[Security Solution][Detections] Fix UUID generation for signals generated by Threshold rules (#89994)
* Fix the bug * Refactor
This commit is contained in:
parent
f9de593a6d
commit
d59750fc77
|
@ -1434,13 +1434,13 @@ describe('utils', () => {
|
|||
it('should generate a uuid without key', () => {
|
||||
const startedAt = new Date('2020-12-17T16:27:00Z');
|
||||
const signalUuid = calculateThresholdSignalUuid('abcd', startedAt, 'agent.name');
|
||||
expect(signalUuid).toEqual('c0cbe4b7-48de-5734-ae81-d8de3e79839d');
|
||||
expect(signalUuid).toEqual('a4832768-a379-583a-b1a2-e2ce2ad9e6e9');
|
||||
});
|
||||
|
||||
it('should generate a uuid with key', () => {
|
||||
const startedAt = new Date('2019-11-18T13:32:00Z');
|
||||
const signalUuid = calculateThresholdSignalUuid('abcd', startedAt, 'host.ip', '1.2.3.4');
|
||||
expect(signalUuid).toEqual('f568509e-b570-5d3c-a7ed-7c73fd29ddaf');
|
||||
expect(signalUuid).toEqual('ee8870dc-45ff-5e6c-a2f9-80886651ce03');
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
|
@ -855,10 +855,9 @@ export const calculateThresholdSignalUuid = (
|
|||
// used to generate constant Threshold Signals ID when run with the same params
|
||||
const NAMESPACE_ID = '0684ec03-7201-4ee0-8ee0-3a3f6b2479b2';
|
||||
|
||||
let baseString = `${ruleId}${startedAt}${thresholdField}`;
|
||||
if (key != null) {
|
||||
baseString = `${baseString}${key}`;
|
||||
}
|
||||
const startedAtString = startedAt.toISOString();
|
||||
const keyString = key ?? '';
|
||||
const baseString = `${ruleId}${startedAtString}${thresholdField}${keyString}`;
|
||||
|
||||
return uuidv5(baseString, NAMESPACE_ID);
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue