diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.test.ts index 8d301f221b347..65dc3794123c7 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.test.ts @@ -16,7 +16,7 @@ describe('get_threat_signals', () => { index: ['index-123'], listItemIndex: 'list-index-123', }); - expect(sortOrder).toEqual([{ '@timestamp': 'asc' }]); + expect(sortOrder).toEqual([{ '@timestamp': 'desc' }]); }); test('it should return sort field of just tie_breaker_id if given no sort order for a list item index', () => { @@ -29,14 +29,14 @@ describe('get_threat_signals', () => { expect(sortOrder).toEqual([{ tie_breaker_id: 'asc' }]); }); - test('it should return sort field of timestamp with asc even if sortOrder is changed as it is hard wired in', () => { + test('it should return sort field of timestamp with desc even if sortOrder is changed as it is hard wired in', () => { const sortOrder = getSortWithTieBreaker({ sortField: undefined, sortOrder: 'desc', index: ['index-123'], listItemIndex: 'list-index-123', }); - expect(sortOrder).toEqual([{ '@timestamp': 'asc' }]); + expect(sortOrder).toEqual([{ '@timestamp': 'desc' }]); }); test('it should return sort field of tie_breaker_id with asc even if sortOrder is changed as it is hard wired in for a list item index', () => { @@ -56,7 +56,7 @@ describe('get_threat_signals', () => { index: ['index-123'], listItemIndex: 'list-index-123', }); - expect(sortOrder).toEqual([{ 'some-field': 'asc', '@timestamp': 'asc' }]); + expect(sortOrder).toEqual([{ 'some-field': 'asc', '@timestamp': 'desc' }]); }); test('it should return sort field of an extra field if given one for a list item index', () => { @@ -76,7 +76,7 @@ describe('get_threat_signals', () => { index: ['index-123'], listItemIndex: 'list-index-123', }); - expect(sortOrder).toEqual([{ 'some-field': 'desc', '@timestamp': 'asc' }]); + expect(sortOrder).toEqual([{ 'some-field': 'desc', '@timestamp': 'desc' }]); }); test('it should return sort field of desc if given one for a list item index', () => { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.ts index 3ff23e27547b4..8fab8f30fb3dc 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.ts @@ -70,6 +70,7 @@ export const getThreatList = async ({ listItemIndex: listClient.getListItemIndex(), }), }, + track_total_hits: false, ignore_unavailable: true, index, size: calculatedPerPage, @@ -101,9 +102,9 @@ export const getSortWithTieBreaker = ({ } } else { if (sortField != null) { - return [{ [sortField]: ascOrDesc, '@timestamp': 'asc' }]; + return [{ [sortField]: ascOrDesc, '@timestamp': 'desc' }]; } else { - return [{ '@timestamp': 'asc' }]; + return [{ '@timestamp': 'desc' }]; } } };