From bcfc02987f3fa6e29a08336fbdbcb144579debec Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Tue, 19 May 2020 11:24:53 -0400 Subject: [PATCH] [SIEMDPOINT] Move endpoint to siem (#66907) * adds the stuff * keeps moving stuff * finishes moving the stuff * moves tests * fix type * try moving it all at once. BROKEN * move endpoint to siem * fix package coming from endpoint * missing scripts + change url * fix eslint * temporary disable functional testing for endpoint * fix api integration types * allow api integration test + comment functional test * fix internationalization * fix internationalization II * fix jest test * fix x-pack test * fix i18n * fix api integration * fix circular dependency * add new dependency to cypress test Co-authored-by: Davis Plumlee Co-authored-by: oatkiller Co-authored-by: Elastic Machine --- .../plugins/endpoint/common/schema/README.md | 6 - x-pack/plugins/endpoint/kibana.json | 9 - x-pack/plugins/endpoint/package.json | 18 - .../public/applications/endpoint/README.md | 28 - .../public/applications/endpoint/index.tsx | 30 - .../applications/endpoint/store/action.ts | 21 - .../endpoint/store/alerts/index.ts | 8 - .../endpoint/store/hosts/index.ts | 9 - .../store/immutable_combine_reducers.ts | 13 - .../applications/endpoint/store/index.ts | 84 --- .../applications/endpoint/store/reducer.ts | 20 - .../public/applications/endpoint/types.ts | 395 ----------- .../view/alerts/details/overview/index.tsx | 123 ---- .../view/alerts/hooks/use_alerts_selector.ts | 12 - .../endpoint/view/alerts/resolver.tsx | 38 -- .../alerts/test_helpers/render_alert_page.tsx | 59 -- .../applications/endpoint/view/app_root.tsx | 59 -- .../view/components/header_navigation.tsx | 78 --- .../models/process_event_test_helpers.ts | 49 -- .../embeddables/resolver/view/edge_line.tsx | 78 --- .../resolver/view/graph_controls.tsx | 181 ------ .../resolver/view/process_event_dot.tsx | 605 ----------------- x-pack/plugins/endpoint/public/index.ts | 21 - x-pack/plugins/endpoint/public/plugin.ts | 71 -- x-pack/plugins/endpoint/server/index.ts | 26 - x-pack/plugins/endpoint/server/plugin.test.ts | 59 -- x-pack/plugins/endpoint/server/plugin.ts | 108 --- .../server/routes/alerts/details/index.ts | 8 - .../server/routes/alerts/list/index.ts | 7 - .../endpoint/server/routes/alerts/types.ts | 99 --- .../endpoint/server/routes/index_pattern.ts | 43 -- x-pack/plugins/endpoint/yarn.lock | 1 - .../common/endpoint}/generate_data.test.ts | 0 .../common/endpoint}/generate_data.ts | 6 +- .../common/endpoint}/models/event.ts | 0 .../common/endpoint}/models/policy_config.ts | 0 .../common/endpoint}/schema/policy.ts | 0 .../common/endpoint}/schema/resolver.ts | 0 .../common => siem/common/endpoint}/types.ts | 108 +-- .../endpoint_alerts}/alert_constants.ts | 0 .../endpoint_alerts}/schema/alert_index.ts | 26 +- .../endpoint_alerts}/schema/index_pattern.ts | 0 .../siem/common/endpoint_alerts/types.ts | 272 ++++++++ x-pack/plugins/siem/kibana.json | 2 + x-pack/plugins/siem/package.json | 8 +- x-pack/plugins/siem/public/app/app.tsx | 5 +- .../view => siem/public/app/home}/setup.tsx | 6 +- x-pack/plugins/siem/public/app/index.tsx | 2 +- x-pack/plugins/siem/public/app/routes.tsx | 19 +- x-pack/plugins/siem/public/app/types.ts | 27 +- .../__snapshots__/link_to_app.test.tsx.snap | 0 .../__snapshots__/page_view.test.tsx.snap | 44 +- .../endpoint}/formatted_date_time.tsx | 0 .../components/endpoint}/link_to_app.test.tsx | 24 +- .../components/endpoint}/link_to_app.tsx | 6 +- .../components/endpoint}/page_view.test.tsx | 22 +- .../common/components/endpoint}/page_view.tsx | 5 + .../components/endpoint}/route_capture.tsx | 7 +- .../navigation/breadcrumbs/index.ts | 2 +- .../siem/public/common/hooks/api/api.tsx | 2 +- ..._navigate_by_router_event_handler.test.tsx | 5 +- .../use_navigate_by_router_event_handler.ts | 0 .../use_navigate_to_app_event_handler.ts | 2 +- .../public/common/lib/kibana/kibana_react.ts | 2 +- .../siem/public/common/lib/telemetry/index.ts | 2 +- .../mock/endpoint}/app_context_render.tsx | 51 +- .../mock/endpoint}/app_root_provider.tsx | 14 +- .../mock/endpoint}/dependencies_start_mock.ts | 0 .../public/common/mock/endpoint}/index.ts | 0 .../siem/public/common/mock/global_state.ts | 13 + .../plugins/siem/public/common/mock/utils.ts | 8 + .../siem/public/common/store/actions.ts | 13 + .../plugins/siem/public/common/store/index.ts | 14 + .../siem/public/common/store/reducer.ts | 36 +- .../public/common}/store/routing/action.ts | 5 +- .../public/common}/store/routing/index.ts | 0 .../plugins/siem/public/common/store/store.ts | 19 +- .../public/common}/store/test_utils.ts | 8 +- .../plugins/siem/public/common/store/types.ts | 105 +++ .../index.ts => siem/public/common/types.ts} | 6 +- .../utils}/clone_http_fetch_query.test.ts | 4 +- .../common/utils}/clone_http_fetch_query.ts | 4 +- .../components}/formatted_date.tsx | 2 + .../siem/public/endpoint_alerts/index.ts | 39 ++ .../endpoint_alerts}/models/index_pattern.ts | 4 +- .../public/endpoint_alerts/routes.tsx} | 13 +- .../public/endpoint_alerts/store}/action.ts | 4 +- .../store}/alert_details.test.ts | 19 +- .../endpoint_alerts/store}/alert_list.test.ts | 13 +- .../store}/alert_list_pagination.test.ts | 27 +- .../public/endpoint_alerts/store/index.ts | 20 + .../endpoint_alerts/store}/middleware.ts | 17 +- .../store}/mock_alert_result_list.ts | 6 +- .../public/endpoint_alerts/store}/reducer.ts | 10 +- .../endpoint_alerts/store}/selectors.ts | 16 +- .../view}/alert_details.test.tsx | 17 +- .../endpoint_alerts/view}/details/index.ts | 0 .../view}/details/metadata/file_accordion.tsx | 36 +- .../details/metadata/general_accordion.tsx | 25 +- .../view}/details/metadata/hash_accordion.tsx | 12 +- .../view}/details/metadata/host_accordion.tsx | 61 +- .../view}/details/metadata/index.ts | 0 .../metadata/source_process_accordion.tsx | 42 +- .../source_process_token_accordion.tsx | 17 +- .../view/details/overview/index.tsx | 125 ++++ .../view}/details/overview/metadata_panel.tsx | 4 +- .../details/overview/take_action_dropdown.tsx | 10 +- .../endpoint_alerts/view/formatted_date.tsx | 24 + .../view/hooks/use_alerts_selector.ts | 17 + .../endpoint_alerts/view}/index.test.tsx | 27 +- .../public/endpoint_alerts/view}/index.tsx | 42 +- .../view}/index_search_bar.tsx | 16 +- .../public/endpoint_alerts/view/resolver.tsx | 39 ++ .../view/test_helpers/render_alert_page.tsx | 63 ++ .../view}/url_from_query_params.ts | 9 +- .../siem/public/endpoint_hosts/index.ts | 38 ++ .../public/endpoint_hosts/routes.tsx} | 13 +- .../public/endpoint_hosts/store}/action.ts | 4 +- .../store}/host_pagination.test.ts | 27 +- .../endpoint_hosts/store}/index.test.ts | 2 +- .../siem/public/endpoint_hosts/store/index.ts | 22 + .../endpoint_hosts/store}/middleware.test.ts | 18 +- .../endpoint_hosts/store}/middleware.ts | 10 +- .../store}/mock_host_result_list.ts | 4 +- .../public/endpoint_hosts/store}/reducer.ts | 11 +- .../public/endpoint_hosts/store}/selectors.ts | 8 +- .../siem/public/endpoint_hosts/types.ts | 57 ++ .../details/components/flyout_sub_header.tsx | 2 + .../view}/details/host_details.tsx | 34 +- .../endpoint_hosts/view}/details/index.tsx | 24 +- .../view}/details/policy_response.tsx | 23 +- .../details/policy_response_friendly_names.ts | 61 +- .../public/endpoint_hosts/view}/hooks.ts | 9 +- .../endpoint_hosts/view}/host_constants.ts | 2 +- .../endpoint_hosts/view}/index.test.tsx | 25 +- .../public/endpoint_hosts/view}/index.tsx | 48 +- .../view}/url_from_query_params.ts | 9 +- .../siem/public/endpoint_policy/details.ts | 41 ++ .../siem/public/endpoint_policy/list.ts | 41 ++ .../models/policy_details_config.ts | 2 +- .../siem/public/endpoint_policy/routes.tsx | 18 + .../store/policy_details/action.ts | 7 +- .../store/policy_details/index.test.ts | 2 +- .../store/policy_details/index.ts | 22 + .../store/policy_details/middleware.ts | 11 +- .../store/policy_details/reducer.ts | 10 +- .../store/policy_details/selectors.ts | 4 +- .../store/policy_list/action.ts | 4 +- .../store/policy_list/index.test.ts | 65 +- .../store/policy_list/index.ts | 21 + .../store/policy_list/middleware.ts | 9 +- .../store/policy_list/reducer.ts | 9 +- .../store/policy_list/selectors.ts | 2 +- .../store/policy_list/services/ingest.test.ts | 4 +- .../store/policy_list/services/ingest.ts | 6 +- .../store/policy_list/test_mock_utils.ts | 2 +- .../siem/public/endpoint_policy/types.ts | 173 +++++ .../endpoint_policy/view}/agents_summary.tsx | 10 +- .../public/endpoint_policy/view}/index.ts | 0 .../view}/policy_details.test.tsx | 11 +- .../endpoint_policy/view}/policy_details.tsx | 67 +- .../view}/policy_forms/config_form.tsx | 6 +- .../view}/policy_forms/events/checkbox.tsx | 12 +- .../view}/policy_forms/events/index.tsx | 0 .../view}/policy_forms/events/linux.tsx | 24 +- .../view}/policy_forms/events/mac.tsx | 26 +- .../view}/policy_forms/events/windows.tsx | 42 +- .../policy_forms/protections/malware.tsx | 36 +- .../endpoint_policy/view}/policy_hooks.ts | 7 +- .../endpoint_policy/view}/policy_list.tsx | 33 +- .../endpoint_policy/view}/vertical_divider.ts | 2 +- x-pack/plugins/siem/public/index.ts | 3 +- x-pack/plugins/siem/public/plugin.tsx | 86 +-- .../public}/resolver/documentation/camera.md | 0 .../public}/resolver/embeddable.tsx | 2 +- .../public}/resolver/factory.ts | 4 +- .../public}/resolver/index.ts | 0 .../public}/resolver/lib/math.ts | 0 .../public}/resolver/lib/matrix3.test.ts | 0 .../public}/resolver/lib/matrix3.ts | 0 .../resolver/lib/transformation.test.ts | 0 .../public}/resolver/lib/transformation.ts | 0 .../public}/resolver/lib/tree_sequencers.ts | 0 .../public}/resolver/lib/vector2.ts | 0 .../resolver/models/indexed_process_tree.ts | 2 +- .../resolver/models/process_event.test.ts | 3 +- .../public}/resolver/models/process_event.ts | 4 +- .../models/process_event_test_helpers.ts | 42 ++ .../public}/resolver/store/actions.ts | 2 +- .../public}/resolver/store/camera/action.ts | 0 .../resolver/store/camera/animation.test.ts | 0 .../public}/resolver/store/camera/index.ts | 0 .../camera/inverse_projection_matrix.test.ts | 0 .../public}/resolver/store/camera/methods.ts | 0 .../resolver/store/camera/panning.test.ts | 0 .../store/camera/projection_matrix.test.ts | 0 .../public}/resolver/store/camera/reducer.ts | 0 .../resolver/store/camera/scale_to_zoom.ts | 0 .../store/camera/scaling_constants.ts | 0 .../resolver/store/camera/selectors.ts | 0 .../resolver/store/camera/test_helpers.ts | 0 .../resolver/store/camera/zooming.test.ts | 0 .../data/__snapshots__/graphing.test.ts.snap | 0 .../public}/resolver/store/data/action.ts | 2 +- .../resolver/store/data/graphing.test.ts | 2 +- .../public}/resolver/store/data/index.ts | 0 .../public}/resolver/store/data/reducer.ts | 0 .../public}/resolver/store/data/sample.ts | 0 .../resolver/store/data/selectors.test.ts | 118 ++-- .../public}/resolver/store/data/selectors.ts | 7 +- .../public}/resolver/store/index.ts | 6 +- .../public}/resolver/store/methods.ts | 2 +- .../public}/resolver/store/middleware.ts | 11 +- .../public}/resolver/store/reducer.ts | 0 .../public}/resolver/store/selectors.ts | 0 .../public}/resolver/store/ui/selectors.ts | 0 .../public}/resolver/types.ts | 4 +- .../public}/resolver/view/defs.tsx | 36 +- .../siem/public/resolver/view/edge_line.tsx | 80 +++ .../public/resolver/view/graph_controls.tsx | 188 ++++++ .../public}/resolver/view/index.tsx | 12 +- .../public}/resolver/view/panel.tsx | 45 +- .../resolver/view/process_event_dot.tsx | 614 ++++++++++++++++++ .../resolver/view/side_effect_context.ts | 0 .../resolver/view/side_effect_simulator.ts | 0 .../public}/resolver/view/submenu.tsx | 360 +++++----- .../public}/resolver/view/use_camera.test.tsx | 2 +- .../public}/resolver/view/use_camera.ts | 0 .../resolver/view/use_resolver_dispatch.ts | 0 x-pack/plugins/siem/public/types.ts | 47 ++ .../scripts/endpoint}/README.md | 2 +- .../scripts/endpoint}/alert_mapping.json | 0 .../scripts/endpoint}/cli_tsconfig.json | 3 +- .../scripts/endpoint}/event_mapping.json | 0 .../scripts/endpoint}/policy_mapping.json | 0 .../scripts/endpoint}/resolver_generator.ts | 10 +- x-pack/plugins/siem/server/config.ts | 13 + .../endpoint/alerts/handlers}/alerts.test.ts | 10 +- .../alerts/handlers/details/index.ts} | 8 +- .../handlers}/details/lib/pagination.ts | 18 +- .../alerts/handlers}/details/schemas.ts | 0 .../endpoint/alerts/handlers/index_pattern.ts | 28 + .../endpoint/alerts/handlers}/lib/alert_id.ts | 0 .../endpoint/alerts/handlers}/lib/error.ts | 1 + .../endpoint/alerts/handlers}/lib/index.ts | 13 +- .../alerts/handlers}/lib/pagination.ts | 2 +- .../endpoint/alerts/handlers/list/index.ts} | 2 +- .../alerts/handlers}/list/lib/index.ts | 10 +- .../alerts/handlers}/list/lib/pagination.ts | 7 +- .../server/endpoint/alerts}/index_pattern.ts | 8 +- .../server/endpoint/alerts/routes.ts} | 24 +- .../server/endpoint}/config.test.ts | 0 .../server => siem/server/endpoint}/config.ts | 0 .../endpoint_app_context_services.test.ts | 0 .../endpoint_app_context_services.ts | 4 +- .../server => siem/server/endpoint}/mocks.ts | 4 +- .../server/endpoint}/routes/metadata/index.ts | 12 +- .../routes/metadata/metadata.test.ts | 18 +- .../routes/metadata/query_builders.test.ts | 10 +- .../routes/metadata/query_builders.ts | 6 +- .../endpoint}/routes/policy/handlers.test.ts | 14 +- .../endpoint}/routes/policy/handlers.ts | 2 +- .../server/endpoint}/routes/policy/index.ts | 2 +- .../endpoint}/routes/policy/service.test.ts | 2 +- .../server/endpoint}/routes/policy/service.ts | 2 +- .../server/endpoint}/routes/resolver.ts | 2 +- .../endpoint}/routes/resolver/ancestry.ts | 2 +- .../endpoint}/routes/resolver/children.ts | 2 +- .../endpoint}/routes/resolver/events.ts | 2 +- .../endpoint}/routes/resolver/queries/base.ts | 4 +- .../routes/resolver/queries/children.test.ts | 0 .../routes/resolver/queries/children.ts | 0 .../routes/resolver/queries/events.test.ts | 0 .../routes/resolver/queries/events.ts | 2 +- .../queries/legacy_event_index_pattern.ts | 0 .../routes/resolver/queries/lifecycle.test.ts | 0 .../routes/resolver/queries/lifecycle.ts | 2 +- .../routes/resolver/queries/stats.test.ts | 0 .../routes/resolver/queries/stats.ts | 6 +- .../server/endpoint}/routes/resolver/tree.ts | 2 +- .../endpoint}/routes/resolver/utils/fetch.ts | 2 +- .../routes/resolver/utils/pagination.ts | 16 +- .../endpoint}/routes/resolver/utils/tree.ts | 4 +- .../test_data/all_metadata_data.json | 0 .../server => siem/server/endpoint}/types.ts | 4 +- .../routes/__mocks__/index.ts | 6 + x-pack/plugins/siem/server/plugin.ts | 40 +- .../translations/translations/ja-JP.json | 195 +++--- .../translations/translations/zh-CN.json | 195 +++--- x-pack/scripts/functional_tests.js | 3 - .../endpoint/{alerts.ts => alerts/index.ts} | 6 +- .../endpoint/{ => alerts}/index_pattern.ts | 2 +- .../api_integration/apis/endpoint/index.ts | 2 +- .../apis/features/features/features.ts | 1 - .../apis/security/privileges.ts | 1 - .../apis/security/privileges_basic.ts | 1 - x-pack/test/api_integration/config.js | 4 +- .../apis/{alerts.ts => alerts/index.ts} | 2 +- .../apis/{ => alerts}/index_pattern.ts | 2 +- .../apis/index.ts | 2 +- x-pack/test/functional_endpoint/config.ts | 1 - .../services/endpoint_policy.ts | 4 +- x-pack/test/plugin_functional/config.ts | 1 - x-pack/test/reporting/configs/chromium_api.js | 1 - x-pack/test/siem_cypress/config.ts | 3 + yarn.lock | 10 - 306 files changed, 3898 insertions(+), 3779 deletions(-) delete mode 100644 x-pack/plugins/endpoint/common/schema/README.md delete mode 100644 x-pack/plugins/endpoint/kibana.json delete mode 100644 x-pack/plugins/endpoint/package.json delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/README.md delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/index.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/types.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx delete mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx delete mode 100644 x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx delete mode 100644 x-pack/plugins/endpoint/public/index.ts delete mode 100644 x-pack/plugins/endpoint/public/plugin.ts delete mode 100644 x-pack/plugins/endpoint/server/index.ts delete mode 100644 x-pack/plugins/endpoint/server/plugin.test.ts delete mode 100644 x-pack/plugins/endpoint/server/plugin.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/alerts/details/index.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/alerts/list/index.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/alerts/types.ts delete mode 100644 x-pack/plugins/endpoint/server/routes/index_pattern.ts delete mode 120000 x-pack/plugins/endpoint/yarn.lock rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/generate_data.test.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/generate_data.ts (99%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/models/event.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/models/policy_config.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/schema/policy.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/schema/resolver.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint}/types.ts (86%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint_alerts}/alert_constants.ts (100%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint_alerts}/schema/alert_index.ts (78%) rename x-pack/plugins/{endpoint/common => siem/common/endpoint_alerts}/schema/index_pattern.ts (100%) create mode 100644 x-pack/plugins/siem/common/endpoint_alerts/types.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/app/home}/setup.tsx (87%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/__snapshots__/link_to_app.test.tsx.snap (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/__snapshots__/page_view.test.tsx.snap (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/common/components/endpoint}/formatted_date_time.tsx (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/link_to_app.test.tsx (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/link_to_app.tsx (83%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/page_view.test.tsx (80%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/components => siem/public/common/components/endpoint}/page_view.tsx (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/common/components/endpoint}/route_capture.tsx (77%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hooks => siem/public/common/hooks/endpoint}/use_navigate_by_router_event_handler.test.tsx (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hooks => siem/public/common/hooks/endpoint}/use_navigate_by_router_event_handler.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hooks => siem/public/common/hooks/endpoint}/use_navigate_to_app_event_handler.ts (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/mocks => siem/public/common/mock/endpoint}/app_context_render.tsx (54%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view => siem/public/common/mock/endpoint}/app_root_provider.tsx (83%) rename x-pack/plugins/{endpoint/public/applications/endpoint/mocks => siem/public/common/mock/endpoint}/dependencies_start_mock.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/mocks => siem/public/common/mock/endpoint}/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/common}/store/routing/action.ts (68%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/common}/store/routing/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/common}/store/test_utils.ts (95%) rename x-pack/plugins/{endpoint/server/routes/alerts/details/lib/index.ts => siem/public/common/types.ts} (72%) rename x-pack/plugins/{endpoint/public/common => siem/public/common/utils}/clone_http_fetch_query.test.ts (85%) rename x-pack/plugins/{endpoint/public/common => siem/public/common/utils}/clone_http_fetch_query.ts (82%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/components}/formatted_date.tsx (93%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_alerts}/models/index_pattern.ts (78%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/policy_list/index.ts => siem/public/endpoint_alerts/routes.tsx} (50%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/action.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/alert_details.test.ts (83%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/alert_list.test.ts (85%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/alert_list_pagination.test.ts (80%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/store/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/middleware.ts (79%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/mock_alert_result_list.ts (89%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/reducer.ts (82%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/alerts => siem/public/endpoint_alerts/store}/selectors.ts (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/alert_details.test.tsx (87%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/file_accordion.tsx (60%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/general_accordion.tsx (64%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/hash_accordion.tsx (70%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/host_accordion.tsx (50%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/source_process_accordion.tsx (58%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/metadata/source_process_token_accordion.tsx (68%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/index.tsx rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/overview/metadata_panel.tsx (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/details/overview/take_action_dropdown.tsx (83%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/index.test.tsx (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/index.tsx (81%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/index_search_bar.tsx (87%) create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx create mode 100644 x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx rename x-pack/plugins/{endpoint/public/applications/endpoint/view/alerts => siem/public/endpoint_alerts/view}/url_from_query_params.ts (74%) create mode 100644 x-pack/plugins/siem/public/endpoint_hosts/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/store/policy_details/index.ts => siem/public/endpoint_hosts/routes.tsx} (51%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/action.ts (93%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/host_pagination.test.ts (91%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/index.test.ts (98%) create mode 100644 x-pack/plugins/siem/public/endpoint_hosts/store/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/middleware.test.ts (86%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/middleware.ts (91%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/mock_host_result_list.ts (90%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/reducer.ts (92%) rename x-pack/plugins/{endpoint/public/applications/endpoint/store/hosts => siem/public/endpoint_hosts/store}/selectors.ts (95%) create mode 100644 x-pack/plugins/siem/public/endpoint_hosts/types.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/components/flyout_sub_header.tsx (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/host_details.tsx (76%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/index.tsx (86%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/policy_response.tsx (95%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/details/policy_response_friendly_names.ts (54%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/hooks.ts (78%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/host_constants.ts (87%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/index.test.tsx (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/index.tsx (76%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/hosts => siem/public/endpoint_hosts/view}/url_from_query_params.ts (58%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/details.ts create mode 100644 x-pack/plugins/siem/public/endpoint_policy/list.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/models/policy_details_config.ts (97%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/routes.tsx rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/action.ts (86%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/index.test.ts (97%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/middleware.ts (88%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/reducer.ts (91%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_details/selectors.ts (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/action.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/index.test.ts (80%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/middleware.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/reducer.ts (84%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/selectors.ts (97%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/services/ingest.test.ts (94%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/services/ingest.ts (93%) rename x-pack/plugins/{endpoint/public/applications/endpoint => siem/public/endpoint_policy}/store/policy_list/test_mock_utils.ts (93%) create mode 100644 x-pack/plugins/siem/public/endpoint_policy/types.ts rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/agents_summary.tsx (82%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/index.ts (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_details.test.tsx (96%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_details.tsx (74%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/config_form.tsx (93%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/checkbox.tsx (80%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/index.tsx (100%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/linux.tsx (74%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/mac.tsx (71%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/events/windows.tsx (67%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_forms/protections/malware.tsx (79%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_hooks.ts (63%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/policy_list.tsx (79%) rename x-pack/plugins/{endpoint/public/applications/endpoint/view/policy => siem/public/endpoint_policy/view}/vertical_divider.ts (91%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/documentation/camera.md (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/embeddable.tsx (93%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/factory.ts (85%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/index.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/math.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/matrix3.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/matrix3.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/transformation.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/transformation.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/tree_sequencers.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/lib/vector2.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/models/indexed_process_tree.ts (98%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/models/process_event.test.ts (92%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/models/process_event.ts (95%) create mode 100644 x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/actions.ts (98%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/action.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/animation.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/index.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/inverse_projection_matrix.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/methods.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/panning.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/projection_matrix.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/reducer.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/scale_to_zoom.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/scaling_constants.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/selectors.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/test_helpers.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/camera/zooming.test.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/__snapshots__/graphing.test.ts.snap (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/action.ts (94%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/graphing.test.ts (99%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/index.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/reducer.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/sample.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/selectors.test.ts (95%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/data/selectors.ts (99%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/index.ts (82%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/methods.ts (93%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/middleware.ts (93%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/reducer.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/selectors.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/store/ui/selectors.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/types.ts (98%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/defs.tsx (95%) create mode 100644 x-pack/plugins/siem/public/resolver/view/edge_line.tsx create mode 100644 x-pack/plugins/siem/public/resolver/view/graph_controls.tsx rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/index.tsx (94%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/panel.tsx (77%) create mode 100644 x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/side_effect_context.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/side_effect_simulator.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/submenu.tsx (51%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/use_camera.test.tsx (99%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/use_camera.ts (100%) rename x-pack/plugins/{endpoint/public/embeddables => siem/public}/resolver/view/use_resolver_dispatch.ts (100%) create mode 100644 x-pack/plugins/siem/public/types.ts rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/README.md (97%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/alert_mapping.json (100%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/cli_tsconfig.json (68%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/event_mapping.json (100%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/policy_mapping.json (100%) rename x-pack/plugins/{endpoint/scripts => siem/scripts/endpoint}/resolver_generator.ts (93%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/alerts.test.ts (89%) rename x-pack/plugins/{endpoint/server/routes/alerts/details/handlers.ts => siem/server/endpoint/alerts/handlers/details/index.ts} (89%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/details/lib/pagination.ts (81%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/details/schemas.ts (100%) create mode 100644 x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/alert_id.ts (100%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/error.ts (82%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/index.ts (90%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/lib/pagination.ts (89%) rename x-pack/plugins/{endpoint/server/routes/alerts/list/handlers.ts => siem/server/endpoint/alerts/handlers/list/index.ts} (93%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/list/lib/index.ts (93%) rename x-pack/plugins/{endpoint/server/routes/alerts => siem/server/endpoint/alerts/handlers}/list/lib/pagination.ts (93%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint/alerts}/index_pattern.ts (91%) rename x-pack/plugins/{endpoint/server/routes/alerts/index.ts => siem/server/endpoint/alerts/routes.ts} (50%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/config.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/config.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/endpoint_app_context_services.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/endpoint_app_context_services.ts (91%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/mocks.ts (96%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/index.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/metadata.test.ts (95%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/query_builders.test.ts (91%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/metadata/query_builders.ts (88%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/handlers.test.ts (90%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/handlers.ts (93%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/index.ts (90%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/service.test.ts (86%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/policy/service.ts (97%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver.ts (96%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/ancestry.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/children.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/events.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/base.ts (91%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/children.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/children.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/events.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/events.ts (95%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/legacy_event_index_pattern.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/lifecycle.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/lifecycle.ts (94%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/stats.test.ts (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/queries/stats.ts (93%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/tree.ts (95%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/utils/fetch.ts (97%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/utils/pagination.ts (83%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/routes/resolver/utils/tree.ts (98%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/test_data/all_metadata_data.json (100%) rename x-pack/plugins/{endpoint/server => siem/server/endpoint}/types.ts (86%) rename x-pack/test/api_integration/apis/endpoint/{alerts.ts => alerts/index.ts} (98%) rename x-pack/test/api_integration/apis/endpoint/{ => alerts}/index_pattern.ts (94%) rename x-pack/test/endpoint_api_integration_no_ingest/apis/{alerts.ts => alerts/index.ts} (93%) rename x-pack/test/endpoint_api_integration_no_ingest/apis/{ => alerts}/index_pattern.ts (90%) diff --git a/x-pack/plugins/endpoint/common/schema/README.md b/x-pack/plugins/endpoint/common/schema/README.md deleted file mode 100644 index 42abedd647e6..000000000000 --- a/x-pack/plugins/endpoint/common/schema/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# Schemas - -These schemas are used to validate, coerce, and provide types for the comms between the client, server, and ES. - -# Future work -In the future, we may be able to locate these under 'server'. diff --git a/x-pack/plugins/endpoint/kibana.json b/x-pack/plugins/endpoint/kibana.json deleted file mode 100644 index 4b48c83fb0e7..000000000000 --- a/x-pack/plugins/endpoint/kibana.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "id": "endpoint", - "version": "1.0.0", - "kibanaVersion": "kibana", - "configPath": ["xpack", "endpoint"], - "requiredPlugins": ["features", "embeddable", "data", "dataEnhanced", "ingestManager"], - "server": true, - "ui": true -} diff --git a/x-pack/plugins/endpoint/package.json b/x-pack/plugins/endpoint/package.json deleted file mode 100644 index fc4f4bd586be..000000000000 --- a/x-pack/plugins/endpoint/package.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "author": "Elastic", - "name": "endpoint", - "version": "0.0.0", - "private": true, - "license": "Elastic-License", - "scripts": { - "test:generate": "ts-node --project scripts/cli_tsconfig.json scripts/resolver_generator.ts" - }, - "dependencies": { - "react-redux": "^7.1.0" - }, - "devDependencies": { - "@types/seedrandom": ">=2.0.0 <4.0.0", - "@types/react-redux": "^7.1.0", - "redux-devtools-extension": "^2.13.8" - } -} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/README.md b/x-pack/plugins/endpoint/public/applications/endpoint/README.md deleted file mode 100644 index 25bfd615d1d2..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/README.md +++ /dev/null @@ -1,28 +0,0 @@ -# Endpoint application -This application provides the user interface for the Elastic Endpoint - -# Architecture -The application consists of a _view_ written in React and a _model_ written in Redux. - -# Modules -We structure the modules to match the architecture. `view` contains the _view_ (all React) code. `store` contains the _model_. - -This section covers the conventions of each top level module. - -# `mocks` -This contains helper code for unit tests. - -## `models` -This contains domain models. By convention, each submodule here contains methods for a single type. Domain model classes would also live here. - -## `store` -This contains the _model_ of the application. All Redux and Redux middleware code (including API interactions) happen here. This module also contains the types and interfaces defining Redux actions. Each action type or interface should be commented and if it has fields, each field should be commented. Comments should be of `tsdoc` style. - -## `view` -This contains the code which renders elements to the DOM. All React code goes here. - -## `index.tsx` -This exports `renderApp` which instantiates the React view with the _model_. - -## `types.ts` -This contains the types and interfaces. All `export`ed types or interfaces (except ones defining Redux actions, which live in `store`) should be here. Each type or interface should have a `tsdoc` style comment. Interfaces should have `tsdoc` comments on each field and types which have fields should do the same. diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx deleted file mode 100644 index a1999c056bf5..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import * as React from 'react'; -import ReactDOM from 'react-dom'; -import { CoreStart, AppMountParameters } from 'kibana/public'; -import { EndpointPluginStartDependencies } from '../../plugin'; -import { appStoreFactory } from './store'; -import { AppRoot } from './view/app_root'; - -/** - * This module will be loaded asynchronously to reduce the bundle size of your plugin's main bundle. - */ -export function renderApp( - coreStart: CoreStart, - depsStart: EndpointPluginStartDependencies, - { element, history }: AppMountParameters -) { - const store = appStoreFactory({ coreStart, depsStart }); - ReactDOM.render( - , - element - ); - return () => { - ReactDOM.unmountComponentAtNode(element); - }; -} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts deleted file mode 100644 index a32ecb4b4556..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { HostAction } from './hosts'; -import { AlertAction } from './alerts'; -import { RoutingAction } from './routing'; -import { PolicyListAction } from './policy_list'; -import { PolicyDetailsAction } from './policy_details'; - -/** - * The entire set of redux actions recognized by our reducer. - */ -export type AppAction = - | HostAction - | AlertAction - | RoutingAction - | PolicyListAction - | PolicyDetailsAction; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts deleted file mode 100644 index 5545218d9abd..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts +++ /dev/null @@ -1,8 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { alertListReducer } from './reducer'; -export { AlertAction } from './action'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts deleted file mode 100644 index e80d7a82dc8c..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { hostListReducer } from './reducer'; -export { HostAction } from './action'; -export { hostMiddlewareFactory } from './middleware'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts deleted file mode 100644 index 6895f0106fb5..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/immutable_combine_reducers.ts +++ /dev/null @@ -1,13 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { combineReducers } from 'redux'; -import { ImmutableCombineReducers } from '../types'; - -/** - * Works the same as `combineReducers` from `redux`, but uses the `ImmutableCombineReducers` type. - */ -export const immutableCombineReducers: ImmutableCombineReducers = combineReducers; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts deleted file mode 100644 index a4d0b3a8b981..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { createStore, compose, applyMiddleware, Store } from 'redux'; -import { CoreStart } from 'kibana/public'; -import { appReducer } from './reducer'; -import { alertMiddlewareFactory } from './alerts/middleware'; -import { hostMiddlewareFactory } from './hosts'; -import { policyListMiddlewareFactory } from './policy_list'; -import { policyDetailsMiddlewareFactory } from './policy_details'; -import { ImmutableMiddlewareFactory, SubstateMiddlewareFactory } from '../types'; -import { EndpointPluginStartDependencies } from '../../../plugin'; - -const composeWithReduxDevTools = (window as any).__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ - ? (window as any).__REDUX_DEVTOOLS_EXTENSION_COMPOSE__({ name: 'EndpointApp' }) - : compose; - -export const substateMiddlewareFactory: SubstateMiddlewareFactory = (selector, middleware) => { - return api => { - const substateAPI = { - ...api, - // Return just the substate instead of global state. - getState() { - return selector(api.getState()); - }, - }; - return middleware(substateAPI); - }; -}; - -/** - * @param middlewareDeps Optionally create the store without any middleware. This is useful for testing the store w/o side effects. - */ -export const appStoreFactory: (middlewareDeps?: { - /** - * Allow middleware to communicate with Kibana core. - */ - coreStart: CoreStart; - /** - * Give middleware access to plugin start dependencies. - */ - depsStart: EndpointPluginStartDependencies; - /** - * Any additional Redux Middlewares - * (should only be used for testing - example: to inject the action spy middleware) - */ - additionalMiddleware?: Array>; -}) => Store = middlewareDeps => { - let middleware; - if (middlewareDeps) { - const { coreStart, depsStart, additionalMiddleware = [] } = middlewareDeps; - middleware = composeWithReduxDevTools( - applyMiddleware( - substateMiddlewareFactory( - globalState => globalState.hostList, - hostMiddlewareFactory(coreStart, depsStart) - ), - substateMiddlewareFactory( - globalState => globalState.policyList, - policyListMiddlewareFactory(coreStart, depsStart) - ), - substateMiddlewareFactory( - globalState => globalState.policyDetails, - policyDetailsMiddlewareFactory(coreStart, depsStart) - ), - substateMiddlewareFactory( - globalState => globalState.alertList, - alertMiddlewareFactory(coreStart, depsStart) - ), - // Additional Middleware should go last - ...additionalMiddleware - ) - ); - } else { - // Create the store without any middleware. This is useful for testing the store w/o side effects. - middleware = undefined; - } - const store = createStore(appReducer, middleware); - - return store; -}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts deleted file mode 100644 index 2f77c380d938..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { hostListReducer } from './hosts'; -import { AppAction } from './action'; -import { alertListReducer } from './alerts'; -import { GlobalState, ImmutableReducer } from '../types'; -import { policyListReducer } from './policy_list'; -import { policyDetailsReducer } from './policy_details'; -import { immutableCombineReducers } from './immutable_combine_reducers'; - -export const appReducer: ImmutableReducer = immutableCombineReducers({ - hostList: hostListReducer, - alertList: alertListReducer, - policyList: policyListReducer, - policyDetails: policyDetailsReducer, -}); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/types.ts b/x-pack/plugins/endpoint/public/applications/endpoint/types.ts deleted file mode 100644 index 8b401f80b2fd..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/types.ts +++ /dev/null @@ -1,395 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { - Dispatch, - Action as ReduxAction, - AnyAction as ReduxAnyAction, - Action, - Middleware, -} from 'redux'; -import { IIndexPattern } from 'src/plugins/data/public'; -import { - HostMetadata, - AlertData, - AlertResultList, - Immutable, - AlertDetails, - MalwareFields, - UIPolicyConfig, - PolicyData, - HostPolicyResponse, - HostInfo, -} from '../../../common/types'; -import { EndpointPluginStartDependencies } from '../../plugin'; -import { AppAction } from './store/action'; -import { CoreStart } from '../../../../../../src/core/public'; -import { - GetAgentStatusResponse, - GetDatasourcesResponse, - GetOneDatasourceResponse, - UpdateDatasourceResponse, -} from '../../../../ingest_manager/common'; - -export { AppAction }; - -/** - * like redux's `MiddlewareAPI` but `getState` returns an `Immutable` version of - * state and `dispatch` accepts `Immutable` versions of actions. - */ -export interface ImmutableMiddlewareAPI { - dispatch: Dispatch>; - getState(): Immutable; -} - -/** - * Like redux's `Middleware` but without the ability to mutate actions or state. - * Differences: - * * `getState` returns an `Immutable` version of state - * * `dispatch` accepts `Immutable` versions of actions - * * `action`s received will be `Immutable` - */ -export type ImmutableMiddleware = ( - api: ImmutableMiddlewareAPI -) => (next: Dispatch>) => (action: Immutable) => unknown; - -/** - * Takes application-standard middleware dependencies - * and returns a redux middleware. - * Middleware will be of the `ImmutableMiddleware` variety. Not able to directly - * change actions or state. - */ -export type ImmutableMiddlewareFactory = ( - coreStart: CoreStart, - depsStart: EndpointPluginStartDependencies -) => ImmutableMiddleware; - -/** - * Simple type for a redux selector. - */ -type Selector = (state: S) => R; - -/** - * Takes a selector and an `ImmutableMiddleware`. The - * middleware's version of `getState` will receive - * the result of the selector instead of the global state. - * - * This allows middleware to have knowledge of only a subsection of state. - * - * `selector` returns an `Immutable` version of the substate. - * `middleware` must be an `ImmutableMiddleware`. - * - * Returns a regular middleware, meant to be used with `applyMiddleware`. - */ -export type SubstateMiddlewareFactory = ( - selector: Selector>, - middleware: ImmutableMiddleware -) => Middleware<{}, GlobalState, Dispatch>>; - -export interface HostState { - /** list of host **/ - hosts: HostInfo[]; - /** number of items per page */ - pageSize: number; - /** which page to show */ - pageIndex: number; - /** total number of hosts returned */ - total: number; - /** list page is retrieving data */ - loading: boolean; - /** api error from retrieving host list */ - error?: ServerApiError; - /** details data for a specific host */ - details?: Immutable; - /** details page is retrieving data */ - detailsLoading: boolean; - /** api error from retrieving host details */ - detailsError?: ServerApiError; - /** Holds the Policy Response for the Host currently being displayed in the details */ - policyResponse?: HostPolicyResponse; - /** policyResponse is being retrieved */ - policyResponseLoading: boolean; - /** api error from retrieving the policy response */ - policyResponseError?: ServerApiError; - /** current location info */ - location?: Immutable; -} - -/** - * Query params on the host page parsed from the URL - */ -export interface HostIndexUIQueryParams { - /** Selected host id shows host details flyout */ - selected_host?: string; - /** How many items to show in list */ - page_size?: string; - /** Which page to show */ - page_index?: string; - /** show the policy response or host details */ - show?: string; -} - -export interface ServerApiError { - statusCode: number; - error: string; - message: string; -} - -/** - * Policy list store state - */ -export interface PolicyListState { - /** Array of policy items */ - policyItems: PolicyData[]; - /** API error if loading data failed */ - apiError?: ServerApiError; - /** total number of policies */ - total: number; - /** Number of policies per page */ - pageSize: number; - /** page number (zero based) */ - pageIndex: number; - /** data is being retrieved from server */ - isLoading: boolean; - /** current location information */ - location?: Immutable; -} - -/** - * Policy details store state - */ -export interface PolicyDetailsState { - /** A single policy item */ - policyItem?: PolicyData; - /** API error if loading data failed */ - apiError?: ServerApiError; - isLoading: boolean; - /** current location of the application */ - location?: Immutable; - /** A summary of stats for the agents associated with a given Fleet Agent Configuration */ - agentStatusSummary: GetAgentStatusResponse['results']; - /** Status of an update to the policy */ - updateStatus?: { - success: boolean; - error?: ServerApiError; - }; -} - -/** - * The URL search params that are supported by the Policy List page view - */ -export interface PolicyListUrlSearchParams { - page_index: number; - page_size: number; -} - -/** - * Endpoint Policy configuration - */ -export interface PolicyConfig { - windows: { - events: { - dll_and_driver_load: boolean; - dns: boolean; - file: boolean; - network: boolean; - process: boolean; - registry: boolean; - security: boolean; - }; - malware: MalwareFields; - logging: { - stdout: string; - file: string; - }; - advanced: PolicyConfigAdvancedOptions; - }; - mac: { - events: { - file: boolean; - process: boolean; - network: boolean; - }; - malware: MalwareFields; - logging: { - stdout: string; - file: string; - }; - advanced: PolicyConfigAdvancedOptions; - }; - linux: { - events: { - file: boolean; - process: boolean; - network: boolean; - }; - logging: { - stdout: string; - file: string; - }; - advanced: PolicyConfigAdvancedOptions; - }; -} - -interface PolicyConfigAdvancedOptions { - elasticsearch: { - indices: { - control: string; - event: string; - logging: string; - }; - kernel: { - connect: boolean; - process: boolean; - }; - }; -} - -/** OS used in Policy */ -export enum OS { - windows = 'windows', - mac = 'mac', - linux = 'linux', -} - -/** - * Returns the keys of an object whose values meet a criteria. - * Ex) interface largeNestedObject = { - * a: { - * food: Foods; - * toiletPaper: true; - * }; - * b: { - * food: Foods; - * streamingServices: Streams; - * }; - * c: {}; - * } - * - * type hasFoods = KeysByValueCriteria; - * The above type will be: [a, b] only, and will not include c. - * - */ -export type KeysByValueCriteria = { - [K in keyof O]: O[K] extends Criteria ? K : never; -}[keyof O]; - -/** Returns an array of the policy OSes that have a malware protection field */ -export type MalwareProtectionOSes = KeysByValueCriteria; - -export interface GlobalState { - readonly hostList: HostState; - readonly alertList: AlertListState; - readonly policyList: PolicyListState; - readonly policyDetails: PolicyDetailsState; -} - -/** - * A better type for createStructuredSelector. This doesn't support the options object. - */ -export type CreateStructuredSelector = < - SelectorMap extends { [key: string]: (...args: never[]) => unknown } ->( - selectorMap: SelectorMap -) => ( - state: SelectorMap[keyof SelectorMap] extends (state: infer State) => unknown ? State : never -) => { - [Key in keyof SelectorMap]: ReturnType; -}; - -export interface EndpointAppLocation { - pathname: string; - search: string; - hash: string; - key?: string; -} - -interface AlertsSearchBarState { - patterns: IIndexPattern[]; -} - -export type AlertListData = AlertResultList; - -export interface AlertListState { - /** Array of alert items. */ - readonly alerts: Immutable; - - /** The total number of alerts on the page. */ - readonly total: number; - - /** Number of alerts per page. */ - readonly pageSize: number; - - /** Page number, starting at 0. */ - readonly pageIndex: number; - - /** Current location object from React Router history. */ - readonly location?: Immutable; - - /** Specific Alert data to be shown in the details view */ - readonly alertDetails?: Immutable; - - /** Search bar state including indexPatterns */ - readonly searchBar: AlertsSearchBarState; -} - -/** - * Gotten by parsing the URL from the browser. Used to calculate the new URL when changing views. - */ -export interface AlertingIndexUIQueryParams { - /** - * How many items to show in list. - */ - page_size?: string; - /** - * Which page to show. If `page_index` is 1, show page 2. - */ - page_index?: string; - /** - * If any value is present, show the alert detail view for the selected alert. Should be an ID for an alert event. - */ - selected_alert?: string; - query?: string; - date_range?: string; - filters?: string; -} - -export interface GetPolicyListResponse extends GetDatasourcesResponse { - items: PolicyData[]; -} - -export interface GetPolicyResponse extends GetOneDatasourceResponse { - item: PolicyData; -} - -export interface UpdatePolicyResponse extends UpdateDatasourceResponse { - item: PolicyData; -} - -/** - * Like `Reducer` from `redux` but it accepts immutable versions of `state` and `action`. - * Use this type for all Reducers in order to help enforce our pattern of immutable state. - */ -export type ImmutableReducer = ( - state: Immutable | undefined, - action: Immutable -) => State | Immutable; - -/** - * A alternate interface for `redux`'s `combineReducers`. Will work with the same underlying implementation, - * but will enforce that `Immutable` versions of `state` and `action` are received. - */ -export type ImmutableCombineReducers = ( - reducers: ImmutableReducersMapObject -) => ImmutableReducer; - -/** - * Like `redux`'s `ReducersMapObject` (which is used by `combineReducers`) but enforces that - * the `state` and `action` received are `Immutable` versions. - */ -type ImmutableReducersMapObject = { - [K in keyof S]: ImmutableReducer; -}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx deleted file mode 100644 index 0ec5a855c861..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/index.tsx +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import React, { memo, useMemo } from 'react'; -import styled from 'styled-components'; -import { i18n } from '@kbn/i18n'; -import { FormattedMessage } from '@kbn/i18n/react'; -import { - EuiSpacer, - EuiTitle, - EuiText, - EuiHealth, - EuiTabbedContent, - EuiTabbedContentTab, -} from '@elastic/eui'; -import { useAlertListSelector } from '../../hooks/use_alerts_selector'; -import * as selectors from '../../../../store/alerts/selectors'; -import { MetadataPanel } from './metadata_panel'; -import { FormattedDate } from '../../formatted_date'; -import { AlertDetailResolver } from '../../resolver'; -import { ResolverEvent } from '../../../../../../../common/types'; -import { TakeActionDropdown } from './take_action_dropdown'; - -export const AlertDetailsOverview = styled( - memo(() => { - const alertDetailsData = useAlertListSelector(selectors.selectedAlertDetailsData); - if (alertDetailsData === undefined) { - return null; - } - - const tabs: EuiTabbedContentTab[] = useMemo(() => { - return [ - { - id: 'overviewMetadata', - 'data-test-subj': 'overviewMetadata', - name: i18n.translate( - 'xpack.endpoint.application.endpoint.alertDetails.overview.tabs.overview', - { - defaultMessage: 'Overview', - } - ), - content: ( - <> - - - - ), - }, - { - id: 'overviewResolver', - 'data-test-subj': 'overviewResolverTab', - name: i18n.translate( - 'xpack.endpoint.application.endpoint.alertDetails.overview.tabs.resolver', - { - defaultMessage: 'Resolver', - } - ), - content: ( - <> - - - - ), - }, - ]; - }, [alertDetailsData]); - - return ( - <> -
- -

- -

- - - -

- , - }} - /> -

- - - - Endpoint Status:{' '} - - {' '} - - - - - {' '} - - - - - -
- - - ); - }) -)` - height: 100%; - width: 100%; -`; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts deleted file mode 100644 index d3962f908757..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/hooks/use_alerts_selector.ts +++ /dev/null @@ -1,12 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { useSelector } from 'react-redux'; -import { GlobalState, AlertListState } from '../../../types'; - -export function useAlertListSelector(selector: (state: AlertListState) => TSelected) { - return useSelector((state: GlobalState) => selector(state.alertList)); -} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx deleted file mode 100644 index d32ad4dd9def..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/resolver.tsx +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React from 'react'; -import styled from 'styled-components'; -import { Provider } from 'react-redux'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; -import { Resolver } from '../../../../embeddables/resolver/view'; -import { EndpointPluginServices } from '../../../../plugin'; -import { ResolverEvent } from '../../../../../common/types'; -import { storeFactory } from '../../../../embeddables/resolver/store'; - -export const AlertDetailResolver = styled( - React.memo( - ({ className, selectedEvent }: { className?: string; selectedEvent?: ResolverEvent }) => { - const context = useKibana(); - const { store } = storeFactory(context); - - return ( -
- - - -
- ); - } - ) -)` - height: 100%; - width: 100%; - display: flex; - flex-grow: 1; - /* gross demo hack */ - min-height: calc(100vh - 505px); -`; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx deleted file mode 100644 index 631167140761..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/test_helpers/render_alert_page.tsx +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import React from 'react'; -import * as reactTestingLibrary from '@testing-library/react'; -import { Provider } from 'react-redux'; -import { I18nProvider } from '@kbn/i18n/react'; -import { createMemoryHistory } from 'history'; -import { Router } from 'react-router-dom'; -import { AlertIndex } from '../index'; -import { appStoreFactory } from '../../../store'; -import { KibanaContextProvider } from '../../../../../../../../../src/plugins/kibana_react/public'; -import { RouteCapture } from '../../route_capture'; -import { depsStartMock } from '../../../mocks'; - -/** - * Create a 'history' instance that is only in-memory and causes no side effects to the testing environment. - */ -const history = createMemoryHistory(); -/** - * Create a store, with the middleware disabled. We don't want side effects being created by our code in this test. - */ -const store = appStoreFactory(); - -const depsStart = depsStartMock(); -depsStart.data.ui.SearchBar.mockImplementation(() =>
); - -export const alertPageTestRender = { - store, - history, - depsStart, - - /** - * Render the test component, use this after setting up anything in `beforeEach`. - */ - render: () => { - /** - * Provide the store via `Provider`, and i18n APIs via `I18nProvider`. - * Use react-router via `Router`, passing our in-memory `history` instance. - * Use `RouteCapture` to emit url-change actions when the URL is changed. - * Finally, render the `AlertIndex` component which we are testing. - */ - return reactTestingLibrary.render( - - - - - - - - - - - - ); - }, -}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx deleted file mode 100644 index f9634c63deef..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root.tsx +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import * as React from 'react'; -import { FormattedMessage } from '@kbn/i18n/react'; -import { Route, Switch } from 'react-router-dom'; -import { Store } from 'redux'; -import { AlertIndex } from './alerts'; -import { HostList } from './hosts'; -import { PolicyList } from './policy'; -import { PolicyDetails } from './policy'; -import { HeaderNavigation } from './components/header_navigation'; -import { AppRootProvider } from './app_root_provider'; -import { Setup } from './setup'; -import { EndpointPluginStartDependencies } from '../../../plugin'; -import { ScopedHistory, CoreStart } from '../../../../../../../src/core/public'; - -interface RouterProps { - history: ScopedHistory; - store: Store; - coreStart: CoreStart; - depsStart: EndpointPluginStartDependencies; -} - -/** - * The root of the Endpoint application react view. - */ -export const AppRoot: React.FunctionComponent = React.memo( - ({ history, store, coreStart, depsStart }) => { - return ( - - - - - ( -

- -

- )} - /> - - - - - ( - - )} - /> - - - ); - } -); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx deleted file mode 100644 index 747522985369..000000000000 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/header_navigation.tsx +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React, { memo, useMemo } from 'react'; -import { i18n } from '@kbn/i18n'; -import { EuiTabs, EuiTab } from '@elastic/eui'; -import { useLocation } from 'react-router-dom'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; -import { Immutable } from '../../../../../common/types'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; - -interface NavTabs { - name: string; - id: string; - href: string; -} - -const navTabs: Immutable = [ - { - id: 'home', - name: i18n.translate('xpack.endpoint.headerNav.home', { - defaultMessage: 'Home', - }), - href: '/', - }, - { - id: 'hosts', - name: i18n.translate('xpack.endpoint.headerNav.hosts', { - defaultMessage: 'Hosts', - }), - href: '/hosts', - }, - { - id: 'alerts', - name: i18n.translate('xpack.endpoint.headerNav.alerts', { - defaultMessage: 'Alerts', - }), - href: '/alerts', - }, - { - id: 'policies', - name: i18n.translate('xpack.endpoint.headerNav.policies', { - defaultMessage: 'Policies', - }), - href: '/policy', - }, -]; - -const NavTab = memo<{ tab: NavTabs }>(({ tab }) => { - const { pathname } = useLocation(); - const { services } = useKibana(); - const onClickHandler = useNavigateByRouterEventHandler(tab.href); - const BASE_PATH = services.application.getUrlForApp('endpoint'); - - return ( - - {tab.name} - - ); -}); - -export const HeaderNavigation: React.FunctionComponent = React.memo(() => { - const tabList = useMemo(() => { - return navTabs.map((tab, index) => { - return ; - }); - }, []); - - return {tabList}; -}); diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts b/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts deleted file mode 100644 index e88837d32510..000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event_test_helpers.ts +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { LegacyEndpointEvent } from '../../../../common/types'; - -type DeepPartial = { [K in keyof T]?: DeepPartial }; -/** - * Creates a mock process event given the 'parts' argument, which can - * include all or some process event fields as determined by the ProcessEvent type. - * The only field that must be provided is the event's 'node_id' field. - * The other fields are populated by the function unless provided in 'parts' - */ -export function mockProcessEvent(parts: { - endgame: { - unique_pid: LegacyEndpointEvent['endgame']['unique_pid']; - unique_ppid?: LegacyEndpointEvent['endgame']['unique_ppid']; - process_name?: LegacyEndpointEvent['endgame']['process_name']; - event_subtype_full?: LegacyEndpointEvent['endgame']['event_subtype_full']; - event_type_full?: LegacyEndpointEvent['endgame']['event_type_full']; - } & DeepPartial; -}): LegacyEndpointEvent { - const { endgame: dataBuffer } = parts; - return { - endgame: { - ...dataBuffer, - event_timestamp: 1, - event_type: 1, - unique_ppid: 0, - unique_pid: 1, - machine_id: '', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - process_name: '', - process_path: '', - timestamp_utc: '', - serial_event_id: 1, - }, - '@timestamp': 1582233383000, - agent: { - type: '', - id: '', - version: '', - }, - ...parts, - }; -} diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx b/x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx deleted file mode 100644 index fbd40dda9adf..000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/edge_line.tsx +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React from 'react'; -import styled from 'styled-components'; -import { applyMatrix3, distance, angle } from '../lib/vector2'; -import { Vector2, Matrix3 } from '../types'; - -/** - * A placeholder line segment view that connects process nodes. - */ -export const EdgeLine = styled( - React.memo( - ({ - className, - startPosition, - endPosition, - projectionMatrix, - }: { - /** - * A className string provided by `styled` - */ - className?: string; - /** - * The postion of first point in the line segment. In 'world' coordinates. - */ - startPosition: Vector2; - /** - * The postion of second point in the line segment. In 'world' coordinates. - */ - endPosition: Vector2; - /** - * projectionMatrix which can be used to convert `startPosition` and `endPosition` to screen coordinates. - */ - projectionMatrix: Matrix3; - }) => { - /** - * Convert the start and end positions, which are in 'world' coordinates, - * to `left` and `top` css values. - */ - const screenStart = applyMatrix3(startPosition, projectionMatrix); - const screenEnd = applyMatrix3(endPosition, projectionMatrix); - - /** - * We render the line using a short, long, `div` element. The length of this `div` - * should be the same as the distance between the start and end points. - */ - const length = distance(screenStart, screenEnd); - - const style = { - left: screenStart[0] + 'px', - top: screenStart[1] + 'px', - width: length + 'px', - /** - * Transform from the left of the div, as the left side of the `div` is positioned - * at the start point of the line segment. - */ - transformOrigin: 'top left', - /** - * Translate the `div` in the y axis to accomodate for the height of the `div`. - * Also rotate the `div` in the z axis so that it's angle matches the angle - * between the start and end points. - */ - transform: `translateY(-50%) rotateZ(${angle(screenStart, screenEnd)}rad)`, - }; - return
; - } - ) -)` - position: absolute; - height: 3px; - background-color: #d4d4d4; - color: #333333; - contain: strict; -`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx b/x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx deleted file mode 100644 index 32c3f73ced28..000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/graph_controls.tsx +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React, { useCallback, useMemo, useContext } from 'react'; -import styled from 'styled-components'; -import { EuiRange, EuiPanel, EuiIcon } from '@elastic/eui'; -import { useSelector, useDispatch } from 'react-redux'; -import { SideEffectContext } from './side_effect_context'; -import { ResolverAction, Vector2 } from '../types'; -import * as selectors from '../store/selectors'; - -/** - * Controls for zooming, panning, and centering in Resolver - */ -export const GraphControls = styled( - React.memo( - ({ - className, - }: { - /** - * A className string provided by `styled` - */ - className?: string; - }) => { - const dispatch: (action: ResolverAction) => unknown = useDispatch(); - const scalingFactor = useSelector(selectors.scalingFactor); - const { timestamp } = useContext(SideEffectContext); - - const handleZoomAmountChange = useCallback( - (event: React.ChangeEvent | React.MouseEvent) => { - const valueAsNumber = parseFloat( - (event as React.ChangeEvent).target.value - ); - if (isNaN(valueAsNumber) === false) { - dispatch({ - type: 'userSetZoomLevel', - payload: valueAsNumber, - }); - } - }, - [dispatch] - ); - - const handleCenterClick = useCallback(() => { - dispatch({ - type: 'userSetPositionOfCamera', - payload: [0, 0], - }); - }, [dispatch]); - - const handleZoomOutClick = useCallback(() => { - dispatch({ - type: 'userClickedZoomOut', - }); - }, [dispatch]); - - const handleZoomInClick = useCallback(() => { - dispatch({ - type: 'userClickedZoomIn', - }); - }, [dispatch]); - - const [handleNorth, handleEast, handleSouth, handleWest] = useMemo(() => { - const directionVectors: readonly Vector2[] = [ - [0, 1], - [1, 0], - [0, -1], - [-1, 0], - ]; - return directionVectors.map(direction => { - return () => { - const action: ResolverAction = { - type: 'userNudgedCamera', - payload: { direction, time: timestamp() }, - }; - dispatch(action); - }; - }); - }, [dispatch, timestamp]); - - return ( -
- -
- -
-
- - - -
-
- -
- - - - - - -
- ); - } - ) -)` - background-color: #d4d4d4; - color: #333333; - - .zoom-controls { - display: flex; - flex-direction: column; - align-items: center; - padding: 5px 0px; - - .zoom-slider { - width: 20px; - height: 150px; - margin: 5px 0px 2px 0px; - - input[type='range'] { - width: 150px; - height: 20px; - transform-origin: 75px 75px; - transform: rotate(-90deg); - } - } - } - .panning-controls { - text-align: center; - } -`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx b/x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx deleted file mode 100644 index 32928d511a1f..000000000000 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/process_event_dot.tsx +++ /dev/null @@ -1,605 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React, { useCallback, useMemo } from 'react'; -import styled from 'styled-components'; -import { i18n } from '@kbn/i18n'; -import { - htmlIdGenerator, - EuiI18nNumber, - EuiKeyboardAccessible, - EuiFlexGroup, - EuiFlexItem, -} from '@elastic/eui'; -import { useSelector } from 'react-redux'; -import { NodeSubMenu, subMenuAssets } from './submenu'; -import { applyMatrix3 } from '../lib/vector2'; -import { - Vector2, - Matrix3, - AdjacentProcessMap, - ResolverProcessType, - RelatedEventEntryWithStatsOrWaiting, -} from '../types'; -import { SymbolIds, NamedColors } from './defs'; -import { ResolverEvent } from '../../../../common/types'; -import { useResolverDispatch } from './use_resolver_dispatch'; -import * as eventModel from '../../../../common/models/event'; -import * as processModel from '../models/process_event'; -import * as selectors from '../store/selectors'; - -const nodeAssets = { - runningProcessCube: { - cubeSymbol: `#${SymbolIds.runningProcessCube}`, - labelBackground: NamedColors.labelBackgroundRunningProcess, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.runningProcess', { - defaultMessage: 'Running Process', - }), - }, - runningTriggerCube: { - cubeSymbol: `#${SymbolIds.runningTriggerCube}`, - labelBackground: NamedColors.labelBackgroundRunningTrigger, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.runningTrigger', { - defaultMessage: 'Running Trigger', - }), - }, - terminatedProcessCube: { - cubeSymbol: `#${SymbolIds.terminatedProcessCube}`, - labelBackground: NamedColors.labelBackgroundTerminatedProcess, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.terminatedProcess', { - defaultMessage: 'Terminated Process', - }), - }, - terminatedTriggerCube: { - cubeSymbol: `#${SymbolIds.terminatedTriggerCube}`, - labelBackground: NamedColors.labelBackgroundTerminatedTrigger, - descriptionFill: NamedColors.empty, - descriptionText: i18n.translate('xpack.endpoint.resolver.terminatedTrigger', { - defaultMessage: 'Terminated Trigger', - }), - }, -}; - -/** - * Take a gross `schemaName` and return a beautiful translated one. - */ -const getDisplayName: (schemaName: string) => string = function nameInSchemaToDisplayName( - schemaName: string -) { - const displayNameRecord: Record = { - application: i18n.translate('xpack.endpoint.resolver.applicationEventTypeDisplayName', { - defaultMessage: 'Application', - }), - apm: i18n.translate('xpack.endpoint.resolver.apmEventTypeDisplayName', { - defaultMessage: 'APM', - }), - audit: i18n.translate('xpack.endpoint.resolver.auditEventTypeDisplayName', { - defaultMessage: 'Audit', - }), - authentication: i18n.translate('xpack.endpoint.resolver.authenticationEventTypeDisplayName', { - defaultMessage: 'Authentication', - }), - certificate: i18n.translate('xpack.endpoint.resolver.certificateEventTypeDisplayName', { - defaultMessage: 'Certificate', - }), - cloud: i18n.translate('xpack.endpoint.resolver.cloudEventTypeDisplayName', { - defaultMessage: 'Cloud', - }), - database: i18n.translate('xpack.endpoint.resolver.databaseEventTypeDisplayName', { - defaultMessage: 'Database', - }), - driver: i18n.translate('xpack.endpoint.resolver.driverEventTypeDisplayName', { - defaultMessage: 'Driver', - }), - email: i18n.translate('xpack.endpoint.resolver.emailEventTypeDisplayName', { - defaultMessage: 'Email', - }), - file: i18n.translate('xpack.endpoint.resolver.fileEventTypeDisplayName', { - defaultMessage: 'File', - }), - host: i18n.translate('xpack.endpoint.resolver.hostEventTypeDisplayName', { - defaultMessage: 'Host', - }), - iam: i18n.translate('xpack.endpoint.resolver.iamEventTypeDisplayName', { - defaultMessage: 'IAM', - }), - iam_group: i18n.translate('xpack.endpoint.resolver.iam_groupEventTypeDisplayName', { - defaultMessage: 'IAM Group', - }), - intrusion_detection: i18n.translate( - 'xpack.endpoint.resolver.intrusion_detectionEventTypeDisplayName', - { - defaultMessage: 'Intrusion Detection', - } - ), - malware: i18n.translate('xpack.endpoint.resolver.malwareEventTypeDisplayName', { - defaultMessage: 'Malware', - }), - network_flow: i18n.translate('xpack.endpoint.resolver.network_flowEventTypeDisplayName', { - defaultMessage: 'Network Flow', - }), - network: i18n.translate('xpack.endpoint.resolver.networkEventTypeDisplayName', { - defaultMessage: 'Network', - }), - package: i18n.translate('xpack.endpoint.resolver.packageEventTypeDisplayName', { - defaultMessage: 'Package', - }), - process: i18n.translate('xpack.endpoint.resolver.processEventTypeDisplayName', { - defaultMessage: 'Process', - }), - registry: i18n.translate('xpack.endpoint.resolver.registryEventTypeDisplayName', { - defaultMessage: 'Registry', - }), - session: i18n.translate('xpack.endpoint.resolver.sessionEventTypeDisplayName', { - defaultMessage: 'Session', - }), - service: i18n.translate('xpack.endpoint.resolver.serviceEventTypeDisplayName', { - defaultMessage: 'Service', - }), - socket: i18n.translate('xpack.endpoint.resolver.socketEventTypeDisplayName', { - defaultMessage: 'Socket', - }), - vulnerability: i18n.translate('xpack.endpoint.resolver.vulnerabilityEventTypeDisplayName', { - defaultMessage: 'Vulnerability', - }), - web: i18n.translate('xpack.endpoint.resolver.webEventTypeDisplayName', { - defaultMessage: 'Web', - }), - alert: i18n.translate('xpack.endpoint.resolver.alertEventTypeDisplayName', { - defaultMessage: 'Alert', - }), - security: i18n.translate('xpack.endpoint.resolver.securityEventTypeDisplayName', { - defaultMessage: 'Security', - }), - dns: i18n.translate('xpack.endpoint.resolver.dnsEventTypeDisplayName', { - defaultMessage: 'DNS', - }), - clr: i18n.translate('xpack.endpoint.resolver.clrEventTypeDisplayName', { - defaultMessage: 'CLR', - }), - image_load: i18n.translate('xpack.endpoint.resolver.image_loadEventTypeDisplayName', { - defaultMessage: 'Image Load', - }), - powershell: i18n.translate('xpack.endpoint.resolver.powershellEventTypeDisplayName', { - defaultMessage: 'Powershell', - }), - wmi: i18n.translate('xpack.endpoint.resolver.wmiEventTypeDisplayName', { - defaultMessage: 'WMI', - }), - api: i18n.translate('xpack.endpoint.resolver.apiEventTypeDisplayName', { - defaultMessage: 'API', - }), - user: i18n.translate('xpack.endpoint.resolver.userEventTypeDisplayName', { - defaultMessage: 'User', - }), - }; - return ( - displayNameRecord[schemaName] || - i18n.translate('xpack.endpoint.resolver.userEventTypeDisplayUnknown', { - defaultMessage: 'Unknown', - }) - ); -}; - -/** - * An artifact that represents a process node and the things associated with it in the Resolver - */ -export const ProcessEventDot = styled( - React.memo( - ({ - className, - position, - event, - projectionMatrix, - adjacentNodeMap, - relatedEvents, - }: { - /** - * A `className` string provided by `styled` - */ - className?: string; - /** - * The positon of the process node, in 'world' coordinates. - */ - position: Vector2; - /** - * An event which contains details about the process node. - */ - event: ResolverEvent; - /** - * projectionMatrix which can be used to convert `position` to screen coordinates. - */ - projectionMatrix: Matrix3; - /** - * map of what nodes are "adjacent" to this one in "up, down, previous, next" directions - */ - adjacentNodeMap: AdjacentProcessMap; - /** - * A collection of events related to the current node and statistics (e.g. counts indexed by event type) - * to provide the user some visibility regarding the contents thereof. - */ - relatedEvents?: RelatedEventEntryWithStatsOrWaiting; - }) => { - /** - * Convert the position, which is in 'world' coordinates, to screen coordinates. - */ - const [left, top] = applyMatrix3(position, projectionMatrix); - - const [magFactorX] = projectionMatrix; - - const selfId = adjacentNodeMap.self; - - const activeDescendantId = useSelector(selectors.uiActiveDescendantId); - const selectedDescendantId = useSelector(selectors.uiSelectedDescendantId); - - const logicalProcessNodeViewWidth = 360; - const logicalProcessNodeViewHeight = 120; - /** - * The `left` and `top` values represent the 'center' point of the process node. - * Since the view has content to the left and above the 'center' point, offset the - * position to accomodate for that. This aligns the logical center of the process node - * with the correct position on the map. - */ - const processNodeViewXOffset = -0.172413 * logicalProcessNodeViewWidth * magFactorX; - const processNodeViewYOffset = -0.73684 * logicalProcessNodeViewHeight * magFactorX; - - const nodeViewportStyle = useMemo( - () => ({ - left: `${left + processNodeViewXOffset}px`, - top: `${top + processNodeViewYOffset}px`, - // Width of symbol viewport scaled to fit - width: `${logicalProcessNodeViewWidth * magFactorX}px`, - // Height according to symbol viewbox AR - height: `${logicalProcessNodeViewHeight * magFactorX}px`, - }), - [left, magFactorX, processNodeViewXOffset, processNodeViewYOffset, top] - ); - - /** - * Type in non-SVG components scales as follows: - * (These values were adjusted to match the proportions in the comps provided by UX/Design) - * 18.75 : The smallest readable font size at which labels/descriptions can be read. Font size will not scale below this. - * 12.5 : A 'slope' at which the font size will scale w.r.t. to zoom level otherwise - */ - const minimumFontSize = 18.75; - const slopeOfFontScale = 12.5; - const fontSizeAdjustmentForScale = magFactorX > 1 ? slopeOfFontScale * (magFactorX - 1) : 0; - const scaledTypeSize = minimumFontSize + fontSizeAdjustmentForScale; - - const markerBaseSize = 15; - const markerSize = markerBaseSize; - const markerPositionOffset = -markerBaseSize / 2; - - /** - * An element that should be animated when the node is clicked. - */ - const animationTarget: { - current: - | (SVGAnimationElement & { - /** - * `beginElement` is by [w3](https://www.w3.org/TR/SVG11/animate.html#__smil__ElementTimeControl__beginElement) - * but missing in [TSJS-lib-generator](https://github.com/microsoft/TSJS-lib-generator/blob/15a4678e0ef6de308e79451503e444e9949ee849/inputfiles/addedTypes.json#L1819) - */ - beginElement: () => void; - }) - | null; - } = React.createRef(); - const { cubeSymbol, labelBackground, descriptionText } = nodeAssets[nodeType(event)]; - const resolverNodeIdGenerator = useMemo(() => htmlIdGenerator('resolverNode'), []); - - const nodeId = useMemo(() => resolverNodeIdGenerator(selfId), [ - resolverNodeIdGenerator, - selfId, - ]); - const labelId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); - const descriptionId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); - const isActiveDescendant = nodeId === activeDescendantId; - const isSelectedDescendant = nodeId === selectedDescendantId; - - const dispatch = useResolverDispatch(); - - const handleFocus = useCallback(() => { - dispatch({ - type: 'userFocusedOnResolverNode', - payload: { - nodeId, - }, - }); - }, [dispatch, nodeId]); - - const handleClick = useCallback(() => { - if (animationTarget.current !== null) { - (animationTarget.current as any).beginElement(); - } - dispatch({ - type: 'userSelectedResolverNode', - payload: { - nodeId, - }, - }); - }, [animationTarget, dispatch, nodeId]); - - const handleRelatedEventRequest = useCallback(() => { - dispatch({ - type: 'userRequestedRelatedEventData', - payload: event, - }); - }, [dispatch, event]); - - const handleRelatedAlertsRequest = useCallback(() => { - dispatch({ - type: 'userSelectedRelatedAlerts', - payload: event, - }); - }, [dispatch, event]); - /** - * Enumerates the stats for related events to display with the node as options, - * generally in the form `number of related events in category` `category title` - * e.g. "10 DNS", "230 File" - */ - const relatedEventOptions = useMemo(() => { - if (relatedEvents === 'error') { - // Return an empty set of options if there was an error requesting them - return []; - } - const relatedStats = typeof relatedEvents === 'object' && relatedEvents.stats; - if (!relatedStats) { - // Return an empty set of options if there are no stats to report - return []; - } - // If we have entries to show, map them into options to display in the selectable list - return Object.entries(relatedStats).map(statsEntry => { - const displayName = getDisplayName(statsEntry[0]); - return { - prefix: , - optionTitle: `${displayName}`, - action: () => { - dispatch({ - type: 'userSelectedRelatedEventCategory', - payload: { - subject: event, - category: statsEntry[0], - }, - }); - }, - }; - }); - }, [relatedEvents, dispatch, event]); - - const relatedEventStatusOrOptions = (() => { - if (!relatedEvents) { - // If related events have not yet been requested - return subMenuAssets.initialMenuStatus; - } - if (relatedEvents === 'error') { - // If there was an error when we tried to request the events - return subMenuAssets.menuError; - } - if (relatedEvents === 'waitingForRelatedEventData') { - // If we're waiting for events to be returned - // Pass on the waiting symbol - return relatedEvents; - } - return relatedEventOptions; - })(); - - /* eslint-disable jsx-a11y/click-events-have-key-events */ - /** - * Key event handling (e.g. 'Enter'/'Space') is provisioned by the `EuiKeyboardAccessible` component - */ - return ( - -
- - - - - - - - -
-
- {descriptionText} -
-
= 2 ? 'euiButton' : 'euiButton euiButton--small'} - data-test-subject="nodeLabel" - id={labelId} - style={{ - backgroundColor: labelBackground, - padding: '.15rem 0', - textAlign: 'center', - maxWidth: '20rem', - minWidth: '12rem', - width: '60%', - overflow: 'hidden', - whiteSpace: 'nowrap', - textOverflow: 'ellipsis', - contain: 'content', - margin: '.25rem 0 .35rem 0', - }} - > - - - {eventModel.eventName(event)} - - -
- {magFactorX >= 2 && ( - - - - - - - - - )} -
-
- - ); - /* eslint-enable jsx-a11y/click-events-have-key-events */ - } - ) -)` - position: absolute; - text-align: left; - font-size: 10px; - user-select: none; - box-sizing: border-box; - border-radius: 10%; - white-space: nowrap; - will-change: left, top, width, height; - contain: layout; - min-width: 280px; - min-height: 90px; - overflow-y: visible; - - //dasharray & dashoffset should be equal to "pull" the stroke back - //when it is transitioned. - //The value is tuned to look good when animated, but to preserve - //the effect, it should always be _at least_ the length of the stroke - & .backing { - stroke-dasharray: 500; - stroke-dashoffset: 500; - } - &[aria-current] .backing { - transition-property: stroke-dashoffset; - transition-duration: 1s; - stroke-dashoffset: 0; - } - - & .related-dropdown { - width: 4.5em; - } - & .euiSelectableList-bordered { - border-top-right-radius: 0px; - border-top-left-radius: 0px; - } - & .euiSelectableListItem { - background-color: black; - } - & .euiSelectableListItem path { - fill: white; - } - & .euiSelectableListItem__text { - color: white; - } -`; - -const processTypeToCube: Record = { - processCreated: 'runningProcessCube', - processRan: 'runningProcessCube', - processTerminated: 'terminatedProcessCube', - unknownProcessEvent: 'runningProcessCube', - processCausedAlert: 'runningTriggerCube', - unknownEvent: 'runningProcessCube', -}; - -function nodeType(processEvent: ResolverEvent): keyof typeof nodeAssets { - const processType = processModel.eventType(processEvent); - - if (processType in processTypeToCube) { - return processTypeToCube[processType]; - } - return 'runningProcessCube'; -} diff --git a/x-pack/plugins/endpoint/public/index.ts b/x-pack/plugins/endpoint/public/index.ts deleted file mode 100644 index e6a7683efd9a..000000000000 --- a/x-pack/plugins/endpoint/public/index.ts +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { PluginInitializer } from 'kibana/public'; -import { - EndpointPlugin, - EndpointPluginStart, - EndpointPluginSetup, - EndpointPluginStartDependencies, - EndpointPluginSetupDependencies, -} from './plugin'; - -export const plugin: PluginInitializer< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies -> = () => new EndpointPlugin(); diff --git a/x-pack/plugins/endpoint/public/plugin.ts b/x-pack/plugins/endpoint/public/plugin.ts deleted file mode 100644 index 9964454add80..000000000000 --- a/x-pack/plugins/endpoint/public/plugin.ts +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { Plugin, CoreSetup, AppMountParameters, CoreStart } from 'kibana/public'; -import { EmbeddableSetup } from 'src/plugins/embeddable/public'; -import { DataPublicPluginStart } from 'src/plugins/data/public'; -import { i18n } from '@kbn/i18n'; -import { IngestManagerStart } from '../../ingest_manager/public'; -import { ResolverEmbeddableFactory } from './embeddables/resolver'; - -export type EndpointPluginStart = void; -export type EndpointPluginSetup = void; -export interface EndpointPluginSetupDependencies { - embeddable: EmbeddableSetup; - data: DataPublicPluginStart; -} -export interface EndpointPluginStartDependencies { - data: DataPublicPluginStart; - ingestManager: IngestManagerStart; -} - -/** - * Functionality that the endpoint plugin uses from core. - */ -export interface EndpointPluginServices extends Partial { - http: CoreStart['http']; - overlays: CoreStart['overlays'] | undefined; - notifications: CoreStart['notifications'] | undefined; - data: DataPublicPluginStart; -} - -export class EndpointPlugin - implements - Plugin< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies - > { - public setup( - core: CoreSetup, - plugins: EndpointPluginSetupDependencies - ) { - core.application.register({ - id: 'endpoint', - title: i18n.translate('xpack.endpoint.pluginTitle', { - defaultMessage: 'Endpoint', - }), - euiIconType: 'securityApp', - async mount(params: AppMountParameters) { - const [coreStart, depsStart] = await core.getStartServices(); - const { renderApp } = await import('./applications/endpoint'); - return renderApp(coreStart, depsStart, params); - }, - }); - - const resolverEmbeddableFactory = new ResolverEmbeddableFactory(); - - plugins.embeddable.registerEmbeddableFactory( - resolverEmbeddableFactory.type, - resolverEmbeddableFactory - ); - } - - public start() {} - - public stop() {} -} diff --git a/x-pack/plugins/endpoint/server/index.ts b/x-pack/plugins/endpoint/server/index.ts deleted file mode 100644 index ae603b7e4444..000000000000 --- a/x-pack/plugins/endpoint/server/index.ts +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { PluginInitializer, PluginInitializerContext } from 'src/core/server'; -import { - EndpointPlugin, - EndpointPluginStart, - EndpointPluginSetup, - EndpointPluginStartDependencies, - EndpointPluginSetupDependencies, -} from './plugin'; -import { EndpointConfigSchema } from './config'; - -export const config = { - schema: EndpointConfigSchema, -}; - -export const plugin: PluginInitializer< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies -> = (initializerContext: PluginInitializerContext) => new EndpointPlugin(initializerContext); diff --git a/x-pack/plugins/endpoint/server/plugin.test.ts b/x-pack/plugins/endpoint/server/plugin.test.ts deleted file mode 100644 index 215b26942bcd..000000000000 --- a/x-pack/plugins/endpoint/server/plugin.test.ts +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { - EndpointPlugin, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies, -} from './plugin'; -import { coreMock } from '../../../../src/core/server/mocks'; -import { PluginSetupContract } from '../../features/server'; -import { createMockIngestManagerStartContract } from './mocks'; - -describe('test endpoint plugin', () => { - let plugin: EndpointPlugin; - let mockCoreSetup: ReturnType; - let mockCoreStart: ReturnType; - let mockedEndpointPluginSetupDependencies: jest.Mocked; - let mockedEndpointPluginStartDependencies: jest.Mocked; - let mockedPluginSetupContract: jest.Mocked; - beforeEach(() => { - plugin = new EndpointPlugin( - coreMock.createPluginInitializerContext({ - cookieName: 'sid', - sessionTimeout: 1500, - }) - ); - - mockCoreSetup = coreMock.createSetup(); - mockCoreStart = coreMock.createStart(); - mockedPluginSetupContract = { - registerFeature: jest.fn(), - getFeatures: jest.fn(), - getFeaturesUICapabilities: jest.fn(), - }; - }); - - it('test properly setup plugin', async () => { - mockedEndpointPluginSetupDependencies = { - features: mockedPluginSetupContract, - }; - await plugin.setup(mockCoreSetup, mockedEndpointPluginSetupDependencies); - expect(mockedPluginSetupContract.registerFeature).toBeCalledTimes(1); - expect(mockCoreSetup.http.createRouter).toBeCalledTimes(1); - expect(() => plugin.getEndpointAppContextService().getIndexPatternRetriever()).toThrow(Error); - expect(() => plugin.getEndpointAppContextService().getAgentService()).toThrow(Error); - }); - - it('test properly start plugin', async () => { - mockedEndpointPluginStartDependencies = { - ingestManager: createMockIngestManagerStartContract(''), - }; - await plugin.start(mockCoreStart, mockedEndpointPluginStartDependencies); - expect(plugin.getEndpointAppContextService().getAgentService()).toBeTruthy(); - expect(plugin.getEndpointAppContextService().getIndexPatternRetriever()).toBeTruthy(); - }); -}); diff --git a/x-pack/plugins/endpoint/server/plugin.ts b/x-pack/plugins/endpoint/server/plugin.ts deleted file mode 100644 index ff10b9c0416f..000000000000 --- a/x-pack/plugins/endpoint/server/plugin.ts +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { Plugin, CoreSetup, PluginInitializerContext, Logger, CoreStart } from 'kibana/server'; -import { first } from 'rxjs/operators'; -import { PluginSetupContract as FeaturesPluginSetupContract } from '../../features/server'; -import { createConfig$, EndpointConfigType } from './config'; -import { EndpointAppContext } from './types'; - -import { registerAlertRoutes } from './routes/alerts'; -import { registerResolverRoutes } from './routes/resolver'; -import { registerIndexPatternRoute } from './routes/index_pattern'; -import { registerEndpointRoutes } from './routes/metadata'; -import { IngestIndexPatternRetriever } from './index_pattern'; -import { IngestManagerStartContract } from '../../ingest_manager/server'; -import { EndpointAppContextService } from './endpoint_app_context_services'; -import { registerPolicyRoutes } from './routes/policy'; - -export type EndpointPluginStart = void; -export type EndpointPluginSetup = void; -export interface EndpointPluginStartDependencies { - ingestManager: IngestManagerStartContract; -} - -export interface EndpointPluginSetupDependencies { - features: FeaturesPluginSetupContract; -} - -export class EndpointPlugin - implements - Plugin< - EndpointPluginSetup, - EndpointPluginStart, - EndpointPluginSetupDependencies, - EndpointPluginStartDependencies - > { - private readonly logger: Logger; - private readonly endpointAppContextService: EndpointAppContextService = new EndpointAppContextService(); - constructor(private readonly initializerContext: PluginInitializerContext) { - this.logger = this.initializerContext.logger.get('endpoint'); - } - - public getEndpointAppContextService(): EndpointAppContextService { - return this.endpointAppContextService; - } - - public setup(core: CoreSetup, plugins: EndpointPluginSetupDependencies) { - plugins.features.registerFeature({ - id: 'endpoint', - name: 'Endpoint', - icon: 'bug', - navLinkId: 'endpoint', - app: ['endpoint', 'kibana'], - privileges: { - all: { - app: ['endpoint', 'kibana'], - api: ['resolver'], - savedObject: { - all: [], - read: [], - }, - ui: ['save'], - }, - read: { - app: ['endpoint', 'kibana'], - api: [], - savedObject: { - all: [], - read: [], - }, - ui: [], - }, - }, - }); - const endpointContext = { - logFactory: this.initializerContext.logger, - service: this.endpointAppContextService, - config: (): Promise => { - return createConfig$(this.initializerContext) - .pipe(first()) - .toPromise(); - }, - } as EndpointAppContext; - const router = core.http.createRouter(); - registerEndpointRoutes(router, endpointContext); - registerResolverRoutes(router, endpointContext); - registerAlertRoutes(router, endpointContext); - registerIndexPatternRoute(router, endpointContext); - registerPolicyRoutes(router, endpointContext); - } - - public start(core: CoreStart, plugins: EndpointPluginStartDependencies) { - this.logger.debug('Starting plugin'); - this.endpointAppContextService.start({ - indexPatternRetriever: new IngestIndexPatternRetriever( - plugins.ingestManager.esIndexPatternService, - this.initializerContext.logger - ), - agentService: plugins.ingestManager.agentService, - }); - } - public stop() { - this.logger.debug('Stopping plugin'); - this.endpointAppContextService.stop(); - } -} diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/index.ts b/x-pack/plugins/endpoint/server/routes/alerts/details/index.ts deleted file mode 100644 index 3939594fe465..000000000000 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/index.ts +++ /dev/null @@ -1,8 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { alertDetailsReqSchema } from './schemas'; -export { alertDetailsHandlerWrapper } from './handlers'; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/index.ts b/x-pack/plugins/endpoint/server/routes/alerts/list/index.ts deleted file mode 100644 index cf72ea4d199d..000000000000 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/index.ts +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { alertListHandlerWrapper } from './handlers'; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/types.ts b/x-pack/plugins/endpoint/server/routes/alerts/types.ts deleted file mode 100644 index 5aefc35b5758..000000000000 --- a/x-pack/plugins/endpoint/server/routes/alerts/types.ts +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { Query, Filter, TimeRange } from '../../../../../../src/plugins/data/server'; -import { JsonObject } from '../../../../../../src/plugins/kibana_utils/public'; -import { AlertAPIOrdering } from '../../../common/types'; - -/** - * Sort parameters for alerts in ES. - */ -export interface AlertSortParam { - [key: string]: { - order: AlertAPIOrdering; - missing?: UndefinedResultPosition; - }; -} - -/** - * Sort array for alerts. - */ -export type AlertSort = [AlertSortParam, AlertSortParam]; - -/** - * Cursor-based pagination params. - */ -export type SearchCursor = [string, string]; - -/** - * Request metadata used in searching alerts. - */ -export interface AlertSearchQuery { - pageSize: number; - pageIndex?: number; - fromIndex?: number; - query: Query; - filters: Filter[]; - dateRange?: TimeRange; - sort: string; - order: AlertAPIOrdering; - searchAfter?: SearchCursor; - searchBefore?: SearchCursor; - emptyStringIsUndefined?: boolean; -} - -/** - * ES request body for alerts. - */ -export interface AlertSearchRequest { - track_total_hits: number; - query: JsonObject; - sort: AlertSort; - search_after?: SearchCursor; -} - -/** - * Request for alerts. - */ -export interface AlertSearchRequestWrapper { - index: string; - size: number; - from?: number; - body: AlertSearchRequest; -} - -/** - * Request params for alert details. - */ -export interface AlertDetailsRequestParams { - id: string; -} - -/** - * Request params for alert queries. - * - * Must match exactly the values that the API receives. - */ -export interface AlertListRequestQuery { - page_index?: number; - page_size: number; - query?: string; - filters?: string; - date_range: string; - sort: string; - order: AlertAPIOrdering; - after?: SearchCursor; - before?: SearchCursor; - empty_string_is_undefined?: boolean; -} - -/** - * Indicates whether undefined results are sorted to the beginning (_first) or end (_last) - * of a result set. - */ -export enum UndefinedResultPosition { - first = '_first', - last = '_last', -} diff --git a/x-pack/plugins/endpoint/server/routes/index_pattern.ts b/x-pack/plugins/endpoint/server/routes/index_pattern.ts deleted file mode 100644 index 7e78caaf178e..000000000000 --- a/x-pack/plugins/endpoint/server/routes/index_pattern.ts +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { IRouter, Logger, RequestHandler } from 'kibana/server'; -import { EndpointAppContext } from '../types'; -import { IndexPatternGetParamsResult } from '../../common/types'; -import { AlertConstants } from '../../common/alert_constants'; -import { indexPatternGetParamsSchema } from '../../common/schema/index_pattern'; - -function handleIndexPattern( - log: Logger, - endpointAppContext: EndpointAppContext -): RequestHandler { - return async (context, req, res) => { - try { - const indexRetriever = endpointAppContext.service.getIndexPatternRetriever(); - return res.ok({ - body: { - indexPattern: await indexRetriever.getIndexPattern(context, req.params.datasetPath), - }, - }); - } catch (error) { - log.warn(error); - return res.notFound({ body: error }); - } - }; -} - -export function registerIndexPatternRoute(router: IRouter, endpointAppContext: EndpointAppContext) { - const log = endpointAppContext.logFactory.get('index_pattern'); - - router.get( - { - path: `${AlertConstants.INDEX_PATTERN_ROUTE}/{datasetPath}`, - validate: { params: indexPatternGetParamsSchema }, - options: { authRequired: true }, - }, - handleIndexPattern(log, endpointAppContext) - ); -} diff --git a/x-pack/plugins/endpoint/yarn.lock b/x-pack/plugins/endpoint/yarn.lock deleted file mode 120000 index 6e09764ec763..000000000000 --- a/x-pack/plugins/endpoint/yarn.lock +++ /dev/null @@ -1 +0,0 @@ -../../../yarn.lock \ No newline at end of file diff --git a/x-pack/plugins/endpoint/common/generate_data.test.ts b/x-pack/plugins/siem/common/endpoint/generate_data.test.ts similarity index 100% rename from x-pack/plugins/endpoint/common/generate_data.test.ts rename to x-pack/plugins/siem/common/endpoint/generate_data.test.ts diff --git a/x-pack/plugins/endpoint/common/generate_data.ts b/x-pack/plugins/siem/common/endpoint/generate_data.ts similarity index 99% rename from x-pack/plugins/endpoint/common/generate_data.ts rename to x-pack/plugins/siem/common/endpoint/generate_data.ts index c70184547724..9e3b5a22f160 100644 --- a/x-pack/plugins/endpoint/common/generate_data.ts +++ b/x-pack/plugins/siem/common/endpoint/generate_data.ts @@ -442,6 +442,7 @@ export class EndpointDocGenerator { lineage.length === generations + 1 ) { lineage.pop(); + // eslint-disable-next-line no-continue continue; } // Otherwise, add a child and any nodes associated with it @@ -738,9 +739,10 @@ export class EndpointDocGenerator { } private *randomNGenerator(max: number, count: number) { - while (count > 0) { + let iCount = count; + while (iCount > 0) { yield this.randomN(max); - count--; + iCount = iCount - 1; } } diff --git a/x-pack/plugins/endpoint/common/models/event.ts b/x-pack/plugins/siem/common/endpoint/models/event.ts similarity index 100% rename from x-pack/plugins/endpoint/common/models/event.ts rename to x-pack/plugins/siem/common/endpoint/models/event.ts diff --git a/x-pack/plugins/endpoint/common/models/policy_config.ts b/x-pack/plugins/siem/common/endpoint/models/policy_config.ts similarity index 100% rename from x-pack/plugins/endpoint/common/models/policy_config.ts rename to x-pack/plugins/siem/common/endpoint/models/policy_config.ts diff --git a/x-pack/plugins/endpoint/common/schema/policy.ts b/x-pack/plugins/siem/common/endpoint/schema/policy.ts similarity index 100% rename from x-pack/plugins/endpoint/common/schema/policy.ts rename to x-pack/plugins/siem/common/endpoint/schema/policy.ts diff --git a/x-pack/plugins/endpoint/common/schema/resolver.ts b/x-pack/plugins/siem/common/endpoint/schema/resolver.ts similarity index 100% rename from x-pack/plugins/endpoint/common/schema/resolver.ts rename to x-pack/plugins/siem/common/endpoint/schema/resolver.ts diff --git a/x-pack/plugins/endpoint/common/types.ts b/x-pack/plugins/siem/common/endpoint/types.ts similarity index 86% rename from x-pack/plugins/endpoint/common/types.ts rename to x-pack/plugins/siem/common/endpoint/types.ts index 3d096eab5c4f..43c7e20445d5 100644 --- a/x-pack/plugins/endpoint/common/types.ts +++ b/x-pack/plugins/siem/common/endpoint/types.ts @@ -4,11 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { SearchResponse } from 'elasticsearch'; -import { TypeOf } from '@kbn/config-schema'; -import { alertingIndexGetQuerySchema } from './schema/alert_index'; -import { indexPatternGetParamsSchema } from './schema/index_pattern'; -import { Datasource, NewDatasource } from '../../ingest_manager/common'; +import { Datasource, NewDatasource } from '../../../ingest_manager/common'; + +export interface AppLocation { + pathname: string; + search: string; + hash: string; + key?: string; +} /** * A deep readonly type that will make all children of a given object readonly recursively @@ -30,11 +33,6 @@ type ImmutableMap = ReadonlyMap, Immutable>; type ImmutableSet = ReadonlySet>; type ImmutableObject = { readonly [K in keyof T]: Immutable }; -/** - * Values for the Alert APIs 'order' and 'direction' parameters. - */ -export type AlertAPIOrdering = 'asc' | 'desc'; - export interface ResolverNodeStats { totalEvents: number; totalAlerts: number; @@ -60,46 +58,6 @@ export interface ResolverNode { stats?: ResolverNodeStats; } -/** - * Returned by 'api/endpoint/alerts' - */ -export interface AlertResultList { - /** - * The alerts restricted by page size. - */ - alerts: AlertData[]; - - /** - * The total number of alerts on the page. - */ - total: number; - - /** - * The size of the requested page. - */ - request_page_size: number; - - /** - * The index of the requested page, starting at 0. - */ - request_page_index?: number; - - /** - * The offset of the requested page, starting at 0. - */ - result_from_index?: number; - - /** - * A cursor-based URL for the next page. - */ - next: string | null; - - /** - * A cursor-based URL for the previous page. - */ - prev: string | null; -} - /** * Returned by the server via /api/endpoint/metadata */ @@ -271,24 +229,6 @@ export type AlertEvent = Immutable<{ dll?: DllFields[]; }>; -interface AlertMetadata { - id: string; - - // Alert Details Pagination - next: string | null; - prev: string | null; -} - -interface AlertState { - state: { - host_metadata: HostMetadata; - }; -} - -export type AlertData = AlertEvent & AlertMetadata; - -export type AlertDetails = AlertData & AlertState; - /** * The status of the host */ @@ -337,19 +277,6 @@ export type HostMetadata = Immutable<{ host: Host; }>; -/** - * Represents `total` response from Elasticsearch after ES 7.0. - */ -export interface ESTotal { - value: number; - relation: string; -} - -/** - * `Hits` array in responses from ES search API. - */ -export type AlertHits = SearchResponse['hits']['hits']; - export interface LegacyEndpointEvent { '@timestamp': number; endgame: { @@ -427,7 +354,7 @@ export type ResolverEvent = EndpointEvent | LegacyEndpointEvent; * Note that because the types coming from `@kbn/config-schema`'s schemas sometimes have deeply nested * `Type` types, we process the result of `TypeOf` instead, as this will be consistent. */ -type KbnConfigSchemaInputTypeOf = T extends Record +export type KbnConfigSchemaInputTypeOf = T extends Record ? KbnConfigSchemaInputObjectTypeOf< T > /** `schema.number()` accepts strings, so this type should accept them as well. */ @@ -468,23 +395,6 @@ type KbnConfigSchemaNonOptionalProps> = Pi }[keyof Props] >; -/** - * Query params to pass to the alert API when fetching new data. - */ -export type AlertingIndexGetQueryInput = KbnConfigSchemaInputTypeOf< - TypeOf ->; - -/** - * Result of the validated query params when handling alert index requests. - */ -export type AlertingIndexGetQueryResult = TypeOf; - -/** - * Result of the validated params when handling an index pattern request. - */ -export type IndexPatternGetParamsResult = TypeOf; - /** * Endpoint Policy configuration */ diff --git a/x-pack/plugins/endpoint/common/alert_constants.ts b/x-pack/plugins/siem/common/endpoint_alerts/alert_constants.ts similarity index 100% rename from x-pack/plugins/endpoint/common/alert_constants.ts rename to x-pack/plugins/siem/common/endpoint_alerts/alert_constants.ts diff --git a/x-pack/plugins/endpoint/common/schema/alert_index.ts b/x-pack/plugins/siem/common/endpoint_alerts/schema/alert_index.ts similarity index 78% rename from x-pack/plugins/endpoint/common/schema/alert_index.ts rename to x-pack/plugins/siem/common/endpoint_alerts/schema/alert_index.ts index cffc00661515..6794eea20066 100644 --- a/x-pack/plugins/endpoint/common/schema/alert_index.ts +++ b/x-pack/plugins/siem/common/endpoint_alerts/schema/alert_index.ts @@ -47,7 +47,7 @@ export const alertingIndexGetQuerySchema = schema.object( try { decode(value); } catch (err) { - return i18n.translate('xpack.endpoint.alerts.errors.bad_rison', { + return i18n.translate('xpack.siem.endpoint.alerts.errors.bad_rison', { defaultMessage: 'must be a valid rison-encoded string', }); } @@ -62,7 +62,7 @@ export const alertingIndexGetQuerySchema = schema.object( try { decode(value); } catch (err) { - return i18n.translate('xpack.endpoint.alerts.errors.bad_rison', { + return i18n.translate('xpack.siem.endpoint.alerts.errors.bad_rison', { defaultMessage: 'must be a valid rison-encoded string', }); } @@ -77,7 +77,7 @@ export const alertingIndexGetQuerySchema = schema.object( try { decode(value); } catch (err) { - return i18n.translate('xpack.endpoint.alerts.errors.bad_rison', { + return i18n.translate('xpack.siem.endpoint.alerts.errors.bad_rison', { defaultMessage: 'must be a valid rison-encoded string', }); } @@ -88,22 +88,28 @@ export const alertingIndexGetQuerySchema = schema.object( { validate(value) { if (value.after !== undefined && value.page_index !== undefined) { - return i18n.translate('xpack.endpoint.alerts.errors.page_index_cannot_be_used_with_after', { - defaultMessage: '[page_index] cannot be used with [after]', - }); + return i18n.translate( + 'xpack.siem.endpoint.alerts.errors.page_index_cannot_be_used_with_after', + { + defaultMessage: '[page_index] cannot be used with [after]', + } + ); } if (value.before !== undefined && value.page_index !== undefined) { return i18n.translate( - 'xpack.endpoint.alerts.errors.page_index_cannot_be_used_with_before', + 'xpack.siem.endpoint.alerts.errors.page_index_cannot_be_used_with_before', { defaultMessage: '[page_index] cannot be used with [before]', } ); } if (value.before !== undefined && value.after !== undefined) { - return i18n.translate('xpack.endpoint.alerts.errors.before_cannot_be_used_with_after', { - defaultMessage: '[before] cannot be used with [after]', - }); + return i18n.translate( + 'xpack.siem.endpoint.alerts.errors.before_cannot_be_used_with_after', + { + defaultMessage: '[before] cannot be used with [after]', + } + ); } }, } diff --git a/x-pack/plugins/endpoint/common/schema/index_pattern.ts b/x-pack/plugins/siem/common/endpoint_alerts/schema/index_pattern.ts similarity index 100% rename from x-pack/plugins/endpoint/common/schema/index_pattern.ts rename to x-pack/plugins/siem/common/endpoint_alerts/schema/index_pattern.ts diff --git a/x-pack/plugins/siem/common/endpoint_alerts/types.ts b/x-pack/plugins/siem/common/endpoint_alerts/types.ts new file mode 100644 index 000000000000..2ba8353b09c8 --- /dev/null +++ b/x-pack/plugins/siem/common/endpoint_alerts/types.ts @@ -0,0 +1,272 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SearchResponse } from 'elasticsearch'; +import { TypeOf } from '@kbn/config-schema'; +import { IIndexPattern, TimeRange, Filter, Query } from 'src/plugins/data/public'; +import { JsonObject } from 'src/plugins/kibana_utils/common'; +import { alertingIndexGetQuerySchema } from './schema/alert_index'; +import { indexPatternGetParamsSchema } from './schema/index_pattern'; +import { + HostMetadata, + AlertEvent, + KbnConfigSchemaInputTypeOf, + AppLocation, +} from '../endpoint/types'; + +/** + * A deep readonly type that will make all children of a given object readonly recursively + */ +export type Immutable = T extends undefined | null | boolean | string | number + ? T + : unknown extends T + ? unknown + : T extends Array + ? ImmutableArray + : T extends Map + ? ImmutableMap + : T extends Set + ? ImmutableSet + : ImmutableObject; + +type ImmutableArray = ReadonlyArray>; +type ImmutableMap = ReadonlyMap, Immutable>; +type ImmutableSet = ReadonlySet>; +type ImmutableObject = { readonly [K in keyof T]: Immutable }; + +/** + * Values for the Alert APIs 'order' and 'direction' parameters. + */ +export type AlertAPIOrdering = 'asc' | 'desc'; + +/** + * Returned by 'api/endpoint/alerts' + */ +export interface AlertResultList { + /** + * The alerts restricted by page size. + */ + alerts: AlertData[]; + + /** + * The total number of alerts on the page. + */ + total: number; + + /** + * The size of the requested page. + */ + request_page_size: number; + + /** + * The index of the requested page, starting at 0. + */ + request_page_index?: number; + + /** + * The offset of the requested page, starting at 0. + */ + result_from_index?: number; + + /** + * A cursor-based URL for the next page. + */ + next: string | null; + + /** + * A cursor-based URL for the previous page. + */ + prev: string | null; +} + +interface AlertMetadata { + id: string; + + // Alert Details Pagination + next: string | null; + prev: string | null; +} + +interface AlertState { + state: { + host_metadata: HostMetadata; + }; +} + +export type AlertData = AlertEvent & AlertMetadata; + +export type AlertDetails = AlertData & AlertState; + +/** + * Represents `total` response from Elasticsearch after ES 7.0. + */ +export interface ESTotal { + value: number; + relation: string; +} + +/** + * `Hits` array in responses from ES search API. + */ +export type AlertHits = SearchResponse['hits']['hits']; + +/** + * Query params to pass to the alert API when fetching new data. + */ +export type AlertingIndexGetQueryInput = KbnConfigSchemaInputTypeOf< + TypeOf +>; + +/** + * Result of the validated query params when handling alert index requests. + */ +export type AlertingIndexGetQueryResult = TypeOf; + +/** + * Result of the validated params when handling an index pattern request. + */ +export type IndexPatternGetParamsResult = TypeOf; + +interface AlertsSearchBarState { + patterns: IIndexPattern[]; +} + +export type AlertListData = AlertResultList; + +export interface AlertListState { + /** Array of alert items. */ + readonly alerts: Immutable; + + /** The total number of alerts on the page. */ + readonly total: number; + + /** Number of alerts per page. */ + readonly pageSize: number; + + /** Page number, starting at 0. */ + readonly pageIndex: number; + + /** Current location object from React Router history. */ + readonly location?: Immutable; + + /** Specific Alert data to be shown in the details view */ + readonly alertDetails?: Immutable; + + /** Search bar state including indexPatterns */ + readonly searchBar: AlertsSearchBarState; +} + +/** + * Gotten by parsing the URL from the browser. Used to calculate the new URL when changing views. + */ +export interface AlertingIndexUIQueryParams { + /** + * How many items to show in list. + */ + page_size?: string; + /** + * Which page to show. If `page_index` is 1, show page 2. + */ + page_index?: string; + /** + * If any value is present, show the alert detail view for the selected alert. Should be an ID for an alert event. + */ + selected_alert?: string; + query?: string; + date_range?: string; + filters?: string; +} + +/** + * Sort parameters for alerts in ES. + */ +export interface AlertSortParam { + [key: string]: { + order: AlertAPIOrdering; + missing?: UndefinedResultPosition; + }; +} + +/** + * Sort array for alerts. + */ +export type AlertSort = [AlertSortParam, AlertSortParam]; + +/** + * Cursor-based pagination params. + */ +export type SearchCursor = [string, string]; + +/** + * Request metadata used in searching alerts. + */ +export interface AlertSearchQuery { + pageSize: number; + pageIndex?: number; + fromIndex?: number; + query: Query; + filters: Filter[]; + dateRange?: TimeRange; + sort: string; + order: AlertAPIOrdering; + searchAfter?: SearchCursor; + searchBefore?: SearchCursor; + emptyStringIsUndefined?: boolean; +} + +/** + * ES request body for alerts. + */ +export interface AlertSearchRequest { + track_total_hits: number; + query: JsonObject; + sort: AlertSort; + search_after?: SearchCursor; +} + +/** + * Request for alerts. + */ +export interface AlertSearchRequestWrapper { + index: string; + size: number; + from?: number; + body: AlertSearchRequest; +} + +/** + * Request params for alert details. + */ +export interface AlertDetailsRequestParams { + id: string; +} + +/** + * Request params for alert queries. + * + * Must match exactly the values that the API receives. + */ +export interface AlertListRequestQuery { + page_index?: number; + page_size: number; + query?: string; + filters?: string; + date_range: string; + sort: string; + order: AlertAPIOrdering; + after?: SearchCursor; + before?: SearchCursor; + empty_string_is_undefined?: boolean; +} + +/** + * Indicates whether undefined results are sorted to the beginning (_first) or end (_last) + * of a result set. + */ +export enum UndefinedResultPosition { + first = '_first', + last = '_last', +} diff --git a/x-pack/plugins/siem/kibana.json b/x-pack/plugins/siem/kibana.json index 39e50838c1c9..1106781fd45e 100644 --- a/x-pack/plugins/siem/kibana.json +++ b/x-pack/plugins/siem/kibana.json @@ -7,9 +7,11 @@ "actions", "alerting", "data", + "dataEnhanced", "embeddable", "features", "home", + "ingestManager", "inspector", "licensing", "maps", diff --git a/x-pack/plugins/siem/package.json b/x-pack/plugins/siem/package.json index a055d011a5cb..6dc3aa3a5021 100644 --- a/x-pack/plugins/siem/package.json +++ b/x-pack/plugins/siem/package.json @@ -9,13 +9,17 @@ "build-graphql-types": "node scripts/generate_types_from_graphql.js", "cypress:open": "cypress open --config-file ./cypress/cypress.json", "cypress:run": "cypress run --browser chrome --headless --spec ./cypress/integration/**/*.spec.ts --config-file ./cypress/cypress.json --reporter ../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json; status=$?; ../../node_modules/.bin/mochawesome-merge --reportDir ../../../target/kibana-siem/cypress/results > ../../../target/kibana-siem/cypress/results/output.json; ../../../node_modules/.bin/marge ../../../target/kibana-siem/cypress/results/output.json --reportDir ../../../target/kibana-siem/cypress/results; mkdir -p ../../../target/junit && cp ../../../target/kibana-siem/cypress/results/*.xml ../../../target/junit/ && exit $status;", - "cypress:run-as-ci": "node ../../../scripts/functional_tests --config ../../test/siem_cypress/config.ts" + "cypress:run-as-ci": "node ../../../scripts/functional_tests --config ../../test/siem_cypress/config.ts", + "test:generate": "ts-node --project scripts/endpoint/cli_tsconfig.json scripts/endpoint/resolver_generator.ts" }, "devDependencies": { "@types/lodash": "^4.14.110" }, "dependencies": { "lodash": "^4.17.15", - "react-markdown": "^4.0.6" + "querystring": "^0.2.0", + "react-markdown": "^4.0.6", + "redux-devtools-extension": "^2.13.8", + "@types/seedrandom": ">=2.0.0 <4.0.0" } } diff --git a/x-pack/plugins/siem/public/app/app.tsx b/x-pack/plugins/siem/public/app/app.tsx index 7aef91380b52..732b1883b9b7 100644 --- a/x-pack/plugins/siem/public/app/app.tsx +++ b/x-pack/plugins/siem/public/app/app.tsx @@ -24,7 +24,7 @@ import { DEFAULT_DARK_MODE } from '../../common/constants'; import { ErrorToastDispatcher } from '../common/components/error_toast_dispatcher'; import { compose } from '../common/lib/compose/kibana_compose'; import { AppFrontendLibs, AppApolloClient } from '../common/lib/lib'; -import { StartServices } from '../plugin'; +import { StartServices } from '../types'; import { PageRouter } from './routes'; import { createStore, createInitialState } from '../common/store'; import { GlobalToaster, ManageGlobalToaster } from '../common/components/toasters'; @@ -80,7 +80,8 @@ const StartAppComponent: FC = ({ subPlugins, ...libs }) => { const store = createStore( createInitialState(subPluginsStore.initialState), subPluginsStore.reducer, - libs$.pipe(pluck('apolloClient')) + libs$.pipe(pluck('apolloClient')), + subPluginsStore.middlewares ); const [darkMode] = useUiSetting$(DEFAULT_DARK_MODE); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/setup.tsx b/x-pack/plugins/siem/public/app/home/setup.tsx similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/setup.tsx rename to x-pack/plugins/siem/public/app/home/setup.tsx index a826e1f30f75..a88b6a36100d 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/setup.tsx +++ b/x-pack/plugins/siem/public/app/home/setup.tsx @@ -6,18 +6,18 @@ import * as React from 'react'; import { i18n } from '@kbn/i18n'; import { NotificationsStart } from 'kibana/public'; -import { IngestManagerStart } from '../../../../../ingest_manager/public'; +import { IngestManagerStart } from '../../../../ingest_manager/public'; export const Setup: React.FunctionComponent<{ ingestManager: IngestManagerStart; notifications: NotificationsStart; }> = ({ ingestManager, notifications }) => { React.useEffect(() => { - const defaultText = i18n.translate('xpack.endpoint.ingestToastMessage', { + const defaultText = i18n.translate('xpack.siem.endpoint.ingestToastMessage', { defaultMessage: 'Ingest Manager failed during its setup.', }); - const title = i18n.translate('xpack.endpoint.ingestToastTitle', { + const title = i18n.translate('xpack.siem.endpoint.ingestToastTitle', { defaultMessage: 'App failed to initialize', }); diff --git a/x-pack/plugins/siem/public/app/index.tsx b/x-pack/plugins/siem/public/app/index.tsx index d69be6e09e61..13d06bd1a98c 100644 --- a/x-pack/plugins/siem/public/app/index.tsx +++ b/x-pack/plugins/siem/public/app/index.tsx @@ -9,7 +9,7 @@ import { render, unmountComponentAtNode } from 'react-dom'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { AppMountParameters } from '../../../../../src/core/public'; -import { StartServices } from '../plugin'; +import { StartServices } from '../types'; import { SiemApp } from './app'; import { SecuritySubPlugins } from './types'; diff --git a/x-pack/plugins/siem/public/app/routes.tsx b/x-pack/plugins/siem/public/app/routes.tsx index ed3565df5f50..d1395813d39f 100644 --- a/x-pack/plugins/siem/public/app/routes.tsx +++ b/x-pack/plugins/siem/public/app/routes.tsx @@ -11,6 +11,7 @@ import { Route, Router, Switch } from 'react-router-dom'; import { NotFoundPage } from './404'; import { HomePage } from './home'; import { ManageRoutesSpy } from '../common/utils/route/manage_spy_routes'; +import { RouteCapture } from '../common/components/endpoint/route_capture'; interface RouterProps { history: History; @@ -20,14 +21,16 @@ interface RouterProps { const PageRouterComponent: FC = ({ history, subPluginRoutes }) => ( - - - - - - - - + + + + + + + + + + ); diff --git a/x-pack/plugins/siem/public/app/types.ts b/x-pack/plugins/siem/public/app/types.ts index 5fe4b5a8d822..1fcbc5ba25f8 100644 --- a/x-pack/plugins/siem/public/app/types.ts +++ b/x-pack/plugins/siem/public/app/types.ts @@ -4,12 +4,18 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Reducer, AnyAction } from 'redux'; +import { Reducer, AnyAction, Middleware, Dispatch } from 'redux'; import { NavTab } from '../common/components/navigation/types'; import { HostsState } from '../hosts/store'; import { NetworkState } from '../network/store'; import { TimelineState } from '../timelines/store/timeline/types'; +import { ImmutableReducer, State } from '../common/store'; +import { Immutable } from '../../common/endpoint/types'; +import { AlertListState } from '../../common/endpoint_alerts/types'; +import { AppAction } from '../common/store/actions'; +import { HostState } from '../endpoint_hosts/types'; +import { PolicyDetailsState, PolicyListState } from '../endpoint_policy/types'; export enum SiemPageName { overview = 'overview', @@ -33,13 +39,21 @@ export type SiemNavTab = Record; export interface SecuritySubPluginStore { initialState: Record; reducer: Record>; + middleware?: Middleware<{}, State, Dispatch>>; } export interface SecuritySubPlugin { routes: React.ReactElement[]; } -type SecuritySubPluginKeyStore = 'hosts' | 'network' | 'timeline'; +type SecuritySubPluginKeyStore = + | 'hosts' + | 'network' + | 'timeline' + | 'hostList' + | 'alertList' + | 'policyDetails' + | 'policyList'; export interface SecuritySubPluginWithStore extends SecuritySubPlugin { store: SecuritySubPluginStore; @@ -51,11 +65,20 @@ export interface SecuritySubPlugins extends SecuritySubPlugin { hosts: HostsState; network: NetworkState; timeline: TimelineState; + alertList: Immutable; + hostList: Immutable; + policyDetails: Immutable; + policyList: Immutable; }; reducer: { hosts: Reducer; network: Reducer; timeline: Reducer; + alertList: ImmutableReducer; + hostList: ImmutableReducer; + policyDetails: ImmutableReducer; + policyList: ImmutableReducer; }; + middlewares: Array>>>; }; } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/link_to_app.test.tsx.snap b/x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/link_to_app.test.tsx.snap similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/link_to_app.test.tsx.snap rename to x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/link_to_app.test.tsx.snap diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/page_view.test.tsx.snap b/x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/page_view.test.tsx.snap similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/page_view.test.tsx.snap rename to x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/page_view.test.tsx.snap index 36b602a1e678..35a42acf7e1f 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/__snapshots__/page_view.test.tsx.snap +++ b/x-pack/plugins/siem/public/common/components/endpoint/__snapshots__/page_view.test.tsx.snap @@ -21,7 +21,7 @@ exports[`PageView component should display body header custom element 1`] = ` background: none; } - body header @@ -88,7 +88,7 @@ exports[`PageView component should display body header custom element 1`] = `
- + `; exports[`PageView component should display body header wrapped in EuiTitle 1`] = ` @@ -112,7 +112,7 @@ exports[`PageView component should display body header wrapped in EuiTitle 1`] = background: none; } - @@ -150,7 +150,7 @@ exports[`PageView component should display body header wrapped in EuiTitle 1`] = className="euiPageContentHeaderSection" data-test-subj="pageViewBodyTitleArea" > - +

- +

@@ -182,7 +182,7 @@ exports[`PageView component should display body header wrapped in EuiTitle 1`] = - + `; exports[`PageView component should display header left and right 1`] = ` @@ -206,7 +206,7 @@ exports[`PageView component should display header left and right 1`] = ` background: none; } - - + @@ -248,7 +248,7 @@ exports[`PageView component should display header left and right 1`] = ` page title - + - + `; exports[`PageView component should display only body if not header props used 1`] = ` @@ -315,7 +315,7 @@ exports[`PageView component should display only body if not header props used 1` background: none; } - - + `; exports[`PageView component should display only header left 1`] = ` @@ -383,7 +383,7 @@ exports[`PageView component should display only header left 1`] = ` background: none; } - @@ -413,7 +413,7 @@ exports[`PageView component should display only header left 1`] = ` className="euiPageHeaderSection" data-test-subj="pageViewHeaderLeft" > - + @@ -424,7 +424,7 @@ exports[`PageView component should display only header left 1`] = ` page title - + @@ -457,7 +457,7 @@ exports[`PageView component should display only header left 1`] = ` - + `; exports[`PageView component should display only header right but include an empty left side 1`] = ` @@ -481,7 +481,7 @@ exports[`PageView component should display only header right but include an empt background: none; } - @@ -552,7 +552,7 @@ exports[`PageView component should display only header right but include an empt - + `; exports[`PageView component should pass through EuiPage props 1`] = ` @@ -576,7 +576,7 @@ exports[`PageView component should pass through EuiPage props 1`] = ` background: none; } - - + `; exports[`PageView component should use custom element for header left and not wrap in EuiTitle 1`] = ` @@ -661,7 +661,7 @@ exports[`PageView component should use custom element for header left and not wr background: none; } - title here @@ -730,5 +730,5 @@ exports[`PageView component should use custom element for header left and not wr - + `; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/formatted_date_time.tsx b/x-pack/plugins/siem/public/common/components/endpoint/formatted_date_time.tsx similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/formatted_date_time.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/formatted_date_time.tsx diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.test.tsx b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.test.tsx similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.test.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/link_to_app.test.tsx index 2d4d1ca8a1b5..0c3467d8f363 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.test.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.test.tsx @@ -8,8 +8,8 @@ import React from 'react'; import { mount } from 'enzyme'; import { LinkToApp } from './link_to_app'; import { CoreStart } from 'kibana/public'; -import { KibanaContextProvider } from '../../../../../../../../src/plugins/kibana_react/public'; -import { coreMock } from '../../../../../../../../src/core/public/mocks'; +import { KibanaContextProvider } from '../../../../../../../src/plugins/kibana_react/public'; +import { coreMock } from '../../../../../../../src/core/public/mocks'; type LinkToAppOnClickMock = jest.Mock< Return, @@ -31,13 +31,13 @@ describe('LinkToApp component', () => { }); it('should render with minimum input', () => { - expect(render(link)).toMatchSnapshot(); + expect(render({'link'})).toMatchSnapshot(); }); it('should render with href', () => { expect( render( - link + {'link'} ) ).toMatchSnapshot(); @@ -47,7 +47,7 @@ describe('LinkToApp component', () => { const spyOnClickHandler: LinkToAppOnClickMock = jest.fn(_event => {}); const renderResult = render( - link + {'link'} ); @@ -65,7 +65,7 @@ describe('LinkToApp component', () => { it('should navigate to App with specific path', () => { const renderResult = render( - link + {'link'} ); renderResult.find('EuiLink').simulate('click', { button: 0 }); @@ -84,7 +84,7 @@ describe('LinkToApp component', () => { color="primary" data-test-subj="my-test-subject" > - link + {'link'} ); expect(renderResult.find('EuiLink').props()).toEqual({ @@ -103,7 +103,7 @@ describe('LinkToApp component', () => { }); const renderResult = render( - link + {'link'} ); expect(() => renderResult.find('EuiLink').simulate('click')).toThrow(); @@ -116,21 +116,21 @@ describe('LinkToApp component', () => { }); const renderResult = render( - link + {'link'} ); renderResult.find('EuiLink').simulate('click', { button: 0 }); expect(fakeCoreStart.application.navigateToApp).not.toHaveBeenCalled(); }); it('should not to navigate if it was not left click', () => { - const renderResult = render(link); + const renderResult = render({'link'}); renderResult.find('EuiLink').simulate('click', { button: 1 }); expect(fakeCoreStart.application.navigateToApp).not.toHaveBeenCalled(); }); it('should not to navigate if it includes an anchor target', () => { const renderResult = render( - link + {'link'} ); renderResult.find('EuiLink').simulate('click', { button: 0 }); @@ -139,7 +139,7 @@ describe('LinkToApp component', () => { it('should not to navigate if if meta|alt|ctrl|shift keys are pressed', () => { const renderResult = render( - link + {'link'} ); const euiLink = renderResult.find('EuiLink'); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.tsx b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.tsx similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/link_to_app.tsx index 6a3cf5e78f4b..d6d8859b280b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/link_to_app.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/link_to_app.tsx @@ -5,15 +5,15 @@ */ import React, { memo, MouseEventHandler } from 'react'; -import { EuiLink } from '@elastic/eui'; -import { EuiLinkProps } from '@elastic/eui'; -import { useNavigateToAppEventHandler } from '../hooks/use_navigate_to_app_event_handler'; +import { EuiLink, EuiLinkProps } from '@elastic/eui'; +import { useNavigateToAppEventHandler } from '../../hooks/endpoint/use_navigate_to_app_event_handler'; type LinkToAppProps = EuiLinkProps & { /** the app id - normally the value of the `id` in that plugin's `kibana.json` */ appId: string; /** Any app specific path (route) */ appPath?: string; + // eslint-disable-next-line @typescript-eslint/no-explicit-any appState?: any; onClick?: MouseEventHandler; }; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.test.tsx b/x-pack/plugins/siem/public/common/components/endpoint/page_view.test.tsx similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.test.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/page_view.test.tsx index 4007477a088f..2c14f66b6486 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.test.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/page_view.test.tsx @@ -7,20 +7,20 @@ import React from 'react'; import { mount } from 'enzyme'; import { PageView } from './page_view'; -import { EuiThemeProvider } from '../../../../../../../legacy/common/eui_styled_components'; +import { EuiThemeProvider } from '../../../../../../legacy/common/eui_styled_components'; describe('PageView component', () => { const render = (ui: Parameters[0]) => mount(ui, { wrappingComponent: EuiThemeProvider }); it('should display only body if not header props used', () => { - expect(render(body content)).toMatchSnapshot(); + expect(render({'body content'})).toMatchSnapshot(); }); it('should display header left and right', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -29,7 +29,7 @@ describe('PageView component', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -38,7 +38,7 @@ describe('PageView component', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -46,8 +46,8 @@ describe('PageView component', () => { it(`should use custom element for header left and not wrap in EuiTitle`, () => { expect( render( - title here

}> - body content + {'title here'}

}> + {'body content'} ) ).toMatchSnapshot(); @@ -56,7 +56,7 @@ describe('PageView component', () => { expect( render( - body content + {'body content'} ) ).toMatchSnapshot(); @@ -64,8 +64,8 @@ describe('PageView component', () => { it('should display body header custom element', () => { expect( render( - body header

}> - body content + {'body header'}

}> + {'body content'} ) ).toMatchSnapshot(); @@ -80,7 +80,7 @@ describe('PageView component', () => { aria-label="test-aria-label-here" data-test-subj="test-data-test-subj-here" > - body content + {'body content'} ) ).toMatchSnapshot(); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.tsx b/x-pack/plugins/siem/public/common/components/endpoint/page_view.tsx similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/page_view.tsx index 6da352b68f89..b2b8078c3fe9 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/components/page_view.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/page_view.tsx @@ -56,6 +56,8 @@ export const PageViewHeaderTitle = memo<{ children: ReactNode }>(({ children }) ); }); +PageViewHeaderTitle.displayName = 'PageViewHeaderTitle'; + /** * The `PageView` component used to render `bodyHeader` when it is set as a `string` * Can be used when wanting to customize the `bodyHeader` value but still use the standard @@ -70,6 +72,7 @@ export const PageViewBodyHeaderTitle = memo<{ children: ReactNode }>( ); } ); +PageViewBodyHeaderTitle.displayName = 'PageViewBodyHeaderTitle'; /** * Page View layout for use in Endpoint @@ -135,3 +138,5 @@ export const PageView = memo< ); }); + +PageView.displayName = 'PageView'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/route_capture.tsx b/x-pack/plugins/siem/public/common/components/endpoint/route_capture.tsx similarity index 77% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/route_capture.tsx rename to x-pack/plugins/siem/public/common/components/endpoint/route_capture.tsx index 28d2019b5688..7340d639070a 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/route_capture.tsx +++ b/x-pack/plugins/siem/public/common/components/endpoint/route_capture.tsx @@ -7,15 +7,18 @@ import React, { memo } from 'react'; import { useLocation } from 'react-router-dom'; import { useDispatch } from 'react-redux'; -import { EndpointAppLocation, AppAction } from '../types'; +import { AppLocation } from '../../../../common/endpoint/types'; +import { AppAction } from '../../store/actions'; /** * This component should be used above all routes, but below the Provider. * It dispatches actions when the URL is changed. */ export const RouteCapture = memo(({ children }) => { - const location: EndpointAppLocation = useLocation(); + const location: AppLocation = useLocation(); const dispatch: (action: AppAction) => unknown = useDispatch(); dispatch({ type: 'userChangedUrl', payload: location }); return <>{children}; }); + +RouteCapture.displayName = 'RouteCapture'; diff --git a/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts b/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts index 16ae1b1e096c..a202407b1270 100644 --- a/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts +++ b/x-pack/plugins/siem/public/common/components/navigation/breadcrumbs/index.ts @@ -9,7 +9,7 @@ import { getOr, omit } from 'lodash/fp'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { ChromeBreadcrumb } from '../../../../../../../../src/core/public'; import { APP_NAME } from '../../../../../common/constants'; -import { StartServices } from '../../../../plugin'; +import { StartServices } from '../../../../types'; import { getBreadcrumbs as getHostDetailsBreadcrumbs } from '../../../../hosts/pages/details/utils'; import { getBreadcrumbs as getIPDetailsBreadcrumbs } from '../../../../network/pages/ip_details'; import { getBreadcrumbs as getCaseDetailsBreadcrumbs } from '../../../../cases/pages/utils'; diff --git a/x-pack/plugins/siem/public/common/hooks/api/api.tsx b/x-pack/plugins/siem/public/common/hooks/api/api.tsx index 12863bffcf51..4c2cf031f781 100644 --- a/x-pack/plugins/siem/public/common/hooks/api/api.tsx +++ b/x-pack/plugins/siem/public/common/hooks/api/api.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { StartServices } from '../../../plugin'; +import { StartServices } from '../../../types'; import { IndexPatternSavedObject, IndexPatternSavedObjectAttributes } from '../types'; /** diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.test.tsx b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.test.tsx similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.test.tsx rename to x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.test.tsx index b1f09617f017..f7e433361118 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.test.tsx +++ b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.test.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import React from 'react'; -import { AppContextTestRender, createAppRootMockRenderer } from '../../mocks'; +import { AppContextTestRender, createAppRootMockRenderer } from '../../mock/endpoint'; import { useNavigateByRouterEventHandler } from './use_navigate_by_router_event_handler'; import { act, fireEvent, cleanup } from '@testing-library/react'; @@ -19,6 +19,7 @@ describe('useNavigateByRouterEventHandler hook', () => { let renderResult: ReturnType; let linkEle: HTMLAnchorElement; let clickHandlerSpy: ClickHandlerMock; + // eslint-disable-next-line react/display-name const Link = React.memo<{ routeTo: Parameters[0]; onClick?: Parameters[1]; @@ -26,7 +27,7 @@ describe('useNavigateByRouterEventHandler hook', () => { const onClickHandler = useNavigateByRouterEventHandler(routeTo, onClick); return ( - mock link + {'mock link'} ); }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.ts b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_by_router_event_handler.ts rename to x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_by_router_event_handler.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_to_app_event_handler.ts b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_to_app_event_handler.ts rename to x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts index ec9a8691c481..5fbfa5e0e58a 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hooks/use_navigate_to_app_event_handler.ts +++ b/x-pack/plugins/siem/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts @@ -6,7 +6,7 @@ import { MouseEventHandler, useCallback } from 'react'; import { ApplicationStart } from 'kibana/public'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; type NavigateToAppHandlerProps = Parameters; type EventHandlerCallback = MouseEventHandler; diff --git a/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts b/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts index 42738c6bbe7d..075f06084384 100644 --- a/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts +++ b/x-pack/plugins/siem/public/common/lib/kibana/kibana_react.ts @@ -12,7 +12,7 @@ import { useUiSetting$, withKibana, } from '../../../../../../../src/plugins/kibana_react/public'; -import { StartServices } from '../../../plugin'; +import { StartServices } from '../../../types'; export type KibanaContext = KibanaReactContextValue; export interface WithKibanaProps { diff --git a/x-pack/plugins/siem/public/common/lib/telemetry/index.ts b/x-pack/plugins/siem/public/common/lib/telemetry/index.ts index 0ed524c2ae54..e79ef0d12822 100644 --- a/x-pack/plugins/siem/public/common/lib/telemetry/index.ts +++ b/x-pack/plugins/siem/public/common/lib/telemetry/index.ts @@ -6,7 +6,7 @@ import { METRIC_TYPE, UiStatsMetricType } from '@kbn/analytics'; -import { SetupPlugins } from '../../../plugin'; +import { SetupPlugins } from '../../../types'; export { telemetryMiddleware } from './middleware'; export { METRIC_TYPE }; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/app_context_render.tsx b/x-pack/plugins/siem/public/common/mock/endpoint/app_context_render.tsx similarity index 54% rename from x-pack/plugins/endpoint/public/applications/endpoint/mocks/app_context_render.tsx rename to x-pack/plugins/siem/public/common/mock/endpoint/app_context_render.tsx index 639b1f7252d7..73ac5fdf5152 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/app_context_render.tsx +++ b/x-pack/plugins/siem/public/common/mock/endpoint/app_context_render.tsx @@ -7,12 +7,20 @@ import React from 'react'; import { createMemoryHistory } from 'history'; import { render as reactRender, RenderOptions, RenderResult } from '@testing-library/react'; -import { appStoreFactory } from '../store'; +import { Store } from 'redux'; + import { coreMock } from '../../../../../../../src/core/public/mocks'; -import { EndpointPluginStartDependencies } from '../../../plugin'; +import { StartPlugins } from '../../../types'; import { depsStartMock } from './dependencies_start_mock'; -import { AppRootProvider } from '../view/app_root_provider'; -import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../store/test_utils'; +import { MiddlewareActionSpyHelper, createSpyMiddleware } from '../../store/test_utils'; +import { apolloClientObservable } from '../test_providers'; +import { createStore, State, substateMiddlewareFactory } from '../../store'; +import { hostMiddlewareFactory } from '../../../endpoint_hosts/store/middleware'; +import { policyListMiddlewareFactory } from '../../../endpoint_policy/store/policy_list/middleware'; +import { policyDetailsMiddlewareFactory } from '../../../endpoint_policy/store/policy_details/middleware'; +import { alertMiddlewareFactory } from '../../../endpoint_alerts/store/middleware'; +import { AppRootProvider } from './app_root_provider'; +import { SUB_PLUGINS_REDUCER, mockGlobalState } from '..'; type UiRender = (ui: React.ReactElement, options?: RenderOptions) => RenderResult; @@ -20,15 +28,16 @@ type UiRender = (ui: React.ReactElement, options?: RenderOptions) => RenderResul * Mocked app root context renderer */ export interface AppContextTestRender { - store: ReturnType; + store: Store; history: ReturnType; coreStart: ReturnType; - depsStart: EndpointPluginStartDependencies; + depsStart: Pick; middlewareSpy: MiddlewareActionSpyHelper; /** * A wrapper around `AppRootContext` component. Uses the mocked modules as input to the * `AppRootContext` */ + // eslint-disable-next-line @typescript-eslint/no-explicit-any AppWrapper: React.FC; /** * Renders the given UI within the created `AppWrapper` providing the given UI a mocked @@ -48,12 +57,28 @@ export const createAppRootMockRenderer = (): AppContextTestRender => { const coreStart = coreMock.createStart({ basePath: '/mock' }); const depsStart = depsStartMock(); const middlewareSpy = createSpyMiddleware(); - const store = appStoreFactory({ - coreStart, - depsStart, - additionalMiddleware: [middlewareSpy.actionSpyMiddleware], - }); - const AppWrapper: React.FunctionComponent<{ children: React.ReactElement }> = ({ children }) => ( + const state: State = mockGlobalState; + const store = createStore(state, SUB_PLUGINS_REDUCER, apolloClientObservable, [ + substateMiddlewareFactory( + globalState => globalState.hostList, + hostMiddlewareFactory(coreStart, depsStart) + ), + substateMiddlewareFactory( + globalState => globalState.policyList, + policyListMiddlewareFactory(coreStart, depsStart) + ), + substateMiddlewareFactory( + globalState => globalState.policyDetails, + policyDetailsMiddlewareFactory(coreStart, depsStart) + ), + substateMiddlewareFactory( + globalState => globalState.alertList, + alertMiddlewareFactory(coreStart, depsStart) + ), + middlewareSpy.actionSpyMiddleware, + ]); + + const AppWrapper: React.FC<{ children: React.ReactElement }> = ({ children }) => ( {children} @@ -61,7 +86,7 @@ export const createAppRootMockRenderer = (): AppContextTestRender => { const render: UiRender = (ui, options) => { // @ts-ignore return reactRender(ui, { - wrapper: AppWrapper, + wrapper: AppWrapper as React.ComponentType, ...options, }); }; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root_provider.tsx b/x-pack/plugins/siem/public/common/mock/endpoint/app_root_provider.tsx similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/app_root_provider.tsx rename to x-pack/plugins/siem/public/common/mock/endpoint/app_root_provider.tsx index ca27831ee90b..73c0f0057391 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/app_root_provider.tsx +++ b/x-pack/plugins/siem/public/common/mock/endpoint/app_root_provider.tsx @@ -9,22 +9,22 @@ import { Provider } from 'react-redux'; import { I18nProvider } from '@kbn/i18n/react'; import { Router } from 'react-router-dom'; import { History } from 'history'; -import { CoreStart } from 'kibana/public'; import { useObservable } from 'react-use'; +import { Store } from 'redux'; import { EuiThemeProvider } from '../../../../../../legacy/common/eui_styled_components'; import { KibanaContextProvider } from '../../../../../../../src/plugins/kibana_react/public'; -import { appStoreFactory } from '../store'; -import { RouteCapture } from './route_capture'; -import { EndpointPluginStartDependencies } from '../../../plugin'; +import { RouteCapture } from '../../components/endpoint/route_capture'; +import { StartPlugins } from '../../../types'; +import { CoreStart } from '../../../../../../../src/core/public'; /** * Provides the context for rendering the endpoint app */ export const AppRootProvider = memo<{ - store: ReturnType; + store: Store; history: History; coreStart: CoreStart; - depsStart: EndpointPluginStartDependencies; + depsStart: Pick; children: ReactNode | ReactNode[]; }>( ({ @@ -56,3 +56,5 @@ export const AppRootProvider = memo<{ ); } ); + +AppRootProvider.displayName = 'AppRootProvider'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/dependencies_start_mock.ts b/x-pack/plugins/siem/public/common/mock/endpoint/dependencies_start_mock.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/mocks/dependencies_start_mock.ts rename to x-pack/plugins/siem/public/common/mock/endpoint/dependencies_start_mock.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/mocks/index.ts b/x-pack/plugins/siem/public/common/mock/endpoint/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/mocks/index.ts rename to x-pack/plugins/siem/public/common/mock/endpoint/index.ts diff --git a/x-pack/plugins/siem/public/common/mock/global_state.ts b/x-pack/plugins/siem/public/common/mock/global_state.ts index e215aa7403ec..63dd6dddfa9c 100644 --- a/x-pack/plugins/siem/public/common/mock/global_state.ts +++ b/x-pack/plugins/siem/public/common/mock/global_state.ts @@ -25,6 +25,15 @@ import { } from '../../../common/constants'; import { networkModel } from '../../network/store'; import { TimelineType } from '../../../common/types/timeline'; +import { initialPolicyListState } from '../../endpoint_policy/store/policy_list/reducer'; +import { initialAlertListState } from '../../endpoint_alerts/store/reducer'; +import { initialPolicyDetailsState } from '../../endpoint_policy/store/policy_details/reducer'; +import { initialHostListState } from '../../endpoint_hosts/store/reducer'; + +const policyList = initialPolicyListState(); +const alertList = initialAlertListState(); +const policyDetails = initialPolicyDetailsState(); +const hostList = initialHostListState(); export const mockGlobalState: State = { app: { @@ -225,4 +234,8 @@ export const mockGlobalState: State = { }, }, }, + alertList, + hostList, + policyList, + policyDetails, }; diff --git a/x-pack/plugins/siem/public/common/mock/utils.ts b/x-pack/plugins/siem/public/common/mock/utils.ts index 2b54bf83c0a9..68c52e493898 100644 --- a/x-pack/plugins/siem/public/common/mock/utils.ts +++ b/x-pack/plugins/siem/public/common/mock/utils.ts @@ -7,6 +7,10 @@ import { hostsReducer } from '../../hosts/store'; import { networkReducer } from '../../network/store'; import { timelineReducer } from '../../timelines/store/timeline/reducer'; +import { hostListReducer } from '../../endpoint_hosts/store'; +import { alertListReducer } from '../../endpoint_alerts/store'; +import { policyListReducer } from '../../endpoint_policy/store/policy_list'; +import { policyDetailsReducer } from '../../endpoint_policy/store/policy_details'; interface Global extends NodeJS.Global { // eslint-disable-next-line @typescript-eslint/no-explicit-any @@ -19,4 +23,8 @@ export const SUB_PLUGINS_REDUCER = { hosts: hostsReducer, network: networkReducer, timeline: timelineReducer, + hostList: hostListReducer, + alertList: alertListReducer, + policyList: policyListReducer, + policyDetails: policyDetailsReducer, }; diff --git a/x-pack/plugins/siem/public/common/store/actions.ts b/x-pack/plugins/siem/public/common/store/actions.ts index 8a6c292c4893..a51b075dc751 100644 --- a/x-pack/plugins/siem/public/common/store/actions.ts +++ b/x-pack/plugins/siem/public/common/store/actions.ts @@ -4,6 +4,19 @@ * you may not use this file except in compliance with the Elastic License. */ +import { HostAction } from '../../endpoint_hosts/store/action'; +import { AlertAction } from '../../endpoint_alerts/store/action'; +import { PolicyListAction } from '../../endpoint_policy/store/policy_list'; +import { PolicyDetailsAction } from '../../endpoint_policy/store/policy_details'; + export { appActions } from './app'; export { dragAndDropActions } from './drag_and_drop'; export { inputsActions } from './inputs'; +import { RoutingAction } from './routing'; + +export type AppAction = + | HostAction + | AlertAction + | RoutingAction + | PolicyListAction + | PolicyDetailsAction; diff --git a/x-pack/plugins/siem/public/common/store/index.ts b/x-pack/plugins/siem/public/common/store/index.ts index 8f5c4449308e..57162eaae842 100644 --- a/x-pack/plugins/siem/public/common/store/index.ts +++ b/x-pack/plugins/siem/public/common/store/index.ts @@ -9,5 +9,19 @@ export * from './reducer'; export * from './selectors'; import { createStore, getStore } from './store'; +import { SubstateMiddlewareFactory } from './types'; export { createStore, getStore }; + +export const substateMiddlewareFactory: SubstateMiddlewareFactory = (selector, middleware) => { + return api => { + const substateAPI = { + ...api, + // Return just the substate instead of global state. + getState() { + return selector(api.getState()); + }, + }; + return middleware(substateAPI); + }; +}; diff --git a/x-pack/plugins/siem/public/common/store/reducer.ts b/x-pack/plugins/siem/public/common/store/reducer.ts index da1dcd3ea9e7..570e851a3aa5 100644 --- a/x-pack/plugins/siem/public/common/store/reducer.ts +++ b/x-pack/plugins/siem/public/common/store/reducer.ts @@ -13,8 +13,28 @@ import { createInitialInputsState, initialInputsState, inputsReducer, InputsStat import { HostsPluginState, HostsPluginReducer } from '../../hosts/store'; import { NetworkPluginState, NetworkPluginReducer } from '../../network/store'; import { TimelinePluginState, TimelinePluginReducer } from '../../timelines/store/timeline'; +import { + EndpointAlertsPluginState, + EndpointAlertsPluginReducer, +} from '../../endpoint_alerts/store'; +import { EndpointHostsPluginState, EndpointHostsPluginReducer } from '../../endpoint_hosts/store'; +import { + EndpointPolicyDetailsStatePluginState, + EndpointPolicyDetailsStatePluginReducer, +} from '../../endpoint_policy/store/policy_details'; +import { + EndpointPolicyListStatePluginState, + EndpointPolicyListStatePluginReducer, +} from '../../endpoint_policy/store/policy_list'; -export interface State extends HostsPluginState, NetworkPluginState, TimelinePluginState { +export interface State + extends HostsPluginState, + NetworkPluginState, + TimelinePluginState, + EndpointAlertsPluginState, + EndpointHostsPluginState, + EndpointPolicyDetailsStatePluginState, + EndpointPolicyListStatePluginState { app: AppState; dragAndDrop: DragAndDropState; inputs: InputsState; @@ -26,10 +46,20 @@ export const initialState: Pick = { inputs: initialInputsState, }; -type SubPluginsInitState = HostsPluginState & NetworkPluginState & TimelinePluginState; +type SubPluginsInitState = HostsPluginState & + NetworkPluginState & + TimelinePluginState & + EndpointAlertsPluginState & + EndpointHostsPluginState & + EndpointPolicyDetailsStatePluginState & + EndpointPolicyListStatePluginState; export type SubPluginsInitReducer = HostsPluginReducer & NetworkPluginReducer & - TimelinePluginReducer; + TimelinePluginReducer & + EndpointAlertsPluginReducer & + EndpointHostsPluginReducer & + EndpointPolicyDetailsStatePluginReducer & + EndpointPolicyListStatePluginReducer; export const createInitialState = (pluginsInitState: SubPluginsInitState): State => ({ ...initialState, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts b/x-pack/plugins/siem/public/common/store/routing/action.ts similarity index 68% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts rename to x-pack/plugins/siem/public/common/store/routing/action.ts index fd72a02b3358..ae5e4eb32d47 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts +++ b/x-pack/plugins/siem/public/common/store/routing/action.ts @@ -4,12 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Immutable } from '../../../../../common/types'; -import { EndpointAppLocation } from '../../types'; +import { AppLocation, Immutable } from '../../../../common/endpoint/types'; interface UserChangedUrl { readonly type: 'userChangedUrl'; - readonly payload: Immutable; + readonly payload: Immutable; } export type RoutingAction = UserChangedUrl; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts b/x-pack/plugins/siem/public/common/store/routing/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts rename to x-pack/plugins/siem/public/common/store/routing/index.ts diff --git a/x-pack/plugins/siem/public/common/store/store.ts b/x-pack/plugins/siem/public/common/store/store.ts index ea7cb417fb24..10ea61828ed3 100644 --- a/x-pack/plugins/siem/public/common/store/store.ts +++ b/x-pack/plugins/siem/public/common/store/store.ts @@ -4,7 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Action, applyMiddleware, compose, createStore as createReduxStore, Store } from 'redux'; +import { + Action, + applyMiddleware, + compose, + createStore as createReduxStore, + Store, + Middleware, + Dispatch, +} from 'redux'; import { createEpicMiddleware } from 'redux-observable'; import { Observable } from 'rxjs'; @@ -16,6 +24,8 @@ import { inputsSelectors } from './inputs'; import { State, SubPluginsInitReducer, createReducer } from './reducer'; import { createRootEpic } from './epic'; import { AppApolloClient } from '../lib/lib'; +import { AppAction } from './actions'; +import { Immutable } from '../../../common/endpoint/types'; type ComposeType = typeof compose; declare global { @@ -28,7 +38,8 @@ export { SubPluginsInitReducer }; export const createStore = ( state: State, pluginsReducer: SubPluginsInitReducer, - apolloClient: Observable + apolloClient: Observable, + additionalMiddleware?: Array>>> ): Store => { const composeEnhancers = window.__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ || compose; @@ -49,7 +60,9 @@ export const createStore = ( store = createReduxStore( createReducer(pluginsReducer), state, - composeEnhancers(applyMiddleware(epicMiddleware, telemetryMiddleware)) + composeEnhancers( + applyMiddleware(epicMiddleware, telemetryMiddleware, ...(additionalMiddleware ?? [])) + ) ); epicMiddleware.run(createRootEpic()); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/test_utils.ts b/x-pack/plugins/siem/public/common/store/test_utils.ts similarity index 95% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/test_utils.ts rename to x-pack/plugins/siem/public/common/store/test_utils.ts index df17cf8cf663..74d65ee5b589 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/test_utils.ts +++ b/x-pack/plugins/siem/public/common/store/test_utils.ts @@ -5,12 +5,14 @@ */ import { Dispatch } from 'redux'; -import { AppAction, GlobalState, ImmutableMiddlewareFactory } from '../types'; +import { State } from './reducer'; +import { AppAction } from './actions'; +import { ImmutableMiddlewareFactory } from './types'; /** * Utilities for testing Redux middleware */ -export interface MiddlewareActionSpyHelper { +export interface MiddlewareActionSpyHelper { /** * Returns a promise that is fulfilled when the given action is dispatched or a timeout occurs. * The `action` will given to the promise `resolve` thus allowing for checks to be done. @@ -67,7 +69,7 @@ export interface MiddlewareActionSpyHelper(): MiddlewareActionSpyHelper => { type ActionWatcher = (action: A) => void; diff --git a/x-pack/plugins/siem/public/common/store/types.ts b/x-pack/plugins/siem/public/common/store/types.ts index 2c679ba41116..0a1010ea87fc 100644 --- a/x-pack/plugins/siem/public/common/store/types.ts +++ b/x-pack/plugins/siem/public/common/store/types.ts @@ -4,6 +4,20 @@ * you may not use this file except in compliance with the Elastic License. */ +import { + Dispatch, + Action as ReduxAction, + AnyAction as ReduxAnyAction, + Action, + Middleware, +} from 'redux'; + +import { CoreStart } from '../../../../../../src/core/public'; +import { Immutable } from '../../../common/endpoint_alerts/types'; +import { State } from './reducer'; +import { StartPlugins } from '../../types'; +import { AppAction } from './actions'; + export type KueryFilterQueryKind = 'kuery' | 'lucene'; export interface KueryFilterQuery { @@ -15,3 +29,94 @@ export interface SerializedFilterQuery { kuery: KueryFilterQuery | null; serializedQuery: string; } + +/** + * like redux's `MiddlewareAPI` but `getState` returns an `Immutable` version of + * state and `dispatch` accepts `Immutable` versions of actions. + */ +export interface ImmutableMiddlewareAPI { + dispatch: Dispatch>; + getState(): Immutable; +} + +/** + * Like redux's `Middleware` but without the ability to mutate actions or state. + * Differences: + * * `getState` returns an `Immutable` version of state + * * `dispatch` accepts `Immutable` versions of actions + * * `action`s received will be `Immutable` + */ +export type ImmutableMiddleware = ( + api: ImmutableMiddlewareAPI +) => (next: Dispatch>) => (action: Immutable) => unknown; + +/** + * Takes application-standard middleware dependencies + * and returns a redux middleware. + * Middleware will be of the `ImmutableMiddleware` variety. Not able to directly + * change actions or state. + */ +export type ImmutableMiddlewareFactory = ( + coreStart: CoreStart, + depsStart: Pick +) => ImmutableMiddleware; + +/** + * Simple type for a redux selector. + */ +type Selector = (state: S) => R; + +/** + * Takes a selector and an `ImmutableMiddleware`. The + * middleware's version of `getState` will receive + * the result of the selector instead of the global state. + * + * This allows middleware to have knowledge of only a subsection of state. + * + * `selector` returns an `Immutable` version of the substate. + * `middleware` must be an `ImmutableMiddleware`. + * + * Returns a regular middleware, meant to be used with `applyMiddleware`. + */ +export type SubstateMiddlewareFactory = ( + selector: Selector>, + middleware: ImmutableMiddleware +) => Middleware<{}, State, Dispatch>>; + +/** + * Like `Reducer` from `redux` but it accepts immutable versions of `state` and `action`. + * Use this type for all Reducers in order to help enforce our pattern of immutable state. + */ +export type ImmutableReducer = ( + state: Immutable | undefined, + action: Immutable +) => State | Immutable; + +/** + * A alternate interface for `redux`'s `combineReducers`. Will work with the same underlying implementation, + * but will enforce that `Immutable` versions of `state` and `action` are received. + */ +export type ImmutableCombineReducers = ( + reducers: ImmutableReducersMapObject +) => ImmutableReducer; + +/** + * Like `redux`'s `ReducersMapObject` (which is used by `combineReducers`) but enforces that + * the `state` and `action` received are `Immutable` versions. + */ +type ImmutableReducersMapObject = { + [K in keyof S]: ImmutableReducer; +}; + +/** + * A better type for createStructuredSelector. This doesn't support the options object. + */ +export type CreateStructuredSelector = < + SelectorMap extends { [key: string]: (...args: never[]) => unknown } +>( + selectorMap: SelectorMap +) => ( + state: SelectorMap[keyof SelectorMap] extends (state: infer State) => unknown ? State : never +) => { + [Key in keyof SelectorMap]: ReturnType; +}; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/index.ts b/x-pack/plugins/siem/public/common/types.ts similarity index 72% rename from x-pack/plugins/endpoint/server/routes/alerts/details/lib/index.ts rename to x-pack/plugins/siem/public/common/types.ts index 20ae25f7aa84..f83bb7179088 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/index.ts +++ b/x-pack/plugins/siem/public/common/types.ts @@ -4,4 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -export { AlertDetailsPagination } from './pagination'; +export interface ServerApiError { + statusCode: number; + error: string; + message: string; +} diff --git a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.test.ts b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.test.ts similarity index 85% rename from x-pack/plugins/endpoint/public/common/clone_http_fetch_query.test.ts rename to x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.test.ts index 9ac6b8b29f46..f70c2e8b6388 100644 --- a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.test.ts +++ b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.test.ts @@ -5,8 +5,8 @@ */ import { cloneHttpFetchQuery } from './clone_http_fetch_query'; -import { Immutable } from '../../common/types'; -import { HttpFetchQuery } from '../../../../../src/core/public'; +import { HttpFetchQuery } from '../../../../../../src/core/public'; +import { Immutable } from '../../../common/endpoint/types'; describe('cloneHttpFetchQuery', () => { it('can clone complex queries', () => { diff --git a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.ts b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.ts similarity index 82% rename from x-pack/plugins/endpoint/public/common/clone_http_fetch_query.ts rename to x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.ts index fdf1d6603830..bfa433dc9f9a 100644 --- a/x-pack/plugins/endpoint/public/common/clone_http_fetch_query.ts +++ b/x-pack/plugins/siem/public/common/utils/clone_http_fetch_query.ts @@ -4,9 +4,9 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Immutable } from '../../common/types'; +import { Immutable } from '../../../common/endpoint_alerts/types'; -import { HttpFetchQuery } from '../../../../../src/core/public'; +import { HttpFetchQuery } from '../../../../../../src/core/public'; export function cloneHttpFetchQuery(query: Immutable): HttpFetchQuery { const clone: HttpFetchQuery = {}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/formatted_date.tsx b/x-pack/plugins/siem/public/endpoint_alerts/components/formatted_date.tsx similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/formatted_date.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/components/formatted_date.tsx index 731bd31b26ce..4b9bce4d42eb 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/formatted_date.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/components/formatted_date.tsx @@ -20,3 +20,5 @@ export const FormattedDate = memo(({ timestamp }: { timestamp: number }) => { /> ); }); + +FormattedDate.displayName = 'FormattedDate'; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/index.ts new file mode 100644 index 000000000000..a1f730e209dc --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/index.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getEndpointAlertsRoutes } from './routes'; +import { Immutable } from '../../common/endpoint/types'; +import { initialAlertListState, alertListReducer } from './store/reducer'; +import { AlertListState } from '../../common/endpoint_alerts/types'; +import { alertMiddlewareFactory } from './store/middleware'; +import { substateMiddlewareFactory } from '../common/store'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; + +export class EndpointAlerts { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'alertList', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.alertList, + alertMiddlewareFactory(core, { data, ingestManager }) + ); + + return { + routes: getEndpointAlertsRoutes(), + store: { + initialState: { alertList: initialAlertListState() }, + reducer: { alertList: alertListReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/models/index_pattern.ts b/x-pack/plugins/siem/public/endpoint_alerts/models/index_pattern.ts similarity index 78% rename from x-pack/plugins/endpoint/public/applications/endpoint/models/index_pattern.ts rename to x-pack/plugins/siem/public/endpoint_alerts/models/index_pattern.ts index 0cae054432f9..8daaa3fef7a2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/models/index_pattern.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/models/index_pattern.ts @@ -5,8 +5,8 @@ */ import { all } from 'deepmerge'; -import { Immutable } from '../../../../common/types'; -import { IIndexPattern } from '../../../../../../../src/plugins/data/common'; +import { IIndexPattern } from 'src/plugins/data/public'; +import { Immutable } from '../../../common/endpoint_alerts/types'; /** * Model for the `IIndexPattern` interface exported by the `data` plugin. diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/routes.tsx similarity index 50% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.ts rename to x-pack/plugins/siem/public/endpoint_alerts/routes.tsx index 8086acc41d2b..60df7f5d4712 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/routes.tsx @@ -4,6 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -export { policyListReducer } from './reducer'; -export { PolicyListAction } from './action'; -export { policyListMiddlewareFactory } from './middleware'; +import React from 'react'; +import { Route } from 'react-router-dom'; + +import { AlertIndex } from './view'; + +export const getEndpointAlertsRoutes = () => [ + + + , +]; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/action.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/action.ts index 80b7fd87e13b..ae103edaa5a2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/action.ts @@ -5,8 +5,8 @@ */ import { IIndexPattern } from 'src/plugins/data/public'; -import { Immutable, AlertDetails } from '../../../../../common/types'; -import { AlertListData } from '../../types'; +// import { Immutable } from '../../../common/types'; +import { AlertDetails, AlertListData, Immutable } from '../../../common/endpoint_alerts/types'; interface ServerReturnedAlertsData { readonly type: 'serverReturnedAlertsData'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_details.test.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_details.test.ts similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_details.test.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/alert_details.test.ts index feac8944f476..c6f3de73aa2b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_details.test.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_details.test.ts @@ -5,19 +5,20 @@ */ import { Store, createStore, applyMiddleware } from 'redux'; -import { History } from 'history'; +import { createBrowserHistory, History } from 'history'; + +import { coreMock } from '../../../../../../src/core/public/mocks'; +import { AlertListState, Immutable } from '../../../common/endpoint_alerts/types'; +import { depsStartMock, DepsStartMock } from '../../common/mock/endpoint'; + import { alertListReducer } from './reducer'; -import { AlertListState } from '../../types'; + import { alertMiddlewareFactory } from './middleware'; -import { AppAction } from '../action'; -import { coreMock } from 'src/core/public/mocks'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { createBrowserHistory } from 'history'; + import { mockAlertResultList } from './mock_alert_result_list'; -import { Immutable } from '../../../../../common/types'; describe('alert details tests', () => { - let store: Store, Immutable>; + let store: Store; let coreStart: ReturnType; let depsStart: DepsStartMock; let history: History; @@ -56,7 +57,7 @@ describe('alert details tests', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/alerts', + pathname: '/endpoint-alerts', search: '?selected_alert=q9ncfh4q9ctrmc90umcq4', }, }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list.test.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list.test.ts similarity index 85% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list.test.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/alert_list.test.ts index 84281813312e..9acf22d4cefe 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list.test.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list.test.ts @@ -5,20 +5,17 @@ */ import { Store, createStore, applyMiddleware } from 'redux'; -import { History } from 'history'; +import { History, createBrowserHistory } from 'history'; import { alertListReducer } from './reducer'; -import { AlertListState } from '../../types'; +import { AlertListState, AlertResultList, Immutable } from '../../../common/endpoint_alerts/types'; import { alertMiddlewareFactory } from './middleware'; -import { AppAction } from '../action'; import { coreMock } from 'src/core/public/mocks'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { AlertResultList, Immutable } from '../../../../../common/types'; +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; import { isOnAlertPage } from './selectors'; -import { createBrowserHistory } from 'history'; import { mockAlertResultList } from './mock_alert_result_list'; describe('alert list tests', () => { - let store: Store, Immutable>; + let store: Store; let coreStart: ReturnType; let depsStart: DepsStartMock; let history: History; @@ -59,7 +56,7 @@ describe('alert list tests', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/alerts', + pathname: '/endpoint-alerts', }, }); }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list_pagination.test.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list_pagination.test.ts similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list_pagination.test.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/alert_list_pagination.test.ts index 4cc86e9c0449..3ba7d830ccf4 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/alert_list_pagination.test.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/alert_list_pagination.test.ts @@ -4,21 +4,28 @@ * you may not use this file except in compliance with the Elastic License. */ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + import { Store, createStore, applyMiddleware } from 'redux'; -import { History } from 'history'; -import { alertListReducer } from './reducer'; -import { AlertListState, AlertingIndexUIQueryParams } from '../../types'; +import { History, createBrowserHistory } from 'history'; + +import { coreMock } from '../../../../../../src/core/public/mocks'; + +import { AlertingIndexUIQueryParams } from '../../../common/endpoint_alerts/types'; +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; + import { alertMiddlewareFactory } from './middleware'; -import { AppAction } from '../action'; -import { coreMock } from 'src/core/public/mocks'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { createBrowserHistory } from 'history'; + +import { alertListReducer } from './reducer'; import { uiQueryParams } from './selectors'; -import { urlFromQueryParams } from '../../view/alerts/url_from_query_params'; -import { Immutable } from '../../../../../common/types'; +import { urlFromQueryParams } from '../view/url_from_query_params'; describe('alert list pagination', () => { - let store: Store, Immutable>; + let store: Store; let coreStart: ReturnType; let depsStart: DepsStartMock; let history: History; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/store/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/index.ts new file mode 100644 index 000000000000..dd97d60c532b --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/index.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AlertListState, Immutable } from '../../../common/endpoint_alerts/types'; +import { ImmutableReducer } from '../../common/store'; +import { AppAction } from '../../common/store/actions'; + +export { alertListReducer } from './reducer'; +export { AlertAction } from './action'; + +export interface EndpointAlertsPluginState { + alertList: Immutable; +} + +export interface EndpointAlertsPluginReducer { + alertList: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/middleware.ts similarity index 79% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/middleware.ts index 6bc728db9981..f217cfcdfb5a 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/middleware.ts @@ -4,14 +4,19 @@ * you may not use this file except in compliance with the Elastic License. */ -import { IIndexPattern } from 'src/plugins/data/public'; -import { AlertResultList, AlertDetails } from '../../../../../common/types'; -import { ImmutableMiddlewareFactory, AlertListState } from '../../types'; +import { IIndexPattern } from '../../../../../../src/plugins/data/public'; +import { + AlertResultList, + AlertDetails, + AlertListState, +} from '../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../common/endpoint_alerts/alert_constants'; +import { ImmutableMiddlewareFactory } from '../../common/store'; +import { cloneHttpFetchQuery } from '../../common/utils/clone_http_fetch_query'; import { isOnAlertPage, apiQueryParams, hasSelectedAlert, uiQueryParams } from './selectors'; -import { cloneHttpFetchQuery } from '../../../../common/clone_http_fetch_query'; -import { AlertConstants } from '../../../../../common/alert_constants'; +import { Immutable } from '../../../common/endpoint/types'; -export const alertMiddlewareFactory: ImmutableMiddlewareFactory = ( +export const alertMiddlewareFactory: ImmutableMiddlewareFactory> = ( coreStart, depsStart ) => { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/mock_alert_result_list.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/mock_alert_result_list.ts similarity index 89% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/mock_alert_result_list.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/mock_alert_result_list.ts index 6a13e0f92471..88bba2b7a247 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/mock_alert_result_list.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/mock_alert_result_list.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { AlertResultList, AlertDetails } from '../../../../../common/types'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; +import { AlertResultList, AlertDetails } from '../../../common/endpoint_alerts/types'; export const mockAlertResultList: (options?: { total?: number; @@ -30,7 +30,7 @@ export const mockAlertResultList: (options?: { alerts.push({ ...generator.generateAlert(new Date().getTime() + index * 1000), ...{ - id: 'xDUYMHABAJk0XnHd8rrd' + index, + id: `xDUYMHABAJk0XnHd8rrd${index}`, prev: null, next: null, }, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/reducer.ts similarity index 82% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/reducer.ts index 52b91dcae7d7..3e79ad4d1c61 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/reducer.ts @@ -4,11 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ -import { AlertListState, ImmutableReducer } from '../../types'; -import { AppAction } from '../action'; -import { Immutable } from '../../../../../common/types'; +import { Immutable, AlertListState } from '../../../common/endpoint_alerts/types'; +import { ImmutableReducer } from '../../common/store'; +import { AppAction } from '../../common/store/actions'; -const initialState = (): Immutable => { +export const initialAlertListState = (): Immutable => { return { alerts: [], alertDetails: undefined, @@ -23,7 +23,7 @@ const initialState = (): Immutable => { }; export const alertListReducer: ImmutableReducer = ( - state = initialState(), + state = initialAlertListState(), action ) => { if (action.type === 'serverReturnedAlertsData') { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts b/x-pack/plugins/siem/public/endpoint_alerts/store/selectors.ts similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts rename to x-pack/plugins/siem/public/endpoint_alerts/store/selectors.ts index cc362c370195..0e9de70f7b41 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/store/selectors.ts @@ -4,15 +4,23 @@ * you may not use this file except in compliance with the Elastic License. */ +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; import { createSelector, createStructuredSelector as createStructuredSelectorWithBadType, } from 'reselect'; import { encode, decode } from 'rison-node'; -import { Query, TimeRange, Filter } from 'src/plugins/data/public'; -import { AlertListState, AlertingIndexUIQueryParams, CreateStructuredSelector } from '../../types'; -import { Immutable, AlertingIndexGetQueryInput } from '../../../../../common/types'; + +import { Query, TimeRange, Filter } from '../../../../../../src/plugins/data/public'; + +import { + Immutable, + AlertingIndexGetQueryInput, + AlertListState, + AlertingIndexUIQueryParams, +} from '../../../common/endpoint_alerts/types'; +import { CreateStructuredSelector } from '../../common/store'; const createStructuredSelector: CreateStructuredSelector = createStructuredSelectorWithBadType; @@ -36,7 +44,7 @@ export const alertListPagination = createStructuredSelector({ * Returns a boolean based on whether or not the user is on the alerts page */ export const isOnAlertPage = (state: Immutable): boolean => { - return state.location ? state.location.pathname === '/alerts' : false; + return state.location ? state.location.pathname === '/endpoint-alerts' : false; }; /** diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/alert_details.test.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/alert_details.test.tsx similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/alert_details.test.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/alert_details.test.tsx index e3639bf1cacb..cb44176d6b4c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/alert_details.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/alert_details.test.tsx @@ -5,21 +5,22 @@ */ import * as reactTestingLibrary from '@testing-library/react'; -import { appStoreFactory } from '../../store'; -import { fireEvent } from '@testing-library/react'; import { MemoryHistory } from 'history'; -import { AppAction } from '../../types'; -import { mockAlertDetailsResult } from '../../store/alerts/mock_alert_result_list'; +import { Store } from 'redux'; + +import { mockAlertDetailsResult } from '../store/mock_alert_result_list'; import { alertPageTestRender } from './test_helpers/render_alert_page'; +import { AppAction } from '../../common/store/actions'; +import { State } from '../../common/store/reducer'; describe('when the alert details flyout is open', () => { let render: () => reactTestingLibrary.RenderResult; let history: MemoryHistory; - let store: ReturnType; + let store: Store; beforeEach(async () => { // Creates the render elements for the tests to use - ({ render, history, store } = alertPageTestRender); + ({ render, history, store } = alertPageTestRender()); }); describe('when the alerts details flyout is open', () => { beforeEach(() => { @@ -50,7 +51,7 @@ describe('when the alert details flyout is open', () => { 'alertDetailTakeActionDropdownButton' ); if (takeActionButton) { - fireEvent.click(takeActionButton); + reactTestingLibrary.fireEvent.click(takeActionButton); } }); it('should display the correct fields in the dropdown', async () => { @@ -64,7 +65,7 @@ describe('when the alert details flyout is open', () => { renderResult = render(); const overviewTab = await renderResult.findByTestId('overviewMetadata'); if (overviewTab) { - fireEvent.click(overviewTab); + reactTestingLibrary.fireEvent.click(overviewTab); } }); it('should render all accordion panels', async () => { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/details/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/index.ts rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/index.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/file_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/file_accordion.tsx similarity index 60% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/file_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/file_accordion.tsx index 26f198536846..1009bec0cec0 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/file_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/file_accordion.tsx @@ -6,56 +6,62 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; import { FormattedDate } from '../../formatted_date'; export const FileAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileName', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileName', { defaultMessage: 'File Name', }), description: alertData.file.name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.filePath', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.filePath', { defaultMessage: 'File Path', }), description: alertData.file.path, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileSize', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileSize', { defaultMessage: 'File Size', }), description: alertData.file.size, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileCreated', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileCreated', { defaultMessage: 'File Created', }), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileModified', { - defaultMessage: 'File Modified', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.fileModified', + { + defaultMessage: 'File Modified', + } + ), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileAccessed', { - defaultMessage: 'File Accessed', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.fileAccessed', + { + defaultMessage: 'File Accessed', + } + ), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.signer', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.signer', { defaultMessage: 'Signer', }), description: alertData.file.code_signature.subject_name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.owner', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.owner', { defaultMessage: 'Owner', }), description: alertData.file.owner, @@ -67,7 +73,7 @@ export const FileAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +FileAccordion.displayName = 'FileAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/general_accordion.tsx similarity index 64% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/general_accordion.tsx index 79cb61693056..fc0d38188fd2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/general_accordion.tsx @@ -6,44 +6,47 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; import { FormattedDate } from '../../formatted_date'; export const GeneralAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.alertType', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.alertType', { defaultMessage: 'Alert Type', }), description: alertData.event.category, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.eventType', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.eventType', { defaultMessage: 'Event Type', }), description: alertData.event.kind, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.status', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.status', { defaultMessage: 'Status', }), description: 'TODO', }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.dateCreated', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.dateCreated', { defaultMessage: 'Date Created', }), description: , }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.malwareScore', { - defaultMessage: 'MalwareScore', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.malwareScore', + { + defaultMessage: 'MalwareScore', + } + ), description: alertData.file.malware_classification.score, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileName', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.fileName', { defaultMessage: 'File Name', }), description: alertData.file.name, @@ -54,7 +57,7 @@ export const GeneralAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +GeneralAccordion.displayName = 'GeneralAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/hash_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/hash_accordion.tsx similarity index 70% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/hash_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/hash_accordion.tsx index 4a2f7378a36e..ae62bd80b73b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/hash_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/hash_accordion.tsx @@ -6,25 +6,25 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; export const HashAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.md5', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.md5', { defaultMessage: 'MD5', }), description: alertData.file.hash.md5, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha1', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha1', { defaultMessage: 'SHA1', }), description: alertData.file.hash.sha1, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha256', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha256', { defaultMessage: 'SHA256', }), description: alertData.file.hash.sha256, @@ -36,7 +36,7 @@ export const HashAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +HashAccordion.displayName = 'HashAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/host_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/host_accordion.tsx similarity index 50% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/host_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/host_accordion.tsx index e332c96192fa..70723efd97b8 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/host_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/host_accordion.tsx @@ -5,60 +5,75 @@ */ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; -import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { EuiHealth } from '@elastic/eui'; +import { EuiAccordion, EuiDescriptionList, EuiHealth } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import { Immutable, AlertDetails } from '../../../../../../../common/types'; + +import { Immutable, AlertDetails } from '../../../../../common/endpoint_alerts/types'; export const HostAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostNameCurrent', { - defaultMessage: 'Host Name (Current)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostNameCurrent', + { + defaultMessage: 'Host Name (Current)', + } + ), description: alertData.state.host_metadata.host.hostname, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostNameOriginal', { - defaultMessage: 'Host Name (At time of alert)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostNameOriginal', + { + defaultMessage: 'Host Name (At time of alert)', + } + ), description: alertData.host.hostname, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostIPCurrent', { - defaultMessage: 'Host IP (Current)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostIPCurrent', + { + defaultMessage: 'Host IP (Current)', + } + ), description: alertData.state.host_metadata.host.ip.join(', '), }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.hostIPOriginal', { - defaultMessage: 'Host IP (At time of alert)', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.hostIPOriginal', + { + defaultMessage: 'Host IP (At time of alert)', + } + ), description: alertData.host.ip.join(', '), }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.currentStatus', { - defaultMessage: 'Current Status', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.currentStatus', + { + defaultMessage: 'Current Status', + } + ), description: ( {' '} ), }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.osCurrent', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.osCurrent', { defaultMessage: 'OS (Current)', }), description: alertData.state.host_metadata.host.os.name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.osOriginal', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.osOriginal', { defaultMessage: 'OS (At time of alert)', }), description: alertData.host.os.name, @@ -70,7 +85,7 @@ export const HostAccordion = memo(({ alertData }: { alertData: Immutable ); }); + +HostAccordion.displayName = 'HostAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/index.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/index.ts rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/index.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_accordion.tsx similarity index 58% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_accordion.tsx index 538562bfbbc0..607327a49de1 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_accordion.tsx @@ -6,73 +6,79 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; export const SourceProcessAccordion = memo(({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.processID', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.processID', { defaultMessage: 'Process ID', }), description: alertData.process.pid, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.processName', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.processName', { defaultMessage: 'Process Name', }), description: alertData.process.name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.processPath', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.processPath', { defaultMessage: 'Process Path', }), description: alertData.process.executable, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.md5', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.md5', { defaultMessage: 'MD5', }), description: alertData.process.hash.md5, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha1', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha1', { defaultMessage: 'SHA1', }), description: alertData.process.hash.sha1, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sha256', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sha256', { defaultMessage: 'SHA256', }), description: alertData.process.hash.sha256, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.malwareScore', { - defaultMessage: 'MalwareScore', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.malwareScore', + { + defaultMessage: 'MalwareScore', + } + ), description: alertData.process.malware_classification?.score || '-', }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.parentProcessID', { - defaultMessage: 'Parent Process ID', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.parentProcessID', + { + defaultMessage: 'Parent Process ID', + } + ), description: alertData.process.parent?.pid || '-', }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.signer', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.signer', { defaultMessage: 'Signer', }), description: alertData.process.code_signature.subject_name, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.username', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.username', { defaultMessage: 'Username', }), description: alertData.process.token.user, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.domain', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.domain', { defaultMessage: 'Domain', }), description: alertData.process.token.domain, @@ -84,7 +90,7 @@ export const SourceProcessAccordion = memo(({ alertData }: { alertData: Immutabl ); }); + +SourceProcessAccordion.displayName = 'SourceProcessAccordion'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_token_accordion.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_token_accordion.tsx similarity index 68% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_token_accordion.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_token_accordion.tsx index 00755673d3f8..9be494d92a88 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_token_accordion.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/metadata/source_process_token_accordion.tsx @@ -6,22 +6,25 @@ import React, { memo, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiAccordion, EuiDescriptionList } from '@elastic/eui'; -import { Immutable, AlertData } from '../../../../../../../common/types'; +import { Immutable, AlertData } from '../../../../../common/endpoint_alerts/types'; export const SourceProcessTokenAccordion = memo( ({ alertData }: { alertData: Immutable }) => { const columns = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.sid', { + title: i18n.translate('xpack.siem.endpoint.application.endpoint.alertDetails.sid', { defaultMessage: 'SID', }), description: alertData.process.token.sid, }, { - title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.integrityLevel', { - defaultMessage: 'Integrity Level', - }), + title: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.integrityLevel', + { + defaultMessage: 'Integrity Level', + } + ), description: alertData.process.token.integrity_level, }, ]; @@ -31,7 +34,7 @@ export const SourceProcessTokenAccordion = memo( { + const alertDetailsData = useAlertListSelector(selectors.selectedAlertDetailsData); + if (alertDetailsData === undefined) { + return null; + } + + const tabs: EuiTabbedContentTab[] = useMemo(() => { + return [ + { + id: 'overviewMetadata', + 'data-test-subj': 'overviewMetadata', + name: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.overview.tabs.overview', + { + defaultMessage: 'Overview', + } + ), + content: ( + <> + + + + ), + }, + { + id: 'overviewResolver', + 'data-test-subj': 'overviewResolverTab', + name: i18n.translate( + 'xpack.siem.endpoint.application.endpoint.alertDetails.overview.tabs.resolver', + { + defaultMessage: 'Resolver', + } + ), + content: ( + <> + + + + ), + }, + ]; + }, [alertDetailsData]); + + return ( + <> +
+ +

+ +

+ + + +

+ , + }} + /> +

+ + + + {'Endpoint Status: '} + + + + + + + + + + +
+ + + ); +}); + +AlertDetailsOverviewComponent.displayName = 'AlertDetailsOverview'; + +export const AlertDetailsOverview = styled(AlertDetailsOverviewComponent)` + height: 100%; + width: 100%; +`; + +AlertDetailsOverview.displayName = 'AlertDetailsOverview'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/metadata_panel.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/metadata_panel.tsx similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/metadata_panel.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/metadata_panel.tsx index 556d7bea2e31..75ddc58c8cad 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/metadata_panel.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/metadata_panel.tsx @@ -7,7 +7,7 @@ import React, { memo } from 'react'; import { EuiSpacer } from '@elastic/eui'; import { useAlertListSelector } from '../../hooks/use_alerts_selector'; -import * as selectors from '../../../../store/alerts/selectors'; +import * as selectors from '../../../store/selectors'; import { GeneralAccordion, HostAccordion, @@ -38,3 +38,5 @@ export const MetadataPanel = memo(() => { ); }); + +MetadataPanel.displayName = 'MetadataPanel'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/take_action_dropdown.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/take_action_dropdown.tsx similarity index 83% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/take_action_dropdown.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/take_action_dropdown.tsx index 8d8468b4df4a..847249125a5f 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/overview/take_action_dropdown.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/details/overview/take_action_dropdown.tsx @@ -16,12 +16,14 @@ const TakeActionButton = memo(({ onClick }: { onClick: () => void }) => ( onClick={onClick} > )); +TakeActionButton.displayName = 'TakeActionButton'; + export const TakeActionDropdown = memo(() => { const [isDropdownOpen, setIsDropdownOpen] = useState(false); @@ -48,7 +50,7 @@ export const TakeActionDropdown = memo(() => { iconType="folderCheck" > @@ -61,7 +63,7 @@ export const TakeActionDropdown = memo(() => { iconType="listAdd" > @@ -69,3 +71,5 @@ export const TakeActionDropdown = memo(() => { ); }); + +TakeActionDropdown.displayName = 'TakeActionDropdown'; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx new file mode 100644 index 000000000000..4b9bce4d42eb --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/formatted_date.tsx @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import React, { memo } from 'react'; +import { FormattedDate as ReactIntlFormattedDate } from '@kbn/i18n/react'; + +export const FormattedDate = memo(({ timestamp }: { timestamp: number }) => { + const date = new Date(timestamp); + return ( + + ); +}); + +FormattedDate.displayName = 'FormattedDate'; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts new file mode 100644 index 000000000000..726f6a453cb5 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/hooks/use_alerts_selector.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { useSelector } from 'react-redux'; +import { Immutable, AlertListState } from '../../../../common/endpoint_alerts/types'; +import { State } from '../../../common/store/reducer'; + +export function useAlertListSelector( + selector: ( + state: Immutable + ) => TSelected extends Immutable ? TSelected : never +) { + return useSelector((state: Immutable) => selector(state.alertList)); +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.test.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/index.test.tsx similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.test.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/index.test.tsx index 77e31d015fc0..6d7350f20d21 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/index.test.tsx @@ -6,23 +6,24 @@ import * as reactTestingLibrary from '@testing-library/react'; import { IIndexPattern } from 'src/plugins/data/public'; -import { appStoreFactory } from '../../store'; -import { fireEvent, act } from '@testing-library/react'; import { MemoryHistory } from 'history'; -import { AppAction } from '../../types'; -import { mockAlertResultList } from '../../store/alerts/mock_alert_result_list'; -import { DepsStartMock } from '../../mocks'; +import { Store } from 'redux'; + +import { mockAlertResultList } from '../store/mock_alert_result_list'; import { alertPageTestRender } from './test_helpers/render_alert_page'; +import { DepsStartMock } from '../../common/mock/endpoint'; +import { State } from '../../common/store/reducer'; +import { AppAction } from '../../common/store/actions'; describe('when on the alerting page', () => { let render: () => reactTestingLibrary.RenderResult; let history: MemoryHistory; - let store: ReturnType; + let store: Store; let depsStart: DepsStartMock; beforeEach(async () => { // Creates the render elements for the tests to use - ({ render, history, store, depsStart } = alertPageTestRender); + ({ render, history, store, depsStart } = alertPageTestRender()); }); it('should show a data grid', async () => { await render().findByTestId('alertListGrid'); @@ -63,7 +64,7 @@ describe('when on the alerting page', () => { /** * This is the cell with the alert type, it has a link. */ - fireEvent.click(alertLinks[0]); + reactTestingLibrary.fireEvent.click(alertLinks[0]); }); it('should show the flyout', async () => { await renderResult.findByTestId('alertDetailFlyout'); @@ -92,7 +93,7 @@ describe('when on the alerting page', () => { */ const closeButton = await renderResult.findByTestId('euiFlyoutCloseButton'); if (closeButton) { - fireEvent.click(closeButton); + reactTestingLibrary.fireEvent.click(closeButton); } }); it('should no longer show the flyout', () => { @@ -125,14 +126,14 @@ describe('when on the alerting page', () => { const renderResult = render(); const paginationButton = await renderResult.findByTestId('tablePaginationPopoverButton'); if (paginationButton) { - act(() => { - fireEvent.click(paginationButton); + reactTestingLibrary.act(() => { + reactTestingLibrary.fireEvent.click(paginationButton); }); } const show10RowsButton = await renderResult.findByTestId('tablePagination-10-rows'); if (show10RowsButton) { - act(() => { - fireEvent.click(show10RowsButton); + reactTestingLibrary.act(() => { + reactTestingLibrary.fireEvent.click(show10RowsButton); }); } }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/index.tsx similarity index 81% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/index.tsx index 6a6936c59a00..e991080c9dc3 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/index.tsx @@ -4,8 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { memo, useState, useMemo, useCallback } from 'react'; -import React from 'react'; +import React, { memo, useState, useMemo, useCallback } from 'react'; import { EuiDataGrid, EuiDataGridColumn, @@ -26,9 +25,9 @@ import { import { i18n } from '@kbn/i18n'; import { useHistory } from 'react-router-dom'; import { FormattedMessage } from '@kbn/i18n/react'; +import { AlertData } from '../../../common/endpoint_alerts/types'; import { urlFromQueryParams } from './url_from_query_params'; -import { AlertData } from '../../../../../common/types'; -import * as selectors from '../../store/alerts/selectors'; +import * as selectors from '../store/selectors'; import { useAlertListSelector } from './hooks/use_alerts_selector'; import { AlertDetailsOverview } from './details'; import { FormattedDate } from './formatted_date'; @@ -41,49 +40,49 @@ export const AlertIndex = memo(() => { return [ { id: 'alert_type', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.alertType', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.alertType', { defaultMessage: 'Alert Type', }), }, { id: 'event_type', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.eventType', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.eventType', { defaultMessage: 'Event Type', }), }, { id: 'os', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.os', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.os', { defaultMessage: 'OS', }), }, { id: 'ip_address', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.ipAddress', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.ipAddress', { defaultMessage: 'IP Address', }), }, { id: 'host_name', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.hostName', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.hostName', { defaultMessage: 'Host Name', }), }, { id: 'timestamp', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.timestamp', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.timestamp', { defaultMessage: 'Timestamp', }), }, { id: 'archived', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.archived', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.archived', { defaultMessage: 'Archived', }), }, { id: 'malware_score', - display: i18n.translate('xpack.endpoint.application.endpoint.alerts.malwareScore', { + display: i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.malwareScore', { defaultMessage: 'Malware Score', }), }, @@ -133,8 +132,8 @@ export const AlertIndex = memo(() => { ); }, [alertListData]); - const renderCellValue = useMemo(() => { - return ({ rowIndex, columnId }: { rowIndex: number; columnId: string }) => { + const renderCellValue = useCallback( + ({ rowIndex, columnId }: { rowIndex: number; columnId: string }) => { if (rowIndex > total) { return null; } @@ -149,7 +148,7 @@ export const AlertIndex = memo(() => { } > {i18n.translate( - 'xpack.endpoint.application.endpoint.alerts.alertType.maliciousFileDescription', + 'xpack.siem.endpoint.application.endpoint.alerts.alertType.maliciousFileDescription', { defaultMessage: 'Malicious File', } @@ -172,7 +171,7 @@ export const AlertIndex = memo(() => { return ( {i18n.translate( - 'xpack.endpoint.application.endpoint.alerts.alertDate.timestampInvalidLabel', + 'xpack.siem.endpoint.application.endpoint.alerts.alertDate.timestampInvalidLabel', { defaultMessage: 'invalid', } @@ -186,8 +185,9 @@ export const AlertIndex = memo(() => { return row.file.malware_classification.score; } return null; - }; - }, [total, alertListData, pageSize, history, queryParams, timestampForRows]); + }, + [total, alertListData, pageSize, history, queryParams, timestampForRows] + ); const pagination = useMemo(() => { return { @@ -216,7 +216,7 @@ export const AlertIndex = memo(() => {

- {i18n.translate('xpack.endpoint.application.endpoint.alerts.detailsTitle', { + {i18n.translate('xpack.siem.endpoint.application.endpoint.alerts.detailsTitle', { defaultMessage: 'Alert Details', })}

@@ -235,7 +235,7 @@ export const AlertIndex = memo(() => {

@@ -260,3 +260,5 @@ export const AlertIndex = memo(() => { ); }); + +AlertIndex.displayName = 'AlertIndex'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index_search_bar.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/index_search_bar.tsx similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index_search_bar.tsx rename to x-pack/plugins/siem/public/endpoint_alerts/view/index_search_bar.tsx index 1ede06c08651..8fe6eaa66576 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index_search_bar.tsx +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/index_search_bar.tsx @@ -4,17 +4,17 @@ * you may not use this file except in compliance with the Elastic License. */ -import React, { useMemo } from 'react'; -import { memo, useEffect, useCallback } from 'react'; +import React, { useMemo, memo, useEffect, useCallback } from 'react'; import { useHistory } from 'react-router-dom'; -import { encode, RisonValue } from 'rison-node'; import { Query, TimeRange } from 'src/plugins/data/public'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +import { encode, RisonValue } from 'rison-node'; + +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; import { urlFromQueryParams } from './url_from_query_params'; import { useAlertListSelector } from './hooks/use_alerts_selector'; -import * as selectors from '../../store/alerts/selectors'; -import { EndpointPluginServices } from '../../../../plugin'; -import { clone } from '../../models/index_pattern'; +import * as selectors from '../store/selectors'; +import { StartServices } from '../../types'; +import { clone } from '../models/index_pattern'; export const AlertIndexSearchBar = memo(() => { const history = useHistory(); @@ -30,7 +30,7 @@ export const AlertIndexSearchBar = memo(() => { const searchBarDateRange = useAlertListSelector(selectors.searchBarDateRange); const searchBarFilters = useAlertListSelector(selectors.searchBarFilters); - const kibanaContext = useKibana(); + const kibanaContext = useKibana(); const { ui: { SearchBar }, query: { filterManager }, diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx new file mode 100644 index 000000000000..92213a8bd392 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/resolver.tsx @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import styled from 'styled-components'; +import { Provider } from 'react-redux'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; +import { ResolverEvent } from '../../../common/endpoint/types'; +import { StartServices } from '../../types'; +import { storeFactory } from '../../resolver/store'; +import { Resolver } from '../../resolver/view'; + +const AlertDetailResolverComponents = React.memo( + ({ className, selectedEvent }: { className?: string; selectedEvent?: ResolverEvent }) => { + const context = useKibana(); + const { store } = storeFactory(context); + + return ( +
+ + + +
+ ); + } +); + +AlertDetailResolverComponents.displayName = 'AlertDetailResolver'; + +export const AlertDetailResolver = styled(AlertDetailResolverComponents)` + height: 100%; + width: 100%; + display: flex; + flex-grow: 1; + min-height: calc(100vh - 505px); +`; diff --git a/x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx b/x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx new file mode 100644 index 000000000000..f52d854d986f --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/test_helpers/render_alert_page.tsx @@ -0,0 +1,63 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import React from 'react'; +import * as reactTestingLibrary from '@testing-library/react'; +import { Provider } from 'react-redux'; +import { I18nProvider } from '@kbn/i18n/react'; +import { createMemoryHistory } from 'history'; +import { Router } from 'react-router-dom'; + +import { KibanaContextProvider } from '../../../../../../../src/plugins/kibana_react/public'; +import { AlertIndex } from '../index'; +import { RouteCapture } from '../../../common/components/endpoint/route_capture'; +import { depsStartMock } from '../../../common/mock/endpoint'; +import { createStore } from '../../../common/store'; +import { SUB_PLUGINS_REDUCER, mockGlobalState, apolloClientObservable } from '../../../common/mock'; + +export const alertPageTestRender = () => { + /** + * Create a 'history' instance that is only in-memory and causes no side effects to the testing environment. + */ + const history = createMemoryHistory(); + /** + * Create a store, with the middleware disabled. We don't want side effects being created by our code in this test. + */ + const store = createStore(mockGlobalState, SUB_PLUGINS_REDUCER, apolloClientObservable); + + const depsStart = depsStartMock(); + depsStart.data.ui.SearchBar.mockImplementation(() =>
); + + return { + store, + history, + depsStart, + + /** + * Render the test component, use this after setting up anything in `beforeEach`. + */ + render: () => { + /** + * Provide the store via `Provider`, and i18n APIs via `I18nProvider`. + * Use react-router via `Router`, passing our in-memory `history` instance. + * Use `RouteCapture` to emit url-change actions when the URL is changed. + * Finally, render the `AlertIndex` component which we are testing. + */ + return reactTestingLibrary.render( + + + + + + + + + + + + ); + }, + }; +}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/url_from_query_params.ts b/x-pack/plugins/siem/public/endpoint_alerts/view/url_from_query_params.ts similarity index 74% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/url_from_query_params.ts rename to x-pack/plugins/siem/public/endpoint_alerts/view/url_from_query_params.ts index e037d000e6e8..a8a37547a43e 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/url_from_query_params.ts +++ b/x-pack/plugins/siem/public/endpoint_alerts/view/url_from_query_params.ts @@ -4,8 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; -import { AlertingIndexUIQueryParams, EndpointAppLocation } from '../../types'; + +import { AlertingIndexUIQueryParams } from '../../../common/endpoint_alerts/types'; +import { AppLocation } from '../../../common/endpoint/types'; /** * Return a relative URL for `AlertingIndexUIQueryParams`. @@ -21,9 +24,7 @@ import { AlertingIndexUIQueryParams, EndpointAppLocation } from '../../types'; * // now use relativeURL in the 'href' of a link, the 'to' of a react-router-dom 'Link' or history.push, history.replace * ``` */ -export function urlFromQueryParams( - queryParams: AlertingIndexUIQueryParams -): Partial { +export function urlFromQueryParams(queryParams: AlertingIndexUIQueryParams): Partial { const search = querystring.stringify(queryParams); return { search, diff --git a/x-pack/plugins/siem/public/endpoint_hosts/index.ts b/x-pack/plugins/siem/public/endpoint_hosts/index.ts new file mode 100644 index 000000000000..49d5fff98c92 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_hosts/index.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getEndpointHostsRoutes } from './routes'; +import { initialHostListState, hostListReducer } from './store/reducer'; +import { Immutable } from '../../common/endpoint/types'; +import { HostState } from './types'; +import { hostMiddlewareFactory } from './store/middleware'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; +import { substateMiddlewareFactory } from '../common/store'; + +export class EndpointHosts { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'hostList', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.hostList, + hostMiddlewareFactory(core, { data, ingestManager }) + ); + return { + routes: getEndpointHostsRoutes(), + store: { + initialState: { hostList: initialHostListState() }, + reducer: { hostList: hostListReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.ts b/x-pack/plugins/siem/public/endpoint_hosts/routes.tsx similarity index 51% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.ts rename to x-pack/plugins/siem/public/endpoint_hosts/routes.tsx index 39f0f13d2daa..b7e549dc4e5e 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/routes.tsx @@ -4,6 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -export { policyDetailsMiddlewareFactory } from './middleware'; -export { PolicyDetailsAction } from './action'; -export { policyDetailsReducer } from './reducer'; +import React from 'react'; +import { Route } from 'react-router-dom'; + +import { HostList } from './view'; + +export const getEndpointHostsRoutes = () => [ + + + , +]; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/action.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/action.ts similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/action.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/action.ts index ac10adcda030..9b38d7ce5a23 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/action.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/action.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ServerApiError } from '../../types'; -import { HostResultList, HostInfo, GetHostPolicyResponse } from '../../../../../common/types'; +import { HostResultList, HostInfo, GetHostPolicyResponse } from '../../../common/endpoint/types'; +import { ServerApiError } from '../../common/types'; interface ServerReturnedHostList { type: 'serverReturnedHostList'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/host_pagination.test.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/host_pagination.test.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/host_pagination.test.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/host_pagination.test.ts index d2e1985d055c..d67f5af86654 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/host_pagination.test.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/host_pagination.test.ts @@ -5,25 +5,30 @@ */ import { CoreStart, HttpSetup } from 'kibana/public'; -import { DepsStartMock, depsStartMock } from '../../mocks'; -import { AppAction, HostState, HostIndexUIQueryParams } from '../../types'; -import { Immutable, HostResultList } from '../../../../../common/types'; import { History, createBrowserHistory } from 'history'; -import { hostMiddlewareFactory } from './middleware'; import { applyMiddleware, Store, createStore } from 'redux'; + +import { coreMock } from '../../../../../../src/core/public/mocks'; + +import { HostResultList } from '../../../common/endpoint/types'; +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; + +import { hostMiddlewareFactory } from './middleware'; + import { hostListReducer } from './reducer'; -import { coreMock } from 'src/core/public/mocks'; -import { urlFromQueryParams } from '../../view/hosts/url_from_query_params'; + import { uiQueryParams } from './selectors'; import { mockHostResultList } from './mock_host_result_list'; -import { MiddlewareActionSpyHelper, createSpyMiddleware } from '../test_utils'; +import { HostState, HostIndexUIQueryParams } from '../types'; +import { MiddlewareActionSpyHelper, createSpyMiddleware } from '../../common/store/test_utils'; +import { urlFromQueryParams } from '../view/url_from_query_params'; describe('host list pagination: ', () => { let fakeCoreStart: jest.Mocked; let depsStart: DepsStartMock; let fakeHttpServices: jest.Mocked; let history: History; - let store: Store, Immutable>; + let store: Store; let queryParams: () => HostIndexUIQueryParams; let waitForAction: MiddlewareActionSpyHelper['waitForAction']; let actionSpyMiddleware; @@ -62,7 +67,7 @@ describe('host list pagination: ', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', }, }); await waitForAction('serverReturnedHostList'); @@ -123,7 +128,7 @@ describe('host list pagination: ', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', search: '?foo=bar', }, }); @@ -135,7 +140,7 @@ describe('host list pagination: ', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', search: '?page_index=2&page_index=3&page_size=20&page_size=50', }, }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.test.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/index.test.ts similarity index 98% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.test.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/index.test.ts index f60a69a47168..8518c37fe3f5 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/index.test.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/index.test.ts @@ -6,7 +6,7 @@ import { createStore, Dispatch, Store } from 'redux'; import { HostAction, hostListReducer } from './index'; -import { HostState } from '../../types'; +import { HostState } from '../types'; import { listData } from './selectors'; import { mockHostResultList } from './mock_host_result_list'; diff --git a/x-pack/plugins/siem/public/endpoint_hosts/store/index.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/index.ts new file mode 100644 index 000000000000..eafea5b9c740 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/index.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { HostState } from '../types'; +import { ImmutableReducer } from '../../common/store'; +import { AppAction } from '../../common/store/actions'; +import { Immutable } from '../../../common/endpoint/types'; + +export { hostListReducer } from './reducer'; +export { HostAction } from './action'; +export { hostMiddlewareFactory } from './middleware'; + +export interface EndpointHostsPluginState { + hostList: Immutable; +} + +export interface EndpointHostsPluginReducer { + hostList: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.test.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.test.ts similarity index 86% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.test.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/middleware.test.ts index 2064c76f7dfb..6c9e3dd41907 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.test.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.test.ts @@ -5,16 +5,18 @@ */ import { CoreStart, HttpSetup } from 'kibana/public'; import { applyMiddleware, createStore, Store } from 'redux'; -import { coreMock } from '../../../../../../../../src/core/public/mocks'; +import { coreMock } from '../../../../../../src/core/public/mocks'; import { History, createBrowserHistory } from 'history'; import { hostListReducer, hostMiddlewareFactory } from './index'; -import { HostResultList, Immutable } from '../../../../../common/types'; -import { HostState } from '../../types'; -import { AppAction } from '../action'; -import { listData } from './selectors'; -import { DepsStartMock, depsStartMock } from '../../mocks'; + +import { DepsStartMock, depsStartMock } from '../../common/mock/endpoint'; + +import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../../common/store/test_utils'; +import { Immutable, HostResultList } from '../../../common/endpoint/types'; +import { AppAction } from '../../common/store/actions'; import { mockHostResultList } from './mock_host_result_list'; -import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../test_utils'; +import { listData } from './selectors'; +import { HostState } from '../types'; describe('host list middleware', () => { let fakeCoreStart: jest.Mocked; @@ -53,7 +55,7 @@ describe('host list middleware', () => { type: 'userChangedUrl', payload: { ...history.location, - pathname: '/hosts', + pathname: '/endpoint-hosts', }, }); await waitForAction('serverReturnedHostList'); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/middleware.ts index 9a28423d6adc..ce518db0ffc9 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/middleware.ts @@ -4,12 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HostResultList } from '../../../../../common/types'; +import { HostResultList, Immutable } from '../../../common/endpoint/types'; +import { ImmutableMiddlewareFactory } from '../../common/store'; import { isOnHostPage, hasSelectedHost, uiQueryParams, listData } from './selectors'; -import { HostState } from '../../types'; -import { ImmutableMiddlewareFactory } from '../../types'; +import { HostState } from '../types'; -export const hostMiddlewareFactory: ImmutableMiddlewareFactory = coreStart => { +export const hostMiddlewareFactory: ImmutableMiddlewareFactory> = coreStart => { return ({ getState, dispatch }) => next => async action => { next(action); const state = getState(); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/mock_host_result_list.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/mock_host_result_list.ts similarity index 90% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/mock_host_result_list.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/mock_host_result_list.ts index 20aa973ffc93..a2c410b5dbd6 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/mock_host_result_list.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/mock_host_result_list.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HostInfo, HostResultList, HostStatus } from '../../../../../common/types'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { HostInfo, HostResultList, HostStatus } from '../../../common/endpoint/types'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; export const mockHostResultList: (options?: { total?: number; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/reducer.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/reducer.ts similarity index 92% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/reducer.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/reducer.ts index 18bc6b0bea3d..98f4a457a459 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/reducer.ts @@ -4,12 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Immutable } from '../../../../../common/types'; -import { HostState, ImmutableReducer } from '../../types'; -import { AppAction } from '../action'; import { isOnHostPage, hasSelectedHost } from './selectors'; +import { HostState } from '../types'; +import { AppAction } from '../../common/store/actions'; +import { ImmutableReducer } from '../../common/store'; +import { Immutable } from '../../../common/endpoint/types'; -const initialState = (): HostState => { +export const initialHostListState = (): HostState => { return { hosts: [], pageSize: 10, @@ -28,7 +29,7 @@ const initialState = (): HostState => { }; export const hostListReducer: ImmutableReducer = ( - state = initialState(), + state = initialHostListState(), action ) => { if (action.type === 'serverReturnedHostList') { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/selectors.ts b/x-pack/plugins/siem/public/endpoint_hosts/store/selectors.ts similarity index 95% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/selectors.ts rename to x-pack/plugins/siem/public/endpoint_hosts/store/selectors.ts index 457b449b060c..a915480b1aa2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/hosts/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/store/selectors.ts @@ -3,6 +3,8 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ + +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; import { createSelector } from 'reselect'; import { @@ -10,8 +12,8 @@ import { HostPolicyResponseAppliedAction, HostPolicyResponseConfiguration, HostPolicyResponseActionStatus, -} from '../../../../../common/types'; -import { HostState, HostIndexUIQueryParams } from '../../types'; +} from '../../../common/endpoint/types'; +import { HostState, HostIndexUIQueryParams } from '../types'; const PAGE_SIZES = Object.freeze([10, 20, 50]); @@ -95,7 +97,7 @@ export const policyResponseLoading = (state: Immutable): boolean => export const policyResponseError = (state: Immutable) => state.policyResponseError; export const isOnHostPage = (state: Immutable) => - state.location ? state.location.pathname === '/hosts' : false; + state.location ? state.location.pathname === '/endpoint-hosts' : false; export const uiQueryParams: ( state: Immutable diff --git a/x-pack/plugins/siem/public/endpoint_hosts/types.ts b/x-pack/plugins/siem/public/endpoint_hosts/types.ts new file mode 100644 index 000000000000..421903cb6e1a --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_hosts/types.ts @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + HostInfo, + Immutable, + HostMetadata, + HostPolicyResponse, + AppLocation, +} from '../../common/endpoint/types'; +import { ServerApiError } from '../common/types'; + +export interface HostState { + /** list of host **/ + hosts: HostInfo[]; + /** number of items per page */ + pageSize: number; + /** which page to show */ + pageIndex: number; + /** total number of hosts returned */ + total: number; + /** list page is retrieving data */ + loading: boolean; + /** api error from retrieving host list */ + error?: ServerApiError; + /** details data for a specific host */ + details?: Immutable; + /** details page is retrieving data */ + detailsLoading: boolean; + /** api error from retrieving host details */ + detailsError?: ServerApiError; + /** Holds the Policy Response for the Host currently being displayed in the details */ + policyResponse?: HostPolicyResponse; + /** policyResponse is being retrieved */ + policyResponseLoading: boolean; + /** api error from retrieving the policy response */ + policyResponseError?: ServerApiError; + /** current location info */ + location?: Immutable; +} + +/** + * Query params on the host page parsed from the URL + */ +export interface HostIndexUIQueryParams { + /** Selected host id shows host details flyout */ + selected_host?: string; + /** How many items to show in list */ + page_size?: string; + /** Which page to show */ + page_index?: string; + /** show the policy response or host details */ + show?: string; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/components/flyout_sub_header.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/components/flyout_sub_header.tsx similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/components/flyout_sub_header.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/components/flyout_sub_header.tsx index 9abb54e8b180..14bebfbdc88d 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/components/flyout_sub_header.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/components/flyout_sub_header.tsx @@ -74,3 +74,5 @@ export const FlyoutSubHeader = memo( ); } ); + +FlyoutSubHeader.displayName = 'FlyoutSubHeader'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/host_details.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/host_details.tsx similarity index 76% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/host_details.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/host_details.tsx index 2ded0e4b3123..eb265675d3a2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/host_details.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/host_details.tsx @@ -16,14 +16,14 @@ import { import React, { memo, useMemo } from 'react'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; -import { HostMetadata } from '../../../../../../common/types'; -import { FormattedDateAndTime } from '../../formatted_date_time'; -import { LinkToApp } from '../../components/link_to_app'; +import { HostMetadata } from '../../../../common/endpoint/types'; import { useHostSelector, useHostLogsUrl } from '../hooks'; import { urlFromQueryParams } from '../url_from_query_params'; -import { policyResponseStatus, uiQueryParams } from '../../../store/hosts/selectors'; -import { useNavigateByRouterEventHandler } from '../../hooks/use_navigate_by_router_event_handler'; +import { policyResponseStatus, uiQueryParams } from '../../store/selectors'; import { POLICY_STATUS_TO_HEALTH_COLOR } from '../host_constants'; +import { FormattedDateAndTime } from '../../../common/components/endpoint/formatted_date_time'; +import { useNavigateByRouterEventHandler } from '../../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { LinkToApp } from '../../../common/components/endpoint/link_to_app'; const HostIds = styled(EuiListGroupItem)` margin-top: 0; @@ -41,19 +41,19 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { const detailsResultsUpper = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.host.details.os', { + title: i18n.translate('xpack.siem.endpoint.host.details.os', { defaultMessage: 'OS', }), description: details.host.os.full, }, { - title: i18n.translate('xpack.endpoint.host.details.lastSeen', { + title: i18n.translate('xpack.siem.endpoint.host.details.lastSeen', { defaultMessage: 'Last Seen', }), description: , }, { - title: i18n.translate('xpack.endpoint.host.details.alerts', { + title: i18n.translate('xpack.siem.endpoint.host.details.alerts', { defaultMessage: 'Alerts', }), description: '0', @@ -73,13 +73,13 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { const detailsResultsLower = useMemo(() => { return [ { - title: i18n.translate('xpack.endpoint.host.details.policy', { + title: i18n.translate('xpack.siem.endpoint.host.details.policy', { defaultMessage: 'Policy', }), description: details.endpoint.policy.id, }, { - title: i18n.translate('xpack.endpoint.host.details.policyStatus', { + title: i18n.translate('xpack.siem.endpoint.host.details.policyStatus', { defaultMessage: 'Policy Status', }), description: ( @@ -90,11 +90,11 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { {/* eslint-disable-next-line @elastic/eui/href-or-on-click */} @@ -103,7 +103,7 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { ), }, { - title: i18n.translate('xpack.endpoint.host.details.ipAddress', { + title: i18n.translate('xpack.siem.endpoint.host.details.ipAddress', { defaultMessage: 'IP Address', }), description: ( @@ -115,13 +115,13 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { ), }, { - title: i18n.translate('xpack.endpoint.host.details.hostname', { + title: i18n.translate('xpack.siem.endpoint.host.details.hostname', { defaultMessage: 'Hostname', }), description: details.host.hostname, }, { - title: i18n.translate('xpack.endpoint.host.details.sensorVersion', { + title: i18n.translate('xpack.siem.endpoint.host.details.sensorVersion', { defaultMessage: 'Sensor Version', }), description: details.agent.version, @@ -159,7 +159,7 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { data-test-subj="hostDetailsLinkToLogs" > @@ -167,3 +167,5 @@ export const HostDetails = memo(({ details }: { details: HostMetadata }) => { ); }); + +HostDetails.displayName = 'HostDetails'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/index.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/index.tsx similarity index 86% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/index.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/index.tsx index e4121503b4a9..9904306a76e9 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/index.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/index.tsx @@ -18,7 +18,7 @@ import { import { useHistory } from 'react-router-dom'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; -import { useKibana } from '../../../../../../../../../src/plugins/kibana_react/public'; +import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; import { useHostSelector } from '../hooks'; import { urlFromQueryParams } from '../url_from_query_params'; import { @@ -32,12 +32,12 @@ import { policyResponseFailedOrWarningActionCount, policyResponseError, policyResponseLoading, -} from '../../../store/hosts/selectors'; +} from '../../store/selectors'; import { HostDetails } from './host_details'; import { PolicyResponse } from './policy_response'; -import { HostMetadata } from '../../../../../../common/types'; +import { HostMetadata } from '../../../../common/endpoint/types'; import { FlyoutSubHeader, FlyoutSubHeaderProps } from './components/flyout_sub_header'; -import { useNavigateByRouterEventHandler } from '../../hooks/use_navigate_by_router_event_handler'; +import { useNavigateByRouterEventHandler } from '../../../common/hooks/endpoint/use_navigate_by_router_event_handler'; export const HostDetailsFlyout = memo(() => { const history = useHistory(); @@ -58,13 +58,13 @@ export const HostDetailsFlyout = memo(() => { notifications.toasts.danger({ title: ( ), body: ( ), @@ -104,6 +104,8 @@ export const HostDetailsFlyout = memo(() => { ); }); +HostDetailsFlyout.displayName = 'HostDetailsFlyout'; + const PolicyResponseFlyoutPanel = memo<{ hostMeta: HostMetadata; }>(({ hostMeta }) => { @@ -124,10 +126,10 @@ const PolicyResponseFlyoutPanel = memo<{ const backToDetailsClickHandler = useNavigateByRouterEventHandler(detailsUri); const backButtonProp = useMemo((): FlyoutSubHeaderProps['backButton'] => { return { - title: i18n.translate('xpack.endpoint.host.policyResponse.backLinkTitle', { + title: i18n.translate('xpack.siem.endpoint.host.policyResponse.backLinkTitle', { defaultMessage: 'Endpoint Details', }), - href: '?' + detailsUri.search, + href: `?${detailsUri.search}`, onClick: backToDetailsClickHandler, }; }, [backToDetailsClickHandler, detailsUri.search]); @@ -142,7 +144,7 @@ const PolicyResponseFlyoutPanel = memo<{

@@ -151,7 +153,7 @@ const PolicyResponseFlyoutPanel = memo<{ } @@ -169,3 +171,5 @@ const PolicyResponseFlyoutPanel = memo<{ ); }); + +PolicyResponseFlyoutPanel.displayName = 'PolicyResponseFlyoutPanel'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response.tsx similarity index 95% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response.tsx index 24ae3e2b0f03..58ff9a17643b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response.tsx @@ -5,16 +5,21 @@ */ import React, { memo, useMemo } from 'react'; import styled from 'styled-components'; -import { EuiAccordion, EuiNotificationBadge, EuiHealth } from '@elastic/eui'; -import { EuiText } from '@elastic/eui'; -import { htmlIdGenerator } from '@elastic/eui'; import { - HostPolicyResponseAppliedAction, - HostPolicyResponseConfiguration, - Immutable, -} from '../../../../../../common/types'; + EuiAccordion, + EuiNotificationBadge, + EuiHealth, + EuiText, + htmlIdGenerator, +} from '@elastic/eui'; + import { formatResponse } from './policy_response_friendly_names'; import { POLICY_STATUS_TO_HEALTH_COLOR } from '../host_constants'; +import { + Immutable, + HostPolicyResponseAppliedAction, + HostPolicyResponseConfiguration, +} from '../../../../common/endpoint/types'; /** * Nested accordion in the policy response detailing any concerned @@ -110,6 +115,8 @@ const ResponseActions = memo( } ); +ResponseActions.displayName = 'ResponseActions'; + /** * A policy response is returned by the endpoint and shown in the host details after a user modifies a policy */ @@ -158,3 +165,5 @@ export const PolicyResponse = memo( ); } ); + +PolicyResponse.displayName = 'PolicyResponse'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response_friendly_names.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response_friendly_names.ts similarity index 54% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response_friendly_names.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response_friendly_names.ts index 8eaacb31b4f8..2f05840567a5 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/details/policy_response_friendly_names.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/details/policy_response_friendly_names.ts @@ -9,163 +9,166 @@ import { i18n } from '@kbn/i18n'; const responseMap = new Map(); responseMap.set( 'success', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.success', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.success', { defaultMessage: 'Success', }) ); responseMap.set( 'warning', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.warning', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.warning', { defaultMessage: 'Warning', }) ); responseMap.set( 'failure', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.failed', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.failed', { defaultMessage: 'Failed', }) ); responseMap.set( 'logging', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.logging', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.logging', { defaultMessage: 'Logging', }) ); responseMap.set( 'streaming', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.streaming', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.streaming', { defaultMessage: 'Streaming', }) ); responseMap.set( 'malware', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.malware', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.malware', { defaultMessage: 'Malware', }) ); responseMap.set( 'events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.events', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.events', { defaultMessage: 'Events', }) ); responseMap.set( 'configure_elasticsearch_connection', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureElasticSearchConnection', { - defaultMessage: 'Configure Elastic Search Connection', - }) + i18n.translate( + 'xpack.siem.endpoint.hostDetails.policyResponse.configureElasticSearchConnection', + { + defaultMessage: 'Configure Elastic Search Connection', + } + ) ); responseMap.set( 'configure_logging', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureLogging', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.configureLogging', { defaultMessage: 'Configure Logging', }) ); responseMap.set( 'configure_kernel', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureKernel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.configureKernel', { defaultMessage: 'Configure Kernel', }) ); responseMap.set( 'configure_malware', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.configureMalware', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.configureMalware', { defaultMessage: 'Configure Malware', }) ); responseMap.set( 'connect_kernel', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.connectKernel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.connectKernel', { defaultMessage: 'Connect Kernel', }) ); responseMap.set( 'detect_file_open_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectFileOpenEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectFileOpenEvents', { defaultMessage: 'Detect File Open Events', }) ); responseMap.set( 'detect_file_write_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectFileWriteEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectFileWriteEvents', { defaultMessage: 'Detect File Write Events', }) ); responseMap.set( 'detect_image_load_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectImageLoadEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectImageLoadEvents', { defaultMessage: 'Detect Image Load Events', }) ); responseMap.set( 'detect_process_events', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.detectProcessEvents', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.detectProcessEvents', { defaultMessage: 'Detect Process Events', }) ); responseMap.set( 'download_global_artifacts', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.downloadGlobalArtifacts', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.downloadGlobalArtifacts', { defaultMessage: 'Download Global Artifacts', }) ); responseMap.set( 'load_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.loadConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.loadConfig', { defaultMessage: 'Load Config', }) ); responseMap.set( 'load_malware_model', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.loadMalwareModel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.loadMalwareModel', { defaultMessage: 'Load Malware Model', }) ); responseMap.set( 'read_elasticsearch_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readElasticSearchConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readElasticSearchConfig', { defaultMessage: 'Read ElasticSearch Config', }) ); responseMap.set( 'read_events_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readEventsConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readEventsConfig', { defaultMessage: 'Read Events Config', }) ); responseMap.set( 'read_kernel_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readKernelConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readKernelConfig', { defaultMessage: 'Read Kernel Config', }) ); responseMap.set( 'read_logging_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readLoggingConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readLoggingConfig', { defaultMessage: 'Read Logging Config', }) ); responseMap.set( 'read_malware_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.readMalwareConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.readMalwareConfig', { defaultMessage: 'Read Malware Config', }) ); responseMap.set( 'workflow', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.workflow', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.workflow', { defaultMessage: 'Workflow', }) ); responseMap.set( 'download_model', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.downloadModel', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.downloadModel', { defaultMessage: 'Download Model', }) ); responseMap.set( 'ingest_events_config', - i18n.translate('xpack.endpoint.hostDetails.policyResponse.injestEventsConfig', { + i18n.translate('xpack.siem.endpoint.hostDetails.policyResponse.injestEventsConfig', { defaultMessage: 'Injest Events Config', }) ); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/hooks.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/hooks.ts similarity index 78% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/hooks.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/hooks.ts index eb242f5c535f..727f601dd767 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/hooks.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/hooks.ts @@ -6,12 +6,13 @@ import { useSelector } from 'react-redux'; import { useMemo } from 'react'; -import { GlobalState, HostState } from '../../types'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +import { HostState } from '../types'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; +import { State } from '../../common/store/reducer'; export function useHostSelector(selector: (state: HostState) => TSelected) { - return useSelector(function(state: GlobalState) { - return selector(state.hostList); + return useSelector(function(state: State) { + return selector(state.hostList as HostState); }); } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/host_constants.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/host_constants.ts similarity index 87% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/host_constants.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/host_constants.ts index 08b2608698a6..efad4e3a468d 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/host_constants.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/host_constants.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HostPolicyResponseActionStatus, HostStatus } from '../../../../../common/types'; +import { HostStatus, HostPolicyResponseActionStatus } from '../../../common/endpoint/types'; export const HOST_STATUS_TO_HEALTH_COLOR = Object.freeze< { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.test.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/index.test.tsx similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.test.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/index.test.tsx index c3066dc41fa2..bb09323f547c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/index.test.tsx @@ -6,16 +6,17 @@ import React from 'react'; import * as reactTestingLibrary from '@testing-library/react'; -import { fireEvent } from '@testing-library/react'; -import { AppAction } from '../../types'; + import { HostList } from './index'; +import { mockHostDetailsApiResult, mockHostResultList } from '../store/mock_host_result_list'; +import { AppContextTestRender, createAppRootMockRenderer } from '../../common/mock/endpoint'; import { - mockHostDetailsApiResult, - mockHostResultList, -} from '../../store/hosts/mock_host_result_list'; -import { AppContextTestRender, createAppRootMockRenderer } from '../../mocks'; -import { HostInfo, HostStatus, HostPolicyResponseActionStatus } from '../../../../../common/types'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; + HostInfo, + HostStatus, + HostPolicyResponseActionStatus, +} from '../../../common/endpoint/types'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; +import { AppAction } from '../../common/store/actions'; describe('when on the hosts page', () => { const docGenerator = new EndpointDocGenerator(); @@ -209,7 +210,7 @@ describe('when on the hosts page', () => { const policyStatusLink = await renderResult.findByTestId('policyStatusValue'); const userChangedUrlChecker = middlewareSpy.waitForAction('userChangedUrl'); reactTestingLibrary.act(() => { - fireEvent.click(policyStatusLink); + reactTestingLibrary.fireEvent.click(policyStatusLink); }); const changedUrlAction = await userChangedUrlChecker; expect(changedUrlAction.payload.search).toEqual( @@ -282,7 +283,7 @@ describe('when on the hosts page', () => { const renderResult = render(); const linkToLogs = await renderResult.findByTestId('hostDetailsLinkToLogs'); reactTestingLibrary.act(() => { - fireEvent.click(linkToLogs); + reactTestingLibrary.fireEvent.click(linkToLogs); }); }); @@ -297,7 +298,7 @@ describe('when on the hosts page', () => { const policyStatusLink = await renderResult.findByTestId('policyStatusValue'); const userChangedUrlChecker = middlewareSpy.waitForAction('userChangedUrl'); reactTestingLibrary.act(() => { - fireEvent.click(policyStatusLink); + reactTestingLibrary.fireEvent.click(policyStatusLink); }); await userChangedUrlChecker; reactTestingLibrary.act(() => { @@ -385,7 +386,7 @@ describe('when on the hosts page', () => { const subHeaderBackLink = await renderResult.findByTestId('flyoutSubHeaderBackButton'); const userChangedUrlChecker = middlewareSpy.waitForAction('userChangedUrl'); reactTestingLibrary.act(() => { - fireEvent.click(subHeaderBackLink); + reactTestingLibrary.fireEvent.click(subHeaderBackLink); }); const changedUrlAction = await userChangedUrlChecker; expect(changedUrlAction.payload.search).toEqual( diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.tsx b/x-pack/plugins/siem/public/endpoint_hosts/view/index.tsx similarity index 76% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.tsx rename to x-pack/plugins/siem/public/endpoint_hosts/view/index.tsx index 638dd190dcbc..10a7a7ea0d44 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/index.tsx +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/index.tsx @@ -8,6 +8,7 @@ import React, { useMemo, useCallback, memo } from 'react'; import { EuiHorizontalRule, EuiBasicTable, + EuiBasicTableColumn, EuiText, EuiLink, EuiHealth, @@ -17,16 +18,16 @@ import { useHistory } from 'react-router-dom'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { createStructuredSelector } from 'reselect'; -import { EuiBasicTableColumn } from '@elastic/eui'; + import { HostDetailsFlyout } from './details'; -import * as selectors from '../../store/hosts/selectors'; +import * as selectors from '../store/selectors'; import { useHostSelector } from './hooks'; -import { CreateStructuredSelector } from '../../types'; import { urlFromQueryParams } from './url_from_query_params'; -import { HostInfo, Immutable } from '../../../../../common/types'; -import { PageView } from '../components/page_view'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; import { HOST_STATUS_TO_HEALTH_COLOR } from './host_constants'; +import { useNavigateByRouterEventHandler } from '../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { CreateStructuredSelector } from '../../common/store'; +import { Immutable, HostInfo } from '../../../common/endpoint/types'; +import { PageView } from '../../common/components/endpoint/page_view'; const HostLink = memo<{ name: string; @@ -47,6 +48,7 @@ const HostLink = memo<{ ); }); +HostLink.displayName = 'HostLink'; const selector = (createStructuredSelector as CreateStructuredSelector)(selectors); export const HostList = () => { @@ -90,21 +92,22 @@ export const HostList = () => { return [ { field: 'metadata.host', - name: i18n.translate('xpack.endpoint.host.list.hostname', { + name: i18n.translate('xpack.siem.endpoint.host.list.hostname', { defaultMessage: 'Hostname', }), render: ({ hostname, id }: HostInfo['metadata']['host']) => { const newQueryParams = urlFromQueryParams({ ...queryParams, selected_host: id }); return ( - + ); }, }, { field: 'host_status', - name: i18n.translate('xpack.endpoint.host.list.hostStatus', { + name: i18n.translate('xpack.siem.endpoint.host.list.hostStatus', { defaultMessage: 'Host Status', }), + // eslint-disable-next-line react/display-name render: (hostStatus: HostInfo['host_status']) => { return ( { className="eui-textTruncate" > @@ -123,24 +126,26 @@ export const HostList = () => { }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.policy', { + name: i18n.translate('xpack.siem.endpoint.host.list.policy', { defaultMessage: 'Policy', }), truncateText: true, + // eslint-disable-next-line react/display-name render: () => { - return Policy Name; + return {'Policy Name'}; }, }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.policyStatus', { + name: i18n.translate('xpack.siem.endpoint.host.list.policyStatus', { defaultMessage: 'Policy Status', }), + // eslint-disable-next-line react/display-name render: () => { return ( @@ -149,7 +154,7 @@ export const HostList = () => { }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.alerts', { + name: i18n.translate('xpack.siem.endpoint.host.list.alerts', { defaultMessage: 'Alerts', }), dataType: 'number', @@ -159,16 +164,17 @@ export const HostList = () => { }, { field: 'metadata.host.os.name', - name: i18n.translate('xpack.endpoint.host.list.os', { + name: i18n.translate('xpack.siem.endpoint.host.list.os', { defaultMessage: 'Operating System', }), truncateText: true, }, { field: 'metadata.host.ip', - name: i18n.translate('xpack.endpoint.host.list.ip', { + name: i18n.translate('xpack.siem.endpoint.host.list.ip', { defaultMessage: 'IP Address', }), + // eslint-disable-next-line react/display-name render: (ip: string[]) => { return ( @@ -183,13 +189,13 @@ export const HostList = () => { }, { field: 'metadata.agent.version', - name: i18n.translate('xpack.endpoint.host.list.endpointVersion', { + name: i18n.translate('xpack.siem.endpoint.host.list.endpointVersion', { defaultMessage: 'Version', }), }, { field: '', - name: i18n.translate('xpack.endpoint.host.list.lastActive', { + name: i18n.translate('xpack.siem.endpoint.host.list.lastActive', { defaultMessage: 'Last Active', }), dataType: 'date', @@ -204,12 +210,12 @@ export const HostList = () => { {hasSelectedHost && } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/url_from_query_params.ts b/x-pack/plugins/siem/public/endpoint_hosts/view/url_from_query_params.ts similarity index 58% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/url_from_query_params.ts rename to x-pack/plugins/siem/public/endpoint_hosts/view/url_from_query_params.ts index 225aad8cab02..e3728d63aea7 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/hosts/url_from_query_params.ts +++ b/x-pack/plugins/siem/public/endpoint_hosts/view/url_from_query_params.ts @@ -4,12 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ +// eslint-disable-next-line import/no-nodejs-modules import querystring from 'querystring'; -import { EndpointAppLocation, HostIndexUIQueryParams } from '../../types'; -export function urlFromQueryParams( - queryParams: HostIndexUIQueryParams -): Partial { +import { HostIndexUIQueryParams } from '../types'; +import { AppLocation } from '../../../common/endpoint/types'; + +export function urlFromQueryParams(queryParams: HostIndexUIQueryParams): Partial { const search = querystring.stringify(queryParams); return { search, diff --git a/x-pack/plugins/siem/public/endpoint_policy/details.ts b/x-pack/plugins/siem/public/endpoint_policy/details.ts new file mode 100644 index 000000000000..1128bcfac6ab --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/details.ts @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getPolicyDetailsRoutes } from './routes'; +import { PolicyDetailsState } from './types'; +import { Immutable } from '../../common/endpoint/types'; +import { initialPolicyDetailsState, policyDetailsReducer } from './store/policy_details/reducer'; +import { policyDetailsMiddlewareFactory } from './store/policy_details/middleware'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; +import { substateMiddlewareFactory } from '../common/store'; + +export class EndpointPolicyDetails { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'policyDetails', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.policyDetails, + policyDetailsMiddlewareFactory(core, { data, ingestManager }) + ); + + return { + routes: getPolicyDetailsRoutes(), + store: { + initialState: { + policyDetails: initialPolicyDetailsState(), + }, + reducer: { policyDetails: policyDetailsReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/siem/public/endpoint_policy/list.ts b/x-pack/plugins/siem/public/endpoint_policy/list.ts new file mode 100644 index 000000000000..417931e64f44 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/list.ts @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SecuritySubPluginWithStore } from '../app/types'; +import { getPolicyListRoutes } from './routes'; +import { PolicyListState } from './types'; +import { Immutable } from '../../common/endpoint/types'; +import { initialPolicyListState, policyListReducer } from './store/policy_list/reducer'; +import { policyListMiddlewareFactory } from './store/policy_list/middleware'; +import { CoreStart } from '../../../../../src/core/public'; +import { StartPlugins } from '../types'; +import { substateMiddlewareFactory } from '../common/store'; + +export class EndpointPolicyList { + public setup() {} + + public start( + core: CoreStart, + plugins: StartPlugins + ): SecuritySubPluginWithStore<'policyList', Immutable> { + const { data, ingestManager } = plugins; + const middleware = substateMiddlewareFactory( + globalState => globalState.policyList, + policyListMiddlewareFactory(core, { data, ingestManager }) + ); + + return { + routes: getPolicyListRoutes(), + store: { + initialState: { + policyList: initialPolicyListState(), + }, + reducer: { policyList: policyListReducer }, + middleware, + }, + }; + } +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/models/policy_details_config.ts b/x-pack/plugins/siem/public/endpoint_policy/models/policy_details_config.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/models/policy_details_config.ts rename to x-pack/plugins/siem/public/endpoint_policy/models/policy_details_config.ts index 3e56b1ff14d6..44be5ddcc003 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/models/policy_details_config.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/models/policy_details_config.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { UIPolicyConfig } from '../../../../common/types'; +import { UIPolicyConfig } from '../../../common/endpoint/types'; /** * A typed Object.entries() function where the keys and values are typed based on the given object diff --git a/x-pack/plugins/siem/public/endpoint_policy/routes.tsx b/x-pack/plugins/siem/public/endpoint_policy/routes.tsx new file mode 100644 index 000000000000..be820f3f2c5d --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/routes.tsx @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { Route } from 'react-router-dom'; + +import { PolicyList, PolicyDetails } from './view'; + +export const getPolicyListRoutes = () => [ + , +]; + +export const getPolicyDetailsRoutes = () => [ + , +]; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/action.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/action.ts similarity index 86% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/action.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/action.ts index 4de3dac02a8e..ceb62a9f9ace 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/action.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/action.ts @@ -4,9 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -import { PolicyDetailsState, ServerApiError } from '../../types'; -import { GetAgentStatusResponse } from '../../../../../../ingest_manager/common/types/rest_spec'; -import { PolicyData, UIPolicyConfig } from '../../../../../common/types'; +import { GetAgentStatusResponse } from '../../../../../ingest_manager/common/types/rest_spec'; +import { PolicyData, UIPolicyConfig } from '../../../../common/endpoint/types'; +import { ServerApiError } from '../../../common/types'; +import { PolicyDetailsState } from '../../types'; interface ServerReturnedPolicyDetailsData { type: 'serverReturnedPolicyDetailsData'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.test.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.test.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.test.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.test.ts index dd4e63c95ee8..01a824ecc7b8 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.test.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.test.ts @@ -9,7 +9,7 @@ import { createStore, Dispatch, Store } from 'redux'; import { policyDetailsReducer, PolicyDetailsAction } from './index'; import { policyConfig } from './selectors'; import { clone } from '../../models/policy_details_config'; -import { factory as policyConfigFactory } from '../../../../../common/models/policy_config'; +import { factory as policyConfigFactory } from '../../../../common/endpoint/models/policy_config'; describe('policy details: ', () => { let store: Store; diff --git a/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts new file mode 100644 index 000000000000..88f090301cfa --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/index.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { PolicyDetailsState } from '../../types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; +import { Immutable } from '../../../../common/endpoint/types'; + +export { policyDetailsMiddlewareFactory } from './middleware'; +export { PolicyDetailsAction } from './action'; +export { policyDetailsReducer } from './reducer'; + +export interface EndpointPolicyDetailsStatePluginState { + policyDetails: Immutable; +} + +export interface EndpointPolicyDetailsStatePluginReducer { + policyDetails: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/middleware.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/middleware.ts similarity index 88% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/middleware.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/middleware.ts index d82273bfdb22..f908befe05aa 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/middleware.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ImmutableMiddlewareFactory, PolicyDetailsState, UpdatePolicyResponse } from '../../types'; +import { PolicyDetailsState, UpdatePolicyResponse } from '../../types'; import { policyIdFromParams, isOnPolicyDetailsPage, @@ -16,10 +16,13 @@ import { sendGetFleetAgentStatusForConfig, sendPutDatasource, } from '../policy_list/services/ingest'; -import { NewPolicyData, PolicyData } from '../../../../../common/types'; -import { factory as policyConfigFactory } from '../../../../../common/models/policy_config'; +import { NewPolicyData, PolicyData, Immutable } from '../../../../common/endpoint/types'; +import { factory as policyConfigFactory } from '../../../../common/endpoint/models/policy_config'; +import { ImmutableMiddlewareFactory } from '../../../common/store'; -export const policyDetailsMiddlewareFactory: ImmutableMiddlewareFactory = coreStart => { +export const policyDetailsMiddlewareFactory: ImmutableMiddlewareFactory> = coreStart => { const http = coreStart.http; return ({ getState, dispatch }) => next => async action => { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/reducer.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/reducer.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/reducer.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/reducer.ts index 9778f23d083a..ff441ba663cf 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/reducer.ts @@ -3,13 +3,13 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ - -import { AppAction } from '../action'; import { fullPolicy, isOnPolicyDetailsPage } from './selectors'; -import { PolicyDetailsState, ImmutableReducer } from '../../types'; -import { Immutable, PolicyConfig, UIPolicyConfig } from '../../../../../common/types'; +import { PolicyDetailsState } from '../../types'; +import { Immutable, PolicyConfig, UIPolicyConfig } from '../../../../common/endpoint/types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; -const initialPolicyDetailsState = (): PolicyDetailsState => { +export const initialPolicyDetailsState = (): PolicyDetailsState => { return { policyItem: undefined, isLoading: false, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/selectors.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/selectors.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/selectors.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_details/selectors.ts index 8ab6f77dc727..dfbbbf65ada2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_details/selectors.ts @@ -11,8 +11,8 @@ import { NewPolicyData, PolicyConfig, UIPolicyConfig, -} from '../../../../../common/types'; -import { factory as policyConfigFactory } from '../../../../../common/models/policy_config'; +} from '../../../../common/endpoint/types'; +import { factory as policyConfigFactory } from '../../../../common/endpoint/models/policy_config'; /** Returns the policy details */ export const policyDetails = (state: Immutable) => state.policyItem; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/action.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/action.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/action.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/action.ts index 4c379b742646..bedbcdae3306 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/action.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/action.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ServerApiError } from '../../types'; -import { PolicyData } from '../../../../../common/types'; +import { PolicyData } from '../../../../common/endpoint/types'; +import { ServerApiError } from '../../../common/types'; interface ServerReturnedPolicyListData { type: 'serverReturnedPolicyListData'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.test.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.test.ts similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.test.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.test.ts index 9912c9a81e6e..9b5606287958 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/index.test.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.test.ts @@ -4,27 +4,25 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EndpointAppLocation, PolicyListState } from '../../types'; -import { applyMiddleware, createStore, Store } from 'redux'; -import { AppAction } from '../action'; -import { policyListReducer } from './reducer'; +import { PolicyListState } from '../../types'; +import { Store, applyMiddleware, createStore } from 'redux'; + +import { coreMock } from '../../../../../../../src/core/public/mocks'; +import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../ingest_manager/common'; + +import { policyListReducer, initialPolicyListState } from './reducer'; import { policyListMiddlewareFactory } from './middleware'; -import { coreMock } from '../../../../../../../../src/core/public/mocks'; + import { isOnPolicyListPage, selectIsLoading, urlSearchParams } from './selectors'; -import { DepsStartMock, depsStartMock } from '../../mocks'; +import { DepsStartMock, depsStartMock } from '../../../common/mock/endpoint'; import { setPolicyListApiMockImplementation } from './test_mock_utils'; import { INGEST_API_DATASOURCES } from './services/ingest'; -import { Immutable } from '../../../../../common/types'; -import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../test_utils'; -import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../../ingest_manager/common'; +import { createSpyMiddleware, MiddlewareActionSpyHelper } from '../../../common/store/test_utils'; describe('policy list store concerns', () => { let fakeCoreStart: ReturnType; let depsStart: DepsStartMock; - type PolicyListStore = Store, Immutable>; - let store: PolicyListStore; - let getState: PolicyListStore['getState']; - let dispatch: PolicyListStore['dispatch']; + let store: Store; let waitForAction: MiddlewareActionSpyHelper['waitForAction']; beforeEach(() => { @@ -36,28 +34,27 @@ describe('policy list store concerns', () => { store = createStore( policyListReducer, + initialPolicyListState(), applyMiddleware(policyListMiddlewareFactory(fakeCoreStart, depsStart), actionSpyMiddleware) ); - getState = store.getState; - dispatch = store.dispatch; }); it('it does nothing on `userChangedUrl` if pathname is NOT `/policy`', async () => { - const state = getState(); + const state = store.getState(); expect(isOnPolicyListPage(state)).toBe(false); - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/foo', search: '', hash: '', - } as EndpointAppLocation, + }, }); - expect(getState()).toEqual(state); + expect(store.getState()).toEqual(state); }); it('it reports `isOnPolicyListPage` correctly when router pathname is `/policy`', async () => { - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -65,12 +62,12 @@ describe('policy list store concerns', () => { hash: '', }, }); - expect(isOnPolicyListPage(getState())).toBe(true); + expect(isOnPolicyListPage(store.getState())).toBe(true); }); it('it sets `isLoading` when `userChangedUrl`', async () => { - expect(selectIsLoading(getState())).toBe(false); - dispatch({ + expect(selectIsLoading(store.getState())).toBe(false); + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -78,13 +75,13 @@ describe('policy list store concerns', () => { hash: '', }, }); - expect(selectIsLoading(getState())).toBe(true); + expect(selectIsLoading(store.getState())).toBe(true); await waitForAction('serverReturnedPolicyListData'); - expect(selectIsLoading(getState())).toBe(false); + expect(selectIsLoading(store.getState())).toBe(false); }); it('it resets state on `userChangedUrl` and pathname is NOT `/policy`', async () => { - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -93,7 +90,7 @@ describe('policy list store concerns', () => { }, }); await waitForAction('serverReturnedPolicyListData'); - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/foo', @@ -101,7 +98,7 @@ describe('policy list store concerns', () => { hash: '', }, }); - expect(getState()).toEqual({ + expect(store.getState()).toEqual({ apiError: undefined, location: undefined, policyItems: [], @@ -112,7 +109,7 @@ describe('policy list store concerns', () => { }); }); it('uses default pagination params when not included in url', async () => { - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -132,7 +129,7 @@ describe('policy list store concerns', () => { describe('when url contains search params', () => { const dispatchUserChangedUrl = (searchParams: string = '') => - dispatch({ + store.dispatch({ type: 'userChangedUrl', payload: { pathname: '/policy', @@ -154,12 +151,12 @@ describe('policy list store concerns', () => { }); it('uses defaults for params not in url', async () => { dispatchUserChangedUrl('?page_index=99'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 99, page_size: 10, }); dispatchUserChangedUrl('?page_size=50'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 0, page_size: 50, }); @@ -199,14 +196,14 @@ describe('policy list store concerns', () => { }); it(`ignores unknown url search params`, async () => { dispatchUserChangedUrl('?page_size=20&page_index=10&foo=bar'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 10, page_size: 20, }); }); it(`uses last param value if param is defined multiple times`, async () => { dispatchUserChangedUrl('?page_size=20&page_size=50&page_index=20&page_index=40'); - expect(urlSearchParams(getState())).toEqual({ + expect(urlSearchParams(store.getState())).toEqual({ page_index: 40, page_size: 50, }); diff --git a/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts new file mode 100644 index 000000000000..a4f51fcf0ec6 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/index.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { PolicyListState } from '../../types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; +import { Immutable } from '../../../../common/endpoint/types'; +export { policyListReducer } from './reducer'; +export { PolicyListAction } from './action'; +export { policyListMiddlewareFactory } from './middleware'; + +export interface EndpointPolicyListStatePluginState { + policyList: Immutable; +} + +export interface EndpointPolicyListStatePluginReducer { + policyList: ImmutableReducer; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/middleware.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/middleware.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/middleware.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/middleware.ts index 78ebacd97184..b74ffec6ed89 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/middleware.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/middleware.ts @@ -4,18 +4,21 @@ * you may not use this file except in compliance with the Elastic License. */ -import { GetPolicyListResponse, ImmutableMiddlewareFactory, PolicyListState } from '../../types'; +import { GetPolicyListResponse, PolicyListState } from '../../types'; import { sendGetEndpointSpecificDatasources } from './services/ingest'; import { isOnPolicyListPage, urlSearchParams } from './selectors'; +import { ImmutableMiddlewareFactory } from '../../../common/store'; +import { Immutable } from '../../../../common/endpoint/types'; -export const policyListMiddlewareFactory: ImmutableMiddlewareFactory = coreStart => { +export const policyListMiddlewareFactory: ImmutableMiddlewareFactory> = coreStart => { const http = coreStart.http; return ({ getState, dispatch }) => next => async action => { next(action); const state = getState(); - if (action.type === 'userChangedUrl' && isOnPolicyListPage(state)) { const { page_index: pageIndex, page_size: pageSize } = urlSearchParams(state); let response: GetPolicyListResponse; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/reducer.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/reducer.ts similarity index 84% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/reducer.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/reducer.ts index ccd3f84dd060..80e890602c92 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/reducer.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/reducer.ts @@ -4,12 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { PolicyListState, ImmutableReducer } from '../../types'; -import { AppAction } from '../action'; +import { PolicyListState } from '../../types'; import { isOnPolicyListPage } from './selectors'; -import { Immutable } from '../../../../../common/types'; +import { ImmutableReducer } from '../../../common/store'; +import { AppAction } from '../../../common/store/actions'; +import { Immutable } from '../../../../common/endpoint/types'; -const initialPolicyListState = (): PolicyListState => { +export const initialPolicyListState = (): PolicyListState => { return { policyItems: [], isLoading: false, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/selectors.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/selectors.ts similarity index 97% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/selectors.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/selectors.ts index 4986a342cca1..15516a026ff6 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/selectors.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/selectors.ts @@ -7,7 +7,7 @@ import { createSelector } from 'reselect'; import { parse } from 'query-string'; import { PolicyListState, PolicyListUrlSearchParams } from '../../types'; -import { Immutable } from '../../../../../common/types'; +import { Immutable } from '../../../../common/endpoint/types'; const PAGE_SIZES = Object.freeze([10, 20, 50]); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.test.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.test.ts similarity index 94% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.test.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.test.ts index 46f4c09e05a7..df61bbe893c5 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.test.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.test.ts @@ -5,8 +5,8 @@ */ import { sendGetDatasource, sendGetEndpointSpecificDatasources } from './ingest'; -import { httpServiceMock } from '../../../../../../../../../src/core/public/mocks'; -import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../../../ingest_manager/common'; +import { httpServiceMock } from '../../../../../../../../src/core/public/mocks'; +import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../../ingest_manager/common'; describe('ingest service', () => { let http: ReturnType; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.ts similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.ts index 5c27680d6a35..312a3f7491ab 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/services/ingest.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/services/ingest.ts @@ -9,9 +9,9 @@ import { GetDatasourcesRequest, GetAgentStatusResponse, DATASOURCE_SAVED_OBJECT_TYPE, -} from '../../../../../../../ingest_manager/common'; +} from '../../../../../../ingest_manager/common'; import { GetPolicyListResponse, GetPolicyResponse, UpdatePolicyResponse } from '../../../types'; -import { NewPolicyData } from '../../../../../../common/types'; +import { NewPolicyData } from '../../../../../common/endpoint/types'; const INGEST_API_ROOT = `/api/ingest_manager`; export const INGEST_API_DATASOURCES = `${INGEST_API_ROOT}/datasources`; @@ -33,7 +33,7 @@ export const sendGetEndpointSpecificDatasources = ( query: { ...options.query, kuery: `${ - options?.query?.kuery ? options.query.kuery + ' and ' : '' + options?.query?.kuery ? `${options.query.kuery} and ` : '' }${DATASOURCE_SAVED_OBJECT_TYPE}.package.name: endpoint`, }, }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/test_mock_utils.ts b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/test_mock_utils.ts similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/test_mock_utils.ts rename to x-pack/plugins/siem/public/endpoint_policy/store/policy_list/test_mock_utils.ts index a1788b8f8021..b8fac21b76a2 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/policy_list/test_mock_utils.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/store/policy_list/test_mock_utils.ts @@ -6,7 +6,7 @@ import { HttpStart } from 'kibana/public'; import { INGEST_API_DATASOURCES } from './services/ingest'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data'; import { GetPolicyListResponse } from '../../types'; const generator = new EndpointDocGenerator('policy-list'); diff --git a/x-pack/plugins/siem/public/endpoint_policy/types.ts b/x-pack/plugins/siem/public/endpoint_policy/types.ts new file mode 100644 index 000000000000..ba4214058978 --- /dev/null +++ b/x-pack/plugins/siem/public/endpoint_policy/types.ts @@ -0,0 +1,173 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + PolicyData, + Immutable, + MalwareFields, + UIPolicyConfig, + AppLocation, +} from '../../common/endpoint/types'; +import { ServerApiError } from '../common/types'; +import { + GetAgentStatusResponse, + GetDatasourcesResponse, + GetOneDatasourceResponse, + UpdateDatasourceResponse, +} from '../../../ingest_manager/common'; + +/** + * Policy list store state + */ +export interface PolicyListState { + /** Array of policy items */ + policyItems: PolicyData[]; + /** API error if loading data failed */ + apiError?: ServerApiError; + /** total number of policies */ + total: number; + /** Number of policies per page */ + pageSize: number; + /** page number (zero based) */ + pageIndex: number; + /** data is being retrieved from server */ + isLoading: boolean; + /** current location information */ + location?: Immutable; +} + +/** + * Policy details store state + */ +export interface PolicyDetailsState { + /** A single policy item */ + policyItem?: PolicyData; + /** API error if loading data failed */ + apiError?: ServerApiError; + isLoading: boolean; + /** current location of the application */ + location?: Immutable; + /** A summary of stats for the agents associated with a given Fleet Agent Configuration */ + agentStatusSummary?: GetAgentStatusResponse['results']; + /** Status of an update to the policy */ + updateStatus?: { + success: boolean; + error?: ServerApiError; + }; +} + +/** + * The URL search params that are supported by the Policy List page view + */ +export interface PolicyListUrlSearchParams { + page_index: number; + page_size: number; +} + +/** + * Endpoint Policy configuration + */ +export interface PolicyConfig { + windows: { + events: { + dll_and_driver_load: boolean; + dns: boolean; + file: boolean; + network: boolean; + process: boolean; + registry: boolean; + security: boolean; + }; + malware: MalwareFields; + logging: { + stdout: string; + file: string; + }; + advanced: PolicyConfigAdvancedOptions; + }; + mac: { + events: { + file: boolean; + process: boolean; + network: boolean; + }; + malware: MalwareFields; + logging: { + stdout: string; + file: string; + }; + advanced: PolicyConfigAdvancedOptions; + }; + linux: { + events: { + file: boolean; + process: boolean; + network: boolean; + }; + logging: { + stdout: string; + file: string; + }; + advanced: PolicyConfigAdvancedOptions; + }; +} + +interface PolicyConfigAdvancedOptions { + elasticsearch: { + indices: { + control: string; + event: string; + logging: string; + }; + kernel: { + connect: boolean; + process: boolean; + }; + }; +} + +export enum OS { + windows = 'windows', + mac = 'mac', + linux = 'linux', +} + +/** + * Returns the keys of an object whose values meet a criteria. + * Ex) interface largeNestedObject = { + * a: { + * food: Foods; + * toiletPaper: true; + * }; + * b: { + * food: Foods; + * streamingServices: Streams; + * }; + * c: {}; + * } + * + * type hasFoods = KeysByValueCriteria; + * The above type will be: [a, b] only, and will not include c. + * + */ +export type KeysByValueCriteria = { + [K in keyof O]: O[K] extends Criteria ? K : never; +}[keyof O]; + +/** Returns an array of the policy OSes that have a malware protection field */ +export type MalwareProtectionOSes = KeysByValueCriteria; + +export interface GetPolicyListResponse extends GetDatasourcesResponse { + items: PolicyData[]; +} + +export interface GetPolicyResponse extends GetOneDatasourceResponse { + item: PolicyData; +} + +export interface UpdatePolicyResponse extends UpdateDatasourceResponse { + item: PolicyData; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/agents_summary.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/agents_summary.tsx similarity index 82% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/agents_summary.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/agents_summary.tsx index a3e30eb891db..215e52dedf5d 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/agents_summary.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/agents_summary.tsx @@ -31,28 +31,28 @@ export const AgentsSummary = memo(props => { return [ { key: 'total', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.totalTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.totalTitle', { defaultMessage: 'Hosts', }), health: '', }, { key: 'online', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.onlineTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.onlineTitle', { defaultMessage: 'Online', }), health: 'success', }, { key: 'offline', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.offlineTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.offlineTitle', { defaultMessage: 'Offline', }), health: 'warning', }, { key: 'error', - title: i18n.translate('xpack.endpoint.policyDetails.agentsSummary.errorTitle', { + title: i18n.translate('xpack.siem.endpoint.policyDetails.agentsSummary.errorTitle', { defaultMessage: 'Error', }), health: 'danger', @@ -86,3 +86,5 @@ export const AgentsSummary = memo(props => { ); }); + +AgentsSummary.displayName = 'AgentsSummary'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/index.ts b/x-pack/plugins/siem/public/endpoint_policy/view/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/index.ts rename to x-pack/plugins/siem/public/endpoint_policy/view/index.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.test.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.test.tsx similarity index 96% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.test.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_details.test.tsx index d780b7bde8af..35786b568ce1 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.test.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.test.tsx @@ -6,9 +6,10 @@ import React from 'react'; import { mount } from 'enzyme'; -import { createAppRootMockRenderer } from '../../mocks'; + import { PolicyDetails } from './policy_details'; -import { EndpointDocGenerator } from '../../../../../common/generate_data'; +import { EndpointDocGenerator } from '../../../common/endpoint/generate_data'; +import { createAppRootMockRenderer } from '../../common/mock/endpoint'; describe('Policy Details', () => { type FindReactWrapperResponse = ReturnType['find']>; @@ -57,7 +58,7 @@ describe('Policy Details', () => { if (typeof path === 'string') { // GET datasouce if (path === '/api/ingest_manager/datasources/1') { - asyncActions = asyncActions.then(async (): Promise => await sleep()); + asyncActions = asyncActions.then(async (): Promise => sleep()); return Promise.resolve({ item: policyDatasource, success: true, @@ -66,7 +67,7 @@ describe('Policy Details', () => { // GET Agent status for agent config if (path === '/api/ingest_manager/fleet/agent-status') { - asyncActions = asyncActions.then(async () => await sleep()); + asyncActions = asyncActions.then(async () => sleep()); return Promise.resolve({ results: { events: 0, total: 5, online: 3, error: 1, offline: 1 }, success: true, @@ -160,7 +161,7 @@ describe('Policy Details', () => { 'button[data-test-subj="confirmModalConfirmButton"]' ); http.put.mockImplementation((...args) => { - asyncActions = asyncActions.then(async () => await sleep()); + asyncActions = asyncActions.then(async () => sleep()); const [path] = args; if (typeof path === 'string') { if (path === '/api/ingest_manager/datasources/1') { diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.tsx similarity index 74% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_details.tsx index d9bb7eabcf7b..c928a374502a 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_details.tsx @@ -27,15 +27,15 @@ import { updateStatus, isLoading, apiError, -} from '../../store/policy_details/selectors'; -import { PageView, PageViewHeaderTitle } from '../components/page_view'; -import { AppAction } from '../../types'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; +} from '../store/policy_details/selectors'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; import { AgentsSummary } from './agents_summary'; import { VerticalDivider } from './vertical_divider'; import { WindowsEvents, MacEvents, LinuxEvents } from './policy_forms/events'; import { MalwareProtections } from './policy_forms/protections/malware'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; +import { AppAction } from '../../common/store/actions'; +import { useNavigateByRouterEventHandler } from '../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { PageView, PageViewHeaderTitle } from '../../common/components/endpoint/page_view'; export const PolicyDetails = React.memo(() => { const dispatch = useDispatch<(action: AppAction) => void>(); @@ -58,12 +58,12 @@ export const PolicyDetails = React.memo(() => { if (policyUpdateStatus.success) { notifications.toasts.success({ toastLifeTimeMs: 10000, - title: i18n.translate('xpack.endpoint.policy.details.updateSuccessTitle', { + title: i18n.translate('xpack.siem.endpoint.policy.details.updateSuccessTitle', { defaultMessage: 'Success!', }), body: ( @@ -72,7 +72,7 @@ export const PolicyDetails = React.memo(() => { } else { notifications.toasts.danger({ toastLifeTimeMs: 10000, - title: i18n.translate('xpack.endpoint.policy.details.updateErrorTitle', { + title: i18n.translate('xpack.siem.endpoint.policy.details.updateErrorTitle', { defaultMessage: 'Failed!', }), body: <>{policyUpdateStatus.error!.message}, @@ -122,10 +122,10 @@ export const PolicyDetails = React.memo(() => { iconType="arrowLeft" contentProps={{ style: { paddingLeft: '0' } }} onClick={handleBackToListOnClick} - href={services.http.basePath.get() + '/app/endpoint/policy'} + href={`${services.http.basePath.get()}/app/endpoint/policy`} > @@ -136,7 +136,12 @@ export const PolicyDetails = React.memo(() => { const headerRightContent = ( - + @@ -146,7 +151,10 @@ export const PolicyDetails = React.memo(() => { onClick={handleBackToListOnClick} data-test-subj="policyDetailsCancelButton" > - + @@ -157,7 +165,7 @@ export const PolicyDetails = React.memo(() => { onClick={handleSaveOnClick} isLoading={isPolicyLoading} > - + @@ -167,7 +175,7 @@ export const PolicyDetails = React.memo(() => { <> {showConfirm && ( @@ -181,7 +189,7 @@ export const PolicyDetails = React.memo(() => {

@@ -192,7 +200,7 @@ export const PolicyDetails = React.memo(() => {

@@ -208,6 +216,8 @@ export const PolicyDetails = React.memo(() => { ); }); +PolicyDetails.displayName = 'PolicyDetails'; + const ConfirmUpdate = React.memo<{ hostCount: number; onConfirm: () => void; @@ -217,19 +227,19 @@ const ConfirmUpdate = React.memo<{ @@ -255,7 +268,7 @@ const ConfirmUpdate = React.memo<{ )}

@@ -263,3 +276,5 @@ const ConfirmUpdate = React.memo<{ ); }); + +ConfirmUpdate.displayName = 'ConfirmUpdate'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/config_form.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/config_form.tsx similarity index 93% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/config_form.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/config_form.tsx index 341086c7cf75..a888aa6b4cd6 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/config_form.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/config_form.tsx @@ -52,7 +52,7 @@ export const ConfigForm: React.FC<{
- +
@@ -65,7 +65,7 @@ export const ConfigForm: React.FC<{
@@ -94,3 +94,5 @@ export const ConfigForm: React.FC<{ ); }); + +ConfigForm.displayName = 'ConfigForm'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/checkbox.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/checkbox.tsx similarity index 80% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/checkbox.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/checkbox.tsx index 74322ac8b993..9c2e19d0b96c 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/checkbox.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/checkbox.tsx @@ -5,13 +5,13 @@ */ import React, { useCallback, useMemo } from 'react'; -import { EuiCheckbox } from '@elastic/eui'; +import { EuiCheckbox, htmlIdGenerator } from '@elastic/eui'; import { useDispatch } from 'react-redux'; -import { htmlIdGenerator } from '@elastic/eui'; + import { usePolicyDetailsSelector } from '../../policy_hooks'; -import { policyConfig } from '../../../../store/policy_details/selectors'; -import { PolicyDetailsAction } from '../../../../store/policy_details'; -import { UIPolicyConfig } from '../../../../../../../common/types'; +import { policyConfig } from '../../../store/policy_details/selectors'; +import { PolicyDetailsAction } from '../../../store/policy_details'; +import { UIPolicyConfig } from '../../../../../common/endpoint/types'; export const EventsCheckbox = React.memo(function({ name, @@ -47,3 +47,5 @@ export const EventsCheckbox = React.memo(function({ /> ); }); + +EventsCheckbox.displayName = 'EventsCheckbox'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/index.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/index.tsx similarity index 100% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/index.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/index.tsx diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/linux.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/linux.tsx similarity index 74% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/linux.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/linux.tsx index c3d6bdba7c85..2b7b247e4276 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/linux.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/linux.tsx @@ -9,12 +9,12 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { EuiTitle, EuiText, EuiSpacer } from '@elastic/eui'; import { EventsCheckbox } from './checkbox'; -import { OS } from '../../../../types'; +import { OS } from '../../../types'; import { usePolicyDetailsSelector } from '../../policy_hooks'; -import { selectedLinuxEvents, totalLinuxEvents } from '../../../../store/policy_details/selectors'; +import { selectedLinuxEvents, totalLinuxEvents } from '../../../store/policy_details/selectors'; import { ConfigForm } from '../config_form'; -import { getIn, setIn } from '../../../../models/policy_details_config'; -import { UIPolicyConfig } from '../../../../../../../common/types'; +import { getIn, setIn } from '../../../models/policy_details_config'; +import { UIPolicyConfig } from '../../../../../common/endpoint/types'; export const LinuxEvents = React.memo(() => { const selected = usePolicyDetailsSelector(selectedLinuxEvents); @@ -27,21 +27,21 @@ export const LinuxEvents = React.memo(() => { protectionField: keyof UIPolicyConfig['linux']['events']; }> = [ { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.linux.events.file', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.linux.events.file', { defaultMessage: 'File', }), os: OS.linux, protectionField: 'file', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.linux.events.process', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.linux.events.process', { defaultMessage: 'Process', }), os: OS.linux, protectionField: 'process', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.linux.events.network', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.linux.events.network', { defaultMessage: 'Network', }), os: OS.linux, @@ -53,7 +53,7 @@ export const LinuxEvents = React.memo(() => {
@@ -79,7 +79,7 @@ export const LinuxEvents = React.memo(() => { return ( @@ -89,13 +89,13 @@ export const LinuxEvents = React.memo(() => { return ( { const selected = usePolicyDetailsSelector(selectedMacEvents); @@ -27,21 +27,21 @@ export const MacEvents = React.memo(() => { protectionField: keyof UIPolicyConfig['mac']['events']; }> = [ { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.mac.events.file', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.mac.events.file', { defaultMessage: 'File', }), os: OS.mac, protectionField: 'file', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.mac.events.process', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.mac.events.process', { defaultMessage: 'Process', }), os: OS.mac, protectionField: 'process', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.mac.events.network', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.mac.events.network', { defaultMessage: 'Network', }), os: OS.mac, @@ -53,7 +53,7 @@ export const MacEvents = React.memo(() => {
@@ -79,7 +79,7 @@ export const MacEvents = React.memo(() => { return ( @@ -89,13 +89,15 @@ export const MacEvents = React.memo(() => { return ( diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/windows.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/windows.tsx similarity index 67% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/windows.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/windows.tsx index 9d73f1286905..f95b097d85df 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_forms/events/windows.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_forms/events/windows.tsx @@ -9,15 +9,12 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { EuiTitle, EuiText, EuiSpacer } from '@elastic/eui'; import { EventsCheckbox } from './checkbox'; -import { OS } from '../../../../types'; +import { OS } from '../../../types'; import { usePolicyDetailsSelector } from '../../policy_hooks'; -import { - selectedWindowsEvents, - totalWindowsEvents, -} from '../../../../store/policy_details/selectors'; +import { selectedWindowsEvents, totalWindowsEvents } from '../../../store/policy_details/selectors'; import { ConfigForm } from '../config_form'; -import { setIn, getIn } from '../../../../models/policy_details_config'; -import { UIPolicyConfig, Immutable } from '../../../../../../../common/types'; +import { setIn, getIn } from '../../../models/policy_details_config'; +import { UIPolicyConfig, Immutable } from '../../../../../common/endpoint/types'; export const WindowsEvents = React.memo(() => { const selected = usePolicyDetailsSelector(selectedWindowsEvents); @@ -30,49 +27,52 @@ export const WindowsEvents = React.memo(() => { protectionField: keyof UIPolicyConfig['windows']['events']; }>> = [ { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.dllDriverLoad', { - defaultMessage: 'DLL and Driver Load', - }), + name: i18n.translate( + 'xpack.siem.endpoint.policyDetailsConfig.windows.events.dllDriverLoad', + { + defaultMessage: 'DLL and Driver Load', + } + ), os: OS.windows, protectionField: 'dll_and_driver_load', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.dns', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.dns', { defaultMessage: 'DNS', }), os: OS.windows, protectionField: 'dns', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.file', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.file', { defaultMessage: 'File', }), os: OS.windows, protectionField: 'file', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.network', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.network', { defaultMessage: 'Network', }), os: OS.windows, protectionField: 'network', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.process', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.process', { defaultMessage: 'Process', }), os: OS.windows, protectionField: 'process', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.registry', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.registry', { defaultMessage: 'Registry', }), os: OS.windows, protectionField: 'registry', }, { - name: i18n.translate('xpack.endpoint.policyDetailsConfig.windows.events.security', { + name: i18n.translate('xpack.siem.endpoint.policyDetailsConfig.windows.events.security', { defaultMessage: 'Security', }), os: OS.windows, @@ -84,7 +84,7 @@ export const WindowsEvents = React.memo(() => {
@@ -110,7 +110,7 @@ export const WindowsEvents = React.memo(() => { return ( @@ -120,13 +120,13 @@ export const WindowsEvents = React.memo(() => { return ( { return [ { id: ProtectionModes.detect, - label: i18n.translate('xpack.endpoint.policy.details.detect', { defaultMessage: 'Detect' }), + label: i18n.translate('xpack.siem.endpoint.policy.details.detect', { + defaultMessage: 'Detect', + }), protection: 'malware', }, { id: ProtectionModes.prevent, - label: i18n.translate('xpack.endpoint.policy.details.prevent', { + label: i18n.translate('xpack.siem.endpoint.policy.details.prevent', { defaultMessage: 'Prevent', }), protection: 'malware', }, { id: ProtectionModes.preventNotify, - label: i18n.translate('xpack.endpoint.policy.details.preventAndNotify', { + label: i18n.translate('xpack.siem.endpoint.policy.details.preventAndNotify', { defaultMessage: 'Prevent and notify user', }), protection: 'malware', @@ -129,7 +133,7 @@ export const MalwareProtections = React.memo(() => {
@@ -153,7 +157,7 @@ export const MalwareProtections = React.memo(() => { const protectionSwitch = useMemo(() => { return ( { return ( { ); }); + +MalwareProtections.displayName = 'MalwareProtections'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_hooks.ts b/x-pack/plugins/siem/public/endpoint_policy/view/policy_hooks.ts similarity index 63% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_hooks.ts rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_hooks.ts index 5bfce15d680b..9fadba85c524 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_hooks.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_hooks.ts @@ -5,14 +5,15 @@ */ import { useSelector } from 'react-redux'; -import { GlobalState, PolicyListState, PolicyDetailsState } from '../../types'; +import { PolicyListState, PolicyDetailsState } from '../types'; +import { State } from '../../common/store'; export function usePolicyListSelector(selector: (state: PolicyListState) => TSelected) { - return useSelector((state: GlobalState) => selector(state.policyList)); + return useSelector((state: State) => selector(state.policyList as PolicyListState)); } export function usePolicyDetailsSelector( selector: (state: PolicyDetailsState) => TSelected ) { - return useSelector((state: GlobalState) => selector(state.policyDetails)); + return useSelector((state: State) => selector(state.policyDetails as PolicyDetailsState)); } diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_list.tsx b/x-pack/plugins/siem/public/endpoint_policy/view/policy_list.tsx similarity index 79% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_list.tsx rename to x-pack/plugins/siem/public/endpoint_policy/view/policy_list.tsx index 39529e7c11ab..a9aea57239ed 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_list.tsx +++ b/x-pack/plugins/siem/public/endpoint_policy/view/policy_list.tsx @@ -9,7 +9,7 @@ import { EuiBasicTable, EuiText, EuiTableFieldDataColumnType, EuiLink } from '@e import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { useDispatch } from 'react-redux'; -import { useHistory, useLocation } from 'react-router-dom'; +import { useLocation, useHistory } from 'react-router-dom'; import { selectApiError, selectIsLoading, @@ -17,14 +17,14 @@ import { selectPageSize, selectPolicyItems, selectTotal, -} from '../../store/policy_list/selectors'; +} from '../store/policy_list/selectors'; import { usePolicyListSelector } from './policy_hooks'; -import { PolicyListAction } from '../../store/policy_list'; -import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public'; -import { PageView } from '../components/page_view'; -import { LinkToApp } from '../components/link_to_app'; -import { Immutable, PolicyData } from '../../../../../common/types'; -import { useNavigateByRouterEventHandler } from '../hooks/use_navigate_by_router_event_handler'; +import { PolicyListAction } from '../store/policy_list'; +import { useKibana } from '../../../../../../src/plugins/kibana_react/public'; +import { Immutable, PolicyData } from '../../../common/endpoint/types'; +import { useNavigateByRouterEventHandler } from '../../common/hooks/endpoint/use_navigate_by_router_event_handler'; +import { PageView } from '../../common/components/endpoint/page_view'; +import { LinkToApp } from '../../common/components/endpoint/link_to_app'; interface TableChangeCallbackArguments { page: { index: number; size: number }; @@ -88,9 +88,10 @@ export const PolicyList = React.memo(() => { () => [ { field: 'name', - name: i18n.translate('xpack.endpoint.policyList.nameField', { + name: i18n.translate('xpack.siem.endpoint.policyList.nameField', { defaultMessage: 'Policy Name', }), + // eslint-disable-next-line react/display-name render: (value: string, item: Immutable) => { const routeUri = `/policy/${item.id}`; return ( @@ -105,14 +106,14 @@ export const PolicyList = React.memo(() => { }, { field: 'revision', - name: i18n.translate('xpack.endpoint.policyList.revisionField', { + name: i18n.translate('xpack.siem.endpoint.policyList.revisionField', { defaultMessage: 'Revision', }), dataType: 'number', }, { field: 'package', - name: i18n.translate('xpack.endpoint.policyList.versionField', { + name: i18n.translate('xpack.siem.endpoint.policyList.versionField', { defaultMessage: 'Version', }), render(pkg) { @@ -121,14 +122,14 @@ export const PolicyList = React.memo(() => { }, { field: 'description', - name: i18n.translate('xpack.endpoint.policyList.descriptionField', { + name: i18n.translate('xpack.siem.endpoint.policyList.descriptionField', { defaultMessage: 'Description', }), truncateText: true, }, { field: 'config_id', - name: i18n.translate('xpack.endpoint.policyList.agentConfigField', { + name: i18n.translate('xpack.siem.endpoint.policyList.agentConfigField', { defaultMessage: 'Agent Configuration', }), render(version: string) { @@ -152,13 +153,13 @@ export const PolicyList = React.memo(() => { @@ -176,3 +177,5 @@ export const PolicyList = React.memo(() => { ); }); + +PolicyList.displayName = 'PolicyList'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/vertical_divider.ts b/x-pack/plugins/siem/public/endpoint_policy/view/vertical_divider.ts similarity index 91% rename from x-pack/plugins/endpoint/public/applications/endpoint/view/policy/vertical_divider.ts rename to x-pack/plugins/siem/public/endpoint_policy/view/vertical_divider.ts index c73f6f12bec8..918e94cb5b41 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/view/policy/vertical_divider.ts +++ b/x-pack/plugins/siem/public/endpoint_policy/view/vertical_divider.ts @@ -5,7 +5,7 @@ */ import styled from 'styled-components'; -import { EuiTheme } from '../../../../../../../legacy/common/eui_styled_components'; +import { EuiTheme } from '../../../../../legacy/common/eui_styled_components'; type SpacingOptions = keyof EuiTheme['eui']['spacerSizes']; diff --git a/x-pack/plugins/siem/public/index.ts b/x-pack/plugins/siem/public/index.ts index 46f72c1fa17c..36344a25e156 100644 --- a/x-pack/plugins/siem/public/index.ts +++ b/x-pack/plugins/siem/public/index.ts @@ -5,7 +5,8 @@ */ import { PluginInitializerContext } from '../../../../src/core/public'; -import { Plugin, PluginSetup, PluginStart } from './plugin'; +import { Plugin } from './plugin'; +import { PluginSetup, PluginStart } from './types'; export const plugin = (context: PluginInitializerContext): Plugin => new Plugin(context); diff --git a/x-pack/plugins/siem/public/plugin.tsx b/x-pack/plugins/siem/public/plugin.tsx index cc46025ddc4a..9bea77622072 100644 --- a/x-pack/plugins/siem/public/plugin.tsx +++ b/x-pack/plugins/siem/public/plugin.tsx @@ -14,51 +14,12 @@ import { Plugin as IPlugin, DEFAULT_APP_CATEGORIES, } from '../../../../src/core/public'; -import { - HomePublicPluginSetup, - FeatureCatalogueCategory, -} from '../../../../src/plugins/home/public'; -import { DataPublicPluginStart } from '../../../../src/plugins/data/public'; -import { EmbeddableStart } from '../../../../src/plugins/embeddable/public'; -import { Start as NewsfeedStart } from '../../../../src/plugins/newsfeed/public'; -import { Start as InspectorStart } from '../../../../src/plugins/inspector/public'; -import { UiActionsStart } from '../../../../src/plugins/ui_actions/public'; -import { UsageCollectionSetup } from '../../../../src/plugins/usage_collection/public'; -import { - TriggersAndActionsUIPublicPluginSetup as TriggersActionsSetup, - TriggersAndActionsUIPublicPluginStart as TriggersActionsStart, -} from '../../triggers_actions_ui/public'; -import { SecurityPluginSetup } from '../../security/public'; -import { APP_ID, APP_NAME, APP_PATH, APP_ICON } from '../common/constants'; +import { FeatureCatalogueCategory } from '../../../../src/plugins/home/public'; import { initTelemetry } from './common/lib/telemetry'; import { KibanaServices } from './common/lib/kibana/services'; import { serviceNowActionType, jiraActionType } from './common/lib/connectors'; - -export interface SetupPlugins { - home: HomePublicPluginSetup; - security: SecurityPluginSetup; - triggers_actions_ui: TriggersActionsSetup; - usageCollection?: UsageCollectionSetup; -} - -export interface StartPlugins { - data: DataPublicPluginStart; - embeddable: EmbeddableStart; - inspector: InspectorStart; - newsfeed?: NewsfeedStart; - triggers_actions_ui: TriggersActionsStart; - uiActions: UiActionsStart; -} - -export type StartServices = CoreStart & - StartPlugins & { - security: SecurityPluginSetup; - }; - -// eslint-disable-next-line @typescript-eslint/no-empty-interface -export interface PluginSetup {} -// eslint-disable-next-line @typescript-eslint/no-empty-interface -export interface PluginStart {} +import { PluginSetup, PluginStart, SetupPlugins, StartPlugins, StartServices } from './types'; +import { APP_ID, APP_NAME, APP_ICON, APP_PATH } from '../common/constants'; export class Plugin implements IPlugin { private kibanaVersion: string; @@ -102,6 +63,14 @@ export class Plugin implements IPlugin { describe('eventType', () => { diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event.ts b/x-pack/plugins/siem/public/resolver/models/process_event.ts similarity index 95% rename from x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event.ts rename to x-pack/plugins/siem/public/resolver/models/process_event.ts index a709d6caf46c..038e5b90b217 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/models/process_event.ts +++ b/x-pack/plugins/siem/public/resolver/models/process_event.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ResolverEvent } from '../../../../common/types'; -import * as event from '../../../../common/models/event'; +import * as event from '../../../common/endpoint/models/event'; +import { ResolverEvent } from '../../../common/endpoint/types'; import { ResolverProcessType } from '../types'; /** diff --git a/x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts b/x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts new file mode 100644 index 000000000000..be0895dbec4f --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/models/process_event_test_helpers.ts @@ -0,0 +1,42 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { defaults } from 'lodash/fp'; +import { LegacyEndpointEvent } from '../../../common/endpoint/types'; + +type DeepPartial = { [K in keyof T]?: DeepPartial }; +/** + * Creates a mock process event given the 'parts' argument, which can + * include all or some process event fields as determined by the ProcessEvent type. + * The only field that must be provided is the event's 'node_id' field. + * The other fields are populated by the function unless provided in 'parts' + */ +export function mockProcessEvent(parts: DeepPartial): LegacyEndpointEvent { + return defaults( + { + endgame: { + event_timestamp: 1, + event_type: 1, + unique_ppid: 0, + unique_pid: 1, + machine_id: '', + event_subtype_full: 'creation_event', + event_type_full: 'process_event', + process_name: '', + process_path: '', + timestamp_utc: '', + serial_event_id: 1, + }, + '@timestamp': 1582233383000, + agent: { + type: '', + id: '', + version: '', + }, + }, + parts + ); +} diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/actions.ts b/x-pack/plugins/siem/public/resolver/store/actions.ts similarity index 98% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/actions.ts rename to x-pack/plugins/siem/public/resolver/store/actions.ts index 462f6e251d5d..0963118ce14b 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/actions.ts +++ b/x-pack/plugins/siem/public/resolver/store/actions.ts @@ -5,7 +5,7 @@ */ import { CameraAction } from './camera'; import { DataAction } from './data'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; /** * When the user wants to bring a process node front-and-center on the map. diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts b/x-pack/plugins/siem/public/resolver/store/camera/action.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts rename to x-pack/plugins/siem/public/resolver/store/camera/action.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/animation.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/animation.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/animation.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/animation.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/index.ts b/x-pack/plugins/siem/public/resolver/store/camera/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/index.ts rename to x-pack/plugins/siem/public/resolver/store/camera/index.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/inverse_projection_matrix.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/inverse_projection_matrix.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/inverse_projection_matrix.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/inverse_projection_matrix.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/methods.ts b/x-pack/plugins/siem/public/resolver/store/camera/methods.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/methods.ts rename to x-pack/plugins/siem/public/resolver/store/camera/methods.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/panning.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/panning.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/panning.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/panning.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/projection_matrix.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/projection_matrix.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/projection_matrix.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/projection_matrix.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/reducer.ts b/x-pack/plugins/siem/public/resolver/store/camera/reducer.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/reducer.ts rename to x-pack/plugins/siem/public/resolver/store/camera/reducer.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scale_to_zoom.ts b/x-pack/plugins/siem/public/resolver/store/camera/scale_to_zoom.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scale_to_zoom.ts rename to x-pack/plugins/siem/public/resolver/store/camera/scale_to_zoom.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scaling_constants.ts b/x-pack/plugins/siem/public/resolver/store/camera/scaling_constants.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/scaling_constants.ts rename to x-pack/plugins/siem/public/resolver/store/camera/scaling_constants.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/selectors.ts b/x-pack/plugins/siem/public/resolver/store/camera/selectors.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/camera/selectors.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/test_helpers.ts b/x-pack/plugins/siem/public/resolver/store/camera/test_helpers.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/test_helpers.ts rename to x-pack/plugins/siem/public/resolver/store/camera/test_helpers.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/zooming.test.ts b/x-pack/plugins/siem/public/resolver/store/camera/zooming.test.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/zooming.test.ts rename to x-pack/plugins/siem/public/resolver/store/camera/zooming.test.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/__snapshots__/graphing.test.ts.snap b/x-pack/plugins/siem/public/resolver/store/data/__snapshots__/graphing.test.ts.snap similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/__snapshots__/graphing.test.ts.snap rename to x-pack/plugins/siem/public/resolver/store/data/__snapshots__/graphing.test.ts.snap diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/action.ts b/x-pack/plugins/siem/public/resolver/store/data/action.ts similarity index 94% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/action.ts rename to x-pack/plugins/siem/public/resolver/store/data/action.ts index 8c84d8f82b87..f6ef7b16ae68 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/action.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/action.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ResolverEvent } from '../../../../../common/types'; +import { ResolverEvent } from '../../../../common/endpoint/types'; import { RelatedEventDataEntry } from '../../types'; interface ServerReturnedResolverData { diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/graphing.test.ts b/x-pack/plugins/siem/public/resolver/store/data/graphing.test.ts similarity index 99% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/graphing.test.ts rename to x-pack/plugins/siem/public/resolver/store/data/graphing.test.ts index f95ecc63d2a6..69edf3b4c134 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/graphing.test.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/graphing.test.ts @@ -8,7 +8,7 @@ import { Store, createStore } from 'redux'; import { DataAction } from './action'; import { dataReducer } from './reducer'; import { DataState } from '../../types'; -import { LegacyEndpointEvent, ResolverEvent } from '../../../../../common/types'; +import { LegacyEndpointEvent, ResolverEvent } from '../../../../common/endpoint/types'; import { graphableProcesses, processNodePositionsAndEdgeLineSegments } from './selectors'; import { mockProcessEvent } from '../../models/process_event_test_helpers'; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/index.ts b/x-pack/plugins/siem/public/resolver/store/data/index.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/index.ts rename to x-pack/plugins/siem/public/resolver/store/data/index.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/reducer.ts b/x-pack/plugins/siem/public/resolver/store/data/reducer.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/reducer.ts rename to x-pack/plugins/siem/public/resolver/store/data/reducer.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/sample.ts b/x-pack/plugins/siem/public/resolver/store/data/sample.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/sample.ts rename to x-pack/plugins/siem/public/resolver/store/data/sample.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.test.ts b/x-pack/plugins/siem/public/resolver/store/data/selectors.test.ts similarity index 95% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.test.ts rename to x-pack/plugins/siem/public/resolver/store/data/selectors.test.ts index 561b0da12bcb..f6d2b978d6b4 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.test.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/selectors.test.ts @@ -1,59 +1,59 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { Store, createStore } from 'redux'; -import { DataAction } from './action'; -import { dataReducer } from './reducer'; -import { - DataState, - RelatedEventDataEntry, - RelatedEventDataEntryWithStats, - RelatedEventData, -} from '../../types'; -import { ResolverEvent } from '../../../../../common/types'; -import { relatedEventStats, relatedEvents } from './selectors'; - -describe('resolver data selectors', () => { - const store: Store = createStore(dataReducer, undefined); - describe('when related event data is reduced into state with no results', () => { - let relatedEventInfoBeforeAction: RelatedEventData; - beforeEach(() => { - relatedEventInfoBeforeAction = new Map(relatedEvents(store.getState()) || []); - const payload: Map = new Map(); - const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; - store.dispatch(action); - }); - it('should have the same related info as before the action', () => { - const relatedInfoAfterAction = relatedEvents(store.getState()); - expect(relatedInfoAfterAction).toEqual(relatedEventInfoBeforeAction); - }); - }); - describe('when related event data is reduced into state with 2 dns results', () => { - let mockBaseEvent: ResolverEvent; - beforeEach(() => { - mockBaseEvent = {} as ResolverEvent; - function dnsRelatedEventEntry() { - const fakeEvent = {} as ResolverEvent; - return { relatedEvent: fakeEvent, relatedEventType: 'dns' }; - } - const payload: Map = new Map([ - [ - mockBaseEvent, - { - relatedEvents: [dnsRelatedEventEntry(), dnsRelatedEventEntry()], - }, - ], - ]); - const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; - store.dispatch(action); - }); - it('should compile stats reflecting a count of 2 for dns', () => { - const actualStats = relatedEventStats(store.getState()); - const statsForFakeEvent = actualStats.get(mockBaseEvent)! as RelatedEventDataEntryWithStats; - expect(statsForFakeEvent.stats).toEqual({ dns: 2 }); - }); - }); -}); +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Store, createStore } from 'redux'; +import { DataAction } from './action'; +import { dataReducer } from './reducer'; +import { + DataState, + RelatedEventDataEntry, + RelatedEventDataEntryWithStats, + RelatedEventData, +} from '../../types'; +import { ResolverEvent } from '../../../../common/endpoint/types'; +import { relatedEventStats, relatedEvents } from './selectors'; + +describe('resolver data selectors', () => { + const store: Store = createStore(dataReducer, undefined); + describe('when related event data is reduced into state with no results', () => { + let relatedEventInfoBeforeAction: RelatedEventData; + beforeEach(() => { + relatedEventInfoBeforeAction = new Map(relatedEvents(store.getState()) || []); + const payload: Map = new Map(); + const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; + store.dispatch(action); + }); + it('should have the same related info as before the action', () => { + const relatedInfoAfterAction = relatedEvents(store.getState()); + expect(relatedInfoAfterAction).toEqual(relatedEventInfoBeforeAction); + }); + }); + describe('when related event data is reduced into state with 2 dns results', () => { + let mockBaseEvent: ResolverEvent; + beforeEach(() => { + mockBaseEvent = {} as ResolverEvent; + function dnsRelatedEventEntry() { + const fakeEvent = {} as ResolverEvent; + return { relatedEvent: fakeEvent, relatedEventType: 'dns' }; + } + const payload: Map = new Map([ + [ + mockBaseEvent, + { + relatedEvents: [dnsRelatedEventEntry(), dnsRelatedEventEntry()], + }, + ], + ]); + const action: DataAction = { type: 'serverReturnedRelatedEventData', payload }; + store.dispatch(action); + }); + it('should compile stats reflecting a count of 2 for dns', () => { + const actualStats = relatedEventStats(store.getState()); + const statsForFakeEvent = actualStats.get(mockBaseEvent)! as RelatedEventDataEntryWithStats; + expect(statsForFakeEvent.stats).toEqual({ dns: 2 }); + }); + }); +}); diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.ts b/x-pack/plugins/siem/public/resolver/store/data/selectors.ts similarity index 99% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/data/selectors.ts index 413f4db1cc99..ec6e937e03d9 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/data/selectors.ts +++ b/x-pack/plugins/siem/public/resolver/store/data/selectors.ts @@ -14,11 +14,12 @@ import { ProcessWithWidthMetadata, Matrix3, AdjacentProcessMap, + Vector2, RelatedEventData, RelatedEventDataEntryWithStats, } from '../../types'; -import { ResolverEvent } from '../../../../../common/types'; -import { Vector2 } from '../../types'; +import { ResolverEvent } from '../../../../common/endpoint/types'; + import { add as vector2Add, applyMatrix3 } from '../../lib/vector2'; import { isGraphableProcess, uniquePidForProcess } from '../../models/process_event'; import { @@ -160,6 +161,7 @@ function processEdgeLineSegments( * We only handle children, drawing lines back to their parents. The root has no parent, so we skip it */ if (metadata.parent === null) { + // eslint-disable-next-line no-continue continue; } const { process, parent, parentWidth } = metadata; @@ -435,6 +437,7 @@ export const relatedEventStats = createSelector(relatedEventResults, function ge if (newStatsEntry === 'error') { // If the entry is an error, return it as is relatedEventStats.set(updatedEvent, newStatsEntry); + // eslint-disable-next-line no-continue continue; } if (typeof newStatsEntry === 'object') { diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/index.ts b/x-pack/plugins/siem/public/resolver/store/index.ts similarity index 82% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/index.ts rename to x-pack/plugins/siem/public/resolver/store/index.ts index 2a20c7334734..203ecccb1d36 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/index.ts +++ b/x-pack/plugins/siem/public/resolver/store/index.ts @@ -6,14 +6,14 @@ import { createStore, applyMiddleware, Store } from 'redux'; import { composeWithDevTools } from 'redux-devtools-extension/developmentOnly'; -import { KibanaReactContextValue } from '../../../../../../../src/plugins/kibana_react/public'; +import { KibanaReactContextValue } from '../../../../../../src/plugins/kibana_react/public'; import { ResolverAction, ResolverState } from '../types'; -import { EndpointPluginServices } from '../../../plugin'; +import { StartServices } from '../../types'; import { resolverReducer } from './reducer'; import { resolverMiddlewareFactory } from './middleware'; export const storeFactory = ( - context?: KibanaReactContextValue + context?: KibanaReactContextValue ): { store: Store } => { const actionsBlacklist: Array = ['userMovedPointer']; const composeEnhancers = composeWithDevTools({ diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/methods.ts b/x-pack/plugins/siem/public/resolver/store/methods.ts similarity index 93% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/methods.ts rename to x-pack/plugins/siem/public/resolver/store/methods.ts index f15307a66238..389077025915 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/methods.ts +++ b/x-pack/plugins/siem/public/resolver/store/methods.ts @@ -7,7 +7,7 @@ import { animatePanning } from './camera/methods'; import { processNodePositionsAndEdgeLineSegments } from './selectors'; import { ResolverState } from '../types'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; const animationDuration = 1000; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/middleware.ts b/x-pack/plugins/siem/public/resolver/store/middleware.ts similarity index 93% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/middleware.ts rename to x-pack/plugins/siem/public/resolver/store/middleware.ts index 06758022b05c..f0d89e7bb5d5 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/middleware.ts +++ b/x-pack/plugins/siem/public/resolver/store/middleware.ts @@ -6,14 +6,14 @@ import { Dispatch, MiddlewareAPI } from 'redux'; import { HttpHandler } from 'kibana/public'; -import { KibanaReactContextValue } from '../../../../../../../src/plugins/kibana_react/public'; -import { EndpointPluginServices } from '../../../plugin'; +import { KibanaReactContextValue } from '../../../../../../src/plugins/kibana_react/public'; +import { StartServices } from '../../types'; import { ResolverState, ResolverAction, RelatedEventDataEntry } from '../types'; -import { ResolverEvent, ResolverNode } from '../../../../common/types'; -import * as event from '../../../../common/models/event'; +import { ResolverEvent, ResolverNode } from '../../../common/endpoint/types'; +import * as event from '../../../common/endpoint/models/event'; type MiddlewareFactory = ( - context?: KibanaReactContextValue + context?: KibanaReactContextValue ) => ( api: MiddlewareAPI, S> ) => (next: Dispatch) => (action: ResolverAction) => unknown; @@ -124,6 +124,7 @@ export const resolverMiddlewareFactory: MiddlewareFactory = context => { type: 'serverFailedToReturnRelatedEventData', payload: results[0], }); + // eslint-disable-next-line no-continue continue; } diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/reducer.ts b/x-pack/plugins/siem/public/resolver/store/reducer.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/reducer.ts rename to x-pack/plugins/siem/public/resolver/store/reducer.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/selectors.ts b/x-pack/plugins/siem/public/resolver/store/selectors.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/selectors.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/ui/selectors.ts b/x-pack/plugins/siem/public/resolver/store/ui/selectors.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/store/ui/selectors.ts rename to x-pack/plugins/siem/public/resolver/store/ui/selectors.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/types.ts b/x-pack/plugins/siem/public/resolver/types.ts similarity index 98% rename from x-pack/plugins/endpoint/public/embeddables/resolver/types.ts rename to x-pack/plugins/siem/public/resolver/types.ts index 32fefba8f0f2..e93a7856557c 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/types.ts +++ b/x-pack/plugins/siem/public/resolver/types.ts @@ -8,8 +8,8 @@ import { Store } from 'redux'; import { ResolverAction } from './store/actions'; export { ResolverAction } from './store/actions'; -import { ResolverEvent } from '../../../common/types'; -import { eventType } from '../../../common/models/event'; +import { ResolverEvent } from '../../common/endpoint/types'; +import { eventType } from '../../common/endpoint/models/event'; /** * Redux state for the Resolver feature. Properties on this interface are populated via multiple reducers using redux's `combineReducers`. diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/defs.tsx b/x-pack/plugins/siem/public/resolver/view/defs.tsx similarity index 95% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/defs.tsx rename to x-pack/plugins/siem/public/resolver/view/defs.tsx index 064645019ca3..d70ee7bc2358 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/defs.tsx +++ b/x-pack/plugins/siem/public/resolver/view/defs.tsx @@ -150,6 +150,8 @@ const PaintServers = memo(() => ( )); +PaintServers.displayName = 'PaintServers'; + /** * Ids of symbols to be linked by elements */ @@ -183,7 +185,7 @@ const SymbolsAndShapes = memo(() => ( /> - Running Process + {'Running Process'} ( /> - resolver_dark process running + {'resolver_dark process running'} ( /> - Terminated Process + {'Terminated Process'} ( - Terminated Trigger Process + {'Terminated Trigger Process'} ( - resolver active backing + {'resolver active backing'} ( )); +SymbolsAndShapes.displayName = 'SymbolsAndShapes'; + /** * This `` element is used to define the reusable assets for the Resolver * It confers several advantages, including but not limited to: @@ -379,16 +383,18 @@ const SymbolsAndShapes = memo(() => ( * 2. Separation of concerns between creative assets and more functional areas of the app * 3. `` elements can be handled by compositor (faster) */ -export const SymbolDefinitions = styled( - memo(({ className }: { className?: string }) => ( - - - - - - - )) -)` +const SymbolDefinitionsComponent = memo(({ className }: { className?: string }) => ( + + + + + + +)); + +SymbolDefinitionsComponent.displayName = 'SymbolDefinitions'; + +export const SymbolDefinitions = styled(SymbolDefinitionsComponent)` position: absolute; left: 100%; top: 100%; diff --git a/x-pack/plugins/siem/public/resolver/view/edge_line.tsx b/x-pack/plugins/siem/public/resolver/view/edge_line.tsx new file mode 100644 index 000000000000..2192422b7d31 --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/view/edge_line.tsx @@ -0,0 +1,80 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import styled from 'styled-components'; +import { applyMatrix3, distance, angle } from '../lib/vector2'; +import { Vector2, Matrix3 } from '../types'; + +/** + * A placeholder line segment view that connects process nodes. + */ +const EdgeLineComponent = React.memo( + ({ + className, + startPosition, + endPosition, + projectionMatrix, + }: { + /** + * A className string provided by `styled` + */ + className?: string; + /** + * The postion of first point in the line segment. In 'world' coordinates. + */ + startPosition: Vector2; + /** + * The postion of second point in the line segment. In 'world' coordinates. + */ + endPosition: Vector2; + /** + * projectionMatrix which can be used to convert `startPosition` and `endPosition` to screen coordinates. + */ + projectionMatrix: Matrix3; + }) => { + /** + * Convert the start and end positions, which are in 'world' coordinates, + * to `left` and `top` css values. + */ + const screenStart = applyMatrix3(startPosition, projectionMatrix); + const screenEnd = applyMatrix3(endPosition, projectionMatrix); + + /** + * We render the line using a short, long, `div` element. The length of this `div` + * should be the same as the distance between the start and end points. + */ + const length = distance(screenStart, screenEnd); + + const style = { + left: `${screenStart[0]}px`, + top: `${screenStart[1]}px`, + width: `${length}px`, + /** + * Transform from the left of the div, as the left side of the `div` is positioned + * at the start point of the line segment. + */ + transformOrigin: 'top left', + /** + * Translate the `div` in the y axis to accomodate for the height of the `div`. + * Also rotate the `div` in the z axis so that it's angle matches the angle + * between the start and end points. + */ + transform: `translateY(-50%) rotateZ(${angle(screenStart, screenEnd)}rad)`, + }; + return
; + } +); + +EdgeLineComponent.displayName = 'EdgeLine'; + +export const EdgeLine = styled(EdgeLineComponent)` + position: absolute; + height: 3px; + background-color: #d4d4d4; + color: #333333; + contain: strict; +`; diff --git a/x-pack/plugins/siem/public/resolver/view/graph_controls.tsx b/x-pack/plugins/siem/public/resolver/view/graph_controls.tsx new file mode 100644 index 000000000000..f5bc571434d6 --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/view/graph_controls.tsx @@ -0,0 +1,188 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +/* eslint-disable react/button-has-type */ + +import React, { useCallback, useMemo, useContext } from 'react'; +import styled from 'styled-components'; +import { EuiRange, EuiPanel, EuiIcon } from '@elastic/eui'; +import { useSelector, useDispatch } from 'react-redux'; +import { SideEffectContext } from './side_effect_context'; +import { ResolverAction, Vector2 } from '../types'; +import * as selectors from '../store/selectors'; + +/** + * Controls for zooming, panning, and centering in Resolver + */ +const GraphControlsComponent = React.memo( + ({ + className, + }: { + /** + * A className string provided by `styled` + */ + className?: string; + }) => { + const dispatch: (action: ResolverAction) => unknown = useDispatch(); + const scalingFactor = useSelector(selectors.scalingFactor); + const { timestamp } = useContext(SideEffectContext); + + const handleZoomAmountChange = useCallback( + (event: React.ChangeEvent | React.MouseEvent) => { + const valueAsNumber = parseFloat( + (event as React.ChangeEvent).target.value + ); + if (isNaN(valueAsNumber) === false) { + dispatch({ + type: 'userSetZoomLevel', + payload: valueAsNumber, + }); + } + }, + [dispatch] + ); + + const handleCenterClick = useCallback(() => { + dispatch({ + type: 'userSetPositionOfCamera', + payload: [0, 0], + }); + }, [dispatch]); + + const handleZoomOutClick = useCallback(() => { + dispatch({ + type: 'userClickedZoomOut', + }); + }, [dispatch]); + + const handleZoomInClick = useCallback(() => { + dispatch({ + type: 'userClickedZoomIn', + }); + }, [dispatch]); + + const [handleNorth, handleEast, handleSouth, handleWest] = useMemo(() => { + const directionVectors: readonly Vector2[] = [ + [0, 1], + [1, 0], + [0, -1], + [-1, 0], + ]; + return directionVectors.map(direction => { + return () => { + const action: ResolverAction = { + type: 'userNudgedCamera', + payload: { direction, time: timestamp() }, + }; + dispatch(action); + }; + }); + }, [dispatch, timestamp]); + + return ( +
+ +
+ +
+
+ + + +
+
+ +
+ + + + + + +
+ ); + } +); + +GraphControlsComponent.displayName = 'GraphControlsComponent'; + +export const GraphControls = styled(GraphControlsComponent)` + position: absolute; + top: 5px; + right: 5px; + background-color: #d4d4d4; + color: #333333; + + .zoom-controls { + display: flex; + flex-direction: column; + align-items: center; + padding: 5px 0px; + + .zoom-slider { + width: 20px; + height: 150px; + margin: 5px 0px 2px 0px; + + input[type='range'] { + width: 150px; + height: 20px; + transform-origin: 75px 75px; + transform: rotate(-90deg); + } + } + } + .panning-controls { + text-align: center; + } +`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/index.tsx b/x-pack/plugins/siem/public/resolver/view/index.tsx similarity index 94% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/index.tsx rename to x-pack/plugins/siem/public/resolver/view/index.tsx index 5275ba3ec5b4..26d7842bbbee 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/index.tsx +++ b/x-pack/plugins/siem/public/resolver/view/index.tsx @@ -17,7 +17,7 @@ import { ProcessEventDot } from './process_event_dot'; import { useCamera } from './use_camera'; import { SymbolDefinitions, NamedColors } from './defs'; import { ResolverAction } from '../types'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; const StyledPanel = styled(Panel)` position: absolute; @@ -29,12 +29,6 @@ const StyledPanel = styled(Panel)` max-width: 50%; `; -const StyledGraphControls = styled(GraphControls)` - position: absolute; - top: 5px; - right: 5px; -`; - const StyledResolverContainer = styled.div` display: flex; flex-grow: 1; @@ -81,7 +75,7 @@ export const Resolver = styled(
{' '}
@@ -123,7 +117,7 @@ export const Resolver = styled( )} - +
); diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/panel.tsx b/x-pack/plugins/siem/public/resolver/view/panel.tsx similarity index 77% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/panel.tsx rename to x-pack/plugins/siem/public/resolver/view/panel.tsx index 1250c1106b35..8039d2f53d80 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/panel.tsx +++ b/x-pack/plugins/siem/public/resolver/view/panel.tsx @@ -4,15 +4,20 @@ * you may not use this file except in compliance with the Elastic License. */ import React, { memo, useCallback, useMemo, useContext } from 'react'; -import { EuiPanel, EuiBadge, EuiBasicTableColumn } from '@elastic/eui'; -import { EuiTitle } from '@elastic/eui'; -import { EuiHorizontalRule, EuiInMemoryTable } from '@elastic/eui'; +import { + EuiPanel, + EuiBadge, + EuiBasicTableColumn, + EuiTitle, + EuiHorizontalRule, + EuiInMemoryTable, +} from '@elastic/eui'; import euiVars from '@elastic/eui/dist/eui_theme_light.json'; import { useSelector } from 'react-redux'; import { i18n } from '@kbn/i18n'; import { SideEffectContext } from './side_effect_context'; -import { ResolverEvent } from '../../../../common/types'; -import * as event from '../../../../common/models/event'; +import { ResolverEvent } from '../../../common/endpoint/types'; +import * as event from '../../../common/endpoint/models/event'; import { useResolverDispatch } from './use_resolver_dispatch'; import * as selectors from '../store/selectors'; @@ -94,7 +99,7 @@ export const Panel = memo(function Event({ className }: { className?: string }) () => [ { field: 'name', - name: i18n.translate('xpack.endpoint.resolver.panel.tabel.row.processNameTitle', { + name: i18n.translate('xpack.siem.endpoint.resolver.panel.tabel.row.processNameTitle', { defaultMessage: 'Process Name', }), sortable: true, @@ -102,9 +107,12 @@ export const Panel = memo(function Event({ className }: { className?: string }) render(name: string) { return name === '' ? ( - {i18n.translate('xpack.endpoint.resolver.panel.table.row.valueMissingDescription', { - defaultMessage: 'Value is missing', - })} + {i18n.translate( + 'xpack.siem.endpoint.resolver.panel.table.row.valueMissingDescription', + { + defaultMessage: 'Value is missing', + } + )} ) : ( name @@ -113,7 +121,7 @@ export const Panel = memo(function Event({ className }: { className?: string }) }, { field: 'timestamp', - name: i18n.translate('xpack.endpoint.resolver.panel.tabel.row.timestampTitle', { + name: i18n.translate('xpack.siem.endpoint.resolver.panel.tabel.row.timestampTitle', { defaultMessage: 'Timestamp', }), dataType: 'date', @@ -123,27 +131,30 @@ export const Panel = memo(function Event({ className }: { className?: string }) formatter.format(eventDate) ) : ( - {i18n.translate('xpack.endpoint.resolver.panel.tabel.row.timestampInvalidLabel', { - defaultMessage: 'invalid', - })} + {i18n.translate( + 'xpack.siem.endpoint.resolver.panel.tabel.row.timestampInvalidLabel', + { + defaultMessage: 'invalid', + } + )} ); }, }, { - name: i18n.translate('xpack.endpoint.resolver.panel.tabel.row.actionsTitle', { + name: i18n.translate('xpack.siem.endpoint.resolver.panel.tabel.row.actionsTitle', { defaultMessage: 'Actions', }), actions: [ { name: i18n.translate( - 'xpack.endpoint.resolver.panel.tabel.row.actions.bringIntoViewButtonLabel', + 'xpack.siem.endpoint.resolver.panel.tabel.row.actions.bringIntoViewButtonLabel', { defaultMessage: 'Bring into view', } ), description: i18n.translate( - 'xpack.endpoint.resolver.panel.tabel.row.bringIntoViewLabel', + 'xpack.siem.endpoint.resolver.panel.tabel.row.bringIntoViewLabel', { defaultMessage: 'Bring the process into view on the map.', } @@ -161,7 +172,7 @@ export const Panel = memo(function Event({ className }: { className?: string })

- {i18n.translate('xpack.endpoint.resolver.panel.title', { + {i18n.translate('xpack.siem.endpoint.resolver.panel.title', { defaultMessage: 'Processes', })}

diff --git a/x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx b/x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx new file mode 100644 index 000000000000..18a7ba404c27 --- /dev/null +++ b/x-pack/plugins/siem/public/resolver/view/process_event_dot.tsx @@ -0,0 +1,614 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React, { useCallback, useMemo } from 'react'; +import styled from 'styled-components'; +import { i18n } from '@kbn/i18n'; +import { + htmlIdGenerator, + EuiI18nNumber, + EuiKeyboardAccessible, + EuiFlexGroup, + EuiFlexItem, +} from '@elastic/eui'; +import { useSelector } from 'react-redux'; +import { NodeSubMenu, subMenuAssets } from './submenu'; +import { applyMatrix3 } from '../lib/vector2'; +import { + Vector2, + Matrix3, + AdjacentProcessMap, + ResolverProcessType, + RelatedEventEntryWithStatsOrWaiting, +} from '../types'; +import { SymbolIds, NamedColors } from './defs'; +import { ResolverEvent } from '../../../common/endpoint/types'; +import { useResolverDispatch } from './use_resolver_dispatch'; +import * as eventModel from '../../../common/endpoint/models/event'; +import * as processModel from '../models/process_event'; +import * as selectors from '../store/selectors'; + +const nodeAssets = { + runningProcessCube: { + cubeSymbol: `#${SymbolIds.runningProcessCube}`, + labelBackground: NamedColors.labelBackgroundRunningProcess, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.runningProcess', { + defaultMessage: 'Running Process', + }), + }, + runningTriggerCube: { + cubeSymbol: `#${SymbolIds.runningTriggerCube}`, + labelBackground: NamedColors.labelBackgroundRunningTrigger, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.runningTrigger', { + defaultMessage: 'Running Trigger', + }), + }, + terminatedProcessCube: { + cubeSymbol: `#${SymbolIds.terminatedProcessCube}`, + labelBackground: NamedColors.labelBackgroundTerminatedProcess, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.terminatedProcess', { + defaultMessage: 'Terminated Process', + }), + }, + terminatedTriggerCube: { + cubeSymbol: `#${SymbolIds.terminatedTriggerCube}`, + labelBackground: NamedColors.labelBackgroundTerminatedTrigger, + descriptionFill: NamedColors.empty, + descriptionText: i18n.translate('xpack.siem.endpoint.resolver.terminatedTrigger', { + defaultMessage: 'Terminated Trigger', + }), + }, +}; + +/** + * Take a gross `schemaName` and return a beautiful translated one. + */ +const getDisplayName: (schemaName: string) => string = function nameInSchemaToDisplayName( + schemaName: string +) { + const displayNameRecord: Record = { + application: i18n.translate('xpack.siem.endpoint.resolver.applicationEventTypeDisplayName', { + defaultMessage: 'Application', + }), + apm: i18n.translate('xpack.siem.endpoint.resolver.apmEventTypeDisplayName', { + defaultMessage: 'APM', + }), + audit: i18n.translate('xpack.siem.endpoint.resolver.auditEventTypeDisplayName', { + defaultMessage: 'Audit', + }), + authentication: i18n.translate( + 'xpack.siem.endpoint.resolver.authenticationEventTypeDisplayName', + { + defaultMessage: 'Authentication', + } + ), + certificate: i18n.translate('xpack.siem.endpoint.resolver.certificateEventTypeDisplayName', { + defaultMessage: 'Certificate', + }), + cloud: i18n.translate('xpack.siem.endpoint.resolver.cloudEventTypeDisplayName', { + defaultMessage: 'Cloud', + }), + database: i18n.translate('xpack.siem.endpoint.resolver.databaseEventTypeDisplayName', { + defaultMessage: 'Database', + }), + driver: i18n.translate('xpack.siem.endpoint.resolver.driverEventTypeDisplayName', { + defaultMessage: 'Driver', + }), + email: i18n.translate('xpack.siem.endpoint.resolver.emailEventTypeDisplayName', { + defaultMessage: 'Email', + }), + file: i18n.translate('xpack.siem.endpoint.resolver.fileEventTypeDisplayName', { + defaultMessage: 'File', + }), + host: i18n.translate('xpack.siem.endpoint.resolver.hostEventTypeDisplayName', { + defaultMessage: 'Host', + }), + iam: i18n.translate('xpack.siem.endpoint.resolver.iamEventTypeDisplayName', { + defaultMessage: 'IAM', + }), + iam_group: i18n.translate('xpack.siem.endpoint.resolver.iam_groupEventTypeDisplayName', { + defaultMessage: 'IAM Group', + }), + intrusion_detection: i18n.translate( + 'xpack.siem.endpoint.resolver.intrusion_detectionEventTypeDisplayName', + { + defaultMessage: 'Intrusion Detection', + } + ), + malware: i18n.translate('xpack.siem.endpoint.resolver.malwareEventTypeDisplayName', { + defaultMessage: 'Malware', + }), + network_flow: i18n.translate('xpack.siem.endpoint.resolver.network_flowEventTypeDisplayName', { + defaultMessage: 'Network Flow', + }), + network: i18n.translate('xpack.siem.endpoint.resolver.networkEventTypeDisplayName', { + defaultMessage: 'Network', + }), + package: i18n.translate('xpack.siem.endpoint.resolver.packageEventTypeDisplayName', { + defaultMessage: 'Package', + }), + process: i18n.translate('xpack.siem.endpoint.resolver.processEventTypeDisplayName', { + defaultMessage: 'Process', + }), + registry: i18n.translate('xpack.siem.endpoint.resolver.registryEventTypeDisplayName', { + defaultMessage: 'Registry', + }), + session: i18n.translate('xpack.siem.endpoint.resolver.sessionEventTypeDisplayName', { + defaultMessage: 'Session', + }), + service: i18n.translate('xpack.siem.endpoint.resolver.serviceEventTypeDisplayName', { + defaultMessage: 'Service', + }), + socket: i18n.translate('xpack.siem.endpoint.resolver.socketEventTypeDisplayName', { + defaultMessage: 'Socket', + }), + vulnerability: i18n.translate( + 'xpack.siem.endpoint.resolver.vulnerabilityEventTypeDisplayName', + { + defaultMessage: 'Vulnerability', + } + ), + web: i18n.translate('xpack.siem.endpoint.resolver.webEventTypeDisplayName', { + defaultMessage: 'Web', + }), + alert: i18n.translate('xpack.siem.endpoint.resolver.alertEventTypeDisplayName', { + defaultMessage: 'Alert', + }), + security: i18n.translate('xpack.siem.endpoint.resolver.securityEventTypeDisplayName', { + defaultMessage: 'Security', + }), + dns: i18n.translate('xpack.siem.endpoint.resolver.dnsEventTypeDisplayName', { + defaultMessage: 'DNS', + }), + clr: i18n.translate('xpack.siem.endpoint.resolver.clrEventTypeDisplayName', { + defaultMessage: 'CLR', + }), + image_load: i18n.translate('xpack.siem.endpoint.resolver.image_loadEventTypeDisplayName', { + defaultMessage: 'Image Load', + }), + powershell: i18n.translate('xpack.siem.endpoint.resolver.powershellEventTypeDisplayName', { + defaultMessage: 'Powershell', + }), + wmi: i18n.translate('xpack.siem.endpoint.resolver.wmiEventTypeDisplayName', { + defaultMessage: 'WMI', + }), + api: i18n.translate('xpack.siem.endpoint.resolver.apiEventTypeDisplayName', { + defaultMessage: 'API', + }), + user: i18n.translate('xpack.siem.endpoint.resolver.userEventTypeDisplayName', { + defaultMessage: 'User', + }), + }; + return ( + displayNameRecord[schemaName] || + i18n.translate('xpack.siem.endpoint.resolver.userEventTypeDisplayUnknown', { + defaultMessage: 'Unknown', + }) + ); +}; + +/** + * An artifact that represents a process node and the things associated with it in the Resolver + */ +const ProcessEventDotComponents = React.memo( + ({ + className, + position, + event, + projectionMatrix, + adjacentNodeMap, + relatedEvents, + }: { + /** + * A `className` string provided by `styled` + */ + className?: string; + /** + * The positon of the process node, in 'world' coordinates. + */ + position: Vector2; + /** + * An event which contains details about the process node. + */ + event: ResolverEvent; + /** + * projectionMatrix which can be used to convert `position` to screen coordinates. + */ + projectionMatrix: Matrix3; + /** + * map of what nodes are "adjacent" to this one in "up, down, previous, next" directions + */ + adjacentNodeMap: AdjacentProcessMap; + /** + * A collection of events related to the current node and statistics (e.g. counts indexed by event type) + * to provide the user some visibility regarding the contents thereof. + */ + relatedEvents?: RelatedEventEntryWithStatsOrWaiting; + }) => { + /** + * Convert the position, which is in 'world' coordinates, to screen coordinates. + */ + const [left, top] = applyMatrix3(position, projectionMatrix); + + const [magFactorX] = projectionMatrix; + + const selfId = adjacentNodeMap.self; + + const activeDescendantId = useSelector(selectors.uiActiveDescendantId); + const selectedDescendantId = useSelector(selectors.uiSelectedDescendantId); + + const logicalProcessNodeViewWidth = 360; + const logicalProcessNodeViewHeight = 120; + /** + * The `left` and `top` values represent the 'center' point of the process node. + * Since the view has content to the left and above the 'center' point, offset the + * position to accomodate for that. This aligns the logical center of the process node + * with the correct position on the map. + */ + const processNodeViewXOffset = -0.172413 * logicalProcessNodeViewWidth * magFactorX; + const processNodeViewYOffset = -0.73684 * logicalProcessNodeViewHeight * magFactorX; + + const nodeViewportStyle = useMemo( + () => ({ + left: `${left + processNodeViewXOffset}px`, + top: `${top + processNodeViewYOffset}px`, + // Width of symbol viewport scaled to fit + width: `${logicalProcessNodeViewWidth * magFactorX}px`, + // Height according to symbol viewbox AR + height: `${logicalProcessNodeViewHeight * magFactorX}px`, + }), + [left, magFactorX, processNodeViewXOffset, processNodeViewYOffset, top] + ); + + /** + * Type in non-SVG components scales as follows: + * (These values were adjusted to match the proportions in the comps provided by UX/Design) + * 18.75 : The smallest readable font size at which labels/descriptions can be read. Font size will not scale below this. + * 12.5 : A 'slope' at which the font size will scale w.r.t. to zoom level otherwise + */ + const minimumFontSize = 18.75; + const slopeOfFontScale = 12.5; + const fontSizeAdjustmentForScale = magFactorX > 1 ? slopeOfFontScale * (magFactorX - 1) : 0; + const scaledTypeSize = minimumFontSize + fontSizeAdjustmentForScale; + + const markerBaseSize = 15; + const markerSize = markerBaseSize; + const markerPositionOffset = -markerBaseSize / 2; + + /** + * An element that should be animated when the node is clicked. + */ + const animationTarget: { + current: + | (SVGAnimationElement & { + /** + * `beginElement` is by [w3](https://www.w3.org/TR/SVG11/animate.html#__smil__ElementTimeControl__beginElement) + * but missing in [TSJS-lib-generator](https://github.com/microsoft/TSJS-lib-generator/blob/15a4678e0ef6de308e79451503e444e9949ee849/inputfiles/addedTypes.json#L1819) + */ + beginElement: () => void; + }) + | null; + } = React.createRef(); + const { cubeSymbol, labelBackground, descriptionText } = nodeAssets[nodeType(event)]; + const resolverNodeIdGenerator = useMemo(() => htmlIdGenerator('resolverNode'), []); + + const nodeId = useMemo(() => resolverNodeIdGenerator(selfId), [ + resolverNodeIdGenerator, + selfId, + ]); + const labelId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); + const descriptionId = useMemo(() => resolverNodeIdGenerator(), [resolverNodeIdGenerator]); + const isActiveDescendant = nodeId === activeDescendantId; + const isSelectedDescendant = nodeId === selectedDescendantId; + + const dispatch = useResolverDispatch(); + + const handleFocus = useCallback(() => { + dispatch({ + type: 'userFocusedOnResolverNode', + payload: { + nodeId, + }, + }); + }, [dispatch, nodeId]); + + const handleClick = useCallback(() => { + if (animationTarget.current !== null) { + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (animationTarget.current as any).beginElement(); + } + dispatch({ + type: 'userSelectedResolverNode', + payload: { + nodeId, + }, + }); + }, [animationTarget, dispatch, nodeId]); + + const handleRelatedEventRequest = useCallback(() => { + dispatch({ + type: 'userRequestedRelatedEventData', + payload: event, + }); + }, [dispatch, event]); + + const handleRelatedAlertsRequest = useCallback(() => { + dispatch({ + type: 'userSelectedRelatedAlerts', + payload: event, + }); + }, [dispatch, event]); + /** + * Enumerates the stats for related events to display with the node as options, + * generally in the form `number of related events in category` `category title` + * e.g. "10 DNS", "230 File" + */ + const relatedEventOptions = useMemo(() => { + if (relatedEvents === 'error') { + // Return an empty set of options if there was an error requesting them + return []; + } + const relatedStats = typeof relatedEvents === 'object' && relatedEvents.stats; + if (!relatedStats) { + // Return an empty set of options if there are no stats to report + return []; + } + // If we have entries to show, map them into options to display in the selectable list + return Object.entries(relatedStats).map(statsEntry => { + const displayName = getDisplayName(statsEntry[0]); + return { + prefix: , + optionTitle: `${displayName}`, + action: () => { + dispatch({ + type: 'userSelectedRelatedEventCategory', + payload: { + subject: event, + category: statsEntry[0], + }, + }); + }, + }; + }); + }, [relatedEvents, dispatch, event]); + + const relatedEventStatusOrOptions = (() => { + if (!relatedEvents) { + // If related events have not yet been requested + return subMenuAssets.initialMenuStatus; + } + if (relatedEvents === 'error') { + // If there was an error when we tried to request the events + return subMenuAssets.menuError; + } + if (relatedEvents === 'waitingForRelatedEventData') { + // If we're waiting for events to be returned + // Pass on the waiting symbol + return relatedEvents; + } + return relatedEventOptions; + })(); + + /* eslint-disable jsx-a11y/click-events-have-key-events */ + /** + * Key event handling (e.g. 'Enter'/'Space') is provisioned by the `EuiKeyboardAccessible` component + */ + return ( + +
+ + + + + + + + +
+
+ {descriptionText} +
+
= 2 ? 'euiButton' : 'euiButton euiButton--small'} + data-test-subject="nodeLabel" + id={labelId} + style={{ + backgroundColor: labelBackground, + padding: '.15rem 0', + textAlign: 'center', + maxWidth: '20rem', + minWidth: '12rem', + width: '60%', + overflow: 'hidden', + whiteSpace: 'nowrap', + textOverflow: 'ellipsis', + contain: 'content', + margin: '.25rem 0 .35rem 0', + }} + > + + + {eventModel.eventName(event)} + + +
+ {magFactorX >= 2 && ( + + + + + + + + + )} +
+
+ + ); + /* eslint-enable jsx-a11y/click-events-have-key-events */ + } +); + +ProcessEventDotComponents.displayName = 'ProcessEventDot'; + +export const ProcessEventDot = styled(ProcessEventDotComponents)` + position: absolute; + text-align: left; + font-size: 10px; + user-select: none; + box-sizing: border-box; + border-radius: 10%; + white-space: nowrap; + will-change: left, top, width, height; + contain: layout; + min-width: 280px; + min-height: 90px; + overflow-y: visible; + + //dasharray & dashoffset should be equal to "pull" the stroke back + //when it is transitioned. + //The value is tuned to look good when animated, but to preserve + //the effect, it should always be _at least_ the length of the stroke + & .backing { + stroke-dasharray: 500; + stroke-dashoffset: 500; + } + &[aria-current] .backing { + transition-property: stroke-dashoffset; + transition-duration: 1s; + stroke-dashoffset: 0; + } + + & .related-dropdown { + width: 4.5em; + } + & .euiSelectableList-bordered { + border-top-right-radius: 0px; + border-top-left-radius: 0px; + } + & .euiSelectableListItem { + background-color: black; + } + & .euiSelectableListItem path { + fill: white; + } + & .euiSelectableListItem__text { + color: white; + } +`; + +const processTypeToCube: Record = { + processCreated: 'runningProcessCube', + processRan: 'runningProcessCube', + processTerminated: 'terminatedProcessCube', + unknownProcessEvent: 'runningProcessCube', + processCausedAlert: 'runningTriggerCube', + unknownEvent: 'runningProcessCube', +}; + +function nodeType(processEvent: ResolverEvent): keyof typeof nodeAssets { + const processType = processModel.eventType(processEvent); + + if (processType in processTypeToCube) { + return processTypeToCube[processType]; + } + return 'runningProcessCube'; +} diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_context.ts b/x-pack/plugins/siem/public/resolver/view/side_effect_context.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_context.ts rename to x-pack/plugins/siem/public/resolver/view/side_effect_context.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_simulator.ts b/x-pack/plugins/siem/public/resolver/view/side_effect_simulator.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/side_effect_simulator.ts rename to x-pack/plugins/siem/public/resolver/view/side_effect_simulator.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/submenu.tsx b/x-pack/plugins/siem/public/resolver/view/submenu.tsx similarity index 51% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/submenu.tsx rename to x-pack/plugins/siem/public/resolver/view/submenu.tsx index 9f6427d801ce..cdcce5d23c0c 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/submenu.tsx +++ b/x-pack/plugins/siem/public/resolver/view/submenu.tsx @@ -1,178 +1,182 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { i18n } from '@kbn/i18n'; -import React, { ReactNode, useState, useMemo, useCallback } from 'react'; -import { EuiSelectable, EuiButton } from '@elastic/eui'; -import styled from 'styled-components'; - -/** - * i18n-translated titles for submenus and identifiers for display of states: - * initialMenuStatus: submenu before it has been opened / requested data - * menuError: if the submenu requested data, but received an error - */ -export const subMenuAssets = { - initialMenuStatus: i18n.translate('xpack.endpoint.resolver.relatedNotRetrieved', { - defaultMessage: 'Related Events have not yet been retrieved.', - }), - menuError: i18n.translate('xpack.endpoint.resolver.relatedRetrievalError', { - defaultMessage: 'There was an error retrieving related events.', - }), - relatedAlerts: { - title: i18n.translate('xpack.endpoint.resolver.relatedAlerts', { - defaultMessage: 'Related Alerts', - }), - }, - relatedEvents: { - title: i18n.translate('xpack.endpoint.resolver.relatedEvents', { - defaultMessage: 'Events', - }), - }, -}; - -interface ResolverSubmenuOption { - optionTitle: string; - action: () => unknown; - prefix?: number | JSX.Element; -} - -export type ResolverSubmenuOptionList = ResolverSubmenuOption[] | string; - -const OptionList = React.memo( - ({ - subMenuOptions, - isLoading, - }: { - subMenuOptions: ResolverSubmenuOptionList; - isLoading: boolean; - }) => { - const [options, setOptions] = useState(() => - typeof subMenuOptions !== 'object' - ? [] - : subMenuOptions.map((opt: ResolverSubmenuOption): { - label: string; - prepend?: ReactNode; - } => { - return opt.prefix - ? { - label: opt.optionTitle, - prepend: {opt.prefix} , - } - : { - label: opt.optionTitle, - prepend: , - }; - }) - ); - return useMemo( - () => ( - { - setOptions(newOptions); - }} - listProps={{ showIcons: true, bordered: true }} - isLoading={isLoading} - > - {list => list} - - ), - [isLoading, options] - ); - } -); - -/** - * A Submenu to be displayed in one of two forms: - * 1) Provided a collection of `optionsWithActions`: it will call `menuAction` then - if and when menuData becomes available - display each item with an optional prefix and call the supplied action for the options when that option is clicked. - * 2) Provided `optionsWithActions` is undefined, it will call the supplied `menuAction` when its host button is clicked. - */ -export const NodeSubMenu = styled( - React.memo( - ({ - menuTitle, - menuAction, - optionsWithActions, - className, - }: { menuTitle: string; className?: string; menuAction: () => unknown } & { - optionsWithActions?: ResolverSubmenuOptionList | string | undefined; - }) => { - const [menuIsOpen, setMenuOpen] = useState(false); - const handleMenuOpenClick = useCallback( - (clickEvent: React.MouseEvent) => { - // stopping propagation/default to prevent other node animations from triggering - clickEvent.preventDefault(); - clickEvent.stopPropagation(); - setMenuOpen(!menuIsOpen); - }, - [menuIsOpen] - ); - const handleMenuActionClick = useCallback( - (clickEvent: React.MouseEvent) => { - // stopping propagation/default to prevent other node animations from triggering - clickEvent.preventDefault(); - clickEvent.stopPropagation(); - if (typeof menuAction === 'function') menuAction(); - setMenuOpen(true); - }, - [menuAction] - ); - - const isMenuLoading = optionsWithActions === 'waitingForRelatedEventData'; - - if (!optionsWithActions) { - /** - * When called with a `menuAction` - * Render without dropdown and call the supplied action when host button is clicked - */ - return ( -
- - {menuTitle} - -
- ); - } - /** - * When called with a set of `optionsWithActions`: - * Render with a panel of options that appear when the menu host button is clicked - */ - return ( -
- - {menuTitle} - - {menuIsOpen && typeof optionsWithActions === 'object' && ( - - )} -
- ); - } - ) -)` - margin: 0; - padding: 0; - border: none; - display: flex; - flex-flow: column; - &.is-open .euiButton { - border-bottom-left-radius: 0; - border-bottom-right-radius: 0; - } - &.is-open .euiSelectableListItem__prepend { - color: white; - } -`; +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import React, { ReactNode, useState, useMemo, useCallback } from 'react'; +import { EuiSelectable, EuiButton } from '@elastic/eui'; +import styled from 'styled-components'; + +/** + * i18n-translated titles for submenus and identifiers for display of states: + * initialMenuStatus: submenu before it has been opened / requested data + * menuError: if the submenu requested data, but received an error + */ +export const subMenuAssets = { + initialMenuStatus: i18n.translate('xpack.siem.endpoint.resolver.relatedNotRetrieved', { + defaultMessage: 'Related Events have not yet been retrieved.', + }), + menuError: i18n.translate('xpack.siem.endpoint.resolver.relatedRetrievalError', { + defaultMessage: 'There was an error retrieving related events.', + }), + relatedAlerts: { + title: i18n.translate('xpack.siem.endpoint.resolver.relatedAlerts', { + defaultMessage: 'Related Alerts', + }), + }, + relatedEvents: { + title: i18n.translate('xpack.siem.endpoint.resolver.relatedEvents', { + defaultMessage: 'Events', + }), + }, +}; + +interface ResolverSubmenuOption { + optionTitle: string; + action: () => unknown; + prefix?: number | JSX.Element; +} + +export type ResolverSubmenuOptionList = ResolverSubmenuOption[] | string; + +const OptionList = React.memo( + ({ + subMenuOptions, + isLoading, + }: { + subMenuOptions: ResolverSubmenuOptionList; + isLoading: boolean; + }) => { + const [options, setOptions] = useState(() => + typeof subMenuOptions !== 'object' + ? [] + : subMenuOptions.map((opt: ResolverSubmenuOption): { + label: string; + prepend?: ReactNode; + } => { + return opt.prefix + ? { + label: opt.optionTitle, + prepend: {opt.prefix} , + } + : { + label: opt.optionTitle, + prepend: , + }; + }) + ); + return useMemo( + () => ( + { + setOptions(newOptions); + }} + listProps={{ showIcons: true, bordered: true }} + isLoading={isLoading} + > + {list => list} + + ), + [isLoading, options] + ); + } +); + +OptionList.displayName = 'OptionList'; + +/** + * A Submenu to be displayed in one of two forms: + * 1) Provided a collection of `optionsWithActions`: it will call `menuAction` then - if and when menuData becomes available - display each item with an optional prefix and call the supplied action for the options when that option is clicked. + * 2) Provided `optionsWithActions` is undefined, it will call the supplied `menuAction` when its host button is clicked. + */ +const NodeSubMenuComponents = React.memo( + ({ + menuTitle, + menuAction, + optionsWithActions, + className, + }: { menuTitle: string; className?: string; menuAction: () => unknown } & { + optionsWithActions?: ResolverSubmenuOptionList | string | undefined; + }) => { + const [menuIsOpen, setMenuOpen] = useState(false); + const handleMenuOpenClick = useCallback( + (clickEvent: React.MouseEvent) => { + // stopping propagation/default to prevent other node animations from triggering + clickEvent.preventDefault(); + clickEvent.stopPropagation(); + setMenuOpen(!menuIsOpen); + }, + [menuIsOpen] + ); + const handleMenuActionClick = useCallback( + (clickEvent: React.MouseEvent) => { + // stopping propagation/default to prevent other node animations from triggering + clickEvent.preventDefault(); + clickEvent.stopPropagation(); + if (typeof menuAction === 'function') menuAction(); + setMenuOpen(true); + }, + [menuAction] + ); + + const isMenuLoading = optionsWithActions === 'waitingForRelatedEventData'; + + if (!optionsWithActions) { + /** + * When called with a `menuAction` + * Render without dropdown and call the supplied action when host button is clicked + */ + return ( +
+ + {menuTitle} + +
+ ); + } + /** + * When called with a set of `optionsWithActions`: + * Render with a panel of options that appear when the menu host button is clicked + */ + return ( +
+ + {menuTitle} + + {menuIsOpen && typeof optionsWithActions === 'object' && ( + + )} +
+ ); + } +); + +NodeSubMenuComponents.displayName = 'NodeSubMenu'; + +export const NodeSubMenu = styled(NodeSubMenuComponents)` + margin: 0; + padding: 0; + border: none; + display: flex; + flex-flow: column; + &.is-open .euiButton { + border-bottom-left-radius: 0; + border-bottom-right-radius: 0; + } + &.is-open .euiSelectableListItem__prepend { + color: white; + } +`; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.test.tsx b/x-pack/plugins/siem/public/resolver/view/use_camera.test.tsx similarity index 99% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.test.tsx rename to x-pack/plugins/siem/public/resolver/view/use_camera.test.tsx index 63f47396d447..f8aa4fbca329 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.test.tsx +++ b/x-pack/plugins/siem/public/resolver/view/use_camera.test.tsx @@ -12,7 +12,7 @@ import { Provider } from 'react-redux'; import * as selectors from '../store/selectors'; import { storeFactory } from '../store'; import { Matrix3, ResolverAction, ResolverStore, SideEffectSimulator } from '../types'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../common/endpoint/types'; import { SideEffectContext } from './side_effect_context'; import { applyMatrix3 } from '../lib/vector2'; import { sideEffectSimulator } from './side_effect_simulator'; diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.ts b/x-pack/plugins/siem/public/resolver/view/use_camera.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/use_camera.ts rename to x-pack/plugins/siem/public/resolver/view/use_camera.ts diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/view/use_resolver_dispatch.ts b/x-pack/plugins/siem/public/resolver/view/use_resolver_dispatch.ts similarity index 100% rename from x-pack/plugins/endpoint/public/embeddables/resolver/view/use_resolver_dispatch.ts rename to x-pack/plugins/siem/public/resolver/view/use_resolver_dispatch.ts diff --git a/x-pack/plugins/siem/public/types.ts b/x-pack/plugins/siem/public/types.ts new file mode 100644 index 000000000000..6c338d47cf63 --- /dev/null +++ b/x-pack/plugins/siem/public/types.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { CoreStart } from '../../../../src/core/public'; + +import { HomePublicPluginSetup } from '../../../../src/plugins/home/public'; +import { DataPublicPluginStart } from '../../../../src/plugins/data/public'; +import { EmbeddableStart } from '../../../../src/plugins/embeddable/public'; +import { Start as NewsfeedStart } from '../../../../src/plugins/newsfeed/public'; +import { Start as InspectorStart } from '../../../../src/plugins/inspector/public'; +import { UiActionsStart } from '../../../../src/plugins/ui_actions/public'; +import { UsageCollectionSetup } from '../../../../src/plugins/usage_collection/public'; +import { IngestManagerStart } from '../../ingest_manager/public'; +import { + TriggersAndActionsUIPublicPluginSetup as TriggersActionsSetup, + TriggersAndActionsUIPublicPluginStart as TriggersActionsStart, +} from '../../triggers_actions_ui/public'; +import { SecurityPluginSetup } from '../../security/public'; + +export interface SetupPlugins { + home: HomePublicPluginSetup; + security: SecurityPluginSetup; + triggers_actions_ui: TriggersActionsSetup; + usageCollection?: UsageCollectionSetup; +} + +export interface StartPlugins { + data: DataPublicPluginStart; + embeddable: EmbeddableStart; + inspector: InspectorStart; + ingestManager: IngestManagerStart; + newsfeed?: NewsfeedStart; + triggers_actions_ui: TriggersActionsStart; + uiActions: UiActionsStart; +} + +export type StartServices = CoreStart & + StartPlugins & { + security: SecurityPluginSetup; + }; + +// eslint-disable-next-line @typescript-eslint/no-empty-interface +export interface PluginSetup {} +// eslint-disable-next-line @typescript-eslint/no-empty-interface +export interface PluginStart {} diff --git a/x-pack/plugins/endpoint/scripts/README.md b/x-pack/plugins/siem/scripts/endpoint/README.md similarity index 97% rename from x-pack/plugins/endpoint/scripts/README.md rename to x-pack/plugins/siem/scripts/endpoint/README.md index f0c8c5a9b0b6..84e92d8c397e 100644 --- a/x-pack/plugins/endpoint/scripts/README.md +++ b/x-pack/plugins/siem/scripts/endpoint/README.md @@ -11,7 +11,7 @@ Example command sequence to get ES and kibana running with sample data after ins ```yarn es snapshot``` -> starts ES -```npx yarn start --xpack.endpoint.enabled=true --no-base-path``` -> starts kibana +```npx yarn start --xpack.siem.endpoint.enabled=true --no-base-path``` -> starts kibana ```cd ~/path/to/kibana/x-pack/plugins/endpoint``` diff --git a/x-pack/plugins/endpoint/scripts/alert_mapping.json b/x-pack/plugins/siem/scripts/endpoint/alert_mapping.json similarity index 100% rename from x-pack/plugins/endpoint/scripts/alert_mapping.json rename to x-pack/plugins/siem/scripts/endpoint/alert_mapping.json diff --git a/x-pack/plugins/endpoint/scripts/cli_tsconfig.json b/x-pack/plugins/siem/scripts/endpoint/cli_tsconfig.json similarity index 68% rename from x-pack/plugins/endpoint/scripts/cli_tsconfig.json rename to x-pack/plugins/siem/scripts/endpoint/cli_tsconfig.json index 25afe109a42e..5c68f8ee0abf 100644 --- a/x-pack/plugins/endpoint/scripts/cli_tsconfig.json +++ b/x-pack/plugins/siem/scripts/endpoint/cli_tsconfig.json @@ -1,8 +1,7 @@ { - "extends": "../../../tsconfig.json", + "extends": "../../../../tsconfig.json", "compilerOptions": { "target": "es2019", "resolveJsonModule": true } } - \ No newline at end of file diff --git a/x-pack/plugins/endpoint/scripts/event_mapping.json b/x-pack/plugins/siem/scripts/endpoint/event_mapping.json similarity index 100% rename from x-pack/plugins/endpoint/scripts/event_mapping.json rename to x-pack/plugins/siem/scripts/endpoint/event_mapping.json diff --git a/x-pack/plugins/endpoint/scripts/policy_mapping.json b/x-pack/plugins/siem/scripts/endpoint/policy_mapping.json similarity index 100% rename from x-pack/plugins/endpoint/scripts/policy_mapping.json rename to x-pack/plugins/siem/scripts/endpoint/policy_mapping.json diff --git a/x-pack/plugins/endpoint/scripts/resolver_generator.ts b/x-pack/plugins/siem/scripts/endpoint/resolver_generator.ts similarity index 93% rename from x-pack/plugins/endpoint/scripts/resolver_generator.ts rename to x-pack/plugins/siem/scripts/endpoint/resolver_generator.ts index 30752877db82..68d578173719 100644 --- a/x-pack/plugins/endpoint/scripts/resolver_generator.ts +++ b/x-pack/plugins/siem/scripts/endpoint/resolver_generator.ts @@ -7,7 +7,7 @@ import * as yargs from 'yargs'; import seedrandom from 'seedrandom'; import { Client, ClientOptions } from '@elastic/elasticsearch'; import { ResponseError } from '@elastic/elasticsearch/lib/errors'; -import { EndpointDocGenerator, Event } from '../common/generate_data'; +import { EndpointDocGenerator, Event } from '../../common/endpoint/generate_data'; import { default as eventMapping } from './event_mapping.json'; import { default as alertMapping } from './alert_mapping.json'; import { default as policyMapping } from './policy_mapping.json'; @@ -142,6 +142,7 @@ async function main() { if (err instanceof ResponseError && err.statusCode !== 404) { // eslint-disable-next-line no-console console.log(err); + // eslint-disable-next-line no-process-exit process.exit(1); } } @@ -173,6 +174,7 @@ async function main() { } catch (err) { // eslint-disable-next-line no-console console.log(err); + // eslint-disable-next-line no-process-exit process.exit(1); } @@ -180,6 +182,7 @@ async function main() { await createIndex(client, argv.eventIndex, eventMapping); await createIndex(client, argv.policyIndex, policyMapping); if (argv.setupOnly) { + // eslint-disable-next-line no-process-exit process.exit(0); } @@ -187,7 +190,7 @@ async function main() { if (!seed) { seed = Math.random().toString(); // eslint-disable-next-line no-console - console.log('No seed supplied, using random seed: ' + seed); + console.log(`No seed supplied, using random seed: ${seed}`); } const random = seedrandom(seed); for (let i = 0; i < argv.numHosts; i++) { @@ -229,6 +232,7 @@ async function main() { k++; } const body = resolverDocs.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (array: Array>, doc) => ( array.push({ index: { _index: argv.eventIndex } }, doc), array ), @@ -240,6 +244,7 @@ async function main() { } } +// eslint-disable-next-line @typescript-eslint/no-explicit-any async function createIndex(client: Client, index: string, mapping: any) { try { await client.indices.create({ @@ -253,6 +258,7 @@ async function createIndex(client: Client, index: string, mapping: any) { ) { // eslint-disable-next-line no-console console.log(err.body); + // eslint-disable-next-line no-process-exit process.exit(1); } } diff --git a/x-pack/plugins/siem/server/config.ts b/x-pack/plugins/siem/server/config.ts index 4b0e8d34ef1a..f7d961ae3ec5 100644 --- a/x-pack/plugins/siem/server/config.ts +++ b/x-pack/plugins/siem/server/config.ts @@ -16,6 +16,19 @@ export const configSchema = schema.object({ maxTimelineImportExportSize: schema.number({ defaultValue: 10000 }), maxTimelineImportPayloadBytes: schema.number({ defaultValue: 10485760 }), [SIGNALS_INDEX_KEY]: schema.string({ defaultValue: DEFAULT_SIGNALS_INDEX }), + /** + * Host Endpoint Configuration + */ + endpointResultListDefaultFirstPageIndex: schema.number({ defaultValue: 0 }), + endpointResultListDefaultPageSize: schema.number({ defaultValue: 10 }), + + /** + * Alert Endpoint Configuration + */ + alertResultListDefaultDateRange: schema.object({ + from: schema.string({ defaultValue: 'now-15m' }), + to: schema.string({ defaultValue: 'now' }), + }), }); export const createConfig$ = (context: PluginInitializerContext) => diff --git a/x-pack/plugins/endpoint/server/routes/alerts/alerts.test.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/alerts.test.ts similarity index 89% rename from x-pack/plugins/endpoint/server/routes/alerts/alerts.test.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/alerts.test.ts index 1124c977ff92..37bf4bbfcbbb 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/alerts.test.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/alerts.test.ts @@ -8,12 +8,12 @@ import { elasticsearchServiceMock, httpServiceMock, loggingServiceMock, -} from '../../../../../../src/core/server/mocks'; -import { registerAlertRoutes } from './index'; -import { EndpointConfigSchema } from '../../config'; -import { alertingIndexGetQuerySchema } from '../../../common/schema/alert_index'; +} from '../../../../../../../src/core/server/mocks'; +import { registerAlertRoutes } from '../routes'; +import { alertingIndexGetQuerySchema } from '../../../../common/endpoint_alerts/schema/alert_index'; import { createMockAgentService, createMockIndexPatternRetriever } from '../../mocks'; import { EndpointAppContextService } from '../../endpoint_app_context_services'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('test alerts route', () => { let routerMock: jest.Mocked; @@ -36,7 +36,7 @@ describe('test alerts route', () => { registerAlertRoutes(routerMock, { logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); }); diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/handlers.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/index.ts similarity index 89% rename from x-pack/plugins/endpoint/server/routes/alerts/details/handlers.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/details/index.ts index ab6d1850e425..a829cdd14027 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/handlers.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/index.ts @@ -5,11 +5,11 @@ */ import { GetResponse } from 'elasticsearch'; import { KibanaRequest, RequestHandler } from 'kibana/server'; -import { AlertEvent } from '../../../../common/types'; +import { AlertEvent } from '../../../../../common/endpoint/types'; import { EndpointAppContext } from '../../../types'; -import { AlertDetailsRequestParams } from '../types'; -import { AlertDetailsPagination } from './lib'; -import { getHostData } from '../../metadata'; +import { AlertDetailsRequestParams } from '../../../../../common/endpoint_alerts/types'; +import { AlertDetailsPagination } from './lib/pagination'; +import { getHostData } from '../../../routes/metadata'; import { AlertId, AlertIdError } from '../lib'; export const alertDetailsHandlerWrapper = function( diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/pagination.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/lib/pagination.ts similarity index 81% rename from x-pack/plugins/endpoint/server/routes/alerts/details/lib/pagination.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/details/lib/pagination.ts index 5c95b1217d82..e12bd9e4c8de 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/details/lib/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/lib/pagination.ts @@ -5,14 +5,20 @@ */ import { GetResponse, SearchResponse } from 'elasticsearch'; -import { AlertEvent, AlertHits, AlertAPIOrdering } from '../../../../../common/types'; -import { AlertConstants } from '../../../../../common/alert_constants'; +import { AlertEvent } from '../../../../../../common/endpoint/types'; +import { + AlertHits, + AlertAPIOrdering, + AlertSearchQuery, + SearchCursor, + AlertDetailsRequestParams, +} from '../../../../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../../../../common/endpoint_alerts/alert_constants'; import { EndpointConfigType } from '../../../../config'; import { searchESForAlerts, Pagination, AlertId } from '../../lib'; -import { AlertSearchQuery, SearchCursor, AlertDetailsRequestParams } from '../../types'; -import { BASE_ALERTS_ROUTE } from '../..'; -import { RequestHandlerContext } from '../../../../../../../../src/core/server'; -import { Filter } from '../../../../../../../../src/plugins/data/server'; +import { BASE_ALERTS_ROUTE } from '../../../routes'; +import { RequestHandlerContext } from '../../../../../../../../../src/core/server'; +import { Filter } from '../../../../../../../../../src/plugins/data/server'; /** * Pagination class for alert details. diff --git a/x-pack/plugins/endpoint/server/routes/alerts/details/schemas.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/details/schemas.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/alerts/details/schemas.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/details/schemas.ts diff --git a/x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts new file mode 100644 index 000000000000..cb40be586560 --- /dev/null +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/index_pattern.ts @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Logger, RequestHandler } from 'kibana/server'; +import { EndpointAppContext } from '../../types'; +import { IndexPatternGetParamsResult } from '../../../../common/endpoint_alerts/types'; + +export function handleIndexPattern( + log: Logger, + endpointAppContext: EndpointAppContext +): RequestHandler { + return async (context, req, res) => { + try { + const indexRetriever = endpointAppContext.service.getIndexPatternRetriever(); + return res.ok({ + body: { + indexPattern: await indexRetriever.getIndexPattern(context, req.params.datasetPath), + }, + }); + } catch (error) { + log.warn(error); + return res.notFound({ body: error }); + } + }; +} diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/alert_id.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/alert_id.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/alert_id.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/alert_id.ts diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/error.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/error.ts similarity index 82% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/error.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/error.ts index 7b00634b25c9..1ba92c64d3cd 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/lib/error.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/error.ts @@ -5,6 +5,7 @@ */ export class AlertIdError extends Error { + // eslint-disable-next-line @typescript-eslint/no-useless-constructor constructor(message: string) { super(message); } diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/index.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/index.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/index.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/index.ts index 1c98e3c61566..4f0a7ba2450d 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/lib/index.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/index.ts @@ -5,17 +5,18 @@ */ import { SearchResponse } from 'elasticsearch'; import { IScopedClusterClient } from 'kibana/server'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; -import { esQuery } from '../../../../../../../src/plugins/data/server'; -import { AlertEvent, AlertAPIOrdering } from '../../../../common/types'; -import { AlertConstants } from '../../../../common/alert_constants'; +import { AlertEvent } from '../../../../../common/endpoint/types'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; +import { esQuery } from '../../../../../../../../src/plugins/data/server'; import { + AlertAPIOrdering, AlertSearchQuery, AlertSearchRequest, AlertSearchRequestWrapper, AlertSort, UndefinedResultPosition, -} from '../types'; +} from '../../../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../../../common/endpoint_alerts/alert_constants'; export { AlertIdError } from './error'; export { Pagination } from './pagination'; @@ -40,7 +41,7 @@ function buildQuery(query: AlertSearchQuery): JsonObject { ? [ { range: { - ['@timestamp']: { + '@timestamp': { gte: query.dateRange.from, lte: query.dateRange.to, }, diff --git a/x-pack/plugins/endpoint/server/routes/alerts/lib/pagination.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/pagination.ts similarity index 89% rename from x-pack/plugins/endpoint/server/routes/alerts/lib/pagination.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/pagination.ts index fc408878f895..d0ca493bf718 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/lib/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/lib/pagination.ts @@ -5,7 +5,7 @@ */ import { EndpointConfigType } from '../../../config'; -import { RequestHandlerContext } from '../../../../../../../src/core/server'; +import { RequestHandlerContext } from '../../../../../../../../src/core/server'; /** * Abstract Pagination class for determining next/prev urls, diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/handlers.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/index.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/alerts/list/handlers.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/list/index.ts index 44a0cf8744a9..ebea12191ef1 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/handlers.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/index.ts @@ -7,7 +7,7 @@ import { RequestHandler } from 'kibana/server'; import { EndpointAppContext } from '../../../types'; import { searchESForAlerts } from '../lib'; import { getRequestData, mapToAlertResultList } from './lib'; -import { AlertingIndexGetQueryResult } from '../../../../common/types'; +import { AlertingIndexGetQueryResult } from '../../../../../common/endpoint_alerts/types'; export const alertListHandlerWrapper = function( endpointAppContext: EndpointAppContext diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/index.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/index.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/alerts/list/lib/index.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/index.ts index 0af8f6cf792d..18e38280c7a0 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/index.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/index.ts @@ -7,18 +7,18 @@ import { decode } from 'rison-node'; import { SearchResponse } from 'elasticsearch'; import { KibanaRequest } from 'kibana/server'; import { RequestHandlerContext } from 'src/core/server'; -import { Query, Filter, TimeRange } from '../../../../../../../../src/plugins/data/server'; +import { AlertEvent } from '../../../../../../common/endpoint/types'; +import { Query, Filter, TimeRange } from '../../../../../../../../../src/plugins/data/server'; import { - AlertEvent, AlertData, AlertResultList, AlertHits, ESTotal, AlertingIndexGetQueryResult, -} from '../../../../../common/types'; -import { AlertConstants } from '../../../../../common/alert_constants'; + AlertSearchQuery, +} from '../../../../../../common/endpoint_alerts/types'; +import { AlertConstants } from '../../../../../../common/endpoint_alerts/alert_constants'; import { EndpointAppContext } from '../../../../types'; -import { AlertSearchQuery } from '../../types'; import { AlertListPagination } from './pagination'; import { AlertId } from '../../lib'; diff --git a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/pagination.ts b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/pagination.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/alerts/list/lib/pagination.ts rename to x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/pagination.ts index 7bebe3d9288c..0a831714275e 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/list/lib/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/handlers/list/lib/pagination.ts @@ -7,11 +7,10 @@ import { get } from 'lodash'; import { RisonValue, encode } from 'rison-node'; import { RequestHandlerContext } from 'src/core/server'; -import { AlertHits } from '../../../../../common/types'; +import { AlertHits, AlertSearchQuery } from '../../../../../../common/endpoint_alerts/types'; import { EndpointConfigType } from '../../../../config'; -import { AlertSearchQuery } from '../../types'; -import { Pagination } from '../../lib'; -import { BASE_ALERTS_ROUTE } from '../..'; +import { Pagination } from '../../lib/pagination'; +import { BASE_ALERTS_ROUTE } from '../../../routes'; /** * Pagination class for alert list. diff --git a/x-pack/plugins/endpoint/server/index_pattern.ts b/x-pack/plugins/siem/server/endpoint/alerts/index_pattern.ts similarity index 91% rename from x-pack/plugins/endpoint/server/index_pattern.ts rename to x-pack/plugins/siem/server/endpoint/alerts/index_pattern.ts index f4bb1460aee4..1cbdf96c5bce 100644 --- a/x-pack/plugins/endpoint/server/index_pattern.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/index_pattern.ts @@ -4,8 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ import { Logger, LoggerFactory, RequestHandlerContext } from 'kibana/server'; -import { AlertConstants } from '../common/alert_constants'; -import { ESIndexPatternService } from '../../ingest_manager/server'; +import { AlertConstants } from '../../../common/endpoint_alerts/alert_constants'; +import { ESIndexPatternService } from '../../../../ingest_manager/server'; export interface IndexPatternRetriever { getIndexPattern(ctx: RequestHandlerContext, datasetPath: string): Promise; @@ -34,7 +34,7 @@ export class IngestIndexPatternRetriever implements IndexPatternRetriever { * @returns a string representing the index pattern (e.g. `events-endpoint-*`) */ async getEventIndexPattern(ctx: RequestHandlerContext) { - return await this.getIndexPattern(ctx, AlertConstants.EVENT_DATASET); + return this.getIndexPattern(ctx, AlertConstants.EVENT_DATASET); } /** @@ -44,7 +44,7 @@ export class IngestIndexPatternRetriever implements IndexPatternRetriever { * @returns a string representing the index pattern (e.g. `metrics-endpoint-*`) */ async getMetadataIndexPattern(ctx: RequestHandlerContext) { - return await this.getIndexPattern(ctx, IngestIndexPatternRetriever.metadataDataset); + return this.getIndexPattern(ctx, IngestIndexPatternRetriever.metadataDataset); } /** diff --git a/x-pack/plugins/endpoint/server/routes/alerts/index.ts b/x-pack/plugins/siem/server/endpoint/alerts/routes.ts similarity index 50% rename from x-pack/plugins/endpoint/server/routes/alerts/index.ts rename to x-pack/plugins/siem/server/endpoint/alerts/routes.ts index b61f90b5b17f..07cca9e80d88 100644 --- a/x-pack/plugins/endpoint/server/routes/alerts/index.ts +++ b/x-pack/plugins/siem/server/endpoint/alerts/routes.ts @@ -4,11 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ import { IRouter } from 'kibana/server'; -import { EndpointAppContext } from '../../types'; -import { AlertConstants } from '../../../common/alert_constants'; -import { alertListHandlerWrapper } from './list'; -import { alertDetailsHandlerWrapper, alertDetailsReqSchema } from './details'; -import { alertingIndexGetQuerySchema } from '../../../common/schema/alert_index'; +import { EndpointAppContext } from '../types'; +import { AlertConstants } from '../../../common/endpoint_alerts/alert_constants'; +import { alertListHandlerWrapper } from './handlers/list'; +import { alertDetailsHandlerWrapper } from './handlers/details'; +import { alertDetailsReqSchema } from './handlers/details/schemas'; +import { alertingIndexGetQuerySchema } from '../../../common/endpoint_alerts/schema/alert_index'; +import { indexPatternGetParamsSchema } from '../../../common/endpoint_alerts/schema/index_pattern'; +import { handleIndexPattern } from './handlers/index_pattern'; export const BASE_ALERTS_ROUTE = `${AlertConstants.BASE_API_URL}/alerts`; @@ -34,4 +37,15 @@ export function registerAlertRoutes(router: IRouter, endpointAppContext: Endpoin }, alertDetailsHandlerWrapper(endpointAppContext) ); + + const log = endpointAppContext.logFactory.get('index_pattern'); + + router.get( + { + path: `${AlertConstants.INDEX_PATTERN_ROUTE}/{datasetPath}`, + validate: { params: indexPatternGetParamsSchema }, + options: { authRequired: true }, + }, + handleIndexPattern(log, endpointAppContext) + ); } diff --git a/x-pack/plugins/endpoint/server/config.test.ts b/x-pack/plugins/siem/server/endpoint/config.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/config.test.ts rename to x-pack/plugins/siem/server/endpoint/config.test.ts diff --git a/x-pack/plugins/endpoint/server/config.ts b/x-pack/plugins/siem/server/endpoint/config.ts similarity index 100% rename from x-pack/plugins/endpoint/server/config.ts rename to x-pack/plugins/siem/server/endpoint/config.ts diff --git a/x-pack/plugins/endpoint/server/endpoint_app_context_services.test.ts b/x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/endpoint_app_context_services.test.ts rename to x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.test.ts diff --git a/x-pack/plugins/endpoint/server/endpoint_app_context_services.ts b/x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.ts similarity index 91% rename from x-pack/plugins/endpoint/server/endpoint_app_context_services.ts rename to x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.ts index b087405c7bc5..5d74c75ebca5 100644 --- a/x-pack/plugins/endpoint/server/endpoint_app_context_services.ts +++ b/x-pack/plugins/siem/server/endpoint/endpoint_app_context_services.ts @@ -3,8 +3,8 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { IndexPatternRetriever } from './index_pattern'; -import { AgentService } from '../../ingest_manager/server'; +import { IndexPatternRetriever } from './alerts/index_pattern'; +import { AgentService } from '../../../ingest_manager/server'; /** * A singleton that holds shared services that are initialized during the start up phase diff --git a/x-pack/plugins/endpoint/server/mocks.ts b/x-pack/plugins/siem/server/endpoint/mocks.ts similarity index 96% rename from x-pack/plugins/endpoint/server/mocks.ts rename to x-pack/plugins/siem/server/endpoint/mocks.ts index 76a3628562a8..6260a6c63064 100644 --- a/x-pack/plugins/endpoint/server/mocks.ts +++ b/x-pack/plugins/siem/server/endpoint/mocks.ts @@ -9,8 +9,8 @@ import { RequestHandlerContext, SavedObjectsClientContract, } from 'kibana/server'; -import { AgentService, IngestManagerStartContract } from '../../ingest_manager/server'; -import { IndexPatternRetriever } from './index_pattern'; +import { AgentService, IngestManagerStartContract } from '../../../ingest_manager/server'; +import { IndexPatternRetriever } from './alerts/index_pattern'; /** * Creates a mock IndexPatternRetriever for use in tests. diff --git a/x-pack/plugins/endpoint/server/routes/metadata/index.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/index.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/metadata/index.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/index.ts index 08950930441d..983739b24959 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/index.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/index.ts @@ -9,9 +9,14 @@ import { SearchResponse } from 'elasticsearch'; import { schema } from '@kbn/config-schema'; import { getESQueryHostMetadataByID, kibanaRequestToMetadataListESQuery } from './query_builders'; -import { HostInfo, HostMetadata, HostResultList, HostStatus } from '../../../common/types'; +import { + HostInfo, + HostMetadata, + HostResultList, + HostStatus, +} from '../../../../common/endpoint/types'; import { EndpointAppContext } from '../../types'; -import { AgentStatus } from '../../../../ingest_manager/common/types/models'; +import { AgentStatus } from '../../../../../ingest_manager/common/types/models'; interface HitSource { _source: HostMetadata; @@ -130,10 +135,11 @@ export async function getHostData( return undefined; } - return await enrichHostMetadata(response.hits.hits[0]._source, metadataRequestContext); + return enrichHostMetadata(response.hits.hits[0]._source, metadataRequestContext); } async function mapToHostResultList( + // eslint-disable-next-line @typescript-eslint/no-explicit-any queryParams: Record, searchResponse: SearchResponse, metadataRequestContext: MetadataRequestContext diff --git a/x-pack/plugins/endpoint/server/routes/metadata/metadata.test.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/metadata.test.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/metadata/metadata.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/metadata.test.ts index 5415ebcae31c..b2f5866a3ae7 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/metadata.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/metadata.test.ts @@ -18,20 +18,25 @@ import { httpServiceMock, loggingServiceMock, savedObjectsClientMock, -} from '../../../../../../src/core/server/mocks'; -import { HostInfo, HostMetadata, HostResultList, HostStatus } from '../../../common/types'; +} from '../../../../../../../src/core/server/mocks'; +import { + HostInfo, + HostMetadata, + HostResultList, + HostStatus, +} from '../../../../common/endpoint/types'; import { SearchResponse } from 'elasticsearch'; import { registerEndpointRoutes } from './index'; -import { EndpointConfigSchema } from '../../config'; import * as data from '../../test_data/all_metadata_data.json'; import { createMockAgentService, createMockMetadataIndexPatternRetriever, createRouteHandlerContext, } from '../../mocks'; -import { AgentService } from '../../../../ingest_manager/server'; +import { AgentService } from '../../../../../ingest_manager/server'; import Boom from 'boom'; import { EndpointAppContextService } from '../../endpoint_app_context_services'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('test endpoint route', () => { let routerMock: jest.Mocked; @@ -39,7 +44,9 @@ describe('test endpoint route', () => { let mockClusterClient: jest.Mocked; let mockScopedClient: jest.Mocked; let mockSavedObjectClient: jest.Mocked; + // eslint-disable-next-line @typescript-eslint/no-explicit-any let routeHandler: RequestHandler; + // eslint-disable-next-line @typescript-eslint/no-explicit-any let routeConfig: RouteConfig; let mockAgentService: jest.Mocked; let endpointAppContextService: EndpointAppContextService; @@ -63,7 +70,7 @@ describe('test endpoint route', () => { registerEndpointRoutes(routerMock, { logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); }); @@ -235,6 +242,7 @@ describe('test endpoint route', () => { it('should return a single endpoint with status online', async () => { const mockRequest = httpServerMock.createKibanaRequest({ + // eslint-disable-next-line @typescript-eslint/no-explicit-any params: { id: (data as any).hits.hits[0]._id }, }); const response: SearchResponse = (data as unknown) as SearchResponse< diff --git a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.test.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.test.ts similarity index 91% rename from x-pack/plugins/endpoint/server/routes/metadata/query_builders.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.test.ts index 28bac2fa10e0..7fa5a8b13db3 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.test.ts @@ -3,11 +3,11 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { httpServerMock, loggingServiceMock } from '../../../../../../src/core/server/mocks'; -import { EndpointConfigSchema } from '../../config'; +import { httpServerMock, loggingServiceMock } from '../../../../../../../src/core/server/mocks'; import { kibanaRequestToMetadataListESQuery, getESQueryHostMetadataByID } from './query_builders'; import { MetadataIndexPattern } from '../../mocks'; import { EndpointAppContextService } from '../../endpoint_app_context_services'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('query builder', () => { describe('MetadataListESQuery', () => { @@ -20,7 +20,7 @@ describe('query builder', () => { { logFactory: loggingServiceMock.create(), service: new EndpointAppContextService(), - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }, MetadataIndexPattern ); @@ -55,6 +55,7 @@ describe('query builder', () => { from: 0, size: 10, index: MetadataIndexPattern, + // eslint-disable-next-line @typescript-eslint/no-explicit-any } as Record); }); }); @@ -71,7 +72,7 @@ describe('query builder', () => { { logFactory: loggingServiceMock.create(), service: new EndpointAppContextService(), - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }, MetadataIndexPattern ); @@ -119,6 +120,7 @@ describe('query builder', () => { from: 0, size: 10, index: MetadataIndexPattern, + // eslint-disable-next-line @typescript-eslint/no-explicit-any } as Record); }); }); diff --git a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.ts b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.ts similarity index 88% rename from x-pack/plugins/endpoint/server/routes/metadata/query_builders.ts rename to x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.ts index abcc293985f9..a34113e8d6f6 100644 --- a/x-pack/plugins/endpoint/server/routes/metadata/query_builders.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/metadata/query_builders.ts @@ -4,13 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ import { KibanaRequest } from 'kibana/server'; -import { esKuery } from '../../../../../../src/plugins/data/server'; +import { esKuery } from '../../../../../../../src/plugins/data/server'; import { EndpointAppContext } from '../../types'; export const kibanaRequestToMetadataListESQuery = async ( + // eslint-disable-next-line @typescript-eslint/no-explicit-any request: KibanaRequest, endpointAppContext: EndpointAppContext, index: string + // eslint-disable-next-line @typescript-eslint/no-explicit-any ): Promise> => { const pagingProperties = await getPagingProperties(request, endpointAppContext); return { @@ -46,6 +48,7 @@ export const kibanaRequestToMetadataListESQuery = async ( }; async function getPagingProperties( + // eslint-disable-next-line @typescript-eslint/no-explicit-any request: KibanaRequest, endpointAppContext: EndpointAppContext ) { @@ -65,6 +68,7 @@ async function getPagingProperties( }; } +// eslint-disable-next-line @typescript-eslint/no-explicit-any function buildQueryBody(request: KibanaRequest): Record { if (typeof request?.body?.filter === 'string') { return esKuery.toElasticsearchQuery(esKuery.fromKueryExpression(request.body.filter)); diff --git a/x-pack/plugins/endpoint/server/routes/policy/handlers.test.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.test.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/policy/handlers.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/handlers.test.ts index 934835342537..25bf2c45aa42 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/handlers.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.test.ts @@ -10,7 +10,6 @@ import { createRouteHandlerContext, } from '../../mocks'; import { getHostPolicyResponseHandler } from './handlers'; -import { EndpointConfigSchema } from '../../config'; import { IScopedClusterClient, KibanaResponseFactory, @@ -21,11 +20,12 @@ import { httpServerMock, loggingServiceMock, savedObjectsClientMock, -} from '../../../../../../src/core/server/mocks'; -import { AgentService } from '../../../../ingest_manager/server/services'; +} from '../../../../../../../src/core/server/mocks'; +import { AgentService } from '../../../../../ingest_manager/server/services'; import { SearchResponse } from 'elasticsearch'; -import { GetHostPolicyResponse, HostPolicyResponse } from '../../../common/types'; -import { EndpointDocGenerator } from '../../../common/generate_data'; +import { GetHostPolicyResponse, HostPolicyResponse } from '../../../../common/endpoint/types'; +import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data'; +import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; describe('test policy response handler', () => { let endpointAppContextService: EndpointAppContextService; @@ -53,7 +53,7 @@ describe('test policy response handler', () => { const hostPolicyResponseHandler = getHostPolicyResponseHandler({ logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); @@ -76,7 +76,7 @@ describe('test policy response handler', () => { const hostPolicyResponseHandler = getHostPolicyResponseHandler({ logFactory: loggingServiceMock.create(), service: endpointAppContextService, - config: () => Promise.resolve(EndpointConfigSchema.validate({})), + config: () => Promise.resolve(createMockConfig()), }); mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => diff --git a/x-pack/plugins/endpoint/server/routes/policy/handlers.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/policy/handlers.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/handlers.ts index 5a34164c0bb3..000d353ab90f 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/handlers.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/handlers.ts @@ -5,7 +5,7 @@ */ import { RequestHandler } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { GetPolicyResponseSchema } from '../../../common/schema/policy'; +import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy'; import { EndpointAppContext } from '../../types'; import { getPolicyResponseByHostId } from './service'; diff --git a/x-pack/plugins/endpoint/server/routes/policy/index.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/index.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/policy/index.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/index.ts index 4c3bd8e21315..b233ff1af30f 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/index.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/index.ts @@ -6,7 +6,7 @@ import { IRouter } from 'kibana/server'; import { EndpointAppContext } from '../../types'; -import { GetPolicyResponseSchema } from '../../../common/schema/policy'; +import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy'; import { getHostPolicyResponseHandler } from './handlers'; export const BASE_POLICY_RESPONSE_ROUTE = `/api/endpoint/policy_response`; diff --git a/x-pack/plugins/endpoint/server/routes/policy/service.test.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/service.test.ts similarity index 86% rename from x-pack/plugins/endpoint/server/routes/policy/service.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/service.test.ts index c7bf65627769..7c8d006687a6 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/service.test.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/service.test.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { GetPolicyResponseSchema } from '../../../common/schema/policy'; +import { GetPolicyResponseSchema } from '../../../../common/endpoint/schema/policy'; describe('test policy handlers schema', () => { it('validate that get policy response query schema', async () => { diff --git a/x-pack/plugins/endpoint/server/routes/policy/service.ts b/x-pack/plugins/siem/server/endpoint/routes/policy/service.ts similarity index 97% rename from x-pack/plugins/endpoint/server/routes/policy/service.ts rename to x-pack/plugins/siem/server/endpoint/routes/policy/service.ts index 7ec2c6563411..5e3c3537ec59 100644 --- a/x-pack/plugins/endpoint/server/routes/policy/service.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/policy/service.ts @@ -6,7 +6,7 @@ import { SearchResponse } from 'elasticsearch'; import { IScopedClusterClient } from 'kibana/server'; -import { GetHostPolicyResponse, HostPolicyResponse } from '../../../common/types'; +import { GetHostPolicyResponse, HostPolicyResponse } from '../../../../common/endpoint/types'; export function getESQueryPolicyResponseByHostID(hostID: string, index: string) { return { diff --git a/x-pack/plugins/endpoint/server/routes/resolver.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver.ts similarity index 96% rename from x-pack/plugins/endpoint/server/routes/resolver.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver.ts index 3599acacb4f5..9a4f55770f93 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver.ts @@ -11,7 +11,7 @@ import { validateEvents, validateChildren, validateAncestry, -} from '../../common/schema/resolver'; +} from '../../../common/endpoint/schema/resolver'; import { handleEvents } from './resolver/events'; import { handleChildren } from './resolver/children'; import { handleAncestry } from './resolver/ancestry'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/ancestry.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/ancestry.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/ancestry.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/ancestry.ts index 6648dc5b9e49..233f23bd314c 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/ancestry.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/ancestry.ts @@ -6,7 +6,7 @@ import { RequestHandler, Logger } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { validateAncestry } from '../../../common/schema/resolver'; +import { validateAncestry } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/children.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/children.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/children.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/children.ts index bb18b29a4b94..13af514c4c55 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/children.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/children.ts @@ -6,7 +6,7 @@ import { RequestHandler, Logger } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { validateChildren } from '../../../common/schema/resolver'; +import { validateChildren } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/events.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/events.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/events.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/events.ts index a70a6e8d097d..97f718b66a43 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/events.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/events.ts @@ -6,7 +6,7 @@ import { TypeOf } from '@kbn/config-schema'; import { RequestHandler, Logger } from 'kibana/server'; -import { validateEvents } from '../../../common/schema/resolver'; +import { validateEvents } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/base.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/base.ts similarity index 91% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/base.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/base.ts index eba4e5581c13..4f6003492fd3 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/base.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/base.ts @@ -6,14 +6,14 @@ import { SearchResponse } from 'elasticsearch'; import { IScopedClusterClient } from 'kibana/server'; -import { ResolverEvent } from '../../../../common/types'; +import { ResolverEvent } from '../../../../../common/endpoint/types'; import { paginate, paginatedResults, PaginationParams, PaginatedResults, } from '../utils/pagination'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; import { legacyEventIndexPattern } from './legacy_event_index_pattern'; export abstract class ResolverQuery { diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/children.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/children.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/children.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/children.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/children.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/events.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/events.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/events.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/events.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.ts index b622cb8a2111..80c3a0e9accc 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/events.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/events.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { ResolverQuery } from './base'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; export class EventsQuery extends ResolverQuery { protected legacyQuery(endpointID: string, uniquePIDs: string[], index: string): JsonObject { diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/legacy_event_index_pattern.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/legacy_event_index_pattern.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/legacy_event_index_pattern.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/legacy_event_index_pattern.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.ts similarity index 94% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.ts index e775b0cf9b6d..7dbbdec2fdfc 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/lifecycle.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/lifecycle.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { ResolverQuery } from './base'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; export class LifecycleQuery extends ResolverQuery { protected legacyQuery(endpointID: string, uniquePIDs: string[], index: string): JsonObject { diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/stats.test.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.test.ts similarity index 100% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/stats.test.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.test.ts diff --git a/x-pack/plugins/endpoint/server/routes/resolver/queries/stats.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.ts similarity index 93% rename from x-pack/plugins/endpoint/server/routes/resolver/queries/stats.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.ts index 7db3ab2b0cb1..5fddf86ea4a7 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/queries/stats.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/queries/stats.ts @@ -5,17 +5,19 @@ */ import { SearchResponse } from 'elasticsearch'; import { ResolverQuery } from './base'; -import { ResolverEvent } from '../../../../common/types'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { ResolverEvent } from '../../../../../common/endpoint/types'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; import { PaginatedResults } from '../utils/pagination'; export class StatsQuery extends ResolverQuery { protected postSearch(response: SearchResponse): PaginatedResults { const alerts = response.aggregations.alerts.ids.buckets.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (cummulative: any, bucket: any) => ({ ...cummulative, [bucket.key]: bucket.doc_count }), {} ); const events = response.aggregations.events.ids.buckets.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (cummulative: any, bucket: any) => ({ ...cummulative, [bucket.key]: bucket.doc_count }), {} ); diff --git a/x-pack/plugins/endpoint/server/routes/resolver/tree.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/tree.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/resolver/tree.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/tree.ts index 25f15586341d..355112339396 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/tree.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/tree.ts @@ -6,7 +6,7 @@ import { RequestHandler, Logger } from 'kibana/server'; import { TypeOf } from '@kbn/config-schema'; -import { validateTree } from '../../../common/schema/resolver'; +import { validateTree } from '../../../../common/endpoint/schema/resolver'; import { Fetcher } from './utils/fetch'; import { Tree } from './utils/tree'; import { EndpointAppContext } from '../../types'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/utils/fetch.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/fetch.ts similarity index 97% rename from x-pack/plugins/endpoint/server/routes/resolver/utils/fetch.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/utils/fetch.ts index 7315b4ee6c61..f0e1a8a9bfc6 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/utils/fetch.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/fetch.ts @@ -5,7 +5,7 @@ */ import { IScopedClusterClient } from 'kibana/server'; -import { entityId, parentEntityId } from '../../../../common/models/event'; +import { entityId, parentEntityId } from '../../../../../common/endpoint/models/event'; import { getPaginationParams } from './pagination'; import { Tree } from './tree'; import { LifecycleQuery } from '../queries/lifecycle'; diff --git a/x-pack/plugins/endpoint/server/routes/resolver/utils/pagination.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/pagination.ts similarity index 83% rename from x-pack/plugins/endpoint/server/routes/resolver/utils/pagination.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/utils/pagination.ts index 20249b81660b..a47c4442b6cf 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/utils/pagination.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/pagination.ts @@ -5,9 +5,9 @@ */ import { SearchResponse } from 'elasticsearch'; -import { ResolverEvent } from '../../../../common/types'; -import { entityId } from '../../../../common/models/event'; -import { JsonObject } from '../../../../../../../src/plugins/kibana_utils/public'; +import { ResolverEvent } from '../../../../../common/endpoint/types'; +import { entityId } from '../../../../../common/endpoint/models/event'; +import { JsonObject } from '../../../../../../../../src/plugins/kibana_utils/public'; export interface PaginationParams { size: number; @@ -37,8 +37,8 @@ function urlEncodeCursor(data: PaginationCursor): string { } function urlDecodeCursor(value: string): PaginationCursor { - value = value.replace(/\-/g, '+').replace(/_/g, '/'); - const data = Buffer.from(value, 'base64').toString('utf8'); + const localValue = value.replace(/\-/g, '+').replace(/_/g, '/'); + const data = Buffer.from(localValue, 'base64').toString('utf8'); const { timestamp, eventID } = JSON.parse(data); // take some extra care to only grab the things we want // convert the timestamp string to date object @@ -72,7 +72,10 @@ export function paginate( const { size, timestamp, eventID } = pagination; query.sort = [{ '@timestamp': 'asc' }, { [tiebreaker]: 'asc' }]; query.aggs = query.aggs || {}; - query.aggs = Object.assign({}, query.aggs, { totals: { terms: { field: aggregator, size } } }); + query.aggs = { + ...(typeof query.aggs === 'object' ? query.aggs : {}), + totals: { terms: { field: aggregator, size } }, + }; query.size = size; if (timestamp && eventID) { query.search_after = [timestamp, eventID] as Array; @@ -98,6 +101,7 @@ export function paginatedResults(response: SearchResponse): Pagin } const totals = response.aggregations?.totals?.buckets?.reduce( + // eslint-disable-next-line @typescript-eslint/no-explicit-any (cummulative: any, bucket: any) => ({ ...cummulative, [bucket.key]: bucket.doc_count }), {} ); diff --git a/x-pack/plugins/endpoint/server/routes/resolver/utils/tree.ts b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/tree.ts similarity index 98% rename from x-pack/plugins/endpoint/server/routes/resolver/utils/tree.ts rename to x-pack/plugins/siem/server/endpoint/routes/resolver/utils/tree.ts index 5a55c23b9087..28615117cf7b 100644 --- a/x-pack/plugins/endpoint/server/routes/resolver/utils/tree.ts +++ b/x-pack/plugins/siem/server/endpoint/routes/resolver/utils/tree.ts @@ -10,8 +10,8 @@ import { ResolverNode, ResolverNodeStats, ResolverNodePagination, -} from '../../../../common/types'; -import { entityId, parentEntityId } from '../../../../common/models/event'; +} from '../../../../../common/endpoint/types'; +import { entityId, parentEntityId } from '../../../../../common/endpoint/models/event'; import { buildPaginationCursor } from './pagination'; type ExtractFunction = (event: ResolverEvent) => string | undefined; diff --git a/x-pack/plugins/endpoint/server/test_data/all_metadata_data.json b/x-pack/plugins/siem/server/endpoint/test_data/all_metadata_data.json similarity index 100% rename from x-pack/plugins/endpoint/server/test_data/all_metadata_data.json rename to x-pack/plugins/siem/server/endpoint/test_data/all_metadata_data.json diff --git a/x-pack/plugins/endpoint/server/types.ts b/x-pack/plugins/siem/server/endpoint/types.ts similarity index 86% rename from x-pack/plugins/endpoint/server/types.ts rename to x-pack/plugins/siem/server/endpoint/types.ts index dfa5950adba5..fbcc5bc833d7 100644 --- a/x-pack/plugins/endpoint/server/types.ts +++ b/x-pack/plugins/siem/server/endpoint/types.ts @@ -4,15 +4,15 @@ * you may not use this file except in compliance with the Elastic License. */ import { LoggerFactory } from 'kibana/server'; -import { EndpointConfigType } from './config'; import { EndpointAppContextService } from './endpoint_app_context_services'; +import { ConfigType } from '../config'; /** * The context for Endpoint apps. */ export interface EndpointAppContext { logFactory: LoggerFactory; - config(): Promise; + config(): Promise; /** * Object readiness is tied to plugin start method diff --git a/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts index a28eb6ba3cca..0cec1832dab8 100644 --- a/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts +++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts @@ -19,4 +19,10 @@ export const createMockConfig = () => ({ maxRuleImportPayloadBytes: 10485760, maxTimelineImportExportSize: 10000, maxTimelineImportPayloadBytes: 10485760, + endpointResultListDefaultFirstPageIndex: 0, + endpointResultListDefaultPageSize: 10, + alertResultListDefaultDateRange: { + from: 'now-15m', + to: 'now', + }, }); diff --git a/x-pack/plugins/siem/server/plugin.ts b/x-pack/plugins/siem/server/plugin.ts index d296ee94e895..3c336991f3d9 100644 --- a/x-pack/plugins/siem/server/plugin.ts +++ b/x-pack/plugins/siem/server/plugin.ts @@ -22,6 +22,7 @@ import { MlPluginSetup as MlSetup } from '../../ml/server'; import { EncryptedSavedObjectsPluginSetup as EncryptedSavedObjectsSetup } from '../../encrypted_saved_objects/server'; import { SpacesPluginSetup as SpacesSetup } from '../../spaces/server'; import { LicensingPluginSetup } from '../../licensing/server'; +import { IngestManagerStartContract } from '../../ingest_manager/server'; import { initServer } from './init_server'; import { compose } from './lib/compose/kibana'; import { initRoutes } from './routes'; @@ -35,6 +36,13 @@ import { SiemClientFactory } from './client'; import { createConfig$, ConfigType } from './config'; import { initUiSettings } from './ui_settings'; import { APP_ID, APP_ICON } from '../common/constants'; +import { registerEndpointRoutes } from './endpoint/routes/metadata'; +import { registerResolverRoutes } from './endpoint/routes/resolver'; +import { registerAlertRoutes } from './endpoint/alerts/routes'; +import { registerPolicyRoutes } from './endpoint/routes/policy'; +import { EndpointAppContextService } from './endpoint/endpoint_app_context_services'; +import { EndpointAppContext } from './endpoint/types'; +import { IngestIndexPatternRetriever } from './endpoint/alerts/index_pattern'; export interface SetupPlugins { alerting: AlertingSetup; @@ -46,8 +54,9 @@ export interface SetupPlugins { ml?: MlSetup; } -// eslint-disable-next-line @typescript-eslint/no-empty-interface -export interface StartPlugins {} +export interface StartPlugins { + ingestManager: IngestManagerStartContract; +} // eslint-disable-next-line @typescript-eslint/no-empty-interface export interface PluginSetup {} @@ -59,6 +68,7 @@ export class Plugin implements IPlugin; private context: PluginInitializerContext; private siemClientFactory: SiemClientFactory; + private readonly endpointAppContextService = new EndpointAppContextService(); constructor(context: PluginInitializerContext) { this.context = context; @@ -79,21 +89,27 @@ export class Plugin implements IPlugin => Promise.resolve(config), + }; const router = core.http.createRouter(); core.http.registerRouteHandlerContext(APP_ID, (context, request, response) => ({ getSiemClient: () => this.siemClientFactory.create(request), })); - const config = await this.config$.pipe(first()).toPromise(); - this.siemClientFactory.setup({ getSpaceId: plugins.spaces?.spacesService?.getSpaceId, config, }); + // TO DO We need to get the endpoint routes inside of initRoutes initRoutes( router, config, @@ -101,6 +117,10 @@ export class Plugin implements IPlugin { await ingestManager.setup(); }); - loadTestFile(require.resolve('./index_pattern')); + loadTestFile(require.resolve('./alerts/index_pattern')); loadTestFile(require.resolve('./resolver')); loadTestFile(require.resolve('./metadata')); loadTestFile(require.resolve('./alerts')); diff --git a/x-pack/test/api_integration/apis/features/features/features.ts b/x-pack/test/api_integration/apis/features/features/features.ts index 7a0196adbfff..197e551c7188 100644 --- a/x-pack/test/api_integration/apis/features/features/features.ts +++ b/x-pack/test/api_integration/apis/features/features/features.ts @@ -114,7 +114,6 @@ export default function({ getService }: FtrProviderContext) { 'maps', 'uptime', 'siem', - 'endpoint', 'ingestManager', ].sort() ); diff --git a/x-pack/test/api_integration/apis/security/privileges.ts b/x-pack/test/api_integration/apis/security/privileges.ts index 9bec3fd076e8..a6537644551a 100644 --- a/x-pack/test/api_integration/apis/security/privileges.ts +++ b/x-pack/test/api_integration/apis/security/privileges.ts @@ -36,7 +36,6 @@ export default function({ getService }: FtrProviderContext) { uptime: ['all', 'read'], apm: ['all', 'read'], siem: ['all', 'read'], - endpoint: ['all', 'read'], ingestManager: ['all', 'read'], }, global: ['all', 'read'], diff --git a/x-pack/test/api_integration/apis/security/privileges_basic.ts b/x-pack/test/api_integration/apis/security/privileges_basic.ts index 1f9eac148b30..dc352c283359 100644 --- a/x-pack/test/api_integration/apis/security/privileges_basic.ts +++ b/x-pack/test/api_integration/apis/security/privileges_basic.ts @@ -34,7 +34,6 @@ export default function({ getService }: FtrProviderContext) { uptime: ['all', 'read'], apm: ['all', 'read'], siem: ['all', 'read'], - endpoint: ['all', 'read'], ingestManager: ['all', 'read'], }, global: ['all', 'read'], diff --git a/x-pack/test/api_integration/config.js b/x-pack/test/api_integration/config.js index dda8c2d888d3..41ae65062b11 100644 --- a/x-pack/test/api_integration/config.js +++ b/x-pack/test/api_integration/config.js @@ -26,11 +26,9 @@ export async function getApiIntegrationConfig({ readConfigFile }) { ...xPackFunctionalTestsConfig.get('kbnTestServer.serverArgs'), '--xpack.security.session.idleTimeout=3600000', // 1 hour '--optimize.enabled=false', - '--xpack.endpoint.enabled=true', '--telemetry.optIn=true', - '--xpack.endpoint.enabled=true', '--xpack.ingestManager.enabled=true', - '--xpack.endpoint.alertResultListDefaultDateRange.from=2018-01-10T00:00:00.000Z', + '--xpack.siem.alertResultListDefaultDateRange.from=2018-01-10T00:00:00.000Z', ], }, esTestCluster: { diff --git a/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts.ts b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index.ts similarity index 93% rename from x-pack/test/endpoint_api_integration_no_ingest/apis/alerts.ts rename to x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index.ts index b75d69238d65..badb05cbe7a7 100644 --- a/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts.ts +++ b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { FtrProviderContext } from '../ftr_provider_context'; +import { FtrProviderContext } from '../../ftr_provider_context'; export default function({ getService }: FtrProviderContext) { const esArchiver = getService('esArchiver'); diff --git a/x-pack/test/endpoint_api_integration_no_ingest/apis/index_pattern.ts b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index_pattern.ts similarity index 90% rename from x-pack/test/endpoint_api_integration_no_ingest/apis/index_pattern.ts rename to x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index_pattern.ts index 664ef7d96847..13a0d61de313 100644 --- a/x-pack/test/endpoint_api_integration_no_ingest/apis/index_pattern.ts +++ b/x-pack/test/endpoint_api_integration_no_ingest/apis/alerts/index_pattern.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { FtrProviderContext } from '../ftr_provider_context'; +import { FtrProviderContext } from '../../ftr_provider_context'; export default function({ getService }: FtrProviderContext) { const supertest = getService('supertest'); diff --git a/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts b/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts index 6110f398df5a..321ef35180ca 100644 --- a/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts +++ b/x-pack/test/endpoint_api_integration_no_ingest/apis/index.ts @@ -9,7 +9,7 @@ import { FtrProviderContext } from '../ftr_provider_context'; export default function endpointAPIIntegrationTests({ loadTestFile }: FtrProviderContext) { describe('Endpoint plugin', function() { this.tags('ciGroup7'); - loadTestFile(require.resolve('./index_pattern')); + loadTestFile(require.resolve('./alerts/index_pattern')); loadTestFile(require.resolve('./metadata')); loadTestFile(require.resolve('./alerts')); }); diff --git a/x-pack/test/functional_endpoint/config.ts b/x-pack/test/functional_endpoint/config.ts index a371c548f302..8b87993e4b98 100644 --- a/x-pack/test/functional_endpoint/config.ts +++ b/x-pack/test/functional_endpoint/config.ts @@ -30,7 +30,6 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) { ...xpackFunctionalConfig.get('kbnTestServer'), serverArgs: [ ...xpackFunctionalConfig.get('kbnTestServer.serverArgs'), - '--xpack.endpoint.enabled=true', '--xpack.ingestManager.enabled=true', ], }, diff --git a/x-pack/test/functional_endpoint/services/endpoint_policy.ts b/x-pack/test/functional_endpoint/services/endpoint_policy.ts index e8e2d9957aa3..5142c083a089 100644 --- a/x-pack/test/functional_endpoint/services/endpoint_policy.ts +++ b/x-pack/test/functional_endpoint/services/endpoint_policy.ts @@ -9,8 +9,8 @@ import { CreateAgentConfigResponse, CreateDatasourceResponse, } from '../../../plugins/ingest_manager/common'; -import { Immutable } from '../../../plugins/endpoint/common/types'; -import { factory as policyConfigFactory } from '../../../plugins/endpoint/common/models/policy_config'; +import { Immutable } from '../../../plugins/siem/common/endpoint/types'; +import { factory as policyConfigFactory } from '../../../plugins/siem/common/endpoint/models/policy_config'; const INGEST_API_ROOT = '/api/ingest_manager'; const INGEST_API_AGENT_CONFIGS = `${INGEST_API_ROOT}/agent_configs`; diff --git a/x-pack/test/plugin_functional/config.ts b/x-pack/test/plugin_functional/config.ts index aa3c9bd24842..496be59ec342 100644 --- a/x-pack/test/plugin_functional/config.ts +++ b/x-pack/test/plugin_functional/config.ts @@ -42,7 +42,6 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) { ...plugins.map(pluginDir => `--plugin-path=${resolve(__dirname, 'plugins', pluginDir)}`), // Required to load new platform plugins via `--plugin-path` flag. '--env.name=development', - '--xpack.endpoint.enabled=true', ], }, uiSettings: xpackFunctionalConfig.get('uiSettings'), diff --git a/x-pack/test/reporting/configs/chromium_api.js b/x-pack/test/reporting/configs/chromium_api.js index 95649dfb5d7a..98235f433681 100644 --- a/x-pack/test/reporting/configs/chromium_api.js +++ b/x-pack/test/reporting/configs/chromium_api.js @@ -26,7 +26,6 @@ export default async function({ readConfigFile }) { ...functionalConfig.get('kbnTestServer.serverArgs'), '--logging.events.log', '["info","warning","error","fatal","optimize","reporting"]', - '--xpack.endpoint.enabled=true', '--xpack.reporting.csv.enablePanelActionDownload=true', '--xpack.reporting.capture.maxAttempts=1', '--xpack.security.session.idleTimeout=3600000', diff --git a/x-pack/test/siem_cypress/config.ts b/x-pack/test/siem_cypress/config.ts index bd5052cf3838..b4c0eaaa7732 100644 --- a/x-pack/test/siem_cypress/config.ts +++ b/x-pack/test/siem_cypress/config.ts @@ -46,6 +46,9 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) { '--csp.strict=false', // define custom kibana server args here `--elasticsearch.ssl.certificateAuthorities=${CA_CERT_PATH}`, + '--xpack.ingestManager.enabled=true', + '--xpack.ingestManager.epm.enabled=true', + '--xpack.ingestManager.fleet.enabled=true', ], }, }; diff --git a/yarn.lock b/yarn.lock index a18f89cd480f..a6dc525547be 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4696,16 +4696,6 @@ "@types/prop-types" "*" "@types/react" "*" -"@types/react-redux@^7.1.0": - version "7.1.5" - resolved "https://registry.yarnpkg.com/@types/react-redux/-/react-redux-7.1.5.tgz#c7a528d538969250347aa53c52241051cf886bd3" - integrity sha512-ZoNGQMDxh5ENY7PzU7MVonxDzS1l/EWiy8nUhDqxFqUZn4ovboCyvk4Djf68x6COb7vhGTKjyjxHxtFdAA5sUA== - dependencies: - "@types/hoist-non-react-statics" "^3.3.0" - "@types/react" "*" - hoist-non-react-statics "^3.3.0" - redux "^4.0.0" - "@types/react-redux@^7.1.7": version "7.1.7" resolved "https://registry.yarnpkg.com/@types/react-redux/-/react-redux-7.1.7.tgz#12a0c529aba660696947384a059c5c6e08185c7a"