From 6f31c10baf9a8009d8d9e72c9e5f340f57cfd3c9 Mon Sep 17 00:00:00 2001 From: Claire Burn <80253545+clburn-elastic@users.noreply.github.com> Date: Tue, 18 May 2021 17:10:06 +0100 Subject: [PATCH] Update detection rule telemetry field name. (#100256) * Changing variable name of cases_count_daily to cases_count_total. * Taking comments out of tests and reverting tests to previosu state. * Changing meta description to be more descriptive. * Changing meta description to be more descriptive. Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../security_solution/server/usage/collector.ts | 4 ++-- .../dectections_metrics_helpers.test.ts | 2 +- .../server/usage/detections/detections.test.ts | 4 ++-- .../detections/detections_metrics_helpers.ts | 16 ++++++++-------- .../server/usage/detections/index.ts | 2 +- .../schema/xpack_plugins.json | 4 ++-- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/x-pack/plugins/security_solution/server/usage/collector.ts b/x-pack/plugins/security_solution/server/usage/collector.ts index ffb42ff72437..f27f6a76b089 100644 --- a/x-pack/plugins/security_solution/server/usage/collector.ts +++ b/x-pack/plugins/security_solution/server/usage/collector.ts @@ -216,9 +216,9 @@ export const registerCollector: RegisterCollector = ({ type: 'long', _meta: { description: 'The number of daily alerts generated by a rule' }, }, - cases_count_daily: { + cases_count_total: { type: 'long', - _meta: { description: 'The number of daily cases generated by a rule' }, + _meta: { description: 'The number of total cases generated by a rule' }, }, }, }, diff --git a/x-pack/plugins/security_solution/server/usage/detections/dectections_metrics_helpers.test.ts b/x-pack/plugins/security_solution/server/usage/detections/dectections_metrics_helpers.test.ts index bd470ccabbfe..55bd372e9dd7 100644 --- a/x-pack/plugins/security_solution/server/usage/detections/dectections_metrics_helpers.test.ts +++ b/x-pack/plugins/security_solution/server/usage/detections/dectections_metrics_helpers.test.ts @@ -24,7 +24,7 @@ const createStubRule = ( created_on: uuid(), updated_on: uuid(), alert_count_daily: alertCount, - cases_count_daily: caseCount, + cases_count_total: caseCount, }); describe('Detections Usage and Metrics', () => { diff --git a/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts b/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts index 9241186bb6d9..a020f4946400 100644 --- a/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts +++ b/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts @@ -190,7 +190,7 @@ describe('Detections Usage and Metrics', () => { detection_rule_detail: [ { alert_count_daily: 3400, - cases_count_daily: 1, + cases_count_total: 1, created_on: '2021-03-23T17:15:59.634Z', elastic_rule: true, enabled: false, @@ -327,7 +327,7 @@ describe('Detections Usage and Metrics', () => { detection_rule_detail: [ { alert_count_daily: 0, - cases_count_daily: 1, + cases_count_total: 1, created_on: '2021-03-23T17:15:59.634Z', elastic_rule: true, enabled: false, diff --git a/x-pack/plugins/security_solution/server/usage/detections/detections_metrics_helpers.ts b/x-pack/plugins/security_solution/server/usage/detections/detections_metrics_helpers.ts index 8697fa138d4b..a84ea108c5f1 100644 --- a/x-pack/plugins/security_solution/server/usage/detections/detections_metrics_helpers.ts +++ b/x-pack/plugins/security_solution/server/usage/detections/detections_metrics_helpers.ts @@ -85,7 +85,7 @@ export const updateDetectionRuleUsage = ( enabled: detectionRuleMetric.enabled ? usage.query.enabled + 1 : usage.query.enabled, disabled: !detectionRuleMetric.enabled ? usage.query.disabled + 1 : usage.query.disabled, alerts: usage.query.alerts + detectionRuleMetric.alert_count_daily, - cases: usage.query.cases + detectionRuleMetric.cases_count_daily, + cases: usage.query.cases + detectionRuleMetric.cases_count_total, }, }; } else if (detectionRuleMetric.rule_type === 'threshold') { @@ -100,7 +100,7 @@ export const updateDetectionRuleUsage = ( ? usage.threshold.disabled + 1 : usage.threshold.disabled, alerts: usage.threshold.alerts + detectionRuleMetric.alert_count_daily, - cases: usage.threshold.cases + detectionRuleMetric.cases_count_daily, + cases: usage.threshold.cases + detectionRuleMetric.cases_count_total, }, }; } else if (detectionRuleMetric.rule_type === 'eql') { @@ -111,7 +111,7 @@ export const updateDetectionRuleUsage = ( enabled: detectionRuleMetric.enabled ? usage.eql.enabled + 1 : usage.eql.enabled, disabled: !detectionRuleMetric.enabled ? usage.eql.disabled + 1 : usage.eql.disabled, alerts: usage.eql.alerts + detectionRuleMetric.alert_count_daily, - cases: usage.eql.cases + detectionRuleMetric.cases_count_daily, + cases: usage.eql.cases + detectionRuleMetric.cases_count_total, }, }; } else if (detectionRuleMetric.rule_type === 'machine_learning') { @@ -126,7 +126,7 @@ export const updateDetectionRuleUsage = ( ? usage.machine_learning.disabled + 1 : usage.machine_learning.disabled, alerts: usage.machine_learning.alerts + detectionRuleMetric.alert_count_daily, - cases: usage.machine_learning.cases + detectionRuleMetric.cases_count_daily, + cases: usage.machine_learning.cases + detectionRuleMetric.cases_count_total, }, }; } else if (detectionRuleMetric.rule_type === 'threat_match') { @@ -141,7 +141,7 @@ export const updateDetectionRuleUsage = ( ? usage.threat_match.disabled + 1 : usage.threat_match.disabled, alerts: usage.threat_match.alerts + detectionRuleMetric.alert_count_daily, - cases: usage.threat_match.cases + detectionRuleMetric.cases_count_daily, + cases: usage.threat_match.cases + detectionRuleMetric.cases_count_total, }, }; } @@ -158,7 +158,7 @@ export const updateDetectionRuleUsage = ( ? updatedUsage.elastic_total.disabled + 1 : updatedUsage.elastic_total.disabled, alerts: updatedUsage.elastic_total.alerts + detectionRuleMetric.alert_count_daily, - cases: updatedUsage.elastic_total.cases + detectionRuleMetric.cases_count_daily, + cases: updatedUsage.elastic_total.cases + detectionRuleMetric.cases_count_total, }, }; } else { @@ -173,7 +173,7 @@ export const updateDetectionRuleUsage = ( ? updatedUsage.custom_total.disabled + 1 : updatedUsage.custom_total.disabled, alerts: updatedUsage.custom_total.alerts + detectionRuleMetric.alert_count_daily, - cases: updatedUsage.custom_total.cases + detectionRuleMetric.cases_count_daily, + cases: updatedUsage.custom_total.cases + detectionRuleMetric.cases_count_total, }, }; } @@ -263,7 +263,7 @@ export const getDetectionRuleMetrics = async ( created_on: hit._source?.alert.createdAt, updated_on: hit._source?.alert.updatedAt, alert_count_daily: alertsCache.get(ruleId) || 0, - cases_count_daily: casesCache.get(ruleId) || 0, + cases_count_total: casesCache.get(ruleId) || 0, } as DetectionRuleMetric; }); diff --git a/x-pack/plugins/security_solution/server/usage/detections/index.ts b/x-pack/plugins/security_solution/server/usage/detections/index.ts index cc831b0b3b36..ea3df7b1f223 100644 --- a/x-pack/plugins/security_solution/server/usage/detections/index.ts +++ b/x-pack/plugins/security_solution/server/usage/detections/index.ts @@ -106,7 +106,7 @@ export interface DetectionRuleMetric { created_on: string; updated_on: string; alert_count_daily: number; - cases_count_daily: number; + cases_count_total: number; } export interface DetectionRuleAdoption { diff --git a/x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json b/x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json index 5495ef10f223..f88034f70ddf 100644 --- a/x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json +++ b/x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json @@ -4862,10 +4862,10 @@ "description": "The number of daily alerts generated by a rule" } }, - "cases_count_daily": { + "cases_count_total": { "type": "long", "_meta": { - "description": "The number of daily cases generated by a rule" + "description": "The number of total cases generated by a rule" } } }