maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

[Security Solution] Fix timelineEventsAll field expansion for heterogeneous document schemas (#105452)

Browse source 
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Felix Stürmer 2021-07-22 11:07:58 +02:00 committed by GitHub
parent e383b57ba1
commit a09fcf017d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
x-pack/plugins/timelines/server/search_strategy/timeline/factory/events/all/index.ts
View file

@ -42,7 +42,8 @@ export const timelineEventsAll: TimelineFactory<TimelineEventsQueries.all> = {
const hits = response.rawResponse.hits.hits;
if (fieldRequested.includes('*') && hits.length > 0) {
fieldRequested = Object.keys(hits[0]?.fields ?? {}).reduce((acc, f) => {
const fieldsReturned = hits.flatMap((hit) => Object.keys(hit.fields ?? {}));
fieldRequested = fieldsReturned.reduce((acc, f) => {
if (!acc.includes(f)) {
return [...acc, f];
}
@ -59,6 +60,7 @@ export const timelineEventsAll: TimelineFactory<TimelineEventsQueries.all> = {
)
)
);
const inspect = {
dsl: [inspectStringifyObject(buildTimelineEventsAllQuery(queryOptions))],
};