maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

[SIEM] Adds example unit test to convert KQL using a nested query

Browse source 
## Summary

Adds example unit test to convert KQL using a nested query

### Checklist

- [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios
This commit is contained in:
Frank Hassanabad 2020-06-16 23:12:13 -06:00 committed by GitHub
parent a34a3a7e09
commit effd504d0b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 55 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.test.ts
View file

@ -462,6 +462,61 @@ describe('get_filter', () => {
},
});
});
test('it should work with a nested object queries', () => {
const esQuery = getQueryFilter(
'category:{ name:Frank and trusted:true }',
'kuery',
[],
['auditbeat-*'],
[]
);
expect(esQuery).toEqual({
bool: {
must: [],
filter: [
{
nested: {
path: 'category',
query: {
bool: {
filter: [
{
bool: {
should: [
{
match: {
'category.name': 'Frank',
},
},
],
minimum_should_match: 1,
},
},
{
bool: {
should: [
{
match: {
'category.trusted': true,
},
},
],
minimum_should_match: 1,
},
},
],
},
},
score_mode: 'none',
},
},
],
should: [],
must_not: [],
},
});
});
});
describe('getFilter', () => {