maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/x-pack/plugins
History
Frank Hassanabad e5944a3646
[Security Solutions][Detection Engine] Fixes timestamp bugs within source indexes when the formats are not ISO8601 format (#101349) 
## Summary

We have a few bugs where when the source index for detections is not `"strict_date_optional_time"` it is possible that we will misinterpret the format to be epoch milliseconds when it could be epoch seconds or another ambiguous format or blow up when trying to write out the signals index. This fixes it to where we query for the source index format as an ISO8601 and when we copy the date time format we copy it back out as ISO8601 and insert it into the signal index as ISO8601.

See this [gist](https://gist.github.com/FrankHassanabad/f614ec9762d59cd1129b3269f5bae41c) for more details of how this was accidentally introduced when we added support for runtime fields and the general idea of the fix.

* Removes `docvalue_field` and we now only use `fields` in detection engine search requests
* Splits out the timestamp e2e tests into their own file for `timestamps` file
* Adds more tests to ensure we copy what we expect and we are converting to ISO8601 in the signals
* Removes `ts-expect-error` in a lot of areas including tests and then I fix the types and issues once it is removed. 

### Checklist

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
2021-06-04 16:19:59 -06:00
..
actions Improve Task Manager instrumentation (#99160) 2021-06-04 16:30:11 -04:00
alerting Fix alerting health API to consider rules in all spaces (#100879) 2021-06-02 13:08:09 -04:00
apm [User Experience] Move ux app to new nav (#101005) 2021-06-04 18:04:40 +02:00
banners [Deprecations service] make correctiveActions.manualSteps required (#100997) 2021-06-02 15:52:14 +03:00
canvas [Canvas] Switch Canvas to use React Router (#100579) 2021-06-01 17:35:56 -04:00
cases [Alerting UI] Reduced triggersActionsUi bundle size by making all action types UI validation messages translations asynchronous. (#100525) 2021-06-02 22:33:43 -07:00
cloud Don't query for the current user on anonymous pages (#99511) 2021-05-06 17:04:56 -04:00
console_extensions
cross_cluster_replication Migrate CCR to new ES JS client. (#100131) 2021-06-01 16:26:01 -07:00
dashboard_enhanced feat: 🎸 close drilldown manager on view mode switch (#99309) 2021-05-06 00:26:13 +02:00
dashboard_mode
data_enhanced Upgrade EUI to v33.0.0 (#99382) 2021-06-01 10:53:07 -05:00
discover_enhanced Disable context menu "Explore underlying data" by default (#98039) 2021-04-26 13:20:43 +02:00
drilldowns
embeddable_enhanced
encrypted_saved_objects Sharing saved objects phase 3 (#94383) 2021-05-14 14:46:17 -04:00
enterprise_search [Enterprise Search] Convert Role mappings for both apps to use flyouts (#101198) 2021-06-04 14:22:31 -05:00
event_log
features [Alerting] Split alerting feature privilege between rules and alerts and handle subfeature privilege specification (#100127) 2021-05-27 14:59:02 -04:00
file_data_visualizer [Home] Adding file upload to add data page (#100863) 2021-06-02 15:33:49 +01:00
file_upload [Maps] Add draw wizard (#100278) 2021-05-26 11:21:38 -04:00
fleet [Fleet] Show callout & CTA in add agent flyout if no enrollment keys (#100599) 2021-06-04 15:21:54 -04:00
global_search
global_search_bar Clearing the global search bar will reset suggestions (#88637) 2021-05-13 11:35:03 -04:00
global_search_providers [Security Solution] Application register deepLinks instead of meta.searchDeepLinks (#100129) 2021-05-25 14:49:51 +02:00
graph Remove chrome.navLinks.update (#99633) 2021-05-24 13:00:45 -05:00
grokdebugger
index_lifecycle_management Upgrade EUI to v33.0.0 (#99382) 2021-06-01 10:53:07 -05:00
index_management Remove license check from Index Management (#100188) 2021-05-28 17:19:40 -07:00
infra [Logs UI] Fix the LogStream story to work with KIPs (#100862) 2021-06-04 19:13:35 +02:00
ingest_pipelines [Ingest pipelines] add media_type to set processor (#101035) 2021-06-04 10:12:04 +02:00
lens [Lens] Heatmap / Swim lane integration (#97978) 2021-06-04 15:28:43 -04:00
license_api_guard Fix typo in license_api_guard README name and import http server mocks from public interface (#97334) 2021-04-18 20:28:13 -07:00
license_management Upgrade EUI to v33.0.0 (#99382) 2021-06-01 10:53:07 -05:00
licensing Remove chrome.navLinks.update (#99633) 2021-05-24 13:00:45 -05:00
lists [Security Solution][Endpoint] Add event filters summary card to the fleet endpoint tab (#100668) 2021-05-28 18:07:54 +02:00
logstash migrate logstash plugin to new ES client (#98064) 2021-04-27 10:25:50 +02:00
maps [Maps] embeddable migrations (#101070) 2021-06-04 08:00:41 -06:00
metrics_entities [Security Solutions] (Phase 1) Adds an application cache called metrics entities and integrates it within Security Solutions behind a feature flag (#96446) 2021-04-30 12:36:06 -06:00
ml Upgrade EUI to v33.0.0 (#99382) 2021-06-01 10:53:07 -05:00
monitoring Allow . system indices in regex (#100831) 2021-06-04 11:52:27 -04:00
observability [User Experience] Move ux app to new nav (#101005) 2021-06-04 18:04:40 +02:00
osquery Ban use of lodash.template (#100277) 2021-05-19 10:06:52 -04:00
painless_lab
remote_clusters [Remote clusters] Fixed skipped test for search bar (#97472) 2021-05-05 13:05:35 +02:00
reporting [Deprecations service] make correctiveActions.manualSteps required (#100997) 2021-06-02 15:52:14 +03:00
rollup Use doc link services in rollups (#99137) 2021-05-10 10:01:19 -07:00
rule_registry [RAC][Security Solution] Register Security Detection Rules with Rule Registry (#96015) 2021-05-28 12:38:49 -06:00
runtime_fields
saved_objects_tagging Add description as title on tag badge (#97109) 2021-04-18 20:49:35 +02:00
searchprofiler
security [Deprecations service] make correctiveActions.manualSteps required (#100997) 2021-06-02 15:52:14 +03:00
security_solution [Security Solutions][Detection Engine] Fixes timestamp bugs within source indexes when the formats are not ISO8601 format (#101349) 2021-06-04 16:19:59 -06:00
snapshot_restore [Snapshot and Restore] Remove box shadow from panels (#98292) 2021-04-30 12:30:36 -04:00
spaces [Deprecations service] make correctiveActions.manualSteps required (#100997) 2021-06-02 15:52:14 +03:00
stack_alerts [Alerting] Split alerting feature privilege between rules and alerts and handle subfeature privilege specification (#100127) 2021-05-27 14:59:02 -04:00
task_manager Improve Task Manager instrumentation (#99160) 2021-06-04 16:30:11 -04:00
telemetry_collection_xpack Remove / Consolidate legacy usage adoption metrics (#100480) 2021-05-27 20:10:01 +01:00
timelines
transform [Transform] Support for the top_metrics aggregation (#101152) 2021-06-04 16:04:53 +02:00
translations [Enterprise Search] Convert Role mappings for both apps to use flyouts (#101198) 2021-06-04 14:22:31 -05:00
triggers_actions_ui [Alerting UI] Reduced triggersActionsUi bundle size by making all action types UI validation messages translations asynchronous. (#100525) 2021-06-02 22:33:43 -07:00
ui_actions_enhanced feat: 🎸 connect dasdhboard telemetry to persistable state (#99498) 2021-06-03 14:06:57 +02:00
upgrade_assistant [Upgrade Assistant] Use config for readonly mode (#101296) 2021-06-04 11:45:06 -04:00
uptime [User Experience] Move ux app to new nav (#101005) 2021-06-04 18:04:40 +02:00
watcher Rename client integration test folders (#100119) 2021-05-20 08:54:47 -04:00
xpack_legacy Remove legacy ES client usages in home and xpack_legacy (#97359) 2021-04-18 20:42:07 +02:00