maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update detection rule telemetry field name. (#100256)

Browse source 
* Changing variable name of cases_count_daily to cases_count_total.

* Taking comments out of tests and reverting tests to previosu state.

* Changing meta description to be more descriptive.

* Changing meta description to be more descriptive.

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Claire Burn 2021-05-18 17:10:06 +01:00 committed by GitHub
parent 55b95ea8a1
commit 6f31c10baf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 16 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
x-pack/plugins/security_solution/server/usage/collector.ts
View file

@ -216,9 +216,9 @@ export const registerCollector: RegisterCollector = ({
type: 'long', type: 'long',
_meta: { description: 'The number of daily alerts generated by a rule' }, _meta: { description: 'The number of daily alerts generated by a rule' },
}, },
cases_count_daily: { cases_count_total: {
type: 'long', type: 'long',
_meta: { description: 'The number of daily cases generated by a rule' }, _meta: { description: 'The number of total cases generated by a rule' },
}, },
}, },
}, },

2
x-pack/plugins/security_solution/server/usage/detections/dectections_metrics_helpers.test.ts
View file

@ -24,7 +24,7 @@ const createStubRule = (
created_on: uuid(), created_on: uuid(),
updated_on: uuid(), updated_on: uuid(),
alert_count_daily: alertCount, alert_count_daily: alertCount,
cases_count_daily: caseCount, cases_count_total: caseCount,
}); });
describe('Detections Usage and Metrics', () => { describe('Detections Usage and Metrics', () => {

4
x-pack/plugins/security_solution/server/usage/detections/detections.test.ts
View file

@ -190,7 +190,7 @@ describe('Detections Usage and Metrics', () => {
detection_rule_detail: [ detection_rule_detail: [
{ {
alert_count_daily: 3400, alert_count_daily: 3400,
cases_count_daily: 1, cases_count_total: 1,
created_on: '2021-03-23T17:15:59.634Z', created_on: '2021-03-23T17:15:59.634Z',
elastic_rule: true, elastic_rule: true,
enabled: false, enabled: false,
@ -327,7 +327,7 @@ describe('Detections Usage and Metrics', () => {
detection_rule_detail: [ detection_rule_detail: [
{ {
alert_count_daily: 0, alert_count_daily: 0,
cases_count_daily: 1, cases_count_total: 1,
created_on: '2021-03-23T17:15:59.634Z', created_on: '2021-03-23T17:15:59.634Z',
elastic_rule: true, elastic_rule: true,
enabled: false, enabled: false,

16
x-pack/plugins/security_solution/server/usage/detections/detections_metrics_helpers.ts
View file

@ -85,7 +85,7 @@ export const updateDetectionRuleUsage = (
enabled: detectionRuleMetric.enabled ? usage.query.enabled + 1 : usage.query.enabled, enabled: detectionRuleMetric.enabled ? usage.query.enabled + 1 : usage.query.enabled,
disabled: !detectionRuleMetric.enabled ? usage.query.disabled + 1 : usage.query.disabled, disabled: !detectionRuleMetric.enabled ? usage.query.disabled + 1 : usage.query.disabled,
alerts: usage.query.alerts + detectionRuleMetric.alert_count_daily, alerts: usage.query.alerts + detectionRuleMetric.alert_count_daily,
cases: usage.query.cases + detectionRuleMetric.cases_count_daily, cases: usage.query.cases + detectionRuleMetric.cases_count_total,
}, },
}; };
} else if (detectionRuleMetric.rule_type === 'threshold') { } else if (detectionRuleMetric.rule_type === 'threshold') {
@ -100,7 +100,7 @@ export const updateDetectionRuleUsage = (
? usage.threshold.disabled + 1 ? usage.threshold.disabled + 1
: usage.threshold.disabled, : usage.threshold.disabled,
alerts: usage.threshold.alerts + detectionRuleMetric.alert_count_daily, alerts: usage.threshold.alerts + detectionRuleMetric.alert_count_daily,
cases: usage.threshold.cases + detectionRuleMetric.cases_count_daily, cases: usage.threshold.cases + detectionRuleMetric.cases_count_total,
}, },
}; };
} else if (detectionRuleMetric.rule_type === 'eql') { } else if (detectionRuleMetric.rule_type === 'eql') {
@ -111,7 +111,7 @@ export const updateDetectionRuleUsage = (
enabled: detectionRuleMetric.enabled ? usage.eql.enabled + 1 : usage.eql.enabled, enabled: detectionRuleMetric.enabled ? usage.eql.enabled + 1 : usage.eql.enabled,
disabled: !detectionRuleMetric.enabled ? usage.eql.disabled + 1 : usage.eql.disabled, disabled: !detectionRuleMetric.enabled ? usage.eql.disabled + 1 : usage.eql.disabled,
alerts: usage.eql.alerts + detectionRuleMetric.alert_count_daily, alerts: usage.eql.alerts + detectionRuleMetric.alert_count_daily,
cases: usage.eql.cases + detectionRuleMetric.cases_count_daily, cases: usage.eql.cases + detectionRuleMetric.cases_count_total,
}, },
}; };
} else if (detectionRuleMetric.rule_type === 'machine_learning') { } else if (detectionRuleMetric.rule_type === 'machine_learning') {
@ -126,7 +126,7 @@ export const updateDetectionRuleUsage = (
? usage.machine_learning.disabled + 1 ? usage.machine_learning.disabled + 1
: usage.machine_learning.disabled, : usage.machine_learning.disabled,
alerts: usage.machine_learning.alerts + detectionRuleMetric.alert_count_daily, alerts: usage.machine_learning.alerts + detectionRuleMetric.alert_count_daily,
cases: usage.machine_learning.cases + detectionRuleMetric.cases_count_daily, cases: usage.machine_learning.cases + detectionRuleMetric.cases_count_total,
}, },
}; };
} else if (detectionRuleMetric.rule_type === 'threat_match') { } else if (detectionRuleMetric.rule_type === 'threat_match') {
@ -141,7 +141,7 @@ export const updateDetectionRuleUsage = (
? usage.threat_match.disabled + 1 ? usage.threat_match.disabled + 1
: usage.threat_match.disabled, : usage.threat_match.disabled,
alerts: usage.threat_match.alerts + detectionRuleMetric.alert_count_daily, alerts: usage.threat_match.alerts + detectionRuleMetric.alert_count_daily,
cases: usage.threat_match.cases + detectionRuleMetric.cases_count_daily, cases: usage.threat_match.cases + detectionRuleMetric.cases_count_total,
}, },
}; };
} }
@ -158,7 +158,7 @@ export const updateDetectionRuleUsage = (
? updatedUsage.elastic_total.disabled + 1 ? updatedUsage.elastic_total.disabled + 1
: updatedUsage.elastic_total.disabled, : updatedUsage.elastic_total.disabled,
alerts: updatedUsage.elastic_total.alerts + detectionRuleMetric.alert_count_daily, alerts: updatedUsage.elastic_total.alerts + detectionRuleMetric.alert_count_daily,
cases: updatedUsage.elastic_total.cases + detectionRuleMetric.cases_count_daily, cases: updatedUsage.elastic_total.cases + detectionRuleMetric.cases_count_total,
}, },
}; };
} else { } else {
@ -173,7 +173,7 @@ export const updateDetectionRuleUsage = (
? updatedUsage.custom_total.disabled + 1 ? updatedUsage.custom_total.disabled + 1
: updatedUsage.custom_total.disabled, : updatedUsage.custom_total.disabled,
alerts: updatedUsage.custom_total.alerts + detectionRuleMetric.alert_count_daily, alerts: updatedUsage.custom_total.alerts + detectionRuleMetric.alert_count_daily,
cases: updatedUsage.custom_total.cases + detectionRuleMetric.cases_count_daily, cases: updatedUsage.custom_total.cases + detectionRuleMetric.cases_count_total,
}, },
}; };
} }
@ -263,7 +263,7 @@ export const getDetectionRuleMetrics = async (
created_on: hit._source?.alert.createdAt, created_on: hit._source?.alert.createdAt,
updated_on: hit._source?.alert.updatedAt, updated_on: hit._source?.alert.updatedAt,
alert_count_daily: alertsCache.get(ruleId) || 0, alert_count_daily: alertsCache.get(ruleId) || 0,
cases_count_daily: casesCache.get(ruleId) || 0, cases_count_total: casesCache.get(ruleId) || 0,
} as DetectionRuleMetric; } as DetectionRuleMetric;
}); });

2
x-pack/plugins/security_solution/server/usage/detections/index.ts
View file

@ -106,7 +106,7 @@ export interface DetectionRuleMetric {
created_on: string; created_on: string;
updated_on: string; updated_on: string;
alert_count_daily: number; alert_count_daily: number;
cases_count_daily: number; cases_count_total: number;
} }
export interface DetectionRuleAdoption { export interface DetectionRuleAdoption {

4
x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json
View file

@ -4862,10 +4862,10 @@
"description": "The number of daily alerts generated by a rule" "description": "The number of daily alerts generated by a rule"
} }
}, },
"cases_count_daily": { "cases_count_total": {
"type": "long", "type": "long",
"_meta": { "_meta": {
"description": "The number of daily cases generated by a rule" "description": "The number of total cases generated by a rule"
} }
} }
} }