[Security Solution][Detections] Await promises to ensure promise rejection does not crash kibana (#88564)
* Await promises to ensure promise rejection does not crash kibana * Fix test Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
parent
6e3ac2a954
commit
90f2abd361
|
@ -225,7 +225,7 @@ describe('searchAfterAndBulkCreate', () => {
|
||||||
buildRuleMessage,
|
buildRuleMessage,
|
||||||
});
|
});
|
||||||
expect(success).toEqual(true);
|
expect(success).toEqual(true);
|
||||||
expect(mockService.callCluster).toHaveBeenCalledTimes(8);
|
expect(mockService.callCluster).toHaveBeenCalledTimes(7);
|
||||||
expect(createdSignalsCount).toEqual(3);
|
expect(createdSignalsCount).toEqual(3);
|
||||||
expect(lastLookBackDate).toEqual(new Date('2020-04-20T21:27:45+0000'));
|
expect(lastLookBackDate).toEqual(new Date('2020-04-20T21:27:45+0000'));
|
||||||
});
|
});
|
||||||
|
|
|
@ -87,25 +87,14 @@ export const searchAfterAndBulkCreate = async ({
|
||||||
let mergedSearchResults = createSearchResultReturnType();
|
let mergedSearchResults = createSearchResultReturnType();
|
||||||
logger.debug(buildRuleMessage(`sortIds: ${sortId}`));
|
logger.debug(buildRuleMessage(`sortIds: ${sortId}`));
|
||||||
|
|
||||||
// perform search_after with optionally undefined sortId
|
|
||||||
const singleSearchAfterPromise = singleSearchAfter({
|
|
||||||
buildRuleMessage,
|
|
||||||
searchAfterSortId: sortId,
|
|
||||||
index: inputIndexPattern,
|
|
||||||
from: tuple.from.toISOString(),
|
|
||||||
to: tuple.to.toISOString(),
|
|
||||||
services,
|
|
||||||
logger,
|
|
||||||
filter,
|
|
||||||
pageSize: tuple.maxSignals < pageSize ? Math.ceil(tuple.maxSignals) : pageSize, // maximum number of docs to receive per search result.
|
|
||||||
timestampOverride: ruleParams.timestampOverride,
|
|
||||||
excludeDocsWithTimestampOverride: false,
|
|
||||||
});
|
|
||||||
|
|
||||||
// if there is a timestampOverride param we always want to do a secondary search against @timestamp
|
// if there is a timestampOverride param we always want to do a secondary search against @timestamp
|
||||||
if (ruleParams.timestampOverride != null && hasBackupSortId) {
|
if (ruleParams.timestampOverride != null && hasBackupSortId) {
|
||||||
// only execute search if we have something to sort on or if it is the first search
|
// only execute search if we have something to sort on or if it is the first search
|
||||||
const singleSearchAfterDefaultTimestamp = singleSearchAfter({
|
const {
|
||||||
|
searchResult: searchResultB,
|
||||||
|
searchDuration: searchDurationB,
|
||||||
|
searchErrors: searchErrorsB,
|
||||||
|
} = await singleSearchAfter({
|
||||||
buildRuleMessage,
|
buildRuleMessage,
|
||||||
searchAfterSortId: backupSortId,
|
searchAfterSortId: backupSortId,
|
||||||
index: inputIndexPattern,
|
index: inputIndexPattern,
|
||||||
|
@ -118,11 +107,6 @@ export const searchAfterAndBulkCreate = async ({
|
||||||
timestampOverride: ruleParams.timestampOverride,
|
timestampOverride: ruleParams.timestampOverride,
|
||||||
excludeDocsWithTimestampOverride: true,
|
excludeDocsWithTimestampOverride: true,
|
||||||
});
|
});
|
||||||
const {
|
|
||||||
searchResult: searchResultB,
|
|
||||||
searchDuration: searchDurationB,
|
|
||||||
searchErrors: searchErrorsB,
|
|
||||||
} = await singleSearchAfterDefaultTimestamp;
|
|
||||||
|
|
||||||
// call this function setSortIdOrExit()
|
// call this function setSortIdOrExit()
|
||||||
const lastSortId = searchResultB?.hits?.hits[searchResultB.hits.hits.length - 1]?.sort;
|
const lastSortId = searchResultB?.hits?.hits[searchResultB.hits.hits.length - 1]?.sort;
|
||||||
|
@ -153,7 +137,19 @@ export const searchAfterAndBulkCreate = async ({
|
||||||
|
|
||||||
if (hasSortId) {
|
if (hasSortId) {
|
||||||
// only execute search if we have something to sort on or if it is the first search
|
// only execute search if we have something to sort on or if it is the first search
|
||||||
const { searchResult, searchDuration, searchErrors } = await singleSearchAfterPromise;
|
const { searchResult, searchDuration, searchErrors } = await singleSearchAfter({
|
||||||
|
buildRuleMessage,
|
||||||
|
searchAfterSortId: sortId,
|
||||||
|
index: inputIndexPattern,
|
||||||
|
from: tuple.from.toISOString(),
|
||||||
|
to: tuple.to.toISOString(),
|
||||||
|
services,
|
||||||
|
logger,
|
||||||
|
filter,
|
||||||
|
pageSize: tuple.maxSignals < pageSize ? Math.ceil(tuple.maxSignals) : pageSize, // maximum number of docs to receive per search result.
|
||||||
|
timestampOverride: ruleParams.timestampOverride,
|
||||||
|
excludeDocsWithTimestampOverride: false,
|
||||||
|
});
|
||||||
mergedSearchResults = mergeSearchResults([mergedSearchResults, searchResult]);
|
mergedSearchResults = mergeSearchResults([mergedSearchResults, searchResult]);
|
||||||
toReturn = mergeReturns([
|
toReturn = mergeReturns([
|
||||||
toReturn,
|
toReturn,
|
||||||
|
|
Loading…
Reference in a new issue