[Security Solution][Detections] Await promises to ensure promise rejection does not crash kibana (#88564)
* Await promises to ensure promise rejection does not crash kibana * Fix test Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
parent
6e3ac2a954
commit
90f2abd361
|
@ -225,7 +225,7 @@ describe('searchAfterAndBulkCreate', () => {
|
|||
buildRuleMessage,
|
||||
});
|
||||
expect(success).toEqual(true);
|
||||
expect(mockService.callCluster).toHaveBeenCalledTimes(8);
|
||||
expect(mockService.callCluster).toHaveBeenCalledTimes(7);
|
||||
expect(createdSignalsCount).toEqual(3);
|
||||
expect(lastLookBackDate).toEqual(new Date('2020-04-20T21:27:45+0000'));
|
||||
});
|
||||
|
|
|
@ -87,25 +87,14 @@ export const searchAfterAndBulkCreate = async ({
|
|||
let mergedSearchResults = createSearchResultReturnType();
|
||||
logger.debug(buildRuleMessage(`sortIds: ${sortId}`));
|
||||
|
||||
// perform search_after with optionally undefined sortId
|
||||
const singleSearchAfterPromise = singleSearchAfter({
|
||||
buildRuleMessage,
|
||||
searchAfterSortId: sortId,
|
||||
index: inputIndexPattern,
|
||||
from: tuple.from.toISOString(),
|
||||
to: tuple.to.toISOString(),
|
||||
services,
|
||||
logger,
|
||||
filter,
|
||||
pageSize: tuple.maxSignals < pageSize ? Math.ceil(tuple.maxSignals) : pageSize, // maximum number of docs to receive per search result.
|
||||
timestampOverride: ruleParams.timestampOverride,
|
||||
excludeDocsWithTimestampOverride: false,
|
||||
});
|
||||
|
||||
// if there is a timestampOverride param we always want to do a secondary search against @timestamp
|
||||
if (ruleParams.timestampOverride != null && hasBackupSortId) {
|
||||
// only execute search if we have something to sort on or if it is the first search
|
||||
const singleSearchAfterDefaultTimestamp = singleSearchAfter({
|
||||
const {
|
||||
searchResult: searchResultB,
|
||||
searchDuration: searchDurationB,
|
||||
searchErrors: searchErrorsB,
|
||||
} = await singleSearchAfter({
|
||||
buildRuleMessage,
|
||||
searchAfterSortId: backupSortId,
|
||||
index: inputIndexPattern,
|
||||
|
@ -118,11 +107,6 @@ export const searchAfterAndBulkCreate = async ({
|
|||
timestampOverride: ruleParams.timestampOverride,
|
||||
excludeDocsWithTimestampOverride: true,
|
||||
});
|
||||
const {
|
||||
searchResult: searchResultB,
|
||||
searchDuration: searchDurationB,
|
||||
searchErrors: searchErrorsB,
|
||||
} = await singleSearchAfterDefaultTimestamp;
|
||||
|
||||
// call this function setSortIdOrExit()
|
||||
const lastSortId = searchResultB?.hits?.hits[searchResultB.hits.hits.length - 1]?.sort;
|
||||
|
@ -153,7 +137,19 @@ export const searchAfterAndBulkCreate = async ({
|
|||
|
||||
if (hasSortId) {
|
||||
// only execute search if we have something to sort on or if it is the first search
|
||||
const { searchResult, searchDuration, searchErrors } = await singleSearchAfterPromise;
|
||||
const { searchResult, searchDuration, searchErrors } = await singleSearchAfter({
|
||||
buildRuleMessage,
|
||||
searchAfterSortId: sortId,
|
||||
index: inputIndexPattern,
|
||||
from: tuple.from.toISOString(),
|
||||
to: tuple.to.toISOString(),
|
||||
services,
|
||||
logger,
|
||||
filter,
|
||||
pageSize: tuple.maxSignals < pageSize ? Math.ceil(tuple.maxSignals) : pageSize, // maximum number of docs to receive per search result.
|
||||
timestampOverride: ruleParams.timestampOverride,
|
||||
excludeDocsWithTimestampOverride: false,
|
||||
});
|
||||
mergedSearchResults = mergeSearchResults([mergedSearchResults, searchResult]);
|
||||
toReturn = mergeReturns([
|
||||
toReturn,
|
||||
|
|
Loading…
Reference in a new issue