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.overview.tabs.overview', + { + defaultMessage: 'Overview', + } + ), + content: ( + <> + + + + ), + }, + { + id: 'overviewResolver', + 'data-test-subj': 'overviewResolverTab', + name: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.overview.tabs.resolver', + { + defaultMessage: 'Resolver', + } + ), + content: ( + <> + + + + ), + }, + ]; + }, [alertDetailsData]); + + return ( + <> +
+ +

+ +

+
+ + +

+ , + }} + /> +

+
+ + + {'Endpoint Status: '} + + + + + + + + + + +
+ + + ); +}); + +AlertDetailsOverviewComponent.displayName = 'AlertDetailsOverview'; + +export const AlertDetailsOverview = styled(AlertDetailsOverviewComponent)` + height: 100%; + width: 100%; +`; + +AlertDetailsOverview.displayName = 'AlertDetailsOverview'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/metadata_panel.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/metadata_panel.tsx similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/metadata_panel.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/metadata_panel.tsx index 556d7bea2e310..75ddc58c8cad2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/metadata_panel.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/metadata_panel.tsx @@ -7,7 +7,7 @@ import React, { memo } from 'react'; import { EuiSpacer } from '@elastic/eui'; import { useAlertListSelector } from '../../hooks/use_alerts_selector'; -import * as selectors from '../../../../store/alerts/selectors'; +import * as selectors from '../../../store/selectors'; import { GeneralAccordion, HostAccordion, @@ -38,3 +38,5 @@ export const MetadataPanel = memo(() => { ); }); + +MetadataPanel.displayName = 'MetadataPanel'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/take_action_dropdown.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/take_action_dropdown.tsx similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/take_action_dropdown.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/take_action_dropdown.tsx index 8d8468b4df4a3..847249125a5fa 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/take_action_dropdown.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/take_action_dropdown.tsx @@ -16,12 +16,14 @@ const TakeActionButton = memo(({ onClick }: { onClick: () => void }) => ( onClick={onClick} > )); +TakeActionButton.displayName = 'TakeActionButton'; + export const TakeActionDropdown = memo(() => { const [isDropdownOpen, setIsDropdownOpen] = useState(false); @@ -48,7 +50,7 @@ export const TakeActionDropdown = memo(() => { iconType="folderCheck" > @@ -61,7 +63,7 @@ export const TakeActionDropdown = memo(() => { iconType="listAdd" > @@ -69,3 +71,5 @@ export const TakeActionDropdown = memo(() => { ); }); + +TakeActionDropdown.displayName = 'TakeActionDropdown'; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx new file mode 100644 index 0000000000000..4b9bce4d42eb5 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import React, { memo } from 'react'; +import { FormattedDate as ReactIntlFormattedDate } from '@kbn/i18n/react'; + +export const FormattedDate = memo(({ timestamp }: { timestamp: number }) => { + const date = new Date(timestamp); + return ( + + ); +}); + +FormattedDate.displayName = 'FormattedDate'; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts new file mode 100644 index 0000000000000..726f6a453cb5d --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { useSelector } from 'react-redux'; +import { Immutable, AlertListState } from '../../../../common/endpoint_alerts/types'; +import { State } from '../../../common/store/reducer'; + +export function useAlertListSelector( + selector: ( + state: Immutable + ) => TSelected extends Immutable ? TSelected : never +) { + return useSelector((state: Immutable) => selector(state.alertList)); +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.test.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/index.test.tsx similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.test.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/index.test.tsx index 77e31d015fc03..6d7350f20d21f 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/index.test.tsx @@ -6,23 +6,24 @@ import * as reactTestingLibrary from '@testing-library/react'; import { IIndexPattern } from 'src/plugins/data/public'; -import { appStoreFactory } from '../../store'; -import { fireEvent, act } from '@testing-library/react'; import { MemoryHistory } from 'history'; -import { AppAction } from '../../types'; -import { mockAlertResultList } from '../../store/alerts/mock_alert_result_list'; -import { DepsStartMock } from '../../mocks'; +import { Store } from 'redux'; + +import { mockAlertResultList } from '../store/mock_alert_result_list'; import { alertPageTestRender } from './test_helpers/render_alert_page'; +import { DepsStartMock } from '../../common/mock/endpoint'; +import { State } from '../../common/store/reducer'; +import { AppAction } from '../../common/store/actions'; describe('when on the alerting page', () => { let render: () => reactTestingLibrary.RenderResult; let history: MemoryHistory; - let store: ReturnType; + let store: Store; let depsStart: DepsStartMock; beforeEach(async () => { // Creates the render elements for the tests to use - ({ render, history, store, depsStart } = alertPageTestRender); + ({ render, history, store, depsStart } = alertPageTestRender()); }); it('should show a data grid', async () => { await render().findByTestId('alertListGrid'); @@ -63,7 +64,7 @@ describe('when on the alerting page', () => { /** * This is the cell with the alert type, it has a link. */ - fireEvent.click(alertLinks[0]); + reactTestingLibrary.fireEvent.click(alertLinks[0]); }); it('should show the flyout', async () => { await renderResult.findByTestId('alertDetailFlyout'); @@ -92,7 +93,7 @@ describe('when on the alerting page', () => { */ const closeButton = await renderResult.findByTestId('euiFlyoutCloseButton'); if (closeButton) { - fireEvent.click(closeButton); + reactTestingLibrary.fireEvent.click(closeButton); } }); it('should no longer show the flyout', () => { @@ -125,14 +126,14 @@ describe('when on the alerting page', () => { const renderResult = render(); const paginationButton = await renderResult.findByTestId('tablePaginationPopoverButton'); if (paginationButton) { - act(() => { - fireEvent.click(paginationButton); + reactTestingLibrary.act(() => { + reactTestingLibrary.fireEvent.click(paginationButton); }); } const show10RowsButton = await renderResult.findByTestId('tablePagination-10-rows'); if (show10RowsButton) { - act(() => { - fireEvent.click(show10RowsButton); + reactTestingLibrary.act(() => { + reactTestingLibrary.fireEvent.click(show10RowsButton); }); } }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/index.tsx similarity index 81% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/index.tsx index 6a6936c59a00e..e991080c9dc35 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/index.tsx @@ -4,8 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { memo, useState, useMemo, useCallback } from 'react'; -import React from 'react'; +import React, { memo, useState, useMemo, useCallback } from 'react'; import { EuiDataGrid, EuiDataGridColumn, @@ -26,9 +25,9 @@ import { import { i18n } from '@kbn/i18n'; import { useHistory } from 'react-router-dom'; import { FormattedMessage } from '@kbn/i18n/react'; +import { AlertData } from '../../../common/endpoint_alerts/types'; import { urlFromQueryParams } from './url_from_query_params'; -import { AlertData } from '../../../../../common/types'; -import * as selectors from '../../store/alerts/selectors'; +import * as selectors from '../store/selectors'; import { useAlertListSelector } from './hooks/use_alerts_selector'; import { AlertDetailsOverview } from './details'; import { FormattedDate } from './formatted_date'; @@ -41,49 +40,49 @@ export const AlertIndex = memo(() => { return [ { id: 'alert_type', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.alertType', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.alertType', { defaultMessage: 'Alert Type', }), }, { id: 'event_type', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.eventType', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.eventType', { defaultMessage: 'Event Type', }), }, { id: 'os', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.os', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.os', { defaultMessage: 'OS', }), }, { id: 'ip_address', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.ipAddress', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.ipAddress', { defaultMessage: 'IP Address', }), }, { id: 'host_name', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.hostName', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.hostName', { defaultMessage: 'Host Name', }), }, { id: 'timestamp', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.timestamp', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.timestamp', { defaultMessage: 'Timestamp', }), }, { id: 'archived', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.archived', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.archived', { defaultMessage: 'Archived', }), }, { id: 'malware_score', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.malwareScore', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.malwareScore', { defaultMessage: 'Malware Score', }), }, @@ -133,8 +132,8 @@ export const AlertIndex = memo(() => { ); }, [alertListData]); - const renderCellValue = useMemo(() => { - return ({ rowIndex, columnId }: { rowIndex: number; columnId: string }) => { + const renderCellValue = useCallback( + ({ rowIndex, columnId }: { rowIndex: number; columnId: string }) => { if (rowIndex > total) { return null; } @@ -149,7 +148,7 @@ export const AlertIndex = memo(() => { } > {i18n.translate( - 'xpack.endpoint.application.endpoint.alerts.alertType.maliciousFileDescription', + 'xpack.siem.endpoint.application.endpoint.alerts.alertType.maliciousFileDescription', { defaultMessage: 'Malicious File', } @@ -172,7 +171,7 @@ export const AlertIndex = memo(() => { return ( {i18n.translate( - 'xpack.endpoint.application.endpoint.alerts.alertDate.timestampInvalidLabel', + 'xpack.siem.endpoint.application.endpoint.alerts.alertDate.timestampInvalidLabel', { defaultMessage: 'invalid', } @@ -186,8 +185,9 @@ export const AlertIndex = memo(() => { return row.file.malware_classification.score; } return null; - }; - }, [total, alertListData, pageSize, history, queryParams, timestampForRows]); + }, + [total, alertListData, pageSize, history, queryParams, timestampForRows] + ); const pagination = useMemo(() => { return { @@ -216,7 +216,7 @@ export const AlertIndex = memo(() => {

- {i18n.translate('xpack.endpoint.application.endpoint.alerts.detailsTitle', { + {i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.detailsTitle', { defaultMessage: 'Alert Details', })}

@@ -235,7 +235,7 @@ export const AlertIndex = memo(() => {

@@ -260,3 +260,5 @@ export const AlertIndex = memo(() => { ); }); + +AlertIndex.displayName = 'AlertIndex'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index_search_bar.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/index_search_bar.tsx similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index_search_bar.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/index_search_bar.tsx index 1ede06c086517..8fe6eaa665765 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index_search_bar.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/index_search_bar.tsx @@ -4,17 +4,17 @@ * you may not use this file except in compliance with the Elastic License. */ -import React, { useMemo } from 'react'; -import { memo, useEffect, useCallback } from 'react'; +import React, { useMemo, memo, useEffect, useCallback } from 'react'; import { useHistory } from 'react-router-dom'; -import { encode, RisonValue } from 'rison-node'; import { Query, TimeRange } from 'src/plugins/data/public'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +import { encode, RisonValue } from 'rison-node'; + +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; import { urlFromQueryParams } from './url_from_query_params'; import { useAlertListSelector } from './hooks/use_alerts_selector'; -import * as selectors from '../../store/alerts/selectors'; -import { EndpointPluginServices } from '../../../../plugin'; -import { clone } from '../../models/index_pattern'; +import * as selectors from '../store/selectors'; +import { StartServices } from '../../types'; +import { clone } from '../models/index_pattern'; export const AlertIndexSearchBar = memo(() => { const history = useHistory(); @@ -30,7 +30,7 @@ export const AlertIndexSearchBar = memo(() => { const searchBarDateRange = useAlertListSelector(selectors.searchBarDateRange); const searchBarFilters = useAlertListSelector(selectors.searchBarFilters); - const kibanaContext = useKibana(); + const kibanaContext = useKibana(); const { ui: { SearchBar }, query: { filterManager }, diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx new file mode 100644 index 0000000000000..92213a8bd3925 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import styled from 'styled-components'; +import { Provider } from 'react-redux'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; +import { ResolverEvent } from '../../../common/endpoint/types'; +import { StartServices } from '../../types'; +import { storeFactory } from '../../resolver/store'; +import { Resolver } from '../../resolver/view'; + +const AlertDetailResolverComponents = React.memo( + ({ className, selectedEvent }: { className?: string; selectedEvent?: ResolverEvent }) => { + const context = useKibana(); + const { store } = storeFactory(context); + + return ( +
+ + + +
+ ); + } +); + +AlertDetailResolverComponents.displayName = 'AlertDetailResolver'; + +export const AlertDetailResolver = styled(AlertDetailResolverComponents)` + height: 100%; + width: 100%; + display: flex; + flex-grow: 1; + min-height: calc(100vh - 505px); +`; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx new file mode 100644 index 0000000000000..f52d854d986ff --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx @@ -0,0 +1,63 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import React from 'react'; +import * as reactTestingLibrary from '@testing-library/react'; +import { Provider } from 'react-redux'; +import { I18nProvider } from '@kbn/i18n/react'; +import { createMemoryHistory } from 'history'; +import { Router } from 'react-router-dom'; + +import { KibanaContextProvider } from '../../../../../../../src/plugins/kibana_react/public'; +import { AlertIndex } from '../index'; +import { RouteCapture } from '../../../common/components/endpoint/route_capture'; +import { depsStartMock } from '../../../common/mock/endpoint'; +import { createStore } from '../../../common/store'; +import { SUB_PLUGINS_REDUCER, mockGlobalState, apolloClientObservable } from '../../../common/mock'; + +export const alertPageTestRender = () => { + /** + * Create a 'history' instance that is only in-memory and causes no side effects to the testing environment. + */ + const history = createMemoryHistory(); + /** + * Create a store, with the middleware disabled. We don't want side effects being created by our code in this test. + */ + const store = createStore(mockGlobalState, SUB_PLUGINS_REDUCER, apolloClientObservable); + + const depsStart = depsStartMock(); + depsStart.data.ui.SearchBar.mockImplementation(() =>
); + + return { + store, + history, + depsStart, + + /** + * Render the test component, use this after setting up anything in `beforeEach`. + */ + render: () => { + /** + * Provide the store via `Provider`, and i18n APIs via `I18nProvider`. + * Use react-router via `Router`, passing our in-memory `history` instance. + * Use `RouteCapture` to emit url-change actions when the URL is changed. + * Finally, render the `AlertIndex` component which we are testing. + */ + return reactTestingLibrary.render( + + + + + + + + + + + + ); + }, + }; +}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/url_from_query_params.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/url_from_query_params.ts similarity index 74% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/url_from_query_params.ts rename to x-pack/plugins/siem/public/endpoint_alerts/view/url_from_query_params.ts index e037d000e6e8f..a8a37547a43e2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/url_from_query_params.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/url_from_query_params.ts @@ -4,8 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; -import { AlertingIndexUIQueryParams, EndpointAppLocation } from '../../types'; + +import { AlertingIndexUIQueryParams } from '../../../common/endpoint_alerts/types'; +import { AppLocation } from '../../../common/endpoint/types'; /** * Return a relative URL for `AlertingIndexUIQueryParams`. @@ -21,9 +24,7 @@ import { AlertingIndexUIQueryParams, EndpointAppLocation } from '../../types'; * // now use relativeURL in the 'href' of a link, the 'to' of a react-router-dom 'Link' or history.push, history.replace * ``` */ -export function urlFromQueryParams( - queryParams: AlertingIndexUIQueryParams -): Partial { +export function urlFromQueryParams(queryParams: AlertingIndexUIQueryParams): Partial { const search = querystring.stringify(queryParams); return { search, diff --git a/x-pack/plugins/siem/public/endpoint_hosts/index.ts b/x-pack/plugins/siem/public/endpoint_hosts/index.ts new file mode 100644 index 0000000000000..49d5fff98c92a --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_hosts/index.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getEndpointHostsRoutes } from './routes'; +import { initialHostListState, hostListReducer } from './store/reducer'; +import { Immutable } from '../../common/endpoint/types'; +import { HostState } from './types'; +import { hostMiddlewareFactory } from './store/middleware'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; +import { substateMiddlewareFactory } from '../common/store'; + +export class EndpointHosts { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'hostList', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.hostList, + hostMiddlewareFactory(core, { data, ingestManager }) + ); + return { + routes: getEndpointHostsRoutes(), + store: { + initialState: { hostList: initialHostListState() }, + reducer: { hostList: hostListReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.ts b/x-pack/plugins/siem/public/endpoint_hosts/routes.tsx similarity index 51% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.ts rename to x-pack/plugins/siem/public/endpoint_hosts/routes.tsx index 39f0f13d2daa2..b7e549dc4e5e8 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/routes.tsx @@ -4,6 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -export { policyDetailsMiddlewareFactory } from './middleware'; -export { PolicyDetailsAction } from './action'; -export { policyDetailsReducer } from './reducer'; +import React from 'react'; +import { Route } from 'react-router-dom'; + +import { HostList } from './view'; + +export const getEndpointHostsRoutes = () => [ + + + , +]; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/action.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/action.ts similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/action.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/action.ts index ac10adcda0306..9b38d7ce5a23a 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/action.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/action.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ServerApiError } from '../../types'; -import { HostResultList, HostInfo, GetHostPolicyResponse } from '../../../../../common/types'; +import { HostResultList, HostInfo, GetHostPolicyResponse } from '../../../common/endpoint/types'; +import { ServerApiError } from '../../common/types'; interface ServerReturnedHostList { type: 'serverReturnedHostList'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/host_pagination.test.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/host_pagination.test.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/host_pagination.test.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/host_pagination.test.ts index d2e1985d055c6..d67f5af866540 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/host_pagination.test.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/host_pagination.test.ts @@ -5,25 +5,30 @@ */ import { CoreStart, HttpSetup } from 'kibana/public'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { AppAction, HostState, HostIndexUIQueryParams } from '../../types'; -import { Immutable, HostResultList } from '../../../../../common/types'; import { History, createBrowserHistory } from 'history'; -import { hostMiddlewareFactory } from './middleware'; import { applyMiddleware, Store, createStore } from 'redux'; + +import { coreMock } from '../../../../../../src/core/public/mocks'; + +import { HostResultList } from '../../../common/endpoint/types'; +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; + +import { hostMiddlewareFactory } from './middleware'; + import { hostListReducer } from './reducer'; -import { coreMock } from 'src/core/public/mocks'; -import { urlFromQueryParams } from '../../view/hosts/url_from_query_params'; + import { uiQueryParams } from './selectors'; import { mockHostResultList } from './mock_host_result_list'; -import { MiddlewareActionSpyHelper, createSpyMiddleware } from '../test_utils'; +import { HostState, HostIndexUIQueryParams } from '../types'; +import { MiddlewareActionSpyHelper, createSpyMiddleware } from '../../common/store/test_utils'; +import { urlFromQueryParams } from '../view/url_from_query_params'; describe('host list pagination: ', () => { let fakeCoreStart: jest.Mocked; let depsStart: DepsStartMock; let fakeHttpServices: jest.Mocked; let history: History; - let store: Store, Immutable>; + let store: Store; let queryParams: () => HostIndexUIQueryParams; let waitForAction: MiddlewareActionSpyHelper['waitForAction']; let actionSpyMiddleware; @@ -62,7 +67,7 @@ describe('host list pagination: ', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', }, }); await waitForAction('serverReturnedHostList'); @@ -123,7 +128,7 @@ describe('host list pagination: ', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', search: '?foo=bar', }, }); @@ -135,7 +140,7 @@ describe('host list pagination: ', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', search: '?page_index=2&page_index=3&page_size=20&page_size=50', }, }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.test.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/index.test.ts similarity index 98% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.test.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/index.test.ts index f60a69a471684..8518c37fe3f5d 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.test.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/index.test.ts @@ -6,7 +6,7 @@ import { createStore, Dispatch, Store } from 'redux'; import { HostAction, hostListReducer } from './index'; -import { HostState } from '../../types'; +import { HostState } from '../types'; import { listData } from './selectors'; import { mockHostResultList } from './mock_host_result_list'; diff --git a/x-pack/plugins/siem/public/endpoint_hosts/store/index.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/index.ts new file mode 100644 index 0000000000000..eafea5b9c7404 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/index.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { HostState } from '../types'; +import { ImmutableReducer } from '../../common/store'; +import { AppAction } from '../../common/store/actions'; +import { Immutable } from '../../../common/endpoint/types'; + +export { hostListReducer } from './reducer'; +export { HostAction } from './action'; +export { hostMiddlewareFactory } from './middleware'; + +export interface EndpointHostsPluginState { + hostList: Immutable; +} + +export interface EndpointHostsPluginReducer { + hostList: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.test.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.test.ts similarity index 86% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.test.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/middleware.test.ts index 2064c76f7dfb5..6c9e3dd41907f 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.test.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.test.ts @@ -5,16 +5,18 @@ */ import { CoreStart, HttpSetup } from 'kibana/public'; import { applyMiddleware, createStore, Store } from 'redux'; -import { coreMock } from '../../../../../../../../src/core/public/mocks'; +import { coreMock } from '../../../../../../src/core/public/mocks'; import { History, createBrowserHistory } from 'history'; import { hostListReducer, hostMiddlewareFactory } from './index'; -import { HostResultList, Immutable } from '../../../../../common/types'; -import { HostState } from '../../types'; -import { AppAction } from '../action'; -import { listData } from './selectors'; -import { DepsStartMock, depsStartMock } from '../../mocks'; + +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; + +import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../../common/store/test_utils'; +import { Immutable, HostResultList } from '../../../common/endpoint/types'; +import { AppAction } from '../../common/store/actions'; import { mockHostResultList } from './mock_host_result_list'; -import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../test_utils'; +import { listData } from './selectors'; +import { HostState } from '../types'; describe('host list middleware', () => { let fakeCoreStart: jest.Mocked; @@ -53,7 +55,7 @@ describe('host list middleware', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', }, }); await waitForAction('serverReturnedHostList'); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/middleware.ts index 9a28423d6adc4..ce518db0ffc93 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.ts @@ -4,12 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HostResultList } from '../../../../../common/types'; +import { HostResultList, Immutable } from '../../../common/endpoint/types'; +import { ImmutableMiddlewareFactory } from '../../common/store'; import { isOnHostPage, hasSelectedHost, uiQueryParams, listData } from './selectors'; -import { HostState } from '../../types'; -import { ImmutableMiddlewareFactory } from '../../types'; +import { HostState } from '../types'; -export const hostMiddlewareFactory: ImmutableMiddlewareFactory = coreStart => { +export const hostMiddlewareFactory: ImmutableMiddlewareFactory> = coreStart => { return ({ getState, dispatch }) => next => async action => { next(action); const state = getState(); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/mock_host_result_list.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/mock_host_result_list.ts similarity index 90% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/mock_host_result_list.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/mock_host_result_list.ts index 20aa973ffc93d..a2c410b5dbd65 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/mock_host_result_list.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/mock_host_result_list.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HostInfo, HostResultList, HostStatus } from '../../../../../common/types'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { HostInfo, HostResultList, HostStatus } from '../../../common/endpoint/types'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; export const mockHostResultList: (options?: { total?: number; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/reducer.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/reducer.ts similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/reducer.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/reducer.ts index 18bc6b0bea3da..98f4a457a4598 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/reducer.ts @@ -4,12 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Immutable } from '../../../../../common/types'; -import { HostState, ImmutableReducer } from '../../types'; -import { AppAction } from '../action'; import { isOnHostPage, hasSelectedHost } from './selectors'; +import { HostState } from '../types'; +import { AppAction } from '../../common/store/actions'; +import { ImmutableReducer } from '../../common/store'; +import { Immutable } from '../../../common/endpoint/types'; -const initialState = (): HostState => { +export const initialHostListState = (): HostState => { return { hosts: [], pageSize: 10, @@ -28,7 +29,7 @@ const initialState = (): HostState => { }; export const hostListReducer: ImmutableReducer = ( - state = initialState(), + state = initialHostListState(), action ) => { if (action.type === 'serverReturnedHostList') { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/selectors.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/selectors.ts similarity index 95% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/selectors.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/selectors.ts index 457b449b060c4..a915480b1aa2a 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/selectors.ts @@ -3,6 +3,8 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ + +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; import { createSelector } from 'reselect'; import { @@ -10,8 +12,8 @@ import { HostPolicyResponseAppliedAction, HostPolicyResponseConfiguration, HostPolicyResponseActionStatus, -} from '../../../../../common/types'; -import { HostState, HostIndexUIQueryParams } from '../../types'; +} from '../../../common/endpoint/types'; +import { HostState, HostIndexUIQueryParams } from '../types'; const PAGE_SIZES = Object.freeze([10, 20, 50]); @@ -95,7 +97,7 @@ export const policyResponseLoading = (state: Immutable): boolean => export const policyResponseError = (state: Immutable) => state.policyResponseError; export const isOnHostPage = (state: Immutable) => - state.location ? state.location.pathname === '/hosts' : false; + state.location ? state.location.pathname === '/endpoint-hosts' : false; export const uiQueryParams: ( state: Immutable diff --git a/x-pack/plugins/siem/public/endpoint_hosts/types.ts b/x-pack/plugins/siem/public/endpoint_hosts/types.ts new file mode 100644 index 0000000000000..421903cb6e1ab --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_hosts/types.ts @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + HostInfo, + Immutable, + HostMetadata, + HostPolicyResponse, + AppLocation, +} from '../../common/endpoint/types'; +import { ServerApiError } from '../common/types'; + +export interface HostState { + /** list of host **/ + hosts: HostInfo[]; + /** number of items per page */ + pageSize: number; + /** which page to show */ + pageIndex: number; + /** total number of hosts returned */ + total: number; + /** list page is retrieving data */ + loading: boolean; + /** api error from retrieving host list */ + error?: ServerApiError; + /** details data for a specific host */ + details?: Immutable; + /** details page is retrieving data */ + detailsLoading: boolean; + /** api error from retrieving host details */ + detailsError?: ServerApiError; + /** Holds the Policy Response for the Host currently being displayed in the details */ + policyResponse?: HostPolicyResponse; + /** policyResponse is being retrieved */ + policyResponseLoading: boolean; + /** api error from retrieving the policy response */ + policyResponseError?: ServerApiError; + /** current location info */ + location?: Immutable; +} + +/** + * Query params on the host page parsed from the URL + */ +export interface HostIndexUIQueryParams { + /** Selected host id shows host details flyout */ + selected_host?: string; + /** How many items to show in list */ + page_size?: string; + /** Which page to show */ + page_index?: string; + /** show the policy response or host details */ + show?: string; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/components/flyout_sub_header.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/components/flyout_sub_header.tsx similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/components/flyout_sub_header.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/components/flyout_sub_header.tsx index 9abb54e8b1807..14bebfbdc88d9 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/components/flyout_sub_header.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/components/flyout_sub_header.tsx @@ -74,3 +74,5 @@ export const FlyoutSubHeader = memo( ); } ); + +FlyoutSubHeader.displayName = 'FlyoutSubHeader'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/host_details.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/host_details.tsx similarity index 76% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/host_details.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/host_details.tsx index 2ded0e4b3123d..eb265675d3a24 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/host_details.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/host_details.tsx @@ -16,14 +16,14 @@ import { import React, { memo, useMemo } from 'react'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; -import { HostMetadata } from '../../../../../../common/types'; -import { FormattedDateAndTime } from '../../formatted_date_time'; -import { LinkToApp } from '../../components/link_to_app'; +import { HostMetadata } from '../../../../common/endpoint/types'; import { useHostSelector, useHostLogsUrl } from '../hooks'; import { urlFromQueryParams } from '../url_from_query_params'; -import { policyResponseStatus, uiQueryParams } from '../../../store/hosts/selectors'; -import { useNavigateByRouterEventHandler } from '../../hooks/use_navigate_by_router_event_handler'; +import { policyResponseStatus, uiQueryParams } from '../../store/selectors'; import { POLICY_STATUS_TO_HEALTH_COLOR } from '../host_constants'; +import { FormattedDateAndTime } from '../../../common/components/endpoint/formatted_date_time'; +import { useNavigateByRouterEventHandler } from '../../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { LinkToApp } from '../../../common/components/endpoint/link_to_app'; const HostIds = styled(EuiListGroupItem)` margin-top: 0; @@ -41,19 +41,19 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { const detailsResultsUpper = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.host.details.os', { + title: i18n.translate('xpack.siem.endpoint.host.details.os', { defaultMessage: 'OS', }), description: details.host.os.full, }, { - title: i18n.translate('xpack.endpoint.host.details.lastSeen', { + title: i18n.translate('xpack.siem.endpoint.host.details.lastSeen', { defaultMessage: 'Last Seen', }), description: , }, { - title: i18n.translate('xpack.endpoint.host.details.alerts', { + title: i18n.translate('xpack.siem.endpoint.host.details.alerts', { defaultMessage: 'Alerts', }), description: '0', @@ -73,13 +73,13 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { const detailsResultsLower = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.host.details.policy', { + title: i18n.translate('xpack.siem.endpoint.host.details.policy', { defaultMessage: 'Policy', }), description: details.endpoint.policy.id, }, { - title: i18n.translate('xpack.endpoint.host.details.policyStatus', { + title: i18n.translate('xpack.siem.endpoint.host.details.policyStatus', { defaultMessage: 'Policy Status', }), description: ( @@ -90,11 +90,11 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { {/* eslint-disable-next-line @elastic/eui/href-or-on-click */} @@ -103,7 +103,7 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { ), }, { - title: i18n.translate('xpack.endpoint.host.details.ipAddress', { + title: i18n.translate('xpack.siem.endpoint.host.details.ipAddress', { defaultMessage: 'IP Address', }), description: ( @@ -115,13 +115,13 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { ), }, { - title: i18n.translate('xpack.endpoint.host.details.hostname', { + title: i18n.translate('xpack.siem.endpoint.host.details.hostname', { defaultMessage: 'Hostname', }), description: details.host.hostname, }, { - title: i18n.translate('xpack.endpoint.host.details.sensorVersion', { + title: i18n.translate('xpack.siem.endpoint.host.details.sensorVersion', { defaultMessage: 'Sensor Version', }), description: details.agent.version, @@ -159,7 +159,7 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { data-test-subj="hostDetailsLinkToLogs" > @@ -167,3 +167,5 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { ); }); + +HostDetails.displayName = 'HostDetails'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/index.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/index.tsx similarity index 86% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/index.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/index.tsx index e4121503b4a96..9904306a76e9c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/index.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/index.tsx @@ -18,7 +18,7 @@ import { import { useHistory } from 'react-router-dom'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; -import { useKibana } from '../../../../../../../../../src/plugins/kibana_react/public'; +import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; import { useHostSelector } from '../hooks'; import { urlFromQueryParams } from '../url_from_query_params'; import { @@ -32,12 +32,12 @@ import { policyResponseFailedOrWarningActionCount, policyResponseError, policyResponseLoading, -} from '../../../store/hosts/selectors'; +} from '../../store/selectors'; import { HostDetails } from './host_details'; import { PolicyResponse } from './policy_response'; -import { HostMetadata } from '../../../../../../common/types'; +import { HostMetadata } from '../../../../common/endpoint/types'; import { FlyoutSubHeader, FlyoutSubHeaderProps } from './components/flyout_sub_header'; -import { useNavigateByRouterEventHandler } from '../../hooks/use_navigate_by_router_event_handler'; +import { useNavigateByRouterEventHandler } from '../../../common/hooks/endpoint/use_navigate_by_router_event_handler'; export const HostDetailsFlyout = memo(() => { const history = useHistory(); @@ -58,13 +58,13 @@ export const HostDetailsFlyout = memo(() => { notifications.toasts.danger({ title: ( ), body: ( ), @@ -104,6 +104,8 @@ export const HostDetailsFlyout = memo(() => { ); }); +HostDetailsFlyout.displayName = 'HostDetailsFlyout'; + const PolicyResponseFlyoutPanel = memo<{ hostMeta: HostMetadata; }>(({ hostMeta }) => { @@ -124,10 +126,10 @@ const PolicyResponseFlyoutPanel = memo<{ const backToDetailsClickHandler = useNavigateByRouterEventHandler(detailsUri); const backButtonProp = useMemo((): FlyoutSubHeaderProps['backButton'] => { return { - title: i18n.translate('xpack.endpoint.host.policyResponse.backLinkTitle', { + title: i18n.translate('xpack.siem.endpoint.host.policyResponse.backLinkTitle', { defaultMessage: 'Endpoint Details', }), - href: '?' + detailsUri.search, + href: `?${detailsUri.search}`, onClick: backToDetailsClickHandler, }; }, [backToDetailsClickHandler, detailsUri.search]); @@ -142,7 +144,7 @@ const PolicyResponseFlyoutPanel = memo<{

@@ -151,7 +153,7 @@ const PolicyResponseFlyoutPanel = memo<{ } @@ -169,3 +171,5 @@ const PolicyResponseFlyoutPanel = memo<{ ); }); + +PolicyResponseFlyoutPanel.displayName = 'PolicyResponseFlyoutPanel'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response.tsx similarity index 95% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response.tsx index 24ae3e2b0f037..58ff9a17643bc 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response.tsx @@ -5,16 +5,21 @@ */ import React, { memo, useMemo } from 'react'; import styled from 'styled-components'; -import { EuiAccordion, EuiNotificationBadge, EuiHealth } from '@elastic/eui'; -import { EuiText } from '@elastic/eui'; -import { htmlIdGenerator } from '@elastic/eui'; import { - HostPolicyResponseAppliedAction, - HostPolicyResponseConfiguration, - Immutable, -} from '../../../../../../common/types'; + EuiAccordion, + EuiNotificationBadge, + EuiHealth, + EuiText, + htmlIdGenerator, +} from '@elastic/eui'; + import { formatResponse } from './policy_response_friendly_names'; import { POLICY_STATUS_TO_HEALTH_COLOR } from '../host_constants'; +import { + Immutable, + HostPolicyResponseAppliedAction, + HostPolicyResponseConfiguration, +} from '../../../../common/endpoint/types'; /** * Nested accordion in the policy response detailing any concerned @@ -110,6 +115,8 @@ const ResponseActions = memo( } ); +ResponseActions.displayName = 'ResponseActions'; + /** * A policy response is returned by the endpoint and shown in the host details after a user modifies a policy */ @@ -158,3 +165,5 @@ export const PolicyResponse = memo( ); } ); + +PolicyResponse.displayName = 'PolicyResponse'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response_friendly_names.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response_friendly_names.ts similarity index 54% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response_friendly_names.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response_friendly_names.ts index 8eaacb31b4f87..2f05840567a57 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response_friendly_names.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response_friendly_names.ts @@ -9,163 +9,166 @@ import { i18n } from '@kbn/i18n'; const responseMap = new Map(); responseMap.set( 'success', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.success', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.success', { defaultMessage: 'Success', }) ); responseMap.set( 'warning', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.warning', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.warning', { defaultMessage: 'Warning', }) ); responseMap.set( 'failure', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.failed', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.failed', { defaultMessage: 'Failed', }) ); responseMap.set( 'logging', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.logging', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.logging', { defaultMessage: 'Logging', }) ); responseMap.set( 'streaming', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.streaming', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.streaming', { defaultMessage: 'Streaming', }) ); responseMap.set( 'malware', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.malware', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.malware', { defaultMessage: 'Malware', }) ); responseMap.set( 'events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.events', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.events', { defaultMessage: 'Events', }) ); responseMap.set( 'configure_elasticsearch_connection', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureElasticSearchConnection', { - defaultMessage: 'Configure Elastic Search Connection', - }) + i18n.translate( + 'xpack.siem.endpoint.hostDetails.policyResponse.configureElasticSearchConnection', + { + defaultMessage: 'Configure Elastic Search Connection', + } + ) ); responseMap.set( 'configure_logging', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureLogging', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.configureLogging', { defaultMessage: 'Configure Logging', }) ); responseMap.set( 'configure_kernel', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureKernel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.configureKernel', { defaultMessage: 'Configure Kernel', }) ); responseMap.set( 'configure_malware', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureMalware', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.configureMalware', { defaultMessage: 'Configure Malware', }) ); responseMap.set( 'connect_kernel', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.connectKernel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.connectKernel', { defaultMessage: 'Connect Kernel', }) ); responseMap.set( 'detect_file_open_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectFileOpenEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectFileOpenEvents', { defaultMessage: 'Detect File Open Events', }) ); responseMap.set( 'detect_file_write_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectFileWriteEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectFileWriteEvents', { defaultMessage: 'Detect File Write Events', }) ); responseMap.set( 'detect_image_load_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectImageLoadEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectImageLoadEvents', { defaultMessage: 'Detect Image Load Events', }) ); responseMap.set( 'detect_process_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectProcessEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectProcessEvents', { defaultMessage: 'Detect Process Events', }) ); responseMap.set( 'download_global_artifacts', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.downloadGlobalArtifacts', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.downloadGlobalArtifacts', { defaultMessage: 'Download Global Artifacts', }) ); responseMap.set( 'load_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.loadConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.loadConfig', { defaultMessage: 'Load Config', }) ); responseMap.set( 'load_malware_model', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.loadMalwareModel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.loadMalwareModel', { defaultMessage: 'Load Malware Model', }) ); responseMap.set( 'read_elasticsearch_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readElasticSearchConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readElasticSearchConfig', { defaultMessage: 'Read ElasticSearch Config', }) ); responseMap.set( 'read_events_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readEventsConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readEventsConfig', { defaultMessage: 'Read Events Config', }) ); responseMap.set( 'read_kernel_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readKernelConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readKernelConfig', { defaultMessage: 'Read Kernel Config', }) ); responseMap.set( 'read_logging_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readLoggingConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readLoggingConfig', { defaultMessage: 'Read Logging Config', }) ); responseMap.set( 'read_malware_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readMalwareConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readMalwareConfig', { defaultMessage: 'Read Malware Config', }) ); responseMap.set( 'workflow', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.workflow', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.workflow', { defaultMessage: 'Workflow', }) ); responseMap.set( 'download_model', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.downloadModel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.downloadModel', { defaultMessage: 'Download Model', }) ); responseMap.set( 'ingest_events_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.injestEventsConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.injestEventsConfig', { defaultMessage: 'Injest Events Config', }) ); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/hooks.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/hooks.ts similarity index 78% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/hooks.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/hooks.ts index eb242f5c535f4..727f601dd7670 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/hooks.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/hooks.ts @@ -6,12 +6,13 @@ import { useSelector } from 'react-redux'; import { useMemo } from 'react'; -import { GlobalState, HostState } from '../../types'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +import { HostState } from '../types'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; +import { State } from '../../common/store/reducer'; export function useHostSelector(selector: (state: HostState) => TSelected) { - return useSelector(function(state: GlobalState) { - return selector(state.hostList); + return useSelector(function(state: State) { + return selector(state.hostList as HostState); }); } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/host_constants.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/host_constants.ts similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/host_constants.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/host_constants.ts index 08b2608698a66..efad4e3a468d8 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/host_constants.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/host_constants.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HostPolicyResponseActionStatus, HostStatus } from '../../../../../common/types'; +import { HostStatus, HostPolicyResponseActionStatus } from '../../../common/endpoint/types'; export const HOST_STATUS_TO_HEALTH_COLOR = Object.freeze< { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.test.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/index.test.tsx similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.test.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/index.test.tsx index c3066dc41fa24..bb09323f547c7 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/index.test.tsx @@ -6,16 +6,17 @@ import React from 'react'; import * as reactTestingLibrary from '@testing-library/react'; -import { fireEvent } from '@testing-library/react'; -import { AppAction } from '../../types'; + import { HostList } from './index'; +import { mockHostDetailsApiResult, mockHostResultList } from '../store/mock_host_result_list'; +import { AppContextTestRender, createAppRootMockRenderer } from '../../common/mock/endpoint'; import { - mockHostDetailsApiResult, - mockHostResultList, -} from '../../store/hosts/mock_host_result_list'; -import { AppContextTestRender, createAppRootMockRenderer } from '../../mocks'; -import { HostInfo, HostStatus, HostPolicyResponseActionStatus } from '../../../../../common/types'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; + HostInfo, + HostStatus, + HostPolicyResponseActionStatus, +} from '../../../common/endpoint/types'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; +import { AppAction } from '../../common/store/actions'; describe('when on the hosts page', () => { const docGenerator = new EndpointDocGenerator(); @@ -209,7 +210,7 @@ describe('when on the hosts page', () => { const policyStatusLink = await renderResult.findByTestId('policyStatusValue'); const userChangedUrlChecker = middlewareSpy.waitForAction('userChangedUrl'); reactTestingLibrary.act(() => { - fireEvent.click(policyStatusLink); + reactTestingLibrary.fireEvent.click(policyStatusLink); }); const changedUrlAction = await userChangedUrlChecker; expect(changedUrlAction.payload.search).toEqual( @@ -282,7 +283,7 @@ describe('when on the hosts page', () => { const renderResult = render(); const linkToLogs = await renderResult.findByTestId('hostDetailsLinkToLogs'); reactTestingLibrary.act(() => { - fireEvent.click(linkToLogs); + reactTestingLibrary.fireEvent.click(linkToLogs); }); }); @@ -297,7 +298,7 @@ describe('when on the hosts page', () => { const policyStatusLink = await renderResult.findByTestId('policyStatusValue'); const userChangedUrlChecker = middlewareSpy.waitForAction('userChangedUrl'); reactTestingLibrary.act(() => { - fireEvent.click(policyStatusLink); + reactTestingLibrary.fireEvent.click(policyStatusLink); }); await userChangedUrlChecker; reactTestingLibrary.act(() => { @@ -385,7 +386,7 @@ describe('when on the hosts page', () => { const subHeaderBackLink = await renderResult.findByTestId('flyoutSubHeaderBackButton'); const userChangedUrlChecker = middlewareSpy.waitForAction('userChangedUrl'); reactTestingLibrary.act(() => { - fireEvent.click(subHeaderBackLink); + reactTestingLibrary.fireEvent.click(subHeaderBackLink); }); const changedUrlAction = await userChangedUrlChecker; expect(changedUrlAction.payload.search).toEqual( diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/index.tsx similarity index 76% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/index.tsx index 638dd190dcbce..10a7a7ea0d445 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/index.tsx @@ -8,6 +8,7 @@ import React, { useMemo, useCallback, memo } from 'react'; import { EuiHorizontalRule, EuiBasicTable, + EuiBasicTableColumn, EuiText, EuiLink, EuiHealth, @@ -17,16 +18,16 @@ import { useHistory } from 'react-router-dom'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { createStructuredSelector } from 'reselect'; -import { EuiBasicTableColumn } from '@elastic/eui'; + import { HostDetailsFlyout } from './details'; -import * as selectors from '../../store/hosts/selectors'; +import * as selectors from '../store/selectors'; import { useHostSelector } from './hooks'; -import { CreateStructuredSelector } from '../../types'; import { urlFromQueryParams } from './url_from_query_params'; -import { HostInfo, Immutable } from '../../../../../common/types'; -import { PageView } from '../components/page_view'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; import { HOST_STATUS_TO_HEALTH_COLOR } from './host_constants'; +import { useNavigateByRouterEventHandler } from '../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { CreateStructuredSelector } from '../../common/store'; +import { Immutable, HostInfo } from '../../../common/endpoint/types'; +import { PageView } from '../../common/components/endpoint/page_view'; const HostLink = memo<{ name: string; @@ -47,6 +48,7 @@ const HostLink = memo<{
); }); +HostLink.displayName = 'HostLink'; const selector = (createStructuredSelector as CreateStructuredSelector)(selectors); export const HostList = () => { @@ -90,21 +92,22 @@ export const HostList = () => { return [ { field: 'metadata.host', - name: i18n.translate('xpack.endpoint.host.list.hostname', { + name: i18n.translate('xpack.siem.endpoint.host.list.hostname', { defaultMessage: 'Hostname', }), render: ({ hostname, id }: HostInfo['metadata']['host']) => { const newQueryParams = urlFromQueryParams({ ...queryParams, selected_host: id }); return ( - + ); }, }, { field: 'host_status', - name: i18n.translate('xpack.endpoint.host.list.hostStatus', { + name: i18n.translate('xpack.siem.endpoint.host.list.hostStatus', { defaultMessage: 'Host Status', }), + // eslint-disable-next-line react/display-name render: (hostStatus: HostInfo['host_status']) => { return ( { className="eui-textTruncate" > @@ -123,24 +126,26 @@ export const HostList = () => { }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.policy', { + name: i18n.translate('xpack.siem.endpoint.host.list.policy', { defaultMessage: 'Policy', }), truncateText: true, + // eslint-disable-next-line react/display-name render: () => { - return Policy Name; + return {'Policy Name'}; }, }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.policyStatus', { + name: i18n.translate('xpack.siem.endpoint.host.list.policyStatus', { defaultMessage: 'Policy Status', }), + // eslint-disable-next-line react/display-name render: () => { return ( @@ -149,7 +154,7 @@ export const HostList = () => { }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.alerts', { + name: i18n.translate('xpack.siem.endpoint.host.list.alerts', { defaultMessage: 'Alerts', }), dataType: 'number', @@ -159,16 +164,17 @@ export const HostList = () => { }, { field: 'metadata.host.os.name', - name: i18n.translate('xpack.endpoint.host.list.os', { + name: i18n.translate('xpack.siem.endpoint.host.list.os', { defaultMessage: 'Operating System', }), truncateText: true, }, { field: 'metadata.host.ip', - name: i18n.translate('xpack.endpoint.host.list.ip', { + name: i18n.translate('xpack.siem.endpoint.host.list.ip', { defaultMessage: 'IP Address', }), + // eslint-disable-next-line react/display-name render: (ip: string[]) => { return ( @@ -183,13 +189,13 @@ export const HostList = () => { }, { field: 'metadata.agent.version', - name: i18n.translate('xpack.endpoint.host.list.endpointVersion', { + name: i18n.translate('xpack.siem.endpoint.host.list.endpointVersion', { defaultMessage: 'Version', }), }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.lastActive', { + name: i18n.translate('xpack.siem.endpoint.host.list.lastActive', { defaultMessage: 'Last Active', }), dataType: 'date', @@ -204,12 +210,12 @@ export const HostList = () => { {hasSelectedHost && } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/url_from_query_params.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/url_from_query_params.ts similarity index 58% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/url_from_query_params.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/url_from_query_params.ts index 225aad8cab020..e3728d63aea7c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/url_from_query_params.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/url_from_query_params.ts @@ -4,12 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; -import { EndpointAppLocation, HostIndexUIQueryParams } from '../../types'; -export function urlFromQueryParams( - queryParams: HostIndexUIQueryParams -): Partial { +import { HostIndexUIQueryParams } from '../types'; +import { AppLocation } from '../../../common/endpoint/types'; + +export function urlFromQueryParams(queryParams: HostIndexUIQueryParams): Partial { const search = querystring.stringify(queryParams); return { search, diff --git a/x-pack/plugins/siem/public/endpoint_policy/details.ts b/x-pack/plugins/siem/public/endpoint_policy/details.ts new file mode 100644 index 0000000000000..1128bcfac6ab2 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/details.ts @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getPolicyDetailsRoutes } from './routes'; +import { PolicyDetailsState } from './types'; +import { Immutable } from '../../common/endpoint/types'; +import { initialPolicyDetailsState, policyDetailsReducer } from './store/policy_details/reducer'; +import { policyDetailsMiddlewareFactory } from './store/policy_details/middleware'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; +import { substateMiddlewareFactory } from '../common/store'; + +export class EndpointPolicyDetails { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'policyDetails', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.policyDetails, + policyDetailsMiddlewareFactory(core, { data, ingestManager }) + ); + + return { + routes: getPolicyDetailsRoutes(), + store: { + initialState: { + policyDetails: initialPolicyDetailsState(), + }, + reducer: { policyDetails: policyDetailsReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/siem/public/endpoint_policy/list.ts b/x-pack/plugins/siem/public/endpoint_policy/list.ts new file mode 100644 index 0000000000000..417931e64f44e --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/list.ts @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getPolicyListRoutes } from './routes'; +import { PolicyListState } from './types'; +import { Immutable } from '../../common/endpoint/types'; +import { initialPolicyListState, policyListReducer } from './store/policy_list/reducer'; +import { policyListMiddlewareFactory } from './store/policy_list/middleware'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; +import { substateMiddlewareFactory } from '../common/store'; + +export class EndpointPolicyList { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'policyList', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.policyList, + policyListMiddlewareFactory(core, { data, ingestManager }) + ); + + return { + routes: getPolicyListRoutes(), + store: { + initialState: { + policyList: initialPolicyListState(), + }, + reducer: { policyList: policyListReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/models/policy_details_config.ts b/x-pack/plugins/siem/public/endpoint_policy/models/policy_details_config.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/models/policy_details_config.ts rename to x-pack/plugins/siem/public/endpoint_policy/models/policy_details_config.ts index 3e56b1ff14d65..44be5ddcc003f 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/models/policy_details_config.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/models/policy_details_config.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { UIPolicyConfig } from '../../../../common/types'; +import { UIPolicyConfig } from '../../../common/endpoint/types'; /** * A typed Object.entries() function where the keys and values are typed based on the given object diff --git a/x-pack/plugins/siem/public/endpoint_policy/routes.tsx b/x-pack/plugins/siem/public/endpoint_policy/routes.tsx new file mode 100644 index 0000000000000..be820f3f2c5dc --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/routes.tsx @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { Route } from 'react-router-dom'; + +import { PolicyList, PolicyDetails } from './view'; + +export const getPolicyListRoutes = () => [ + , +]; + +export const getPolicyDetailsRoutes = () => [ + , +]; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/action.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/action.ts similarity index 86% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/action.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/action.ts index 4de3dac02a8ec..ceb62a9f9ace9 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/action.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/action.ts @@ -4,9 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -import { PolicyDetailsState, ServerApiError } from '../../types'; -import { GetAgentStatusResponse } from '../../../../../../ingest_manager/common/types/rest_spec'; -import { PolicyData, UIPolicyConfig } from '../../../../../common/types'; +import { GetAgentStatusResponse } from '../../../../../ingest_manager/common/types/rest_spec'; +import { PolicyData, UIPolicyConfig } from '../../../../common/endpoint/types'; +import { ServerApiError } from '../../../common/types'; +import { PolicyDetailsState } from '../../types'; interface ServerReturnedPolicyDetailsData { type: 'serverReturnedPolicyDetailsData'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.test.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.test.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.test.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.test.ts index dd4e63c95ee8f..01a824ecc7b8e 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.test.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.test.ts @@ -9,7 +9,7 @@ import { createStore, Dispatch, Store } from 'redux'; import { policyDetailsReducer, PolicyDetailsAction } from './index'; import { policyConfig } from './selectors'; import { clone } from '../../models/policy_details_config'; -import { factory as policyConfigFactory } from '../../../../../common/models/policy_config'; +import { factory as policyConfigFactory } from '../../../../common/endpoint/models/policy_config'; describe('policy details: ', () => { let store: Store; diff --git a/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts new file mode 100644 index 0000000000000..88f090301cfa3 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { PolicyDetailsState } from '../../types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; +import { Immutable } from '../../../../common/endpoint/types'; + +export { policyDetailsMiddlewareFactory } from './middleware'; +export { PolicyDetailsAction } from './action'; +export { policyDetailsReducer } from './reducer'; + +export interface EndpointPolicyDetailsStatePluginState { + policyDetails: Immutable; +} + +export interface EndpointPolicyDetailsStatePluginReducer { + policyDetails: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/middleware.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/middleware.ts similarity index 88% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/middleware.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/middleware.ts index d82273bfdb221..f908befe05aa3 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/middleware.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ImmutableMiddlewareFactory, PolicyDetailsState, UpdatePolicyResponse } from '../../types'; +import { PolicyDetailsState, UpdatePolicyResponse } from '../../types'; import { policyIdFromParams, isOnPolicyDetailsPage, @@ -16,10 +16,13 @@ import { sendGetFleetAgentStatusForConfig, sendPutDatasource, } from '../policy_list/services/ingest'; -import { NewPolicyData, PolicyData } from '../../../../../common/types'; -import { factory as policyConfigFactory } from '../../../../../common/models/policy_config'; +import { NewPolicyData, PolicyData, Immutable } from '../../../../common/endpoint/types'; +import { factory as policyConfigFactory } from '../../../../common/endpoint/models/policy_config'; +import { ImmutableMiddlewareFactory } from '../../../common/store'; -export const policyDetailsMiddlewareFactory: ImmutableMiddlewareFactory = coreStart => { +export const policyDetailsMiddlewareFactory: ImmutableMiddlewareFactory> = coreStart => { const http = coreStart.http; return ({ getState, dispatch }) => next => async action => { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/reducer.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/reducer.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/reducer.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/reducer.ts index 9778f23d083a2..ff441ba663cf7 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/reducer.ts @@ -3,13 +3,13 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ - -import { AppAction } from '../action'; import { fullPolicy, isOnPolicyDetailsPage } from './selectors'; -import { PolicyDetailsState, ImmutableReducer } from '../../types'; -import { Immutable, PolicyConfig, UIPolicyConfig } from '../../../../../common/types'; +import { PolicyDetailsState } from '../../types'; +import { Immutable, PolicyConfig, UIPolicyConfig } from '../../../../common/endpoint/types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; -const initialPolicyDetailsState = (): PolicyDetailsState => { +export const initialPolicyDetailsState = (): PolicyDetailsState => { return { policyItem: undefined, isLoading: false, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/selectors.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/selectors.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/selectors.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/selectors.ts index 8ab6f77dc7276..dfbbbf65ada20 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/selectors.ts @@ -11,8 +11,8 @@ import { NewPolicyData, PolicyConfig, UIPolicyConfig, -} from '../../../../../common/types'; -import { factory as policyConfigFactory } from '../../../../../common/models/policy_config'; +} from '../../../../common/endpoint/types'; +import { factory as policyConfigFactory } from '../../../../common/endpoint/models/policy_config'; /** Returns the policy details */ export const policyDetails = (state: Immutable) => state.policyItem; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/action.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/action.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/action.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/action.ts index 4c379b7426461..bedbcdae3306f 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/action.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/action.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ServerApiError } from '../../types'; -import { PolicyData } from '../../../../../common/types'; +import { PolicyData } from '../../../../common/endpoint/types'; +import { ServerApiError } from '../../../common/types'; interface ServerReturnedPolicyListData { type: 'serverReturnedPolicyListData'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.test.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.test.ts similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.test.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.test.ts index 9912c9a81e6e1..9b56062879583 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.test.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.test.ts @@ -4,27 +4,25 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EndpointAppLocation, PolicyListState } from '../../types'; -import { applyMiddleware, createStore, Store } from 'redux'; -import { AppAction } from '../action'; -import { policyListReducer } from './reducer'; +import { PolicyListState } from '../../types'; +import { Store, applyMiddleware, createStore } from 'redux'; + +import { coreMock } from '../../../../../../../src/core/public/mocks'; +import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../ingest_manager/common'; + +import { policyListReducer, initialPolicyListState } from './reducer'; import { policyListMiddlewareFactory } from './middleware'; -import { coreMock } from '../../../../../../../../src/core/public/mocks'; + import { isOnPolicyListPage, selectIsLoading, urlSearchParams } from './selectors'; -import { DepsStartMock, depsStartMock } from '../../mocks'; +import { DepsStartMock, depsStartMock } from '../../../common/mock/endpoint'; import { setPolicyListApiMockImplementation } from './test_mock_utils'; import { INGEST_API_DATASOURCES } from './services/ingest'; -import { Immutable } from '../../../../../common/types'; -import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../test_utils'; -import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../../ingest_manager/common'; +import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../../../common/store/test_utils'; describe('policy list store concerns', () => { let fakeCoreStart: ReturnType; let depsStart: DepsStartMock; - type PolicyListStore = Store, Immutable>; - let store: PolicyListStore; - let getState: PolicyListStore['getState']; - let dispatch: PolicyListStore['dispatch']; + let store: Store; let waitForAction: MiddlewareActionSpyHelper['waitForAction']; beforeEach(() => { @@ -36,28 +34,27 @@ describe('policy list store concerns', () => { store = createStore( policyListReducer, + initialPolicyListState(), applyMiddleware(policyListMiddlewareFactory(fakeCoreStart, depsStart), actionSpyMiddleware) ); - getState = store.getState; - dispatch = store.dispatch; }); it('it does nothing on `userChangedUrl` if pathname is NOT `/policy`', async () => { - const state = getState(); + const state = store.getState(); expect(isOnPolicyListPage(state)).toBe(false); - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/foo', search: '', hash: '', - } as EndpointAppLocation, + }, }); - expect(getState()).toEqual(state); + expect(store.getState()).toEqual(state); }); it('it reports `isOnPolicyListPage` correctly when router pathname is `/policy`', async () => { - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -65,12 +62,12 @@ describe('policy list store concerns', () => { hash: '', }, }); - expect(isOnPolicyListPage(getState())).toBe(true); + expect(isOnPolicyListPage(store.getState())).toBe(true); }); it('it sets `isLoading` when `userChangedUrl`', async () => { - expect(selectIsLoading(getState())).toBe(false); - dispatch({ + expect(selectIsLoading(store.getState())).toBe(false); + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -78,13 +75,13 @@ describe('policy list store concerns', () => { hash: '', }, }); - expect(selectIsLoading(getState())).toBe(true); + expect(selectIsLoading(store.getState())).toBe(true); await waitForAction('serverReturnedPolicyListData'); - expect(selectIsLoading(getState())).toBe(false); + expect(selectIsLoading(store.getState())).toBe(false); }); it('it resets state on `userChangedUrl` and pathname is NOT `/policy`', async () => { - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -93,7 +90,7 @@ describe('policy list store concerns', () => { }, }); await waitForAction('serverReturnedPolicyListData'); - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/foo', @@ -101,7 +98,7 @@ describe('policy list store concerns', () => { hash: '', }, }); - expect(getState()).toEqual({ + expect(store.getState()).toEqual({ apiError: undefined, location: undefined, policyItems: [], @@ -112,7 +109,7 @@ describe('policy list store concerns', () => { }); }); it('uses default pagination params when not included in url', async () => { - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -132,7 +129,7 @@ describe('policy list store concerns', () => { describe('when url contains search params', () => { const dispatchUserChangedUrl = (searchParams: string = '') => - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -154,12 +151,12 @@ describe('policy list store concerns', () => { }); it('uses defaults for params not in url', async () => { dispatchUserChangedUrl('?page_index=99'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 99, page_size: 10, }); dispatchUserChangedUrl('?page_size=50'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 0, page_size: 50, }); @@ -199,14 +196,14 @@ describe('policy list store concerns', () => { }); it(`ignores unknown url search params`, async () => { dispatchUserChangedUrl('?page_size=20&page_index=10&foo=bar'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 10, page_size: 20, }); }); it(`uses last param value if param is defined multiple times`, async () => { dispatchUserChangedUrl('?page_size=20&page_size=50&page_index=20&page_index=40'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 40, page_size: 50, }); diff --git a/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts new file mode 100644 index 0000000000000..a4f51fcf0ec66 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { PolicyListState } from '../../types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; +import { Immutable } from '../../../../common/endpoint/types'; +export { policyListReducer } from './reducer'; +export { PolicyListAction } from './action'; +export { policyListMiddlewareFactory } from './middleware'; + +export interface EndpointPolicyListStatePluginState { + policyList: Immutable; +} + +export interface EndpointPolicyListStatePluginReducer { + policyList: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/middleware.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/middleware.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/middleware.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/middleware.ts index 78ebacd971840..b74ffec6ed897 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/middleware.ts @@ -4,18 +4,21 @@ * you may not use this file except in compliance with the Elastic License. */ -import { GetPolicyListResponse, ImmutableMiddlewareFactory, PolicyListState } from '../../types'; +import { GetPolicyListResponse, PolicyListState } from '../../types'; import { sendGetEndpointSpecificDatasources } from './services/ingest'; import { isOnPolicyListPage, urlSearchParams } from './selectors'; +import { ImmutableMiddlewareFactory } from '../../../common/store'; +import { Immutable } from '../../../../common/endpoint/types'; -export const policyListMiddlewareFactory: ImmutableMiddlewareFactory = coreStart => { +export const policyListMiddlewareFactory: ImmutableMiddlewareFactory> = coreStart => { const http = coreStart.http; return ({ getState, dispatch }) => next => async action => { next(action); const state = getState(); - if (action.type === 'userChangedUrl' && isOnPolicyListPage(state)) { const { page_index: pageIndex, page_size: pageSize } = urlSearchParams(state); let response: GetPolicyListResponse; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/reducer.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/reducer.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/reducer.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/reducer.ts index ccd3f84dd060c..80e890602c921 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/reducer.ts @@ -4,12 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { PolicyListState, ImmutableReducer } from '../../types'; -import { AppAction } from '../action'; +import { PolicyListState } from '../../types'; import { isOnPolicyListPage } from './selectors'; -import { Immutable } from '../../../../../common/types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; +import { Immutable } from '../../../../common/endpoint/types'; -const initialPolicyListState = (): PolicyListState => { +export const initialPolicyListState = (): PolicyListState => { return { policyItems: [], isLoading: false, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/selectors.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/selectors.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/selectors.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/selectors.ts index 4986a342cca19..15516a026ff6b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/selectors.ts @@ -7,7 +7,7 @@ import { createSelector } from 'reselect'; import { parse } from 'query-string'; import { PolicyListState, PolicyListUrlSearchParams } from '../../types'; -import { Immutable } from '../../../../../common/types'; +import { Immutable } from '../../../../common/endpoint/types'; const PAGE_SIZES = Object.freeze([10, 20, 50]); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.test.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.test.ts similarity index 94% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.test.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.test.ts index 46f4c09e05a74..df61bbe893c58 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.test.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.test.ts @@ -5,8 +5,8 @@ */ import { sendGetDatasource, sendGetEndpointSpecificDatasources } from './ingest'; -import { httpServiceMock } from '../../../../../../../../../src/core/public/mocks'; -import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../../../ingest_manager/common'; +import { httpServiceMock } from '../../../../../../../../src/core/public/mocks'; +import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../../ingest_manager/common'; describe('ingest service', () => { let http: ReturnType; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.ts similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.ts index 5c27680d6a35c..312a3f7491ab2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.ts @@ -9,9 +9,9 @@ import { GetDatasourcesRequest, GetAgentStatusResponse, DATASOURCE_SAVED_OBJECT_TYPE, -} from '../../../../../../../ingest_manager/common'; +} from '../../../../../../ingest_manager/common'; import { GetPolicyListResponse, GetPolicyResponse, UpdatePolicyResponse } from '../../../types'; -import { NewPolicyData } from '../../../../../../common/types'; +import { NewPolicyData } from '../../../../../common/endpoint/types'; const INGEST_API_ROOT = `/api/ingest_manager`; export const INGEST_API_DATASOURCES = `${INGEST_API_ROOT}/datasources`; @@ -33,7 +33,7 @@ export const sendGetEndpointSpecificDatasources = ( query: { ...options.query, kuery: `${ - options?.query?.kuery ? options.query.kuery + ' and ' : '' + options?.query?.kuery ? `${options.query.kuery} and ` : '' }${DATASOURCE_SAVED_OBJECT_TYPE}.package.name: endpoint`, }, }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/test_mock_utils.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/test_mock_utils.ts similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/test_mock_utils.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/test_mock_utils.ts index a1788b8f8021d..b8fac21b76a26 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/test_mock_utils.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/test_mock_utils.ts @@ -6,7 +6,7 @@ import { HttpStart } from 'kibana/public'; import { INGEST_API_DATASOURCES } from './services/ingest'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data'; import { GetPolicyListResponse } from '../../types'; const generator = new EndpointDocGenerator('policy-list'); diff --git a/x-pack/plugins/siem/public/endpoint_policy/types.ts b/x-pack/plugins/siem/public/endpoint_policy/types.ts new file mode 100644 index 0000000000000..ba42140589789 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/types.ts @@ -0,0 +1,173 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + PolicyData, + Immutable, + MalwareFields, + UIPolicyConfig, + AppLocation, +} from '../../common/endpoint/types'; +import { ServerApiError } from '../common/types'; +import { + GetAgentStatusResponse, + GetDatasourcesResponse, + GetOneDatasourceResponse, + UpdateDatasourceResponse, +} from '../../../ingest_manager/common'; + +/** + * Policy list store state + */ +export interface PolicyListState { + /** Array of policy items */ + policyItems: PolicyData[]; + /** API error if loading data failed */ + apiError?: ServerApiError; + /** total number of policies */ + total: number; + /** Number of policies per page */ + pageSize: number; + /** page number (zero based) */ + pageIndex: number; + /** data is being retrieved from server */ + isLoading: boolean; + /** current location information */ + location?: Immutable; +} + +/** + * Policy details store state + */ +export interface PolicyDetailsState { + /** A single policy item */ + policyItem?: PolicyData; + /** API error if loading data failed */ + apiError?: ServerApiError; + isLoading: boolean; + /** current location of the application */ + location?: Immutable; + /** A summary of stats for the agents associated with a given Fleet Agent Configuration */ + agentStatusSummary?: GetAgentStatusResponse['results']; + /** Status of an update to the policy */ + updateStatus?: { + success: boolean; + error?: ServerApiError; + }; +} + +/** + * The URL search params that are supported by the Policy List page view + */ +export interface PolicyListUrlSearchParams { + page_index: number; + page_size: number; +} + +/** + * Endpoint Policy configuration + */ +export interface PolicyConfig { + windows: { + events: { + dll_and_driver_load: boolean; + dns: boolean; + file: boolean; + network: boolean; + process: boolean; + registry: boolean; + security: boolean; + }; + malware: MalwareFields; + logging: { + stdout: string; + file: string; + }; + advanced: PolicyConfigAdvancedOptions; + }; + mac: { + events: { + file: boolean; + process: boolean; + network: boolean; + }; + malware: MalwareFields; + logging: { + stdout: string; + file: string; + }; + advanced: PolicyConfigAdvancedOptions; + }; + linux: { + events: { + file: boolean; + process: boolean; + network: boolean; + }; + logging: { + stdout: string; + file: string; + }; + advanced: PolicyConfigAdvancedOptions; + }; +} + +interface PolicyConfigAdvancedOptions { + elasticsearch: { + indices: { + control: string; + event: string; + logging: string; + }; + kernel: { + connect: boolean; + process: boolean; + }; + }; +} + +export enum OS { + windows = 'windows', + mac = 'mac', + linux = 'linux', +} + +/** + * Returns the keys of an object whose values meet a criteria. + * Ex) interface largeNestedObject = { + * a: { + * food: Foods; + * toiletPaper: true; + * }; + * b: { + * food: Foods; + * streamingServices: Streams; + * }; + * c: {}; + * } + * + * type hasFoods = KeysByValueCriteria; + * The above type will be: [a, b] only, and will not include c. + * + */ +export type KeysByValueCriteria = { + [K in keyof O]: O[K] extends Criteria ? K : never; +}[keyof O]; + +/** Returns an array of the policy OSes that have a malware protection field */ +export type MalwareProtectionOSes = KeysByValueCriteria; + +export interface GetPolicyListResponse extends GetDatasourcesResponse { + items: PolicyData[]; +} + +export interface GetPolicyResponse extends GetOneDatasourceResponse { + item: PolicyData; +} + +export interface UpdatePolicyResponse extends UpdateDatasourceResponse { + item: PolicyData; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/agents_summary.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/agents_summary.tsx similarity index 82% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/agents_summary.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/agents_summary.tsx index a3e30eb891db4..215e52dedf5d1 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/agents_summary.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/agents_summary.tsx @@ -31,28 +31,28 @@ export const AgentsSummary = memo(props => { return [ { key: 'total', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.totalTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.totalTitle', { defaultMessage: 'Hosts', }), health: '', }, { key: 'online', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.onlineTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.onlineTitle', { defaultMessage: 'Online', }), health: 'success', }, { key: 'offline', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.offlineTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.offlineTitle', { defaultMessage: 'Offline', }), health: 'warning', }, { key: 'error', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.errorTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.errorTitle', { defaultMessage: 'Error', }), health: 'danger', @@ -86,3 +86,5 @@ export const AgentsSummary = memo(props => { ); }); + +AgentsSummary.displayName = 'AgentsSummary'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/index.ts b/x-pack/plugins/siem/public/endpoint_policy/view/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/index.ts rename to x-pack/plugins/siem/public/endpoint_policy/view/index.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.test.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.test.tsx similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.test.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_details.test.tsx index d780b7bde8af3..35786b568ce11 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.test.tsx @@ -6,9 +6,10 @@ import React from 'react'; import { mount } from 'enzyme'; -import { createAppRootMockRenderer } from '../../mocks'; + import { PolicyDetails } from './policy_details'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; +import { createAppRootMockRenderer } from '../../common/mock/endpoint'; describe('Policy Details', () => { type FindReactWrapperResponse = ReturnType['find']>; @@ -57,7 +58,7 @@ describe('Policy Details', () => { if (typeof path === 'string') { // GET datasouce if (path === '/api/ingest_manager/datasources/1') { - asyncActions = asyncActions.then(async (): Promise => await sleep()); + asyncActions = asyncActions.then(async (): Promise => sleep()); return Promise.resolve({ item: policyDatasource, success: true, @@ -66,7 +67,7 @@ describe('Policy Details', () => { // GET Agent status for agent config if (path === '/api/ingest_manager/fleet/agent-status') { - asyncActions = asyncActions.then(async () => await sleep()); + asyncActions = asyncActions.then(async () => sleep()); return Promise.resolve({ results: { events: 0, total: 5, online: 3, error: 1, offline: 1 }, success: true, @@ -160,7 +161,7 @@ describe('Policy Details', () => { 'button[data-test-subj="confirmModalConfirmButton"]' ); http.put.mockImplementation((...args) => { - asyncActions = asyncActions.then(async () => await sleep()); + asyncActions = asyncActions.then(async () => sleep()); const [path] = args; if (typeof path === 'string') { if (path === '/api/ingest_manager/datasources/1') { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.tsx similarity index 74% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_details.tsx index 5f394dba3d1df..c928a374502a5 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.tsx @@ -27,15 +27,15 @@ import { updateStatus, isLoading, apiError, -} from '../../store/policy_details/selectors'; -import { PageView, PageViewHeaderTitle } from '../../view/components/page_view'; -import { AppAction } from '../../types'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +} from '../store/policy_details/selectors'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; import { AgentsSummary } from './agents_summary'; import { VerticalDivider } from './vertical_divider'; import { WindowsEvents, MacEvents, LinuxEvents } from './policy_forms/events'; import { MalwareProtections } from './policy_forms/protections/malware'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; +import { AppAction } from '../../common/store/actions'; +import { useNavigateByRouterEventHandler } from '../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { PageView, PageViewHeaderTitle } from '../../common/components/endpoint/page_view'; export const PolicyDetails = React.memo(() => { const dispatch = useDispatch<(action: AppAction) => void>(); @@ -58,12 +58,12 @@ export const PolicyDetails = React.memo(() => { if (policyUpdateStatus.success) { notifications.toasts.success({ toastLifeTimeMs: 10000, - title: i18n.translate('xpack.endpoint.policy.details.updateSuccessTitle', { + title: i18n.translate('xpack.siem.endpoint.policy.details.updateSuccessTitle', { defaultMessage: 'Success!', }), body: ( @@ -72,7 +72,7 @@ export const PolicyDetails = React.memo(() => { } else { notifications.toasts.danger({ toastLifeTimeMs: 10000, - title: i18n.translate('xpack.endpoint.policy.details.updateErrorTitle', { + title: i18n.translate('xpack.siem.endpoint.policy.details.updateErrorTitle', { defaultMessage: 'Failed!', }), body: <>{policyUpdateStatus.error!.message}, @@ -122,10 +122,10 @@ export const PolicyDetails = React.memo(() => { iconType="arrowLeft" contentProps={{ style: { paddingLeft: '0' } }} onClick={handleBackToListOnClick} - href={services.http.basePath.get() + '/app/endpoint/policy'} + href={`${services.http.basePath.get()}/app/endpoint/policy`} > @@ -136,7 +136,12 @@ export const PolicyDetails = React.memo(() => { const headerRightContent = ( - + @@ -146,7 +151,10 @@ export const PolicyDetails = React.memo(() => { onClick={handleBackToListOnClick} data-test-subj="policyDetailsCancelButton" > - + @@ -157,7 +165,7 @@ export const PolicyDetails = React.memo(() => { onClick={handleSaveOnClick} isLoading={isPolicyLoading} > - + @@ -167,7 +175,7 @@ export const PolicyDetails = React.memo(() => { <> {showConfirm && ( @@ -181,7 +189,7 @@ export const PolicyDetails = React.memo(() => {

@@ -192,7 +200,7 @@ export const PolicyDetails = React.memo(() => {

@@ -208,6 +216,8 @@ export const PolicyDetails = React.memo(() => { ); }); +PolicyDetails.displayName = 'PolicyDetails'; + const ConfirmUpdate = React.memo<{ hostCount: number; onConfirm: () => void; @@ -217,19 +227,19 @@ const ConfirmUpdate = React.memo<{ @@ -255,7 +268,7 @@ const ConfirmUpdate = React.memo<{ )}

@@ -263,3 +276,5 @@ const ConfirmUpdate = React.memo<{
); }); + +ConfirmUpdate.displayName = 'ConfirmUpdate'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/config_form.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/config_form.tsx similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/config_form.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/config_form.tsx index 341086c7cf75c..a888aa6b4cd6e 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/config_form.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/config_form.tsx @@ -52,7 +52,7 @@ export const ConfigForm: React.FC<{
- +
@@ -65,7 +65,7 @@ export const ConfigForm: React.FC<{
@@ -94,3 +94,5 @@ export const ConfigForm: React.FC<{ ); }); + +ConfigForm.displayName = 'ConfigForm'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/checkbox.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/checkbox.tsx similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/checkbox.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/checkbox.tsx index 74322ac8b993b..9c2e19d0b96c8 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/checkbox.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/checkbox.tsx @@ -5,13 +5,13 @@ */ import React, { useCallback, useMemo } from 'react'; -import { EuiCheckbox } from '@elastic/eui'; +import { EuiCheckbox, htmlIdGenerator } from '@elastic/eui'; import { useDispatch } from 'react-redux'; -import { htmlIdGenerator } from '@elastic/eui'; + import { usePolicyDetailsSelector } from '../../policy_hooks'; -import { policyConfig } from '../../../../store/policy_details/selectors'; -import { PolicyDetailsAction } from '../../../../store/policy_details'; -import { UIPolicyConfig } from '../../../../../../../common/types'; +import { policyConfig } from '../../../store/policy_details/selectors'; +import { PolicyDetailsAction } from '../../../store/policy_details'; +import { UIPolicyConfig } from '../../../../../common/endpoint/types'; export const EventsCheckbox = React.memo(function({ name, @@ -47,3 +47,5 @@ export const EventsCheckbox = React.memo(function({ /> ); }); + +EventsCheckbox.displayName = 'EventsCheckbox'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/index.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/index.tsx similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/index.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/index.tsx diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/linux.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/linux.tsx similarity index 74% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/linux.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/linux.tsx index c3d6bdba7c852..2b7b247e4276c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/linux.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/linux.tsx @@ -9,12 +9,12 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { EuiTitle, EuiText, EuiSpacer } from '@elastic/eui'; import { EventsCheckbox } from './checkbox'; -import { OS } from '../../../../types'; +import { OS } from '../../../types'; import { usePolicyDetailsSelector } from '../../policy_hooks'; -import { selectedLinuxEvents, totalLinuxEvents } from '../../../../store/policy_details/selectors'; +import { selectedLinuxEvents, totalLinuxEvents } from '../../../store/policy_details/selectors'; import { ConfigForm } from '../config_form'; -import { getIn, setIn } from '../../../../models/policy_details_config'; -import { UIPolicyConfig } from '../../../../../../../common/types'; +import { getIn, setIn } from '../../../models/policy_details_config'; +import { UIPolicyConfig } from '../../../../../common/endpoint/types'; export const LinuxEvents = React.memo(() => { const selected = usePolicyDetailsSelector(selectedLinuxEvents); @@ -27,21 +27,21 @@ export const LinuxEvents = React.memo(() => { protectionField: keyof UIPolicyConfig['linux']['events']; }> = [ { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.linux.events.file', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.linux.events.file', { defaultMessage: 'File', }), os: OS.linux, protectionField: 'file', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.linux.events.process', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.linux.events.process', { defaultMessage: 'Process', }), os: OS.linux, protectionField: 'process', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.linux.events.network', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.linux.events.network', { defaultMessage: 'Network', }), os: OS.linux, @@ -53,7 +53,7 @@ export const LinuxEvents = React.memo(() => {
@@ -79,7 +79,7 @@ export const LinuxEvents = React.memo(() => { return ( @@ -89,13 +89,13 @@ export const LinuxEvents = React.memo(() => { return ( { const selected = usePolicyDetailsSelector(selectedMacEvents); @@ -27,21 +27,21 @@ export const MacEvents = React.memo(() => { protectionField: keyof UIPolicyConfig['mac']['events']; }> = [ { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.mac.events.file', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.mac.events.file', { defaultMessage: 'File', }), os: OS.mac, protectionField: 'file', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.mac.events.process', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.mac.events.process', { defaultMessage: 'Process', }), os: OS.mac, protectionField: 'process', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.mac.events.network', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.mac.events.network', { defaultMessage: 'Network', }), os: OS.mac, @@ -53,7 +53,7 @@ export const MacEvents = React.memo(() => {
@@ -79,7 +79,7 @@ export const MacEvents = React.memo(() => { return ( @@ -89,13 +89,15 @@ export const MacEvents = React.memo(() => { return ( diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/windows.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/windows.tsx similarity index 67% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/windows.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/windows.tsx index 9d73f12869058..f95b097d85df3 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/windows.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/windows.tsx @@ -9,15 +9,12 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { EuiTitle, EuiText, EuiSpacer } from '@elastic/eui'; import { EventsCheckbox } from './checkbox'; -import { OS } from '../../../../types'; +import { OS } from '../../../types'; import { usePolicyDetailsSelector } from '../../policy_hooks'; -import { - selectedWindowsEvents, - totalWindowsEvents, -} from '../../../../store/policy_details/selectors'; +import { selectedWindowsEvents, totalWindowsEvents } from '../../../store/policy_details/selectors'; import { ConfigForm } from '../config_form'; -import { setIn, getIn } from '../../../../models/policy_details_config'; -import { UIPolicyConfig, Immutable } from '../../../../../../../common/types'; +import { setIn, getIn } from '../../../models/policy_details_config'; +import { UIPolicyConfig, Immutable } from '../../../../../common/endpoint/types'; export const WindowsEvents = React.memo(() => { const selected = usePolicyDetailsSelector(selectedWindowsEvents); @@ -30,49 +27,52 @@ export const WindowsEvents = React.memo(() => { protectionField: keyof UIPolicyConfig['windows']['events']; }>> = [ { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.dllDriverLoad', { - defaultMessage: 'DLL and Driver Load', - }), + name: i18n.translate( + 'xpack.siem.endpoint.policyDetailsConfig.windows.events.dllDriverLoad', + { + defaultMessage: 'DLL and Driver Load', + } + ), os: OS.windows, protectionField: 'dll_and_driver_load', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.dns', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.dns', { defaultMessage: 'DNS', }), os: OS.windows, protectionField: 'dns', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.file', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.file', { defaultMessage: 'File', }), os: OS.windows, protectionField: 'file', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.network', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.network', { defaultMessage: 'Network', }), os: OS.windows, protectionField: 'network', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.process', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.process', { defaultMessage: 'Process', }), os: OS.windows, protectionField: 'process', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.registry', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.registry', { defaultMessage: 'Registry', }), os: OS.windows, protectionField: 'registry', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.security', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.security', { defaultMessage: 'Security', }), os: OS.windows, @@ -84,7 +84,7 @@ export const WindowsEvents = React.memo(() => {
@@ -110,7 +110,7 @@ export const WindowsEvents = React.memo(() => { return ( @@ -120,13 +120,13 @@ export const WindowsEvents = React.memo(() => { return ( { return [ { id: ProtectionModes.detect, - label: i18n.translate('xpack.endpoint.policy.details.detect', { defaultMessage: 'Detect' }), + label: i18n.translate('xpack.siem.endpoint.policy.details.detect', { + defaultMessage: 'Detect', + }), protection: 'malware', }, { id: ProtectionModes.prevent, - label: i18n.translate('xpack.endpoint.policy.details.prevent', { + label: i18n.translate('xpack.siem.endpoint.policy.details.prevent', { defaultMessage: 'Prevent', }), protection: 'malware', }, { id: ProtectionModes.preventNotify, - label: i18n.translate('xpack.endpoint.policy.details.preventAndNotify', { + label: i18n.translate('xpack.siem.endpoint.policy.details.preventAndNotify', { defaultMessage: 'Prevent and notify user', }), protection: 'malware', @@ -129,7 +133,7 @@ export const MalwareProtections = React.memo(() => {
@@ -153,7 +157,7 @@ export const MalwareProtections = React.memo(() => { const protectionSwitch = useMemo(() => { return ( { return ( { ); }); + +MalwareProtections.displayName = 'MalwareProtections'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_hooks.ts b/x-pack/plugins/siem/public/endpoint_policy/view/policy_hooks.ts similarity index 63% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_hooks.ts rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_hooks.ts index 5bfce15d680bf..9fadba85c5245 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_hooks.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_hooks.ts @@ -5,14 +5,15 @@ */ import { useSelector } from 'react-redux'; -import { GlobalState, PolicyListState, PolicyDetailsState } from '../../types'; +import { PolicyListState, PolicyDetailsState } from '../types'; +import { State } from '../../common/store'; export function usePolicyListSelector(selector: (state: PolicyListState) => TSelected) { - return useSelector((state: GlobalState) => selector(state.policyList)); + return useSelector((state: State) => selector(state.policyList as PolicyListState)); } export function usePolicyDetailsSelector( selector: (state: PolicyDetailsState) => TSelected ) { - return useSelector((state: GlobalState) => selector(state.policyDetails)); + return useSelector((state: State) => selector(state.policyDetails as PolicyDetailsState)); } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_list.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_list.tsx similarity index 79% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_list.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_list.tsx index 39529e7c11ab1..a9aea57239ed1 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_list.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_list.tsx @@ -9,7 +9,7 @@ import { EuiBasicTable, EuiText, EuiTableFieldDataColumnType, EuiLink } from '@e import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { useDispatch } from 'react-redux'; -import { useHistory, useLocation } from 'react-router-dom'; +import { useLocation, useHistory } from 'react-router-dom'; import { selectApiError, selectIsLoading, @@ -17,14 +17,14 @@ import { selectPageSize, selectPolicyItems, selectTotal, -} from '../../store/policy_list/selectors'; +} from '../store/policy_list/selectors'; import { usePolicyListSelector } from './policy_hooks'; -import { PolicyListAction } from '../../store/policy_list'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; -import { PageView } from '../components/page_view'; -import { LinkToApp } from '../components/link_to_app'; -import { Immutable, PolicyData } from '../../../../../common/types'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; +import { PolicyListAction } from '../store/policy_list'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; +import { Immutable, PolicyData } from '../../../common/endpoint/types'; +import { useNavigateByRouterEventHandler } from '../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { PageView } from '../../common/components/endpoint/page_view'; +import { LinkToApp } from '../../common/components/endpoint/link_to_app'; interface TableChangeCallbackArguments { page: { index: number; size: number }; @@ -88,9 +88,10 @@ export const PolicyList = React.memo(() => { () => [ { field: 'name', - name: i18n.translate('xpack.endpoint.policyList.nameField', { + name: i18n.translate('xpack.siem.endpoint.policyList.nameField', { defaultMessage: 'Policy Name', }), + // eslint-disable-next-line react/display-name render: (value: string, item: Immutable) => { const routeUri = `/policy/${item.id}`; return ( @@ -105,14 +106,14 @@ export const PolicyList = React.memo(() => { }, { field: 'revision', - name: i18n.translate('xpack.endpoint.policyList.revisionField', { + name: i18n.translate('xpack.siem.endpoint.policyList.revisionField', { defaultMessage: 'Revision', }), dataType: 'number', }, { field: 'package', - name: i18n.translate('xpack.endpoint.policyList.versionField', { + name: i18n.translate('xpack.siem.endpoint.policyList.versionField', { defaultMessage: 'Version', }), render(pkg) { @@ -121,14 +122,14 @@ export const PolicyList = React.memo(() => { }, { field: 'description', - name: i18n.translate('xpack.endpoint.policyList.descriptionField', { + name: i18n.translate('xpack.siem.endpoint.policyList.descriptionField', { defaultMessage: 'Description', }), truncateText: true, }, { field: 'config_id', - name: i18n.translate('xpack.endpoint.policyList.agentConfigField', { + name: i18n.translate('xpack.siem.endpoint.policyList.agentConfigField', { defaultMessage: 'Agent Configuration', }), render(version: string) { @@ -152,13 +153,13 @@ export const PolicyList = React.memo(() => { @@ -176,3 +177,5 @@ export const PolicyList = React.memo(() => { ); }); + +PolicyList.displayName = 'PolicyList'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/vertical_divider.ts b/x-pack/plugins/siem/public/endpoint_policy/view/vertical_divider.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/vertical_divider.ts rename to x-pack/plugins/siem/public/endpoint_policy/view/vertical_divider.ts index c73f6f12bec82..918e94cb5b412 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/vertical_divider.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/view/vertical_divider.ts @@ -5,7 +5,7 @@ */ import styled from 'styled-components'; -import { EuiTheme } from '../../../../../../../legacy/common/eui_styled_components'; +import { EuiTheme } from '../../../../../legacy/common/eui_styled_components'; type SpacingOptions = keyof EuiTheme['eui']['spacerSizes']; diff --git a/x-pack/plugins/siem/public/index.ts b/x-pack/plugins/siem/public/index.ts index 46f72c1fa17c8..36344a25e1568 100644 --- a/x-pack/plugins/siem/public/index.ts +++ b/x-pack/plugins/siem/public/index.ts @@ -5,7 +5,8 @@ */ import { PluginInitializerContext } from '../../../../src/core/public'; -import { Plugin, PluginSetup, PluginStart } from './plugin'; +import { Plugin } from './plugin'; +import { PluginSetup, PluginStart } from './types'; export const plugin = (context: PluginInitializerContext): Plugin => new Plugin(context); diff --git a/x-pack/plugins/siem/public/plugin.tsx b/x-pack/plugins/siem/public/plugin.tsx index cc46025ddc4a6..9bea776220720 100644 --- a/x-pack/plugins/siem/public/plugin.tsx +++ b/x-pack/plugins/siem/public/plugin.tsx @@ -14,51 +14,12 @@ import { Plugin as IPlugin, DEFAULT_APP_CATEGORIES, } from '../../../../src/core/public'; -import { - HomePublicPluginSetup, - FeatureCatalogueCategory, -} from '../../../../src/plugins/home/public'; -import { DataPublicPluginStart } from '../../../../src/plugins/data/public'; -import { EmbeddableStart } from '../../../../src/plugins/embeddable/public'; -import { Start as NewsfeedStart } from '../../../../src/plugins/newsfeed/public'; -import { Start as InspectorStart } from '../../../../src/plugins/inspector/public'; -import { UiActionsStart } from '../../../../src/plugins/ui_actions/public'; -import { UsageCollectionSetup } from '../../../../src/plugins/usage_collection/public'; -import { - TriggersAndActionsUIPublicPluginSetup as TriggersActionsSetup, - TriggersAndActionsUIPublicPluginStart as TriggersActionsStart, -} from '../../triggers_actions_ui/public'; -import { SecurityPluginSetup } from '../../security/public'; -import { APP_ID, APP_NAME, APP_PATH, APP_ICON } from '../common/constants'; +import { FeatureCatalogueCategory } from '../../../../src/plugins/home/public'; import { initTelemetry } from './common/lib/telemetry'; import { KibanaServices } from './common/lib/kibana/services'; import { serviceNowActionType, jiraActionType } from './common/lib/connectors'; - -export interface SetupPlugins { - home: HomePublicPluginSetup; - security: SecurityPluginSetup; - triggers_actions_ui: TriggersActionsSetup; - usageCollection?: UsageCollectionSetup; -} - -export interface StartPlugins { - data: DataPublicPluginStart; - embeddable: EmbeddableStart; - inspector: InspectorStart; - newsfeed?: NewsfeedStart; - triggers_actions_ui: TriggersActionsStart; - uiActions: UiActionsStart; -} - -export type StartServices = CoreStart & - StartPlugins & { - security: SecurityPluginSetup; - }; - -// eslint-disable-next-line @typescript-eslint/no-empty-interface -export interface PluginSetup {} -// eslint-disable-next-line @typescript-eslint/no-empty-interface -export interface PluginStart {} +import { PluginSetup, PluginStart, SetupPlugins, StartPlugins, StartServices } from './types'; +import { APP_ID, APP_NAME, APP_ICON, APP_PATH } from '../common/constants'; export class Plugin implements IPlugin { private kibanaVersion: string; @@ -102,6 +63,14 @@ export class Plugin implements IPlugin { describe('eventType', () => { diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event.ts b/x-pack/plugins/siem/public/resolver/models/process_event.ts similarity index 95% rename from x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event.ts rename to x-pack/plugins/siem/public/resolver/models/process_event.ts index a709d6caf46cb..038e5b90b2170 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event.ts +++ b/x-pack/plugins/siem/public/resolver/models/process_event.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ResolverEvent } from '../../../../common/types'; -import * as event from '../../../../common/models/event'; +import * as event from '../../../common/endpoint/models/event'; +import { ResolverEvent } from '../../../common/endpoint/types'; import { ResolverProcessType } from '../types'; /** diff --git a/x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts b/x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts new file mode 100644 index 0000000000000..be0895dbec4fe --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts @@ -0,0 +1,42 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { defaults } from 'lodash/fp'; +import { LegacyEndpointEvent } from '../../../common/endpoint/types'; + +type DeepPartial = { [K in keyof T]?: DeepPartial }; +/** + * Creates a mock process event given the 'parts' argument, which can + * include all or some process event fields as determined by the ProcessEvent type. + * The only field that must be provided is the event's 'node_id' field. + * The other fields are populated by the function unless provided in 'parts' + */ +export function mockProcessEvent(parts: DeepPartial): LegacyEndpointEvent { + return defaults( + { + endgame: { + event_timestamp: 1, + event_type: 1, + unique_ppid: 0, + unique_pid: 1, + machine_id: '', + event_subtype_full: 'creation_event', + event_type_full: 'process_event', + process_name: '', + process_path: '', + timestamp_utc: '', + serial_event_id: 1, + }, + '@timestamp': 1582233383000, + agent: { + type: '', + id: '', + version: '', + }, + }, + parts + ); +} diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/actions.ts b/x-pack/plugins/siem/public/resolver/store/actions.ts similarity index 98% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/actions.ts rename to x-pack/plugins/siem/public/resolver/store/actions.ts index 462f6e251d5d0..0963118ce14b8 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/actions.ts +++ b/x-pack/plugins/siem/public/resolver/store/actions.ts @@ -5,7 +5,7 @@ */ import { CameraAction } from './camera'; import { DataAction } from './data'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; /** * When the user wants to bring a process node front-and-center on the map. diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts b/x-pack/plugins/siem/public/resolver/store/camera/action.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts rename to x-pack/plugins/siem/public/resolver/store/camera/action.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/animation.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/animation.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/animation.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/animation.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/index.ts b/x-pack/plugins/siem/public/resolver/store/camera/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/index.ts rename to x-pack/plugins/siem/public/resolver/store/camera/index.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/inverse_projection_matrix.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/inverse_projection_matrix.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/inverse_projection_matrix.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/inverse_projection_matrix.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/methods.ts b/x-pack/plugins/siem/public/resolver/store/camera/methods.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/methods.ts rename to x-pack/plugins/siem/public/resolver/store/camera/methods.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/panning.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/panning.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/panning.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/panning.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/projection_matrix.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/projection_matrix.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/projection_matrix.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/projection_matrix.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/reducer.ts b/x-pack/plugins/siem/public/resolver/store/camera/reducer.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/reducer.ts rename to x-pack/plugins/siem/public/resolver/store/camera/reducer.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scale_to_zoom.ts b/x-pack/plugins/siem/public/resolver/store/camera/scale_to_zoom.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scale_to_zoom.ts rename to x-pack/plugins/siem/public/resolver/store/camera/scale_to_zoom.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scaling_constants.ts b/x-pack/plugins/siem/public/resolver/store/camera/scaling_constants.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scaling_constants.ts rename to x-pack/plugins/siem/public/resolver/store/camera/scaling_constants.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/selectors.ts b/x-pack/plugins/siem/public/resolver/store/camera/selectors.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/camera/selectors.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/test_helpers.ts b/x-pack/plugins/siem/public/resolver/store/camera/test_helpers.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/test_helpers.ts rename to x-pack/plugins/siem/public/resolver/store/camera/test_helpers.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/zooming.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/zooming.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/zooming.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/zooming.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/__snapshots__/graphing.test.ts.snap b/x-pack/plugins/siem/public/resolver/store/data/__snapshots__/graphing.test.ts.snap similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/__snapshots__/graphing.test.ts.snap rename to x-pack/plugins/siem/public/resolver/store/data/__snapshots__/graphing.test.ts.snap diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/action.ts b/x-pack/plugins/siem/public/resolver/store/data/action.ts similarity index 94% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/action.ts rename to x-pack/plugins/siem/public/resolver/store/data/action.ts index 8c84d8f82b874..f6ef7b16ae682 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/action.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/action.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ResolverEvent } from '../../../../../common/types'; +import { ResolverEvent } from '../../../../common/endpoint/types'; import { RelatedEventDataEntry } from '../../types'; interface ServerReturnedResolverData { diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/graphing.test.ts b/x-pack/plugins/siem/public/resolver/store/data/graphing.test.ts similarity index 99% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/graphing.test.ts rename to x-pack/plugins/siem/public/resolver/store/data/graphing.test.ts index f95ecc63d2a66..69edf3b4c134d 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/graphing.test.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/graphing.test.ts @@ -8,7 +8,7 @@ import { Store, createStore } from 'redux'; import { DataAction } from './action'; import { dataReducer } from './reducer'; import { DataState } from '../../types'; -import { LegacyEndpointEvent, ResolverEvent } from '../../../../../common/types'; +import { LegacyEndpointEvent, ResolverEvent } from '../../../../common/endpoint/types'; import { graphableProcesses, processNodePositionsAndEdgeLineSegments } from './selectors'; import { mockProcessEvent } from '../../models/process_event_test_helpers'; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/index.ts b/x-pack/plugins/siem/public/resolver/store/data/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/index.ts rename to x-pack/plugins/siem/public/resolver/store/data/index.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/reducer.ts b/x-pack/plugins/siem/public/resolver/store/data/reducer.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/reducer.ts rename to x-pack/plugins/siem/public/resolver/store/data/reducer.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/sample.ts b/x-pack/plugins/siem/public/resolver/store/data/sample.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/sample.ts rename to x-pack/plugins/siem/public/resolver/store/data/sample.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.test.ts b/x-pack/plugins/siem/public/resolver/store/data/selectors.test.ts similarity index 95% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.test.ts rename to x-pack/plugins/siem/public/resolver/store/data/selectors.test.ts index 561b0da12bcb1..f6d2b978d6b4d 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.test.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/selectors.test.ts @@ -1,59 +1,59 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { Store, createStore } from 'redux'; -import { DataAction } from './action'; -import { dataReducer } from './reducer'; -import { - DataState, - RelatedEventDataEntry, - RelatedEventDataEntryWithStats, - RelatedEventData, -} from '../../types'; -import { ResolverEvent } from '../../../../../common/types'; -import { relatedEventStats, relatedEvents } from './selectors'; - -describe('resolver data selectors', () => { - const store: Store = createStore(dataReducer, undefined); - describe('when related event data is reduced into state with no results', () => { - let relatedEventInfoBeforeAction: RelatedEventData; - beforeEach(() => { - relatedEventInfoBeforeAction = new Map(relatedEvents(store.getState()) || []); - const payload: Map = new Map(); - const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; - store.dispatch(action); - }); - it('should have the same related info as before the action', () => { - const relatedInfoAfterAction = relatedEvents(store.getState()); - expect(relatedInfoAfterAction).toEqual(relatedEventInfoBeforeAction); - }); - }); - describe('when related event data is reduced into state with 2 dns results', () => { - let mockBaseEvent: ResolverEvent; - beforeEach(() => { - mockBaseEvent = {} as ResolverEvent; - function dnsRelatedEventEntry() { - const fakeEvent = {} as ResolverEvent; - return { relatedEvent: fakeEvent, relatedEventType: 'dns' }; - } - const payload: Map = new Map([ - [ - mockBaseEvent, - { - relatedEvents: [dnsRelatedEventEntry(), dnsRelatedEventEntry()], - }, - ], - ]); - const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; - store.dispatch(action); - }); - it('should compile stats reflecting a count of 2 for dns', () => { - const actualStats = relatedEventStats(store.getState()); - const statsForFakeEvent = actualStats.get(mockBaseEvent)! as RelatedEventDataEntryWithStats; - expect(statsForFakeEvent.stats).toEqual({ dns: 2 }); - }); - }); -}); +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Store, createStore } from 'redux'; +import { DataAction } from './action'; +import { dataReducer } from './reducer'; +import { + DataState, + RelatedEventDataEntry, + RelatedEventDataEntryWithStats, + RelatedEventData, +} from '../../types'; +import { ResolverEvent } from '../../../../common/endpoint/types'; +import { relatedEventStats, relatedEvents } from './selectors'; + +describe('resolver data selectors', () => { + const store: Store = createStore(dataReducer, undefined); + describe('when related event data is reduced into state with no results', () => { + let relatedEventInfoBeforeAction: RelatedEventData; + beforeEach(() => { + relatedEventInfoBeforeAction = new Map(relatedEvents(store.getState()) || []); + const payload: Map = new Map(); + const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; + store.dispatch(action); + }); + it('should have the same related info as before the action', () => { + const relatedInfoAfterAction = relatedEvents(store.getState()); + expect(relatedInfoAfterAction).toEqual(relatedEventInfoBeforeAction); + }); + }); + describe('when related event data is reduced into state with 2 dns results', () => { + let mockBaseEvent: ResolverEvent; + beforeEach(() => { + mockBaseEvent = {} as ResolverEvent; + function dnsRelatedEventEntry() { + const fakeEvent = {} as ResolverEvent; + return { relatedEvent: fakeEvent, relatedEventType: 'dns' }; + } + const payload: Map = new Map([ + [ + mockBaseEvent, + { + relatedEvents: [dnsRelatedEventEntry(), dnsRelatedEventEntry()], + }, + ], + ]); + const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; + store.dispatch(action); + }); + it('should compile stats reflecting a count of 2 for dns', () => { + const actualStats = relatedEventStats(store.getState()); + const statsForFakeEvent = actualStats.get(mockBaseEvent)! as RelatedEventDataEntryWithStats; + expect(statsForFakeEvent.stats).toEqual({ dns: 2 }); + }); + }); +}); diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.ts b/x-pack/plugins/siem/public/resolver/store/data/selectors.ts similarity index 99% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/data/selectors.ts index 413f4db1cc99e..ec6e937e03d9a 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/selectors.ts @@ -14,11 +14,12 @@ import { ProcessWithWidthMetadata, Matrix3, AdjacentProcessMap, + Vector2, RelatedEventData, RelatedEventDataEntryWithStats, } from '../../types'; -import { ResolverEvent } from '../../../../../common/types'; -import { Vector2 } from '../../types'; +import { ResolverEvent } from '../../../../common/endpoint/types'; + import { add as vector2Add, applyMatrix3 } from '../../lib/vector2'; import { isGraphableProcess, uniquePidForProcess } from '../../models/process_event'; import { @@ -160,6 +161,7 @@ function processEdgeLineSegments( * We only handle children, drawing lines back to their parents. The root has no parent, so we skip it */ if (metadata.parent === null) { + // eslint-disable-next-line no-continue continue; } const { process, parent, parentWidth } = metadata; @@ -435,6 +437,7 @@ export const relatedEventStats = createSelector(relatedEventResults, function ge if (newStatsEntry === 'error') { // If the entry is an error, return it as is relatedEventStats.set(updatedEvent, newStatsEntry); + // eslint-disable-next-line no-continue continue; } if (typeof newStatsEntry === 'object') { diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/index.ts b/x-pack/plugins/siem/public/resolver/store/index.ts similarity index 82% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/index.ts rename to x-pack/plugins/siem/public/resolver/store/index.ts index 2a20c73347348..203ecccb1d369 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/index.ts +++ b/x-pack/plugins/siem/public/resolver/store/index.ts @@ -6,14 +6,14 @@ import { createStore, applyMiddleware, Store } from 'redux'; import { composeWithDevTools } from 'redux-devtools-extension/developmentOnly'; -import { KibanaReactContextValue } from '../../../../../../../src/plugins/kibana_react/public'; +import { KibanaReactContextValue } from '../../../../../../src/plugins/kibana_react/public'; import { ResolverAction, ResolverState } from '../types'; -import { EndpointPluginServices } from '../../../plugin'; +import { StartServices } from '../../types'; import { resolverReducer } from './reducer'; import { resolverMiddlewareFactory } from './middleware'; export const storeFactory = ( - context?: KibanaReactContextValue + context?: KibanaReactContextValue ): { store: Store } => { const actionsBlacklist: Array = ['userMovedPointer']; const composeEnhancers = composeWithDevTools({ diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/methods.ts b/x-pack/plugins/siem/public/resolver/store/methods.ts similarity index 93% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/methods.ts rename to x-pack/plugins/siem/public/resolver/store/methods.ts index f15307a662388..3890770259156 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/methods.ts +++ b/x-pack/plugins/siem/public/resolver/store/methods.ts @@ -7,7 +7,7 @@ import { animatePanning } from './camera/methods'; import { processNodePositionsAndEdgeLineSegments } from './selectors'; import { ResolverState } from '../types'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; const animationDuration = 1000; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/middleware.ts b/x-pack/plugins/siem/public/resolver/store/middleware.ts similarity index 93% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/middleware.ts rename to x-pack/plugins/siem/public/resolver/store/middleware.ts index 06758022b05c5..f0d89e7bb5d5c 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/middleware.ts +++ b/x-pack/plugins/siem/public/resolver/store/middleware.ts @@ -6,14 +6,14 @@ import { Dispatch, MiddlewareAPI } from 'redux'; import { HttpHandler } from 'kibana/public'; -import { KibanaReactContextValue } from '../../../../../../../src/plugins/kibana_react/public'; -import { EndpointPluginServices } from '../../../plugin'; +import { KibanaReactContextValue } from '../../../../../../src/plugins/kibana_react/public'; +import { StartServices } from '../../types'; import { ResolverState, ResolverAction, RelatedEventDataEntry } from '../types'; -import { ResolverEvent, ResolverNode } from '../../../../common/types'; -import * as event from '../../../../common/models/event'; +import { ResolverEvent, ResolverNode } from '../../../common/endpoint/types'; +import * as event from '../../../common/endpoint/models/event'; type MiddlewareFactory = ( - context?: KibanaReactContextValue + context?: KibanaReactContextValue ) => ( api: MiddlewareAPI, S> ) => (next: Dispatch) => (action: ResolverAction) => unknown; @@ -124,6 +124,7 @@ export const resolverMiddlewareFactory: MiddlewareFactory = context => { type: 'serverFailedToReturnRelatedEventData', payload: results[0], }); + // eslint-disable-next-line no-continue continue; } diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/reducer.ts b/x-pack/plugins/siem/public/resolver/store/reducer.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/reducer.ts rename to x-pack/plugins/siem/public/resolver/store/reducer.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/selectors.ts b/x-pack/plugins/siem/public/resolver/store/selectors.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/selectors.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/ui/selectors.ts b/x-pack/plugins/siem/public/resolver/store/ui/selectors.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/ui/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/ui/selectors.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/types.ts b/x-pack/plugins/siem/public/resolver/types.ts similarity index 98% rename from x-pack/plugins/endpoint/public/embeddables/resolver/types.ts rename to x-pack/plugins/siem/public/resolver/types.ts index 32fefba8f0f20..e93a7856557cc 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/types.ts +++ b/x-pack/plugins/siem/public/resolver/types.ts @@ -8,8 +8,8 @@ import { Store } from 'redux'; import { ResolverAction } from './store/actions'; export { ResolverAction } from './store/actions'; -import { ResolverEvent } from '../../../common/types'; -import { eventType } from '../../../common/models/event'; +import { ResolverEvent } from '../../common/endpoint/types'; +import { eventType } from '../../common/endpoint/models/event'; /** * Redux state for the Resolver feature. Properties on this interface are populated via multiple reducers using redux's `combineReducers`. diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/defs.tsx b/x-pack/plugins/siem/public/resolver/view/defs.tsx similarity index 95% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/defs.tsx rename to x-pack/plugins/siem/public/resolver/view/defs.tsx index 064645019ca34..d70ee7bc23587 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/defs.tsx +++ b/x-pack/plugins/siem/public/resolver/view/defs.tsx @@ -150,6 +150,8 @@ const PaintServers = memo(() => ( )); +PaintServers.displayName = 'PaintServers'; + /** * Ids of symbols to be linked by elements */ @@ -183,7 +185,7 @@ const SymbolsAndShapes = memo(() => ( /> - Running Process + {'Running Process'} ( /> - resolver_dark process running + {'resolver_dark process running'} ( /> - Terminated Process + {'Terminated Process'} ( - Terminated Trigger Process + {'Terminated Trigger Process'} ( - resolver active backing + {'resolver active backing'} ( )); +SymbolsAndShapes.displayName = 'SymbolsAndShapes'; + /** * This `` element is used to define the reusable assets for the Resolver * It confers several advantages, including but not limited to: @@ -379,16 +383,18 @@ const SymbolsAndShapes = memo(() => ( * 2. Separation of concerns between creative assets and more functional areas of the app * 3. `` elements can be handled by compositor (faster) */ -export const SymbolDefinitions = styled( - memo(({ className }: { className?: string }) => ( - - - - - - - )) -)` +const SymbolDefinitionsComponent = memo(({ className }: { className?: string }) => ( + + + + + + +)); + +SymbolDefinitionsComponent.displayName = 'SymbolDefinitions'; + +export const SymbolDefinitions = styled(SymbolDefinitionsComponent)` position: absolute; left: 100%; top: 100%; diff --git a/x-pack/plugins/siem/public/resolver/view/edge_line.tsx b/x-pack/plugins/siem/public/resolver/view/edge_line.tsx new file mode 100644 index 0000000000000..2192422b7d31d --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/view/edge_line.tsx @@ -0,0 +1,80 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import styled from 'styled-components'; +import { applyMatrix3, distance, angle } from '../lib/vector2'; +import { Vector2, Matrix3 } from '../types'; + +/** + * A placeholder line segment view that connects process nodes. + */ +const EdgeLineComponent = React.memo( + ({ + className, + startPosition, + endPosition, + projectionMatrix, + }: { + /** + * A className string provided by `styled` + */ + className?: string; + /** + * The postion of first point in the line segment. In 'world' coordinates. + */ + startPosition: Vector2; + /** + * The postion of second point in the line segment. In 'world' coordinates. + */ + endPosition: Vector2; + /** + * projectionMatrix which can be used to convert `startPosition` and `endPosition` to screen coordinates. + */ + projectionMatrix: Matrix3; + }) => { + /** + * Convert the start and end positions, which are in 'world' coordinates, + * to `left` and `top` css values. + */ + const screenStart = applyMatrix3(startPosition, projectionMatrix); + const screenEnd = applyMatrix3(endPosition, projectionMatrix); + + /** + * We render the line using a short, long, `div` element. The length of this `div` + * should be the same as the distance between the start and end points. + */ + const length = distance(screenStart, screenEnd); + + const style = { + left: `${screenStart[0]}px`, + top: `${screenStart[1]}px`, + width: `${length}px`, + /** + * Transform from the left of the div, as the left side of the `div` is positioned + * at the start point of the line segment. + */ + transformOrigin: 'top left', + /** + * Translate the `div` in the y axis to accomodate for the height of the `div`. + * Also rotate the `div` in the z axis so that it's angle matches the angle + * between the start and end points. + */ + transform: `translateY(-50%) rotateZ(${angle(screenStart, screenEnd)}rad)`, + }; + return
; + } +); + +EdgeLineComponent.displayName = 'EdgeLine'; + +export const EdgeLine = styled(EdgeLineComponent)` + position: absolute; + height: 3px; + background-color: #d4d4d4; + color: #333333; + contain: strict; +`; diff --git a/x-pack/plugins/siem/public/resolver/view/graph_controls.tsx b/x-pack/plugins/siem/public/resolver/view/graph_controls.tsx new file mode 100644 index 0000000000000..f5bc571434d66 --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/view/graph_controls.tsx @@ -0,0 +1,188 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +/* eslint-disable react/button-has-type */ + +import React, { useCallback, useMemo, useContext } from 'react'; +import styled from 'styled-components'; +import { EuiRange, EuiPanel, EuiIcon } from '@elastic/eui'; +import { useSelector, useDispatch } from 'react-redux'; +import { SideEffectContext } from './side_effect_context'; +import { ResolverAction, Vector2 } from '../types'; +import * as selectors from '../store/selectors'; + +/** + * Controls for zooming, panning, and centering in Resolver + */ +const GraphControlsComponent = React.memo( + ({ + className, + }: { + /** + * A className string provided by `styled` + */ + className?: string; + }) => { + const dispatch: (action: ResolverAction) => unknown = useDispatch(); + const scalingFactor = useSelector(selectors.scalingFactor); + const { timestamp } = useContext(SideEffectContext); + + const handleZoomAmountChange = useCallback( + (event: React.ChangeEvent | React.MouseEvent) => { + const valueAsNumber = parseFloat( + (event as React.ChangeEvent).target.value + ); + if (isNaN(valueAsNumber) === false) { + dispatch({ + type: 'userSetZoomLevel', + payload: valueAsNumber, + }); + } + }, + [dispatch] + ); + + const handleCenterClick = useCallback(() => { + dispatch({ + type: 'userSetPositionOfCamera', + payload: [0, 0], + }); + }, [dispatch]); + + const handleZoomOutClick = useCallback(() => { + dispatch({ + type: 'userClickedZoomOut', + }); + }, [dispatch]); + + const handleZoomInClick = useCallback(() => { + dispatch({ + type: 'userClickedZoomIn', + }); + }, [dispatch]); + + const [handleNorth, handleEast, handleSouth, handleWest] = useMemo(() => { + const directionVectors: readonly Vector2[] = [ + [0, 1], + [1, 0], + [0, -1], + [-1, 0], + ]; + return directionVectors.map(direction => { + return () => { + const action: ResolverAction = { + type: 'userNudgedCamera', + payload: { direction, time: timestamp() }, + }; + dispatch(action); + }; + }); + }, [dispatch, timestamp]); + + return ( +
+ +
+ +
+
+ + + +
+
+ +
+
+ + + + + +
+ ); + } +); + +GraphControlsComponent.displayName = 'GraphControlsComponent'; + +export const GraphControls = styled(GraphControlsComponent)` + position: absolute; + top: 5px; + right: 5px; + background-color: #d4d4d4; + color: #333333; + + .zoom-controls { + display: flex; + flex-direction: column; + align-items: center; + padding: 5px 0px; + + .zoom-slider { + width: 20px; + height: 150px; + margin: 5px 0px 2px 0px; + + input[type='range'] { + width: 150px; + height: 20px; + transform-origin: 75px 75px; + transform: rotate(-90deg); + } + } + } + .panning-controls { + text-align: center; + } +`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/index.tsx b/x-pack/plugins/siem/public/resolver/view/index.tsx similarity index 94% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/index.tsx rename to x-pack/plugins/siem/public/resolver/view/index.tsx index 5275ba3ec5b4c..26d7842bbbeeb 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/index.tsx +++ b/x-pack/plugins/siem/public/resolver/view/index.tsx @@ -17,7 +17,7 @@ import { ProcessEventDot } from './process_event_dot'; import { useCamera } from './use_camera'; import { SymbolDefinitions, NamedColors } from './defs'; import { ResolverAction } from '../types'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; const StyledPanel = styled(Panel)` position: absolute; @@ -29,12 +29,6 @@ const StyledPanel = styled(Panel)` max-width: 50%; `; -const StyledGraphControls = styled(GraphControls)` - position: absolute; - top: 5px; - right: 5px; -`; - const StyledResolverContainer = styled.div` display: flex; flex-grow: 1; @@ -81,7 +75,7 @@ export const Resolver = styled(
{' '}
@@ -123,7 +117,7 @@ export const Resolver = styled( )} - +
); diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/panel.tsx b/x-pack/plugins/siem/public/resolver/view/panel.tsx similarity index 77% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/panel.tsx rename to x-pack/plugins/siem/public/resolver/view/panel.tsx index 1250c1106b355..8039d2f53d802 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/panel.tsx +++ b/x-pack/plugins/siem/public/resolver/view/panel.tsx @@ -4,15 +4,20 @@ * you may not use this file except in compliance with the Elastic License. */ import React, { memo, useCallback, useMemo, useContext } from 'react'; -import { EuiPanel, EuiBadge, EuiBasicTableColumn } from '@elastic/eui'; -import { EuiTitle } from '@elastic/eui'; -import { EuiHorizontalRule, EuiInMemoryTable } from '@elastic/eui'; +import { + EuiPanel, + EuiBadge, + EuiBasicTableColumn, + EuiTitle, + EuiHorizontalRule, + EuiInMemoryTable, +} from '@elastic/eui'; import euiVars from '@elastic/eui/dist/eui_theme_light.json'; import { useSelector } from 'react-redux'; import { i18n } from '@kbn/i18n'; import { SideEffectContext } from './side_effect_context'; -import { ResolverEvent } from '../../../../common/types'; -import * as event from '../../../../common/models/event'; +import { ResolverEvent } from '../../../common/endpoint/types'; +import * as event from '../../../common/endpoint/models/event'; import { useResolverDispatch } from './use_resolver_dispatch'; import * as selectors from '../store/selectors'; @@ -94,7 +99,7 @@ export const Panel = memo(function Event({ className }: { className?: string }) () => [ { field: 'name', - name: i18n.translate('xpack.endpoint.resolver.panel.tabel.row.processNameTitle', { + name: i18n.translate('xpack.siem.endpoint.resolver.panel.tabel.row.processNameTitle', { defaultMessage: 'Process Name', }), sortable: true, @@ -102,9 +107,12 @@ export const Panel = memo(function Event({ className }: { className?: string }) render(name: string) { return name === '' ? ( - {i18n.translate('xpack.endpoint.resolver.panel.table.row.valueMissingDescription', { - defaultMessage: 'Value is missing', - })} + {i18n.translate( + 'xpack.siem.endpoint.resolver.panel.table.row.valueMissingDescription', + { + defaultMessage: 'Value is missing', + } + )} ) : ( name @@ -113,7 +121,7 @@ export const Panel = memo(function Event({ className }: { className?: string }) }, { field: 'timestamp', - name: i18n.translate('xpack.endpoint.resolver.panel.tabel.row.timestampTitle', { + name: i18n.translate('xpack.siem.endpoint.resolver.panel.tabel.row.timestampTitle', { defaultMessage: 'Timestamp', }), dataType: 'date', @@ -123,27 +131,30 @@ export const Panel = memo(function Event({ className }: { className?: string }) formatter.format(eventDate) ) : ( - {i18n.translate('xpack.endpoint.resolver.panel.tabel.row.timestampInvalidLabel', { - defaultMessage: 'invalid', - })} + {i18n.translate( + 'xpack.siem.endpoint.resolver.panel.tabel.row.timestampInvalidLabel', + { + defaultMessage: 'invalid', + } + )} ); }, }, { - name: i18n.translate('xpack.endpoint.resolver.panel.tabel.row.actionsTitle', { + name: i18n.translate('xpack.siem.endpoint.resolver.panel.tabel.row.actionsTitle', { defaultMessage: 'Actions', }), actions: [ { name: i18n.translate( - 'xpack.endpoint.resolver.panel.tabel.row.actions.bringIntoViewButtonLabel', + 'xpack.siem.endpoint.resolver.panel.tabel.row.actions.bringIntoViewButtonLabel', { defaultMessage: 'Bring into view', } ), description: i18n.translate( - 'xpack.endpoint.resolver.panel.tabel.row.bringIntoViewLabel', + 'xpack.siem.endpoint.resolver.panel.tabel.row.bringIntoViewLabel', { defaultMessage: 'Bring the process into view on the map.', } @@ -161,7 +172,7 @@ export const Panel = memo(function Event({ className }: { className?: string })

- {i18n.translate('xpack.endpoint.resolver.panel.title', { + {i18n.translate('xpack.siem.endpoint.resolver.panel.title', { defaultMessage: 'Processes', })}

diff --git a/x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx b/x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx new file mode 100644 index 0000000000000..18a7ba404c270 --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx @@ -0,0 +1,614 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React, { useCallback, useMemo } from 'react'; +import styled from 'styled-components'; +import { i18n } from '@kbn/i18n'; +import { + htmlIdGenerator, + EuiI18nNumber, + EuiKeyboardAccessible, + EuiFlexGroup, + EuiFlexItem, +} from '@elastic/eui'; +import { useSelector } from 'react-redux'; +import { NodeSubMenu, subMenuAssets } from './submenu'; +import { applyMatrix3 } from '../lib/vector2'; +import { + Vector2, + Matrix3, + AdjacentProcessMap, + ResolverProcessType, + RelatedEventEntryWithStatsOrWaiting, +} from '../types'; +import { SymbolIds, NamedColors } from './defs'; +import { ResolverEvent } from '../../../common/endpoint/types'; +import { useResolverDispatch } from './use_resolver_dispatch'; +import * as eventModel from '../../../common/endpoint/models/event'; +import * as processModel from '../models/process_event'; +import * as selectors from '../store/selectors'; + +const nodeAssets = { + runningProcessCube: { + cubeSymbol: `#${SymbolIds.runningProcessCube}`, + labelBackground: NamedColors.labelBackgroundRunningProcess, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.runningProcess', { + defaultMessage: 'Running Process', + }), + }, + runningTriggerCube: { + cubeSymbol: `#${SymbolIds.runningTriggerCube}`, + labelBackground: NamedColors.labelBackgroundRunningTrigger, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.runningTrigger', { + defaultMessage: 'Running Trigger', + }), + }, + terminatedProcessCube: { + cubeSymbol: `#${SymbolIds.terminatedProcessCube}`, + labelBackground: NamedColors.labelBackgroundTerminatedProcess, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.terminatedProcess', { + defaultMessage: 'Terminated Process', + }), + }, + terminatedTriggerCube: { + cubeSymbol: `#${SymbolIds.terminatedTriggerCube}`, + labelBackground: NamedColors.labelBackgroundTerminatedTrigger, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.terminatedTrigger', { + defaultMessage: 'Terminated Trigger', + }), + }, +}; + +/** + * Take a gross `schemaName` and return a beautiful translated one. + */ +const getDisplayName: (schemaName: string) => string = function nameInSchemaToDisplayName( + schemaName: string +) { + const displayNameRecord: Record = { + application: i18n.translate('xpack.siem.endpoint.resolver.applicationEventTypeDisplayName', { + defaultMessage: 'Application', + }), + apm: i18n.translate('xpack.siem.endpoint.resolver.apmEventTypeDisplayName', { + defaultMessage: 'APM', + }), + audit: i18n.translate('xpack.siem.endpoint.resolver.auditEventTypeDisplayName', { + defaultMessage: 'Audit', + }), + authentication: i18n.translate( + 'xpack.siem.endpoint.resolver.authenticationEventTypeDisplayName', + { + defaultMessage: 'Authentication', + } + ), + certificate: i18n.translate('xpack.siem.endpoint.resolver.certificateEventTypeDisplayName', { + defaultMessage: 'Certificate', + }), + cloud: i18n.translate('xpack.siem.endpoint.resolver.cloudEventTypeDisplayName', { + defaultMessage: 'Cloud', + }), + database: i18n.translate('xpack.siem.endpoint.resolver.databaseEventTypeDisplayName', { + defaultMessage: 'Database', + }), + driver: i18n.translate('xpack.siem.endpoint.resolver.driverEventTypeDisplayName', { + defaultMessage: 'Driver', + }), + email: i18n.translate('xpack.siem.endpoint.resolver.emailEventTypeDisplayName', { + defaultMessage: 'Email', + }), + file: i18n.translate('xpack.siem.endpoint.resolver.fileEventTypeDisplayName', { + defaultMessage: 'File', + }), + host: i18n.translate('xpack.siem.endpoint.resolver.hostEventTypeDisplayName', { + defaultMessage: 'Host', + }), + iam: i18n.translate('xpack.siem.endpoint.resolver.iamEventTypeDisplayName', { + defaultMessage: 'IAM', + }), + iam_group: i18n.translate('xpack.siem.endpoint.resolver.iam_groupEventTypeDisplayName', { + defaultMessage: 'IAM Group', + }), + intrusion_detection: i18n.translate( + 'xpack.siem.endpoint.resolver.intrusion_detectionEventTypeDisplayName', + { + defaultMessage: 'Intrusion Detection', + } + ), + malware: i18n.translate('xpack.siem.endpoint.resolver.malwareEventTypeDisplayName', { + defaultMessage: 'Malware', + }), + network_flow: i18n.translate('xpack.siem.endpoint.resolver.network_flowEventTypeDisplayName', { + defaultMessage: 'Network Flow', + }), + network: i18n.translate('xpack.siem.endpoint.resolver.networkEventTypeDisplayName', { + defaultMessage: 'Network', + }), + package: i18n.translate('xpack.siem.endpoint.resolver.packageEventTypeDisplayName', { + defaultMessage: 'Package', + }), + process: i18n.translate('xpack.siem.endpoint.resolver.processEventTypeDisplayName', { + defaultMessage: 'Process', + }), + registry: i18n.translate('xpack.siem.endpoint.resolver.registryEventTypeDisplayName', { + defaultMessage: 'Registry', + }), + session: i18n.translate('xpack.siem.endpoint.resolver.sessionEventTypeDisplayName', { + defaultMessage: 'Session', + }), + service: i18n.translate('xpack.siem.endpoint.resolver.serviceEventTypeDisplayName', { + defaultMessage: 'Service', + }), + socket: i18n.translate('xpack.siem.endpoint.resolver.socketEventTypeDisplayName', { + defaultMessage: 'Socket', + }), + vulnerability: i18n.translate( + 'xpack.siem.endpoint.resolver.vulnerabilityEventTypeDisplayName', + { + defaultMessage: 'Vulnerability', + } + ), + web: i18n.translate('xpack.siem.endpoint.resolver.webEventTypeDisplayName', { + defaultMessage: 'Web', + }), + alert: i18n.translate('xpack.siem.endpoint.resolver.alertEventTypeDisplayName', { + defaultMessage: 'Alert', + }), + security: i18n.translate('xpack.siem.endpoint.resolver.securityEventTypeDisplayName', { + defaultMessage: 'Security', + }), + dns: i18n.translate('xpack.siem.endpoint.resolver.dnsEventTypeDisplayName', { + defaultMessage: 'DNS', + }), + clr: i18n.translate('xpack.siem.endpoint.resolver.clrEventTypeDisplayName', { + defaultMessage: 'CLR', + }), + image_load: i18n.translate('xpack.siem.endpoint.resolver.image_loadEventTypeDisplayName', { + defaultMessage: 'Image Load', + }), + powershell: i18n.translate('xpack.siem.endpoint.resolver.powershellEventTypeDisplayName', { + defaultMessage: 'Powershell', + }), + wmi: i18n.translate('xpack.siem.endpoint.resolver.wmiEventTypeDisplayName', { + defaultMessage: 'WMI', + }), + api: i18n.translate('xpack.siem.endpoint.resolver.apiEventTypeDisplayName', { + defaultMessage: 'API', + }), + user: i18n.translate('xpack.siem.endpoint.resolver.userEventTypeDisplayName', { + defaultMessage: 'User', + }), + }; + return ( + displayNameRecord[schemaName] || + i18n.translate('xpack.siem.endpoint.resolver.userEventTypeDisplayUnknown', { + defaultMessage: 'Unknown', + }) + ); +}; + +/** + * An artifact that represents a process node and the things associated with it in the Resolver + */ +const ProcessEventDotComponents = React.memo( + ({ + className, + position, + event, + projectionMatrix, + adjacentNodeMap, + relatedEvents, + }: { + /** + * A `className` string provided by `styled` + */ + className?: string; + /** + * The positon of the process node, in 'world' coordinates. + */ + position: Vector2; + /** + * An event which contains details about the process node. + */ + event: ResolverEvent; + /** + * projectionMatrix which can be used to convert `position` to screen coordinates. + */ + projectionMatrix: Matrix3; + /** + * map of what nodes are "adjacent" to this one in "up, down, previous, next" directions + */ + adjacentNodeMap: AdjacentProcessMap; + /** + * A collection of events related to the current node and statistics (e.g. counts indexed by event type) + * to provide the user some visibility regarding the contents thereof. + */ + relatedEvents?: RelatedEventEntryWithStatsOrWaiting; + }) => { + /** + * Convert the position, which is in 'world' coordinates, to screen coordinates. + */ + const [left, top] = applyMatrix3(position, projectionMatrix); + + const [magFactorX] = projectionMatrix; + + const selfId = adjacentNodeMap.self; + + const activeDescendantId = useSelector(selectors.uiActiveDescendantId); + const selectedDescendantId = useSelector(selectors.uiSelectedDescendantId); + + const logicalProcessNodeViewWidth = 360; + const logicalProcessNodeViewHeight = 120; + /** + * The `left` and `top` values represent the 'center' point of the process node. + * Since the view has content to the left and above the 'center' point, offset the + * position to accomodate for that. This aligns the logical center of the process node + * with the correct position on the map. + */ + const processNodeViewXOffset = -0.172413 * logicalProcessNodeViewWidth * magFactorX; + const processNodeViewYOffset = -0.73684 * logicalProcessNodeViewHeight * magFactorX; + + const nodeViewportStyle = useMemo( + () => ({ + left: `${left + processNodeViewXOffset}px`, + top: `${top + processNodeViewYOffset}px`, + // Width of symbol viewport scaled to fit + width: `${logicalProcessNodeViewWidth * magFactorX}px`, + // Height according to symbol viewbox AR + height: `${logicalProcessNodeViewHeight * magFactorX}px`, + }), + [left, magFactorX, processNodeViewXOffset, processNodeViewYOffset, top] + ); + + /** + * Type in non-SVG components scales as follows: + * (These values were adjusted to match the proportions in the comps provided by UX/Design) + * 18.75 : The smallest readable font size at which labels/descriptions can be read. Font size will not scale below this. + * 12.5 : A 'slope' at which the font size will scale w.r.t. to zoom level otherwise + */ + const minimumFontSize = 18.75; + const slopeOfFontScale = 12.5; + const fontSizeAdjustmentForScale = magFactorX > 1 ? slopeOfFontScale * (magFactorX - 1) : 0; + const scaledTypeSize = minimumFontSize + fontSizeAdjustmentForScale; + + const markerBaseSize = 15; + const markerSize = markerBaseSize; + const markerPositionOffset = -markerBaseSize / 2; + + /** + * An element that should be animated when the node is clicked. + */ + const animationTarget: { + current: + | (SVGAnimationElement & { + /** + * `beginElement` is by [w3](https://www.w3.org/TR/SVG11/animate.html#__smil__ElementTimeControl__beginElement) + * but missing in [TSJS-lib-generator](https://github.com/microsoft/TSJS-lib-generator/blob/15a4678e0ef6de308e79451503e444e9949ee849/inputfiles/addedTypes.json#L1819) + */ + beginElement: () => void; + }) + | null; + } = React.createRef(); + const { cubeSymbol, labelBackground, descriptionText } = nodeAssets[nodeType(event)]; + const resolverNodeIdGenerator = useMemo(() => htmlIdGenerator('resolverNode'), []); + + const nodeId = useMemo(() => resolverNodeIdGenerator(selfId), [ + resolverNodeIdGenerator, + selfId, + ]); + const labelId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); + const descriptionId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); + const isActiveDescendant = nodeId === activeDescendantId; + const isSelectedDescendant = nodeId === selectedDescendantId; + + const dispatch = useResolverDispatch(); + + const handleFocus = useCallback(() => { + dispatch({ + type: 'userFocusedOnResolverNode', + payload: { + nodeId, + }, + }); + }, [dispatch, nodeId]); + + const handleClick = useCallback(() => { + if (animationTarget.current !== null) { + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (animationTarget.current as any).beginElement(); + } + dispatch({ + type: 'userSelectedResolverNode', + payload: { + nodeId, + }, + }); + }, [animationTarget, dispatch, nodeId]); + + const handleRelatedEventRequest = useCallback(() => { + dispatch({ + type: 'userRequestedRelatedEventData', + payload: event, + }); + }, [dispatch, event]); + + const handleRelatedAlertsRequest = useCallback(() => { + dispatch({ + type: 'userSelectedRelatedAlerts', + payload: event, + }); + }, [dispatch, event]); + /** + * Enumerates the stats for related events to display with the node as options, + * generally in the form `number of related events in category` `category title` + * e.g. "10 DNS", "230 File" + */ + const relatedEventOptions = useMemo(() => { + if (relatedEvents === 'error') { + // Return an empty set of options if there was an error requesting them + return []; + } + const relatedStats = typeof relatedEvents === 'object' && relatedEvents.stats; + if (!relatedStats) { + // Return an empty set of options if there are no stats to report + return []; + } + // If we have entries to show, map them into options to display in the selectable list + return Object.entries(relatedStats).map(statsEntry => { + const displayName = getDisplayName(statsEntry[0]); + return { + prefix: , + optionTitle: `${displayName}`, + action: () => { + dispatch({ + type: 'userSelectedRelatedEventCategory', + payload: { + subject: event, + category: statsEntry[0], + }, + }); + }, + }; + }); + }, [relatedEvents, dispatch, event]); + + const relatedEventStatusOrOptions = (() => { + if (!relatedEvents) { + // If related events have not yet been requested + return subMenuAssets.initialMenuStatus; + } + if (relatedEvents === 'error') { + // If there was an error when we tried to request the events + return subMenuAssets.menuError; + } + if (relatedEvents === 'waitingForRelatedEventData') { + // If we're waiting for events to be returned + // Pass on the waiting symbol + return relatedEvents; + } + return relatedEventOptions; + })(); + + /* eslint-disable jsx-a11y/click-events-have-key-events */ + /** + * Key event handling (e.g. 'Enter'/'Space') is provisioned by the `EuiKeyboardAccessible` component + */ + return ( + +
+ + + + + + + + +
+
+ {descriptionText} +
+
= 2 ? 'euiButton' : 'euiButton euiButton--small'} + data-test-subject="nodeLabel" + id={labelId} + style={{ + backgroundColor: labelBackground, + padding: '.15rem 0', + textAlign: 'center', + maxWidth: '20rem', + minWidth: '12rem', + width: '60%', + overflow: 'hidden', + whiteSpace: 'nowrap', + textOverflow: 'ellipsis', + contain: 'content', + margin: '.25rem 0 .35rem 0', + }} + > + + + {eventModel.eventName(event)} + + +
+ {magFactorX >= 2 && ( + + + + + + + + + )} +
+
+
+ ); + /* eslint-enable jsx-a11y/click-events-have-key-events */ + } +); + +ProcessEventDotComponents.displayName = 'ProcessEventDot'; + +export const ProcessEventDot = styled(ProcessEventDotComponents)` + position: absolute; + text-align: left; + font-size: 10px; + user-select: none; + box-sizing: border-box; + border-radius: 10%; + white-space: nowrap; + will-change: left, top, width, height; + contain: layout; + min-width: 280px; + min-height: 90px; + overflow-y: visible; + + //dasharray & dashoffset should be equal to "pull" the stroke back + //when it is transitioned. + //The value is tuned to look good when animated, but to preserve + //the effect, it should always be _at least_ the length of the stroke + & .backing { + stroke-dasharray: 500; + stroke-dashoffset: 500; + } + &[aria-current] .backing { + transition-property: stroke-dashoffset; + transition-duration: 1s; + stroke-dashoffset: 0; + } + + & .related-dropdown { + width: 4.5em; + } + & .euiSelectableList-bordered { + border-top-right-radius: 0px; + border-top-left-radius: 0px; + } + & .euiSelectableListItem { + background-color: black; + } + & .euiSelectableListItem path { + fill: white; + } + & .euiSelectableListItem__text { + color: white; + } +`; + +const processTypeToCube: Record = { + processCreated: 'runningProcessCube', + processRan: 'runningProcessCube', + processTerminated: 'terminatedProcessCube', + unknownProcessEvent: 'runningProcessCube', + processCausedAlert: 'runningTriggerCube', + unknownEvent: 'runningProcessCube', +}; + +function nodeType(processEvent: ResolverEvent): keyof typeof nodeAssets { + const processType = processModel.eventType(processEvent); + + if (processType in processTypeToCube) { + return processTypeToCube[processType]; + } + return 'runningProcessCube'; +} diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_context.ts b/x-pack/plugins/siem/public/resolver/view/side_effect_context.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_context.ts rename to x-pack/plugins/siem/public/resolver/view/side_effect_context.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_simulator.ts b/x-pack/plugins/siem/public/resolver/view/side_effect_simulator.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_simulator.ts rename to x-pack/plugins/siem/public/resolver/view/side_effect_simulator.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/submenu.tsx b/x-pack/plugins/siem/public/resolver/view/submenu.tsx similarity index 51% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/submenu.tsx rename to x-pack/plugins/siem/public/resolver/view/submenu.tsx index 9f6427d801ce4..cdcce5d23c0c3 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/submenu.tsx +++ b/x-pack/plugins/siem/public/resolver/view/submenu.tsx @@ -1,178 +1,182 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { i18n } from '@kbn/i18n'; -import React, { ReactNode, useState, useMemo, useCallback } from 'react'; -import { EuiSelectable, EuiButton } from '@elastic/eui'; -import styled from 'styled-components'; - -/** - * i18n-translated titles for submenus and identifiers for display of states: - * initialMenuStatus: submenu before it has been opened / requested data - * menuError: if the submenu requested data, but received an error - */ -export const subMenuAssets = { - initialMenuStatus: i18n.translate('xpack.endpoint.resolver.relatedNotRetrieved', { - defaultMessage: 'Related Events have not yet been retrieved.', - }), - menuError: i18n.translate('xpack.endpoint.resolver.relatedRetrievalError', { - defaultMessage: 'There was an error retrieving related events.', - }), - relatedAlerts: { - title: i18n.translate('xpack.endpoint.resolver.relatedAlerts', { - defaultMessage: 'Related Alerts', - }), - }, - relatedEvents: { - title: i18n.translate('xpack.endpoint.resolver.relatedEvents', { - defaultMessage: 'Events', - }), - }, -}; - -interface ResolverSubmenuOption { - optionTitle: string; - action: () => unknown; - prefix?: number | JSX.Element; -} - -export type ResolverSubmenuOptionList = ResolverSubmenuOption[] | string; - -const OptionList = React.memo( - ({ - subMenuOptions, - isLoading, - }: { - subMenuOptions: ResolverSubmenuOptionList; - isLoading: boolean; - }) => { - const [options, setOptions] = useState(() => - typeof subMenuOptions !== 'object' - ? [] - : subMenuOptions.map((opt: ResolverSubmenuOption): { - label: string; - prepend?: ReactNode; - } => { - return opt.prefix - ? { - label: opt.optionTitle, - prepend: {opt.prefix} , - } - : { - label: opt.optionTitle, - prepend: , - }; - }) - ); - return useMemo( - () => ( - { - setOptions(newOptions); - }} - listProps={{ showIcons: true, bordered: true }} - isLoading={isLoading} - > - {list => list} - - ), - [isLoading, options] - ); - } -); - -/** - * A Submenu to be displayed in one of two forms: - * 1) Provided a collection of `optionsWithActions`: it will call `menuAction` then - if and when menuData becomes available - display each item with an optional prefix and call the supplied action for the options when that option is clicked. - * 2) Provided `optionsWithActions` is undefined, it will call the supplied `menuAction` when its host button is clicked. - */ -export const NodeSubMenu = styled( - React.memo( - ({ - menuTitle, - menuAction, - optionsWithActions, - className, - }: { menuTitle: string; className?: string; menuAction: () => unknown } & { - optionsWithActions?: ResolverSubmenuOptionList | string | undefined; - }) => { - const [menuIsOpen, setMenuOpen] = useState(false); - const handleMenuOpenClick = useCallback( - (clickEvent: React.MouseEvent) => { - // stopping propagation/default to prevent other node animations from triggering - clickEvent.preventDefault(); - clickEvent.stopPropagation(); - setMenuOpen(!menuIsOpen); - }, - [menuIsOpen] - ); - const handleMenuActionClick = useCallback( - (clickEvent: React.MouseEvent) => { - // stopping propagation/default to prevent other node animations from triggering - clickEvent.preventDefault(); - clickEvent.stopPropagation(); - if (typeof menuAction === 'function') menuAction(); - setMenuOpen(true); - }, - [menuAction] - ); - - const isMenuLoading = optionsWithActions === 'waitingForRelatedEventData'; - - if (!optionsWithActions) { - /** - * When called with a `menuAction` - * Render without dropdown and call the supplied action when host button is clicked - */ - return ( -
- - {menuTitle} - -
- ); - } - /** - * When called with a set of `optionsWithActions`: - * Render with a panel of options that appear when the menu host button is clicked - */ - return ( -
- - {menuTitle} - - {menuIsOpen && typeof optionsWithActions === 'object' && ( - - )} -
- ); - } - ) -)` - margin: 0; - padding: 0; - border: none; - display: flex; - flex-flow: column; - &.is-open .euiButton { - border-bottom-left-radius: 0; - border-bottom-right-radius: 0; - } - &.is-open .euiSelectableListItem__prepend { - color: white; - } -`; +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import React, { ReactNode, useState, useMemo, useCallback } from 'react'; +import { EuiSelectable, EuiButton } from '@elastic/eui'; +import styled from 'styled-components'; + +/** + * i18n-translated titles for submenus and identifiers for display of states: + * initialMenuStatus: submenu before it has been opened / requested data + * menuError: if the submenu requested data, but received an error + */ +export const subMenuAssets = { + initialMenuStatus: i18n.translate('xpack.siem.endpoint.resolver.relatedNotRetrieved', { + defaultMessage: 'Related Events have not yet been retrieved.', + }), + menuError: i18n.translate('xpack.siem.endpoint.resolver.relatedRetrievalError', { + defaultMessage: 'There was an error retrieving related events.', + }), + relatedAlerts: { + title: i18n.translate('xpack.siem.endpoint.resolver.relatedAlerts', { + defaultMessage: 'Related Alerts', + }), + }, + relatedEvents: { + title: i18n.translate('xpack.siem.endpoint.resolver.relatedEvents', { + defaultMessage: 'Events', + }), + }, +}; + +interface ResolverSubmenuOption { + optionTitle: string; + action: () => unknown; + prefix?: number | JSX.Element; +} + +export type ResolverSubmenuOptionList = ResolverSubmenuOption[] | string; + +const OptionList = React.memo( + ({ + subMenuOptions, + isLoading, + }: { + subMenuOptions: ResolverSubmenuOptionList; + isLoading: boolean; + }) => { + const [options, setOptions] = useState(() => + typeof subMenuOptions !== 'object' + ? [] + : subMenuOptions.map((opt: ResolverSubmenuOption): { + label: string; + prepend?: ReactNode; + } => { + return opt.prefix + ? { + label: opt.optionTitle, + prepend: {opt.prefix} , + } + : { + label: opt.optionTitle, + prepend: , + }; + }) + ); + return useMemo( + () => ( + { + setOptions(newOptions); + }} + listProps={{ showIcons: true, bordered: true }} + isLoading={isLoading} + > + {list => list} + + ), + [isLoading, options] + ); + } +); + +OptionList.displayName = 'OptionList'; + +/** + * A Submenu to be displayed in one of two forms: + * 1) Provided a collection of `optionsWithActions`: it will call `menuAction` then - if and when menuData becomes available - display each item with an optional prefix and call the supplied action for the options when that option is clicked. + * 2) Provided `optionsWithActions` is undefined, it will call the supplied `menuAction` when its host button is clicked. + */ +const NodeSubMenuComponents = React.memo( + ({ + menuTitle, + menuAction, + optionsWithActions, + className, + }: { menuTitle: string; className?: string; menuAction: () => unknown } & { + optionsWithActions?: ResolverSubmenuOptionList | string | undefined; + }) => { + const [menuIsOpen, setMenuOpen] = useState(false); + const handleMenuOpenClick = useCallback( + (clickEvent: React.MouseEvent) => { + // stopping propagation/default to prevent other node animations from triggering + clickEvent.preventDefault(); + clickEvent.stopPropagation(); + setMenuOpen(!menuIsOpen); + }, + [menuIsOpen] + ); + const handleMenuActionClick = useCallback( + (clickEvent: React.MouseEvent) => { + // stopping propagation/default to prevent other node animations from triggering + clickEvent.preventDefault(); + clickEvent.stopPropagation(); + if (typeof menuAction === 'function') menuAction(); + setMenuOpen(true); + }, + [menuAction] + ); + + const isMenuLoading = optionsWithActions === 'waitingForRelatedEventData'; + + if (!optionsWithActions) { + /** + * When called with a `menuAction` + * Render without dropdown and call the supplied action when host button is clicked + */ + return ( +
+ + {menuTitle} + +
+ ); + } + /** + * When called with a set of `optionsWithActions`: + * Render with a panel of options that appear when the menu host button is clicked + */ + return ( +
+ + {menuTitle} + + {menuIsOpen && typeof optionsWithActions === 'object' && ( + + )} +
+ ); + } +); + +NodeSubMenuComponents.displayName = 'NodeSubMenu'; + +export const NodeSubMenu = styled(NodeSubMenuComponents)` + margin: 0; + padding: 0; + border: none; + display: flex; + flex-flow: column; + &.is-open .euiButton { + border-bottom-left-radius: 0; + border-bottom-right-radius: 0; + } + &.is-open .euiSelectableListItem__prepend { + color: white; + } +`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.test.tsx b/x-pack/plugins/siem/public/resolver/view/use_camera.test.tsx similarity index 99% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.test.tsx rename to x-pack/plugins/siem/public/resolver/view/use_camera.test.tsx index 63f47396d4479..f8aa4fbca3291 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.test.tsx +++ b/x-pack/plugins/siem/public/resolver/view/use_camera.test.tsx @@ -12,7 +12,7 @@ import { Provider } from 'react-redux'; import * as selectors from '../store/selectors'; import { storeFactory } from '../store'; import { Matrix3, ResolverAction, ResolverStore, SideEffectSimulator } from '../types'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; import { SideEffectContext } from './side_effect_context'; import { applyMatrix3 } from '../lib/vector2'; import { sideEffectSimulator } from './side_effect_simulator'; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.ts b/x-pack/plugins/siem/public/resolver/view/use_camera.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.ts rename to x-pack/plugins/siem/public/resolver/view/use_camera.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_resolver_dispatch.ts b/x-pack/plugins/siem/public/resolver/view/use_resolver_dispatch.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/use_resolver_dispatch.ts rename to x-pack/plugins/siem/public/resolver/view/use_resolver_dispatch.ts diff --git a/x-pack/plugins/siem/public/types.ts b/x-pack/plugins/siem/public/types.ts new file mode 100644 index 0000000000000..6c338d47cf63c --- /dev/null +++ b/x-pack/plugins/siem/public/types.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { CoreStart } from '../../../../src/core/public'; + +import { HomePublicPluginSetup } from '../../../../src/plugins/home/public'; +import { DataPublicPluginStart } from '../../../../src/plugins/data/public'; +import { EmbeddableStart } from '../../../../src/plugins/embeddable/public'; +import { Start as NewsfeedStart } from '../../../../src/plugins/newsfeed/public'; +import { Start as InspectorStart } from '../../../../src/plugins/inspector/public'; +import { UiActionsStart } from '../../../../src/plugins/ui_actions/public'; +import { UsageCollectionSetup } from '../../../../src/plugins/usage_collection/public'; +import { IngestManagerStart } from '../../ingest_manager/public'; +import { + TriggersAndActionsUIPublicPluginSetup as TriggersActionsSetup, + TriggersAndActionsUIPublicPluginStart as TriggersActionsStart, +} from '../../triggers_actions_ui/public'; +import { SecurityPluginSetup } from '../../security/public'; + +export interface SetupPlugins { + home: HomePublicPluginSetup; + security: SecurityPluginSetup; + triggers_actions_ui: TriggersActionsSetup; + usageCollection?: UsageCollectionSetup; +} + +export interface StartPlugins { + data: DataPublicPluginStart; + embeddable: EmbeddableStart; + inspector: InspectorStart; + ingestManager: IngestManagerStart; + newsfeed?: NewsfeedStart; + triggers_actions_ui: TriggersActionsStart; + uiActions: UiActionsStart; +} + +export type StartServices = CoreStart & + StartPlugins & { + security: SecurityPluginSetup; + }; + +// eslint-disable-next-line @typescript-eslint/no-empty-interface +export interface PluginSetup {} +// eslint-disable-next-line @typescript-eslint/no-empty-interface +export interface PluginStart {} diff --git a/x-pack/plugins/endpoint/scripts/README.md b/x-pack/plugins/siem/scripts/endpoint/README.md similarity index 97% rename from x-pack/plugins/endpoint/scripts/README.md rename to x-pack/plugins/siem/scripts/endpoint/README.md index f0c8c5a9b0b66..84e92d8c397e1 100644 --- a/x-pack/plugins/endpoint/scripts/README.md +++ b/x-pack/plugins/siem/scripts/endpoint/README.md @@ -11,7 +11,7 @@ Example command sequence to get ES and kibana running with sample data after ins ```yarn es snapshot``` -> starts ES -```npx yarn start --xpack.endpoint.enabled=true --no-base-path``` -> starts kibana +```npx yarn start --xpack.siem.endpoint.enabled=true --no-base-path``` -> starts kibana ```cd ~/path/to/kibana/x-pack/plugins/endpoint``` diff --git a/x-pack/plugins/endpoint/scripts/alert_mapping.json b/x-pack/plugins/siem/scripts/endpoint/alert_mapping.json similarity index 100% rename from x-pack/plugins/endpoint/scripts/alert_mapping.json rename to x-pack/plugins/siem/scripts/endpoint/alert_mapping.json diff --git a/x-pack/plugins/endpoint/scripts/cli_tsconfig.json b/x-pack/plugins/siem/scripts/endpoint/cli_tsconfig.json similarity index 68% rename from x-pack/plugins/endpoint/scripts/cli_tsconfig.json rename to x-pack/plugins/siem/scripts/endpoint/cli_tsconfig.json index 25afe109a42ea..5c68f8ee0abf2 100644 --- a/x-pack/plugins/endpoint/scripts/cli_tsconfig.json +++ b/x-pack/plugins/siem/scripts/endpoint/cli_tsconfig.json @@ -1,8 +1,7 @@ { - "extends": "../../../tsconfig.json", + "extends": "../../../../tsconfig.json", "compilerOptions": { "target": "es2019", "resolveJsonModule": true } } - \ No newline at end of file diff --git a/x-pack/plugins/endpoint/scripts/event_mapping.json b/x-pack/plugins/siem/scripts/endpoint/event_mapping.json similarity index 100% rename from x-pack/plugins/endpoint/scripts/event_mapping.json rename to x-pack/plugins/siem/scripts/endpoint/event_mapping.json diff --git a/x-pack/plugins/endpoint/scripts/policy_mapping.json b/x-pack/plugins/siem/scripts/endpoint/policy_mapping.json similarity index 100% rename from x-pack/plugins/endpoint/scripts/policy_mapping.json rename to x-pack/plugins/siem/scripts/endpoint/policy_mapping.json diff --git a/x-pack/plugins/endpoint/scripts/resolver_generator.ts b/x-pack/plugins/siem/scripts/endpoint/resolver_generator.ts similarity index 93% rename from x-pack/plugins/endpoint/scripts/resolver_generator.ts rename to x-pack/plugins/siem/scripts/endpoint/resolver_generator.ts index 30752877db824..68d578173719c 100644 --- a/x-pack/plugins/endpoint/scripts/resolver_generator.ts +++ b/x-pack/plugins/siem/scripts/endpoint/resolver_generator.ts @@ -7,7 +7,7 @@ import * as yargs from 'yargs'; import seedrandom from 'seedrandom'; import { Client, ClientOptions } from '@elastic/elasticsearch'; import { ResponseError } from '@elastic/elasticsearch/lib/errors'; -import { EndpointDocGenerator, Event } from '../common/generate_data'; +import { EndpointDocGenerator, Event } from '../../common/endpoint/generate_data'; import { default as eventMapping } from './event_mapping.json'; import { default as alertMapping } from './alert_mapping.json'; import { default as policyMapping } from './policy_mapping.json'; @@ -142,6 +142,7 @@ async function main() { if (err instanceof ResponseError && err.statusCode !== 404) { // eslint-disable-next-line no-console console.log(err); + // eslint-disable-next-line no-process-exit process.exit(1); } } @@ -173,6 +174,7 @@ async function main() { } catch (err) { // eslint-disable-next-line no-console console.log(err); + // eslint-disable-next-line no-process-exit process.exit(1); } @@ -180,6 +182,7 @@ async function main() { await createIndex(client, argv.eventIndex, eventMapping); await createIndex(client, argv.policyIndex, policyMapping); if (argv.setupOnly) { + // eslint-disable-next-line no-process-exit process.exit(0); } @@ -187,7 +190,7 @@ async function main() { if (!seed) { seed = Math.random().toString(); // eslint-disable-next-line no-console - console.log('No seed supplied, using random seed: ' + seed); + console.log(`No seed supplied, using random seed: ${seed}`); } const random = seedrandom(seed); for (let i = 0; i < argv.numHosts; i++) { @@ -229,6 +232,7 @@ async function main() { k++; } const body = resolverDocs.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (array: Array>, doc) => ( array.push({ index: { _index: argv.eventIndex } }, doc), array ), @@ -240,6 +244,7 @@ async function main() { } } +// eslint-disable-next-line @typescript-eslint/no-explicit-any async function createIndex(client: Client, index: string, mapping: any) { try { await client.indices.create({ @@ -253,6 +258,7 @@ async function createIndex(client: Client, index: string, mapping: any) { ) { // eslint-disable-next-line no-console console.log(err.body); + // eslint-disable-next-line no-process-exit process.exit(1); } } diff --git a/x-pack/plugins/siem/server/config.ts b/x-pack/plugins/siem/server/config.ts index 4b0e8d34ef1a0..f7d961ae3ec5c 100644 --- a/x-pack/plugins/siem/server/config.ts +++ b/x-pack/plugins/siem/server/config.ts @@ -16,6 +16,19 @@ export const configSchema = schema.object({ maxTimelineImportExportSize: schema.number({ defaultValue: 10000 }), maxTimelineImportPayloadBytes: schema.number({ defaultValue: 10485760 }), [SIGNALS_INDEX_KEY]: schema.string({ defaultValue: DEFAULT_SIGNALS_INDEX }), + /** + * Host Endpoint Configuration + */ + endpointResultListDefaultFirstPageIndex: schema.number({ defaultValue: 0 }), + endpointResultListDefaultPageSize: schema.number({ defaultValue: 10 }), + + /** + * Alert Endpoint Configuration + */ + alertResultListDefaultDateRange: schema.object({ + from: schema.string({ defaultValue: 'now-15m' }), + to: schema.string({ defaultValue: 'now' }), + }), }); export const createConfig$ = (context: PluginInitializerContext) => diff --git a/x-pack/plugins/endpoint/server/routes/alerts/alerts.test.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/alerts.test.ts similarity index 89% rename from x-pack/plugins/endpoint/server/routes/alerts/alerts.test.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/alerts.test.ts index 1124c977ff924..37bf4bbfcbbb2 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/alerts.test.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/alerts.test.ts @@ -8,12 +8,12 @@ import { elasticsearchServiceMock, httpServiceMock, loggingServiceMock, -} from '../../../../../../src/core/server/mocks'; -import { registerAlertRoutes } from './index'; -import { EndpointConfigSchema } from '../../config'; -import { alertingIndexGetQuerySchema } from '../../../common/schema/alert_index'; +} from '../../../../../../../src/core/server/mocks'; +import { registerAlertRoutes } from '../routes'; +import { alertingIndexGetQuerySchema } from '../../../../common/endpoint_alerts/schema/alert_index'; import { createMockAgentService, createMockIndexPatternRetriever } from '../../mocks'; import { EndpointAppContextService } from '../../endpoint_app_context_services'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('test alerts route', () => { let routerMock: jest.Mocked; @@ -36,7 +36,7 @@ describe('test alerts route', () => { registerAlertRoutes(routerMock, { logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); }); diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/handlers.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/index.ts similarity index 89% rename from x-pack/plugins/endpoint/server/routes/alerts/details/handlers.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/details/index.ts index ab6d1850e425d..a829cdd14027c 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/handlers.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/index.ts @@ -5,11 +5,11 @@ */ import { GetResponse } from 'elasticsearch'; import { KibanaRequest, RequestHandler } from 'kibana/server'; -import { AlertEvent } from '../../../../common/types'; +import { AlertEvent } from '../../../../../common/endpoint/types'; import { EndpointAppContext } from '../../../types'; -import { AlertDetailsRequestParams } from '../types'; -import { AlertDetailsPagination } from './lib'; -import { getHostData } from '../../metadata'; +import { AlertDetailsRequestParams } from '../../../../../common/endpoint_alerts/types'; +import { AlertDetailsPagination } from './lib/pagination'; +import { getHostData } from '../../../routes/metadata'; import { AlertId, AlertIdError } from '../lib'; export const alertDetailsHandlerWrapper = function( diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/pagination.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/lib/pagination.ts similarity index 81% rename from x-pack/plugins/endpoint/server/routes/alerts/details/lib/pagination.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/details/lib/pagination.ts index 5c95b1217d829..e12bd9e4c8de9 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/lib/pagination.ts @@ -5,14 +5,20 @@ */ import { GetResponse, SearchResponse } from 'elasticsearch'; -import { AlertEvent, AlertHits, AlertAPIOrdering } from '../../../../../common/types'; -import { AlertConstants } from '../../../../../common/alert_constants'; +import { AlertEvent } from '../../../../../../common/endpoint/types'; +import { + AlertHits, + AlertAPIOrdering, + AlertSearchQuery, + SearchCursor, + AlertDetailsRequestParams, +} from '../../../../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../../../../common/endpoint_alerts/alert_constants'; import { EndpointConfigType } from '../../../../config'; import { searchESForAlerts, Pagination, AlertId } from '../../lib'; -import { AlertSearchQuery, SearchCursor, AlertDetailsRequestParams } from '../../types'; -import { BASE_ALERTS_ROUTE } from '../..'; -import { RequestHandlerContext } from '../../../../../../../../src/core/server'; -import { Filter } from '../../../../../../../../src/plugins/data/server'; +import { BASE_ALERTS_ROUTE } from '../../../routes'; +import { RequestHandlerContext } from '../../../../../../../../../src/core/server'; +import { Filter } from '../../../../../../../../../src/plugins/data/server'; /** * Pagination class for alert details. diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/schemas.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/schemas.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/alerts/details/schemas.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/details/schemas.ts diff --git a/x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts new file mode 100644 index 0000000000000..cb40be586560f --- /dev/null +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Logger, RequestHandler } from 'kibana/server'; +import { EndpointAppContext } from '../../types'; +import { IndexPatternGetParamsResult } from '../../../../common/endpoint_alerts/types'; + +export function handleIndexPattern( + log: Logger, + endpointAppContext: EndpointAppContext +): RequestHandler { + return async (context, req, res) => { + try { + const indexRetriever = endpointAppContext.service.getIndexPatternRetriever(); + return res.ok({ + body: { + indexPattern: await indexRetriever.getIndexPattern(context, req.params.datasetPath), + }, + }); + } catch (error) { + log.warn(error); + return res.notFound({ body: error }); + } + }; +} diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/alert_id.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/alert_id.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/alert_id.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/alert_id.ts diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/error.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/error.ts similarity index 82% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/error.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/error.ts index 7b00634b25c9c..1ba92c64d3cde 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/lib/error.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/error.ts @@ -5,6 +5,7 @@ */ export class AlertIdError extends Error { + // eslint-disable-next-line @typescript-eslint/no-useless-constructor constructor(message: string) { super(message); } diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/index.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/index.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/index.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/index.ts index 1c98e3c615669..4f0a7ba2450dc 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/lib/index.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/index.ts @@ -5,17 +5,18 @@ */ import { SearchResponse } from 'elasticsearch'; import { IScopedClusterClient } from 'kibana/server'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; -import { esQuery } from '../../../../../../../src/plugins/data/server'; -import { AlertEvent, AlertAPIOrdering } from '../../../../common/types'; -import { AlertConstants } from '../../../../common/alert_constants'; +import { AlertEvent } from '../../../../../common/endpoint/types'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; +import { esQuery } from '../../../../../../../../src/plugins/data/server'; import { + AlertAPIOrdering, AlertSearchQuery, AlertSearchRequest, AlertSearchRequestWrapper, AlertSort, UndefinedResultPosition, -} from '../types'; +} from '../../../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../../../common/endpoint_alerts/alert_constants'; export { AlertIdError } from './error'; export { Pagination } from './pagination'; @@ -40,7 +41,7 @@ function buildQuery(query: AlertSearchQuery): JsonObject { ? [ { range: { - ['@timestamp']: { + '@timestamp': { gte: query.dateRange.from, lte: query.dateRange.to, }, diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/pagination.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/pagination.ts similarity index 89% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/pagination.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/pagination.ts index fc408878f8956..d0ca493bf7183 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/lib/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/pagination.ts @@ -5,7 +5,7 @@ */ import { EndpointConfigType } from '../../../config'; -import { RequestHandlerContext } from '../../../../../../../src/core/server'; +import { RequestHandlerContext } from '../../../../../../../../src/core/server'; /** * Abstract Pagination class for determining next/prev urls, diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/handlers.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/index.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/alerts/list/handlers.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/list/index.ts index 44a0cf8744a9e..ebea12191ef10 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/handlers.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/index.ts @@ -7,7 +7,7 @@ import { RequestHandler } from 'kibana/server'; import { EndpointAppContext } from '../../../types'; import { searchESForAlerts } from '../lib'; import { getRequestData, mapToAlertResultList } from './lib'; -import { AlertingIndexGetQueryResult } from '../../../../common/types'; +import { AlertingIndexGetQueryResult } from '../../../../../common/endpoint_alerts/types'; export const alertListHandlerWrapper = function( endpointAppContext: EndpointAppContext diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/index.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/index.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/alerts/list/lib/index.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/index.ts index 0af8f6cf792dd..18e38280c7a0d 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/index.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/index.ts @@ -7,18 +7,18 @@ import { decode } from 'rison-node'; import { SearchResponse } from 'elasticsearch'; import { KibanaRequest } from 'kibana/server'; import { RequestHandlerContext } from 'src/core/server'; -import { Query, Filter, TimeRange } from '../../../../../../../../src/plugins/data/server'; +import { AlertEvent } from '../../../../../../common/endpoint/types'; +import { Query, Filter, TimeRange } from '../../../../../../../../../src/plugins/data/server'; import { - AlertEvent, AlertData, AlertResultList, AlertHits, ESTotal, AlertingIndexGetQueryResult, -} from '../../../../../common/types'; -import { AlertConstants } from '../../../../../common/alert_constants'; + AlertSearchQuery, +} from '../../../../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../../../../common/endpoint_alerts/alert_constants'; import { EndpointAppContext } from '../../../../types'; -import { AlertSearchQuery } from '../../types'; import { AlertListPagination } from './pagination'; import { AlertId } from '../../lib'; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/pagination.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/pagination.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/alerts/list/lib/pagination.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/pagination.ts index 7bebe3d9288c3..0a831714275ee 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/pagination.ts @@ -7,11 +7,10 @@ import { get } from 'lodash'; import { RisonValue, encode } from 'rison-node'; import { RequestHandlerContext } from 'src/core/server'; -import { AlertHits } from '../../../../../common/types'; +import { AlertHits, AlertSearchQuery } from '../../../../../../common/endpoint_alerts/types'; import { EndpointConfigType } from '../../../../config'; -import { AlertSearchQuery } from '../../types'; -import { Pagination } from '../../lib'; -import { BASE_ALERTS_ROUTE } from '../..'; +import { Pagination } from '../../lib/pagination'; +import { BASE_ALERTS_ROUTE } from '../../../routes'; /** * Pagination class for alert list. diff --git a/x-pack/plugins/endpoint/server/index_pattern.ts b/x-pack/plugins/siem/server/endpoint/alerts/index_pattern.ts similarity index 91% rename from x-pack/plugins/endpoint/server/index_pattern.ts rename to x-pack/plugins/siem/server/endpoint/alerts/index_pattern.ts index f4bb1460aee4b..1cbdf96c5bcee 100644 --- a/x-pack/plugins/endpoint/server/index_pattern.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/index_pattern.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ import { Logger, LoggerFactory, RequestHandlerContext } from 'kibana/server'; -import { AlertConstants } from '../common/alert_constants'; -import { ESIndexPatternService } from '../../ingest_manager/server'; +import { AlertConstants } from '../../../common/endpoint_alerts/alert_constants'; +import { ESIndexPatternService } from '../../../../ingest_manager/server'; export interface IndexPatternRetriever { getIndexPattern(ctx: RequestHandlerContext, datasetPath: string): Promise; @@ -34,7 +34,7 @@ export class IngestIndexPatternRetriever implements IndexPatternRetriever { * @returns a string representing the index pattern (e.g. `events-endpoint-*`) */ async getEventIndexPattern(ctx: RequestHandlerContext) { - return await this.getIndexPattern(ctx, AlertConstants.EVENT_DATASET); + return this.getIndexPattern(ctx, AlertConstants.EVENT_DATASET); } /** @@ -44,7 +44,7 @@ export class IngestIndexPatternRetriever implements IndexPatternRetriever { * @returns a string representing the index pattern (e.g. `metrics-endpoint-*`) */ async getMetadataIndexPattern(ctx: RequestHandlerContext) { - return await this.getIndexPattern(ctx, IngestIndexPatternRetriever.metadataDataset); + return this.getIndexPattern(ctx, IngestIndexPatternRetriever.metadataDataset); } /** diff --git a/x-pack/plugins/endpoint/server/routes/alerts/index.ts b/x-pack/plugins/siem/server/endpoint/alerts/routes.ts similarity index 50% rename from x-pack/plugins/endpoint/server/routes/alerts/index.ts rename to x-pack/plugins/siem/server/endpoint/alerts/routes.ts index b61f90b5b17f5..07cca9e80d88b 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/index.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/routes.ts @@ -4,11 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ import { IRouter } from 'kibana/server'; -import { EndpointAppContext } from '../../types'; -import { AlertConstants } from '../../../common/alert_constants'; -import { alertListHandlerWrapper } from './list'; -import { alertDetailsHandlerWrapper, alertDetailsReqSchema } from './details'; -import { alertingIndexGetQuerySchema } from '../../../common/schema/alert_index'; +import { EndpointAppContext } from '../types'; +import { AlertConstants } from '../../../common/endpoint_alerts/alert_constants'; +import { alertListHandlerWrapper } from './handlers/list'; +import { alertDetailsHandlerWrapper } from './handlers/details'; +import { alertDetailsReqSchema } from './handlers/details/schemas'; +import { alertingIndexGetQuerySchema } from '../../../common/endpoint_alerts/schema/alert_index'; +import { indexPatternGetParamsSchema } from '../../../common/endpoint_alerts/schema/index_pattern'; +import { handleIndexPattern } from './handlers/index_pattern'; export const BASE_ALERTS_ROUTE = `${AlertConstants.BASE_API_URL}/alerts`; @@ -34,4 +37,15 @@ export function registerAlertRoutes(router: IRouter, endpointAppContext: Endpoin }, alertDetailsHandlerWrapper(endpointAppContext) ); + + const log = endpointAppContext.logFactory.get('index_pattern'); + + router.get( + { + path: `${AlertConstants.INDEX_PATTERN_ROUTE}/{datasetPath}`, + validate: { params: indexPatternGetParamsSchema }, + options: { authRequired: true }, + }, + handleIndexPattern(log, endpointAppContext) + ); } diff --git a/x-pack/plugins/endpoint/server/config.test.ts b/x-pack/plugins/siem/server/endpoint/config.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/config.test.ts rename to x-pack/plugins/siem/server/endpoint/config.test.ts diff --git a/x-pack/plugins/endpoint/server/config.ts b/x-pack/plugins/siem/server/endpoint/config.ts similarity index 100% rename from x-pack/plugins/endpoint/server/config.ts rename to x-pack/plugins/siem/server/endpoint/config.ts diff --git a/x-pack/plugins/endpoint/server/endpoint_app_context_services.test.ts b/x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/endpoint_app_context_services.test.ts rename to x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.test.ts diff --git a/x-pack/plugins/endpoint/server/endpoint_app_context_services.ts b/x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.ts similarity index 91% rename from x-pack/plugins/endpoint/server/endpoint_app_context_services.ts rename to x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.ts index b087405c7bc5b..5d74c75ebca5c 100644 --- a/x-pack/plugins/endpoint/server/endpoint_app_context_services.ts +++ b/x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.ts @@ -3,8 +3,8 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { IndexPatternRetriever } from './index_pattern'; -import { AgentService } from '../../ingest_manager/server'; +import { IndexPatternRetriever } from './alerts/index_pattern'; +import { AgentService } from '../../../ingest_manager/server'; /** * A singleton that holds shared services that are initialized during the start up phase diff --git a/x-pack/plugins/endpoint/server/mocks.ts b/x-pack/plugins/siem/server/endpoint/mocks.ts similarity index 96% rename from x-pack/plugins/endpoint/server/mocks.ts rename to x-pack/plugins/siem/server/endpoint/mocks.ts index 76a3628562a82..6260a6c630643 100644 --- a/x-pack/plugins/endpoint/server/mocks.ts +++ b/x-pack/plugins/siem/server/endpoint/mocks.ts @@ -9,8 +9,8 @@ import { RequestHandlerContext, SavedObjectsClientContract, } from 'kibana/server'; -import { AgentService, IngestManagerStartContract } from '../../ingest_manager/server'; -import { IndexPatternRetriever } from './index_pattern'; +import { AgentService, IngestManagerStartContract } from '../../../ingest_manager/server'; +import { IndexPatternRetriever } from './alerts/index_pattern'; /** * Creates a mock IndexPatternRetriever for use in tests. diff --git a/x-pack/plugins/endpoint/server/routes/metadata/index.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/index.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/metadata/index.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/index.ts index 08950930441df..983739b249596 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/index.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/index.ts @@ -9,9 +9,14 @@ import { SearchResponse } from 'elasticsearch'; import { schema } from '@kbn/config-schema'; import { getESQueryHostMetadataByID, kibanaRequestToMetadataListESQuery } from './query_builders'; -import { HostInfo, HostMetadata, HostResultList, HostStatus } from '../../../common/types'; +import { + HostInfo, + HostMetadata, + HostResultList, + HostStatus, +} from '../../../../common/endpoint/types'; import { EndpointAppContext } from '../../types'; -import { AgentStatus } from '../../../../ingest_manager/common/types/models'; +import { AgentStatus } from '../../../../../ingest_manager/common/types/models'; interface HitSource { _source: HostMetadata; @@ -130,10 +135,11 @@ export async function getHostData( return undefined; } - return await enrichHostMetadata(response.hits.hits[0]._source, metadataRequestContext); + return enrichHostMetadata(response.hits.hits[0]._source, metadataRequestContext); } async function mapToHostResultList( + // eslint-disable-next-line @typescript-eslint/no-explicit-any queryParams: Record, searchResponse: SearchResponse, metadataRequestContext: MetadataRequestContext diff --git a/x-pack/plugins/endpoint/server/routes/metadata/metadata.test.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/metadata.test.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/metadata/metadata.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/metadata.test.ts index 5415ebcae31c4..b2f5866a3ae7d 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/metadata.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/metadata.test.ts @@ -18,20 +18,25 @@ import { httpServiceMock, loggingServiceMock, savedObjectsClientMock, -} from '../../../../../../src/core/server/mocks'; -import { HostInfo, HostMetadata, HostResultList, HostStatus } from '../../../common/types'; +} from '../../../../../../../src/core/server/mocks'; +import { + HostInfo, + HostMetadata, + HostResultList, + HostStatus, +} from '../../../../common/endpoint/types'; import { SearchResponse } from 'elasticsearch'; import { registerEndpointRoutes } from './index'; -import { EndpointConfigSchema } from '../../config'; import * as data from '../../test_data/all_metadata_data.json'; import { createMockAgentService, createMockMetadataIndexPatternRetriever, createRouteHandlerContext, } from '../../mocks'; -import { AgentService } from '../../../../ingest_manager/server'; +import { AgentService } from '../../../../../ingest_manager/server'; import Boom from 'boom'; import { EndpointAppContextService } from '../../endpoint_app_context_services'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('test endpoint route', () => { let routerMock: jest.Mocked; @@ -39,7 +44,9 @@ describe('test endpoint route', () => { let mockClusterClient: jest.Mocked; let mockScopedClient: jest.Mocked; let mockSavedObjectClient: jest.Mocked; + // eslint-disable-next-line @typescript-eslint/no-explicit-any let routeHandler: RequestHandler; + // eslint-disable-next-line @typescript-eslint/no-explicit-any let routeConfig: RouteConfig; let mockAgentService: jest.Mocked; let endpointAppContextService: EndpointAppContextService; @@ -63,7 +70,7 @@ describe('test endpoint route', () => { registerEndpointRoutes(routerMock, { logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); }); @@ -235,6 +242,7 @@ describe('test endpoint route', () => { it('should return a single endpoint with status online', async () => { const mockRequest = httpServerMock.createKibanaRequest({ + // eslint-disable-next-line @typescript-eslint/no-explicit-any params: { id: (data as any).hits.hits[0]._id }, }); const response: SearchResponse = (data as unknown) as SearchResponse< diff --git a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.test.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.test.ts similarity index 91% rename from x-pack/plugins/endpoint/server/routes/metadata/query_builders.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.test.ts index 28bac2fa10e0c..7fa5a8b13db3d 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.test.ts @@ -3,11 +3,11 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { httpServerMock, loggingServiceMock } from '../../../../../../src/core/server/mocks'; -import { EndpointConfigSchema } from '../../config'; +import { httpServerMock, loggingServiceMock } from '../../../../../../../src/core/server/mocks'; import { kibanaRequestToMetadataListESQuery, getESQueryHostMetadataByID } from './query_builders'; import { MetadataIndexPattern } from '../../mocks'; import { EndpointAppContextService } from '../../endpoint_app_context_services'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('query builder', () => { describe('MetadataListESQuery', () => { @@ -20,7 +20,7 @@ describe('query builder', () => { { logFactory: loggingServiceMock.create(), service: new EndpointAppContextService(), - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }, MetadataIndexPattern ); @@ -55,6 +55,7 @@ describe('query builder', () => { from: 0, size: 10, index: MetadataIndexPattern, + // eslint-disable-next-line @typescript-eslint/no-explicit-any } as Record); }); }); @@ -71,7 +72,7 @@ describe('query builder', () => { { logFactory: loggingServiceMock.create(), service: new EndpointAppContextService(), - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }, MetadataIndexPattern ); @@ -119,6 +120,7 @@ describe('query builder', () => { from: 0, size: 10, index: MetadataIndexPattern, + // eslint-disable-next-line @typescript-eslint/no-explicit-any } as Record); }); }); diff --git a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.ts similarity index 88% rename from x-pack/plugins/endpoint/server/routes/metadata/query_builders.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.ts index abcc293985f9f..a34113e8d6f62 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.ts @@ -4,13 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ import { KibanaRequest } from 'kibana/server'; -import { esKuery } from '../../../../../../src/plugins/data/server'; +import { esKuery } from '../../../../../../../src/plugins/data/server'; import { EndpointAppContext } from '../../types'; export const kibanaRequestToMetadataListESQuery = async ( + // eslint-disable-next-line @typescript-eslint/no-explicit-any request: KibanaRequest, endpointAppContext: EndpointAppContext, index: string + // eslint-disable-next-line @typescript-eslint/no-explicit-any ): Promise> => { const pagingProperties = await getPagingProperties(request, endpointAppContext); return { @@ -46,6 +48,7 @@ export const kibanaRequestToMetadataListESQuery = async ( }; async function getPagingProperties( + // eslint-disable-next-line @typescript-eslint/no-explicit-any request: KibanaRequest, endpointAppContext: EndpointAppContext ) { @@ -65,6 +68,7 @@ async function getPagingProperties( }; } +// eslint-disable-next-line @typescript-eslint/no-explicit-any function buildQueryBody(request: KibanaRequest): Record { if (typeof request?.body?.filter === 'string') { return esKuery.toElasticsearchQuery(esKuery.fromKueryExpression(request.body.filter)); diff --git a/x-pack/plugins/endpoint/server/routes/policy/handlers.test.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.test.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/policy/handlers.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/handlers.test.ts index 9348353425370..25bf2c45aa421 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/handlers.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.test.ts @@ -10,7 +10,6 @@ import { createRouteHandlerContext, } from '../../mocks'; import { getHostPolicyResponseHandler } from './handlers'; -import { EndpointConfigSchema } from '../../config'; import { IScopedClusterClient, KibanaResponseFactory, @@ -21,11 +20,12 @@ import { httpServerMock, loggingServiceMock, savedObjectsClientMock, -} from '../../../../../../src/core/server/mocks'; -import { AgentService } from '../../../../ingest_manager/server/services'; +} from '../../../../../../../src/core/server/mocks'; +import { AgentService } from '../../../../../ingest_manager/server/services'; import { SearchResponse } from 'elasticsearch'; -import { GetHostPolicyResponse, HostPolicyResponse } from '../../../common/types'; -import { EndpointDocGenerator } from '../../../common/generate_data'; +import { GetHostPolicyResponse, HostPolicyResponse } from '../../../../common/endpoint/types'; +import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('test policy response handler', () => { let endpointAppContextService: EndpointAppContextService; @@ -53,7 +53,7 @@ describe('test policy response handler', () => { const hostPolicyResponseHandler = getHostPolicyResponseHandler({ logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); @@ -76,7 +76,7 @@ describe('test policy response handler', () => { const hostPolicyResponseHandler = getHostPolicyResponseHandler({ logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => diff --git a/x-pack/plugins/endpoint/server/routes/policy/handlers.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/policy/handlers.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/handlers.ts index 5a34164c0bb37..000d353ab90f8 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/handlers.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.ts @@ -5,7 +5,7 @@ */ import { RequestHandler } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { GetPolicyResponseSchema } from '../../../common/schema/policy'; +import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy'; import { EndpointAppContext } from '../../types'; import { getPolicyResponseByHostId } from './service'; diff --git a/x-pack/plugins/endpoint/server/routes/policy/index.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/index.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/policy/index.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/index.ts index 4c3bd8e21315c..b233ff1af30fc 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/index.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/index.ts @@ -6,7 +6,7 @@ import { IRouter } from 'kibana/server'; import { EndpointAppContext } from '../../types'; -import { GetPolicyResponseSchema } from '../../../common/schema/policy'; +import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy'; import { getHostPolicyResponseHandler } from './handlers'; export const BASE_POLICY_RESPONSE_ROUTE = `/api/endpoint/policy_response`; diff --git a/x-pack/plugins/endpoint/server/routes/policy/service.test.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/service.test.ts similarity index 86% rename from x-pack/plugins/endpoint/server/routes/policy/service.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/service.test.ts index c7bf65627769e..7c8d006687a6b 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/service.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/service.test.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { GetPolicyResponseSchema } from '../../../common/schema/policy'; +import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy'; describe('test policy handlers schema', () => { it('validate that get policy response query schema', async () => { diff --git a/x-pack/plugins/endpoint/server/routes/policy/service.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/service.ts similarity index 97% rename from x-pack/plugins/endpoint/server/routes/policy/service.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/service.ts index 7ec2c65634110..5e3c3537ec591 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/service.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/service.ts @@ -6,7 +6,7 @@ import { SearchResponse } from 'elasticsearch'; import { IScopedClusterClient } from 'kibana/server'; -import { GetHostPolicyResponse, HostPolicyResponse } from '../../../common/types'; +import { GetHostPolicyResponse, HostPolicyResponse } from '../../../../common/endpoint/types'; export function getESQueryPolicyResponseByHostID(hostID: string, index: string) { return { diff --git a/x-pack/plugins/endpoint/server/routes/resolver.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver.ts similarity index 96% rename from x-pack/plugins/endpoint/server/routes/resolver.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver.ts index 3599acacb4f59..9a4f55770f934 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver.ts @@ -11,7 +11,7 @@ import { validateEvents, validateChildren, validateAncestry, -} from '../../common/schema/resolver'; +} from '../../../common/endpoint/schema/resolver'; import { handleEvents } from './resolver/events'; import { handleChildren } from './resolver/children'; import { handleAncestry } from './resolver/ancestry'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/ancestry.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/ancestry.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/ancestry.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/ancestry.ts index 6648dc5b9e493..233f23bd314c1 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/ancestry.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/ancestry.ts @@ -6,7 +6,7 @@ import { RequestHandler, Logger } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { validateAncestry } from '../../../common/schema/resolver'; +import { validateAncestry } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/children.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/children.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/children.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/children.ts index bb18b29a4b947..13af514c4c55f 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/children.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/children.ts @@ -6,7 +6,7 @@ import { RequestHandler, Logger } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { validateChildren } from '../../../common/schema/resolver'; +import { validateChildren } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/events.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/events.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/events.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/events.ts index a70a6e8d097d0..97f718b66a437 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/events.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/events.ts @@ -6,7 +6,7 @@ import { TypeOf } from '@kbn/config-schema'; import { RequestHandler, Logger } from 'kibana/server'; -import { validateEvents } from '../../../common/schema/resolver'; +import { validateEvents } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/base.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/base.ts similarity index 91% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/base.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/base.ts index eba4e5581c136..4f6003492fd3a 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/base.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/base.ts @@ -6,14 +6,14 @@ import { SearchResponse } from 'elasticsearch'; import { IScopedClusterClient } from 'kibana/server'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../../../common/endpoint/types'; import { paginate, paginatedResults, PaginationParams, PaginatedResults, } from '../utils/pagination'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; import { legacyEventIndexPattern } from './legacy_event_index_pattern'; export abstract class ResolverQuery { diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/children.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/children.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/children.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/children.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/events.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/events.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/events.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/events.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.ts index b622cb8a21111..80c3a0e9acccc 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/events.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { ResolverQuery } from './base'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; export class EventsQuery extends ResolverQuery { protected legacyQuery(endpointID: string, uniquePIDs: string[], index: string): JsonObject { diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/legacy_event_index_pattern.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/legacy_event_index_pattern.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/legacy_event_index_pattern.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/legacy_event_index_pattern.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.ts index e775b0cf9b6d2..7dbbdec2fdfcd 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { ResolverQuery } from './base'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; export class LifecycleQuery extends ResolverQuery { protected legacyQuery(endpointID: string, uniquePIDs: string[], index: string): JsonObject { diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/stats.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/stats.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/stats.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/stats.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.ts index 7db3ab2b0cb1f..5fddf86ea4a7c 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/stats.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.ts @@ -5,17 +5,19 @@ */ import { SearchResponse } from 'elasticsearch'; import { ResolverQuery } from './base'; -import { ResolverEvent } from '../../../../common/types'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { ResolverEvent } from '../../../../../common/endpoint/types'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; import { PaginatedResults } from '../utils/pagination'; export class StatsQuery extends ResolverQuery { protected postSearch(response: SearchResponse): PaginatedResults { const alerts = response.aggregations.alerts.ids.buckets.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (cummulative: any, bucket: any) => ({ ...cummulative, [bucket.key]: bucket.doc_count }), {} ); const events = response.aggregations.events.ids.buckets.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (cummulative: any, bucket: any) => ({ ...cummulative, [bucket.key]: bucket.doc_count }), {} ); diff --git a/x-pack/plugins/endpoint/server/routes/resolver/tree.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/tree.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/resolver/tree.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/tree.ts index 25f15586341d5..3551123393960 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/tree.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/tree.ts @@ -6,7 +6,7 @@ import { RequestHandler, Logger } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { validateTree } from '../../../common/schema/resolver'; +import { validateTree } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { Tree } from './utils/tree'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/utils/fetch.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/fetch.ts similarity index 97% rename from x-pack/plugins/endpoint/server/routes/resolver/utils/fetch.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/utils/fetch.ts index 7315b4ee6c618..f0e1a8a9bfc6e 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/utils/fetch.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/fetch.ts @@ -5,7 +5,7 @@ */ import { IScopedClusterClient } from 'kibana/server'; -import { entityId, parentEntityId } from '../../../../common/models/event'; +import { entityId, parentEntityId } from '../../../../../common/endpoint/models/event'; import { getPaginationParams } from './pagination'; import { Tree } from './tree'; import { LifecycleQuery } from '../queries/lifecycle'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/utils/pagination.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/pagination.ts similarity index 83% rename from x-pack/plugins/endpoint/server/routes/resolver/utils/pagination.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/utils/pagination.ts index 20249b81660bb..a47c4442b6cf4 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/utils/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/pagination.ts @@ -5,9 +5,9 @@ */ import { SearchResponse } from 'elasticsearch'; -import { ResolverEvent } from '../../../../common/types'; -import { entityId } from '../../../../common/models/event'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { ResolverEvent } from '../../../../../common/endpoint/types'; +import { entityId } from '../../../../../common/endpoint/models/event'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; export interface PaginationParams { size: number; @@ -37,8 +37,8 @@ function urlEncodeCursor(data: PaginationCursor): string { } function urlDecodeCursor(value: string): PaginationCursor { - value = value.replace(/\-/g, '+').replace(/_/g, '/'); - const data = Buffer.from(value, 'base64').toString('utf8'); + const localValue = value.replace(/\-/g, '+').replace(/_/g, '/'); + const data = Buffer.from(localValue, 'base64').toString('utf8'); const { timestamp, eventID } = JSON.parse(data); // take some extra care to only grab the things we want // convert the timestamp string to date object @@ -72,7 +72,10 @@ export function paginate( const { size, timestamp, eventID } = pagination; query.sort = [{ '@timestamp': 'asc' }, { [tiebreaker]: 'asc' }]; query.aggs = query.aggs || {}; - query.aggs = Object.assign({}, query.aggs, { totals: { terms: { field: aggregator, size } } }); + query.aggs = { + ...(typeof query.aggs === 'object' ? query.aggs : {}), + totals: { terms: { field: aggregator, size } }, + }; query.size = size; if (timestamp && eventID) { query.search_after = [timestamp, eventID] as Array; @@ -98,6 +101,7 @@ export function paginatedResults(response: SearchResponse): Pagin } const totals = response.aggregations?.totals?.buckets?.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (cummulative: any, bucket: any) => ({ ...cummulative, [bucket.key]: bucket.doc_count }), {} ); diff --git a/x-pack/plugins/endpoint/server/routes/resolver/utils/tree.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/tree.ts similarity index 98% rename from x-pack/plugins/endpoint/server/routes/resolver/utils/tree.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/utils/tree.ts index 5a55c23b90873..28615117cf7ba 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/utils/tree.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/tree.ts @@ -10,8 +10,8 @@ import { ResolverNode, ResolverNodeStats, ResolverNodePagination, -} from '../../../../common/types'; -import { entityId, parentEntityId } from '../../../../common/models/event'; +} from '../../../../../common/endpoint/types'; +import { entityId, parentEntityId } from '../../../../../common/endpoint/models/event'; import { buildPaginationCursor } from './pagination'; type ExtractFunction = (event: ResolverEvent) => string | undefined; diff --git a/x-pack/plugins/endpoint/server/test_data/all_metadata_data.json b/x-pack/plugins/siem/server/endpoint/test_data/all_metadata_data.json similarity index 100% rename from x-pack/plugins/endpoint/server/test_data/all_metadata_data.json rename to x-pack/plugins/siem/server/endpoint/test_data/all_metadata_data.json diff --git a/x-pack/plugins/endpoint/server/types.ts b/x-pack/plugins/siem/server/endpoint/types.ts similarity index 86% rename from x-pack/plugins/endpoint/server/types.ts rename to x-pack/plugins/siem/server/endpoint/types.ts index dfa5950adba5c..fbcc5bc833d73 100644 --- a/x-pack/plugins/endpoint/server/types.ts +++ b/x-pack/plugins/siem/server/endpoint/types.ts @@ -4,15 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ import { LoggerFactory } from 'kibana/server'; -import { EndpointConfigType } from './config'; import { EndpointAppContextService } from './endpoint_app_context_services'; +import { ConfigType } from '../config'; /** * The context for Endpoint apps. */ export interface EndpointAppContext { logFactory: LoggerFactory; - config(): Promise; + config(): Promise; /** * Object readiness is tied to plugin start method diff --git a/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts index a28eb6ba3ccaa..0cec1832dab83 100644 --- a/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts +++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts @@ -19,4 +19,10 @@ export const createMockConfig = () => ({ maxRuleImportPayloadBytes: 10485760, maxTimelineImportExportSize: 10000, maxTimelineImportPayloadBytes: 10485760, + endpointResultListDefaultFirstPageIndex: 0, + endpointResultListDefaultPageSize: 10, + alertResultListDefaultDateRange: { + from: 'now-15m', + to: 'now', + }, }); diff --git a/x-pack/plugins/siem/server/plugin.ts b/x-pack/plugins/siem/server/plugin.ts index d296ee94e8958..3c336991f3d9d 100644 --- a/x-pack/plugins/siem/server/plugin.ts +++ b/x-pack/plugins/siem/server/plugin.ts @@ -22,6 +22,7 @@ import { MlPluginSetup as MlSetup } from '../../ml/server'; import { EncryptedSavedObjectsPluginSetup as EncryptedSavedObjectsSetup } from '../../encrypted_saved_objects/server'; import { SpacesPluginSetup as SpacesSetup } from '../../spaces/server'; import { LicensingPluginSetup } from '../../licensing/server'; +import { IngestManagerStartContract } from '../../ingest_manager/server'; import { initServer } from './init_server'; import { compose } from './lib/compose/kibana'; import { initRoutes } from './routes'; @@ -35,6 +36,13 @@ import { SiemClientFactory } from './client'; import { createConfig$, ConfigType } from './config'; import { initUiSettings } from './ui_settings'; import { APP_ID, APP_ICON } from '../common/constants'; +import { registerEndpointRoutes } from './endpoint/routes/metadata'; +import { registerResolverRoutes } from './endpoint/routes/resolver'; +import { registerAlertRoutes } from './endpoint/alerts/routes'; +import { registerPolicyRoutes } from './endpoint/routes/policy'; +import { EndpointAppContextService } from './endpoint/endpoint_app_context_services'; +import { EndpointAppContext } from './endpoint/types'; +import { IngestIndexPatternRetriever } from './endpoint/alerts/index_pattern'; export interface SetupPlugins { alerting: AlertingSetup; @@ -46,8 +54,9 @@ export interface SetupPlugins { ml?: MlSetup; } -// eslint-disable-next-line @typescript-eslint/no-empty-interface -export interface StartPlugins {} +export interface StartPlugins { + ingestManager: IngestManagerStartContract; +} // eslint-disable-next-line @typescript-eslint/no-empty-interface export interface PluginSetup {} @@ -59,6 +68,7 @@ export class Plugin implements IPlugin; private context: PluginInitializerContext; private siemClientFactory: SiemClientFactory; + private readonly endpointAppContextService = new EndpointAppContextService(); constructor(context: PluginInitializerContext) { this.context = context; @@ -79,21 +89,27 @@ export class Plugin implements IPlugin => Promise.resolve(config), + }; const router = core.http.createRouter(); core.http.registerRouteHandlerContext(APP_ID, (context, request, response) => ({ getSiemClient: () => this.siemClientFactory.create(request), })); - const config = await this.config$.pipe(first()).toPromise(); - this.siemClientFactory.setup({ getSpaceId: plugins.spaces?.spacesService?.getSpaceId, config, }); + // TO DO We need to get the endpoint routes inside of initRoutes initRoutes( router, config, @@ -101,6 +117,10 @@ export class Plugin implements IPlugin { await ingestManager.setup(); }); - loadTestFile(require.resolve('./index_pattern')); + loadTestFile(require.resolve('./alerts/index_pattern')); loadTestFile(require.resolve('./resolver')); loadTestFile(require.resolve('./metadata')); loadTestFile(require.resolve('./alerts')); diff --git a/x-pack/test/api_integration/apis/features/features/features.ts b/x-pack/test/api_integration/apis/features/features/features.ts index 7a0196adbfffd..197e551c71888 100644 --- a/x-pack/test/api_integration/apis/features/features/features.ts +++ b/x-pack/test/api_integration/apis/features/features/features.ts @@ -114,7 +114,6 @@ export default function({ getService }: FtrProviderContext) { 'maps', 'uptime', 'siem', - 'endpoint', 'ingestManager', ].sort() ); diff --git a/x-pack/test/api_integration/apis/security/privileges.ts b/x-pack/test/api_integration/apis/security/privileges.ts index 9bec3fd076e86..a6537644551a1 100644 --- a/x-pack/test/api_integration/apis/security/privileges.ts +++ b/x-pack/test/api_integration/apis/security/privileges.ts @@ -36,7 +36,6 @@ export default function({ getService }: FtrProviderContext) { uptime: ['all', 'read'], apm: ['all', 'read'], siem: ['all', 'read'], - endpoint: ['all', 'read'], ingestManager: ['all', 'read'], }, global: ['all', 'read'], diff --git a/x-pack/test/api_integration/apis/security/privileges_basic.ts b/x-pack/test/api_integration/apis/security/privileges_basic.ts index 1f9eac148b302..dc352c2833594 100644 --- a/x-pack/test/api_integration/apis/security/privileges_basic.ts +++ b/x-pack/test/api_integration/apis/security/privileges_basic.ts @@ -34,7 +34,6 @@ export default function({ getService }: FtrProviderContext) { uptime: ['all', 'read'], apm: ['all', 'read'], siem: ['all', 'read'], - endpoint: ['all', 'read'], ingestManager: ['all', 'read'], }, global: ['all', 'read'], diff --git a/x-pack/test/api_integration/config.js b/x-pack/test/api_integration/config.js index dda8c2d888d30..41ae65062b113 100644 --- a/x-pack/test/api_integration/config.js +++ b/x-pack/test/api_integration/config.js @@ -26,11 +26,9 @@ export async function getApiIntegrationConfig({ readConfigFile }) { ...xPackFunctionalTestsConfig.get('kbnTestServer.serverArgs'), '--xpack.security.session.idleTimeout=3600000', // 1 hour '--optimize.enabled=false', - '--xpack.endpoint.enabled=true', '--telemetry.optIn=true', - '--xpack.endpoint.enabled=true', '--xpack.ingestManager.enabled=true', - '--xpack.endpoint.alertResultListDefaultDateRange.from=2018-01-10T00:00:00.000Z', + '--xpack.siem.alertResultListDefaultDateRange.from=2018-01-10T00:00:00.000Z', ], }, esTestCluster: { diff --git a/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts.ts b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index.ts similarity index 93% rename from x-pack/test/endpoint_api_integration_no_ingest/apis/alerts.ts rename to x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index.ts index b75d69238d653..badb05cbe7a74 100644 --- a/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts.ts +++ b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { FtrProviderContext } from '../ftr_provider_context'; +import { FtrProviderContext } from '../../ftr_provider_context'; export default function({ getService }: FtrProviderContext) { const esArchiver = getService('esArchiver'); diff --git a/x-pack/test/endpoint_api_integration_no_ingest/apis/index_pattern.ts b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index_pattern.ts similarity index 90% rename from x-pack/test/endpoint_api_integration_no_ingest/apis/index_pattern.ts rename to x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index_pattern.ts index 664ef7d96847c..13a0d61de3139 100644 --- a/x-pack/test/endpoint_api_integration_no_ingest/apis/index_pattern.ts +++ b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index_pattern.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { FtrProviderContext } from '../ftr_provider_context'; +import { FtrProviderContext } from '../../ftr_provider_context'; export default function({ getService }: FtrProviderContext) { const supertest = getService('supertest'); diff --git a/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts b/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts index 6110f398df5a0..321ef35180ca8 100644 --- a/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts +++ b/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts @@ -9,7 +9,7 @@ import { FtrProviderContext } from '../ftr_provider_context'; export default function endpointAPIIntegrationTests({ loadTestFile }: FtrProviderContext) { describe('Endpoint plugin', function() { this.tags('ciGroup7'); - loadTestFile(require.resolve('./index_pattern')); + loadTestFile(require.resolve('./alerts/index_pattern')); loadTestFile(require.resolve('./metadata')); loadTestFile(require.resolve('./alerts')); }); diff --git a/x-pack/test/functional_endpoint/config.ts b/x-pack/test/functional_endpoint/config.ts index a371c548f3022..8b87993e4b985 100644 --- a/x-pack/test/functional_endpoint/config.ts +++ b/x-pack/test/functional_endpoint/config.ts @@ -30,7 +30,6 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) { ...xpackFunctionalConfig.get('kbnTestServer'), serverArgs: [ ...xpackFunctionalConfig.get('kbnTestServer.serverArgs'), - '--xpack.endpoint.enabled=true', '--xpack.ingestManager.enabled=true', ], }, diff --git a/x-pack/test/functional_endpoint/services/endpoint_policy.ts b/x-pack/test/functional_endpoint/services/endpoint_policy.ts index e8e2d9957aa38..5142c083a0891 100644 --- a/x-pack/test/functional_endpoint/services/endpoint_policy.ts +++ b/x-pack/test/functional_endpoint/services/endpoint_policy.ts @@ -9,8 +9,8 @@ import { CreateAgentConfigResponse, CreateDatasourceResponse, } from '../../../plugins/ingest_manager/common'; -import { Immutable } from '../../../plugins/endpoint/common/types'; -import { factory as policyConfigFactory } from '../../../plugins/endpoint/common/models/policy_config'; +import { Immutable } from '../../../plugins/siem/common/endpoint/types'; +import { factory as policyConfigFactory } from '../../../plugins/siem/common/endpoint/models/policy_config'; const INGEST_API_ROOT = '/api/ingest_manager'; const INGEST_API_AGENT_CONFIGS = `${INGEST_API_ROOT}/agent_configs`; diff --git a/x-pack/test/plugin_functional/config.ts b/x-pack/test/plugin_functional/config.ts index aa3c9bd24842a..496be59ec3427 100644 --- a/x-pack/test/plugin_functional/config.ts +++ b/x-pack/test/plugin_functional/config.ts @@ -42,7 +42,6 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) { ...plugins.map(pluginDir => `--plugin-path=${resolve(__dirname, 'plugins', pluginDir)}`), // Required to load new platform plugins via `--plugin-path` flag. '--env.name=development', - '--xpack.endpoint.enabled=true', ], }, uiSettings: xpackFunctionalConfig.get('uiSettings'), diff --git a/x-pack/test/reporting/configs/chromium_api.js b/x-pack/test/reporting/configs/chromium_api.js index 95649dfb5d7a3..98235f433681e 100644 --- a/x-pack/test/reporting/configs/chromium_api.js +++ b/x-pack/test/reporting/configs/chromium_api.js @@ -26,7 +26,6 @@ export default async function({ readConfigFile }) { ...functionalConfig.get('kbnTestServer.serverArgs'), '--logging.events.log', '["info","warning","error","fatal","optimize","reporting"]', - '--xpack.endpoint.enabled=true', '--xpack.reporting.csv.enablePanelActionDownload=true', '--xpack.reporting.capture.maxAttempts=1', '--xpack.security.session.idleTimeout=3600000', diff --git a/x-pack/test/siem_cypress/config.ts b/x-pack/test/siem_cypress/config.ts index bd5052cf38381..b4c0eaaa77324 100644 --- a/x-pack/test/siem_cypress/config.ts +++ b/x-pack/test/siem_cypress/config.ts @@ -46,6 +46,9 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) { '--csp.strict=false', // define custom kibana server args here `--elasticsearch.ssl.certificateAuthorities=${CA_CERT_PATH}`, + '--xpack.ingestManager.enabled=true', + '--xpack.ingestManager.epm.enabled=true', + '--xpack.ingestManager.fleet.enabled=true', ], }, }; diff --git a/yarn.lock b/yarn.lock index 8d4618df948b5..e63391e0a572f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4647,16 +4647,6 @@ "@types/prop-types" "*" "@types/react" "*" -"@types/react-redux@^7.1.0": - version "7.1.5" - resolved "https://registry.yarnpkg.com/@types/react-redux/-/react-redux-7.1.5.tgz#c7a528d538969250347aa53c52241051cf886bd3" - integrity sha512-ZoNGQMDxh5ENY7PzU7MVonxDzS1l/EWiy8nUhDqxFqUZn4ovboCyvk4Djf68x6COb7vhGTKjyjxHxtFdAA5sUA== - dependencies: - "@types/hoist-non-react-statics" "^3.3.0" - "@types/react" "*" - hoist-non-react-statics "^3.3.0" - redux "^4.0.0" - "@types/react-redux@^7.1.7": version "7.1.7" resolved "https://registry.yarnpkg.com/@types/react-redux/-/react-redux-7.1.7.tgz#12a0c529aba660696947384a059c5c6e08185c7a" From 88a41b5822a9b0726bcf6ae6d9665bc9cc36f136 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Tue, 19 May 2020 14:35:34 -0400 Subject: [PATCH 2/2] miss import in cherry-pick --- x-pack/scripts/functional_tests.js | 1 - 1 file changed, 1 deletion(-) diff --git a/x-pack/scripts/functional_tests.js b/x-pack/scripts/functional_tests.js index 23fe7d1483c9a..0a022694655d0 100644 --- a/x-pack/scripts/functional_tests.js +++ b/x-pack/scripts/functional_tests.js @@ -23,7 +23,6 @@ require('@kbn/test').runTestsCli([ require.resolve('../test/detection_engine_api_integration/security_and_spaces/config.ts'), require.resolve('../test/detection_engine_api_integration/basic/config.ts'), require.resolve('../test/plugin_api_integration/config.ts'), - require.resolve('../test/plugin_functional/config'), require.resolve('../test/kerberos_api_integration/config'), require.resolve('../test/kerberos_api_integration/anonymous_access.config'), require.resolve('../test/saml_api_integration/config'),