Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Adding tests for dns pipeline in the endpoint package #79177

Merged

Conversation

jonathan-buttner
Copy link
Contributor

@jonathan-buttner jonathan-buttner commented Oct 1, 2020

This PR adds tests for the dns pipeline installed by the endpoint package. It depends on this PR being merged and deployed before the new tests will pass: elastic/endpoint-package#88

The tests check to make sure that the dns.question.type field is filled in properly by the pipeline and that the pipeline skips events that are not dns.

@jonathan-buttner jonathan-buttner requested review from a team as code owners October 1, 2020 17:33
@jonathan-buttner jonathan-buttner added release_note:skip Skip the PR/issue when compiling release notes v7.10.0 v8.0.0 labels Oct 1, 2020
@jonathan-buttner
Copy link
Contributor Author

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@jonathan-buttner jonathan-buttner added the Feature:Endpoint Elastic Endpoint feature label Oct 5, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-app-team (Feature:Endpoint)

});

it('does not set dns.question.type if it is already populated', async () => {
// this id comes from the es archive file endpoint/pipeline/dns
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❔ Do you need to change it if something in that file changes?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah we'd have to change the event.id we look for here if the archive changed. I don't expect to have to update that archive very much though. The pipeline shouldn't change that often.

@jonathan-buttner jonathan-buttner merged commit cc633a4 into elastic:master Oct 5, 2020
@jonathan-buttner jonathan-buttner deleted the dns-pipeline-tests branch October 5, 2020 14:11
jonathan-buttner added a commit to jonathan-buttner/kibana that referenced this pull request Oct 5, 2020
…kage (elastic#79177)

* Adding tests for dns pipeline in the endpoint package

* Adding test to make sure non dns events are ingested correctly

* Bring the docker container with the new endpoint package

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
jloleysens added a commit to jloleysens/kibana that referenced this pull request Oct 5, 2020
…nes/fix-description-field

* 'master' of github.com:elastic/kibana:
  A11y tests for user page (elastic#79199)
  [Ingest Pipelines] Processors editor a11y focus states (elastic#79122)
  [Ingest pipelines] Clean up component integration tests (elastic#78838)
  Drilldowns in examples (elastic#75640)
  Storybook and Jest cleanup (elastic#79305)
  adds EQL sequence rule test (elastic#79287)
  PR template a11y checklist item improvement (elastic#79243)
  [Security Solution] Adding tests for dns pipeline in the endpoint package (elastic#79177)
  [ML] Only adjust the bounds of SMV if annotations are visible (elastic#79210)
  global search to ts refs (elastic#79446)
  [Index management] Update TemplateDeserialized interface (elastic#78913)
  [Telemetry] server fetcher check all collectors ready before sending (elastic#79398)
  [Mappings editor] Fix app crash when selecting "other" field type (elastic#79434)
  [`/api/stats`] Add documentation + small improvement (elastic#79330)
  [Discover] "View surrounding documents" encodes spaces in filters (elastic#79283)
  [Lens] refactor DimensionContainer and fix flyout bug (elastic#79277)

# Conflicts:
#	x-pack/plugins/ingest_pipelines/public/application/components/pipeline_processors_editor/components/pipeline_processors_editor_item/inline_text_input.tsx
#	x-pack/plugins/ingest_pipelines/public/application/components/pipeline_processors_editor/components/processors_tree/components/private_tree.tsx
jonathan-buttner added a commit that referenced this pull request Oct 5, 2020
…kage (#79177) (#79464)

* Adding tests for dns pipeline in the endpoint package

* Adding test to make sure non dns events are ingested correctly

* Bring the docker container with the new endpoint package

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Endpoint Elastic Endpoint feature release_note:skip Skip the PR/issue when compiling release notes v7.10.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants