Skip to content

Commit c13ae7e

Browse files
ymao1kibanamachine
ymao1
and
kibanamachine
authored
[Event Log] Adding type_id to saved object array in event log (#100939)
* Adding new fields to event log mapping * Populating new event log fields when executing rules and actions * Fixing functional tests * Adding actionTypeId * Putting type ids into saved object array * Fixing functional tests * Cleanup Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
1 parent f7b5f00 commit c13ae7e

File tree

13 files changed

+81
-15
lines changed

13 files changed

+81
-15
lines changed

x-pack/plugins/actions/server/lib/action_executor.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -147,6 +147,7 @@ export class ActionExecutor {
147147
rel: SAVED_OBJECT_REL_PRIMARY,
148148
type: 'action',
149149
id: actionId,
150+
type_id: actionTypeId,
150151
...namespace,
151152
},
152153
],

x-pack/plugins/alerting/server/task_runner/create_execution_handler.test.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -166,10 +166,12 @@ test('enqueues execution per selected action', async () => {
166166
"id": "1",
167167
"rel": "primary",
168168
"type": "alert",
169+
"type_id": "test",
169170
},
170171
Object {
171172
"id": "1",
172173
"type": "action",
174+
"type_id": "test",
173175
},
174176
],
175177
},

x-pack/plugins/alerting/server/task_runner/create_execution_handler.ts

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -182,8 +182,14 @@ export function createExecutionHandler<
182182
action_subgroup: actionSubgroup,
183183
},
184184
saved_objects: [
185-
{ rel: SAVED_OBJECT_REL_PRIMARY, type: 'alert', id: alertId, ...namespace },
186-
{ type: 'action', id: action.id, ...namespace },
185+
{
186+
rel: SAVED_OBJECT_REL_PRIMARY,
187+
type: 'alert',
188+
id: alertId,
189+
type_id: alertType.id,
190+
...namespace,
191+
},
192+
{ type: 'action', id: action.id, type_id: action.actionTypeId, ...namespace },
187193
],
188194
},
189195
};

x-pack/plugins/alerting/server/task_runner/task_runner.test.ts

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -278,6 +278,7 @@ describe('Task Runner', () => {
278278
"namespace": undefined,
279279
"rel": "primary",
280280
"type": "alert",
281+
"type_id": "test",
281282
},
282283
],
283284
},
@@ -385,6 +386,7 @@ describe('Task Runner', () => {
385386
namespace: undefined,
386387
rel: 'primary',
387388
type: 'alert',
389+
type_id: 'test',
388390
},
389391
],
390392
},
@@ -406,6 +408,7 @@ describe('Task Runner', () => {
406408
namespace: undefined,
407409
rel: 'primary',
408410
type: 'alert',
411+
type_id: 'test',
409412
},
410413
],
411414
},
@@ -428,11 +431,13 @@ describe('Task Runner', () => {
428431
namespace: undefined,
429432
rel: 'primary',
430433
type: 'alert',
434+
type_id: 'test',
431435
},
432436
{
433437
id: '1',
434438
namespace: undefined,
435439
type: 'action',
440+
type_id: 'action',
436441
},
437442
],
438443
},
@@ -455,6 +460,7 @@ describe('Task Runner', () => {
455460
namespace: undefined,
456461
rel: 'primary',
457462
type: 'alert',
463+
type_id: 'test',
458464
},
459465
],
460466
},
@@ -531,6 +537,7 @@ describe('Task Runner', () => {
531537
namespace: undefined,
532538
rel: 'primary',
533539
type: 'alert',
540+
type_id: 'test',
534541
},
535542
],
536543
},
@@ -551,6 +558,7 @@ describe('Task Runner', () => {
551558
namespace: undefined,
552559
rel: 'primary',
553560
type: 'alert',
561+
type_id: 'test',
554562
},
555563
],
556564
},
@@ -572,6 +580,7 @@ describe('Task Runner', () => {
572580
namespace: undefined,
573581
rel: 'primary',
574582
type: 'alert',
583+
type_id: 'test',
575584
},
576585
],
577586
},
@@ -702,6 +711,7 @@ describe('Task Runner', () => {
702711
"namespace": undefined,
703712
"rel": "primary",
704713
"type": "alert",
714+
"type_id": "test",
705715
},
706716
],
707717
},
@@ -725,6 +735,7 @@ describe('Task Runner', () => {
725735
"namespace": undefined,
726736
"rel": "primary",
727737
"type": "alert",
738+
"type_id": "test",
728739
},
729740
],
730741
},
@@ -931,6 +942,7 @@ describe('Task Runner', () => {
931942
"namespace": undefined,
932943
"rel": "primary",
933944
"type": "alert",
945+
"type_id": "test",
934946
},
935947
],
936948
},
@@ -953,6 +965,7 @@ describe('Task Runner', () => {
953965
"namespace": undefined,
954966
"rel": "primary",
955967
"type": "alert",
968+
"type_id": "test",
956969
},
957970
],
958971
},
@@ -976,11 +989,13 @@ describe('Task Runner', () => {
976989
"namespace": undefined,
977990
"rel": "primary",
978991
"type": "alert",
992+
"type_id": "test",
979993
},
980994
Object {
981995
"id": "1",
982996
"namespace": undefined,
983997
"type": "action",
998+
"type_id": "action",
984999
},
9851000
],
9861001
},
@@ -1004,6 +1019,7 @@ describe('Task Runner', () => {
10041019
"namespace": undefined,
10051020
"rel": "primary",
10061021
"type": "alert",
1022+
"type_id": "test",
10071023
},
10081024
],
10091025
},
@@ -1386,6 +1402,7 @@ describe('Task Runner', () => {
13861402
"namespace": undefined,
13871403
"rel": "primary",
13881404
"type": "alert",
1405+
"type_id": "test",
13891406
},
13901407
],
13911408
},
@@ -1408,6 +1425,7 @@ describe('Task Runner', () => {
14081425
"namespace": undefined,
14091426
"rel": "primary",
14101427
"type": "alert",
1428+
"type_id": "test",
14111429
},
14121430
],
14131431
},
@@ -1431,6 +1449,7 @@ describe('Task Runner', () => {
14311449
"namespace": undefined,
14321450
"rel": "primary",
14331451
"type": "alert",
1452+
"type_id": "test",
14341453
},
14351454
],
14361455
},
@@ -1641,6 +1660,7 @@ describe('Task Runner', () => {
16411660
"namespace": undefined,
16421661
"rel": "primary",
16431662
"type": "alert",
1663+
"type_id": "test",
16441664
},
16451665
],
16461666
},
@@ -1700,6 +1720,7 @@ describe('Task Runner', () => {
17001720
"namespace": undefined,
17011721
"rel": "primary",
17021722
"type": "alert",
1723+
"type_id": "test",
17031724
},
17041725
],
17051726
},
@@ -1767,6 +1788,7 @@ describe('Task Runner', () => {
17671788
"namespace": undefined,
17681789
"rel": "primary",
17691790
"type": "alert",
1791+
"type_id": "test",
17701792
},
17711793
],
17721794
},
@@ -1834,6 +1856,7 @@ describe('Task Runner', () => {
18341856
"namespace": undefined,
18351857
"rel": "primary",
18361858
"type": "alert",
1859+
"type_id": "test",
18371860
},
18381861
],
18391862
},
@@ -1900,6 +1923,7 @@ describe('Task Runner', () => {
19001923
"namespace": undefined,
19011924
"rel": "primary",
19021925
"type": "alert",
1926+
"type_id": "test",
19031927
},
19041928
],
19051929
},

x-pack/plugins/alerting/server/task_runner/task_runner.ts

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -331,6 +331,7 @@ export class TaskRunner<
331331
alertId,
332332
alertLabel,
333333
namespace,
334+
ruleTypeId: alert.alertTypeId,
334335
});
335336

336337
if (!muteAll) {
@@ -493,6 +494,7 @@ export class TaskRunner<
493494
rel: SAVED_OBJECT_REL_PRIMARY,
494495
type: 'alert',
495496
id: alertId,
497+
type_id: this.alertType.id,
496498
namespace,
497499
},
498500
],
@@ -598,6 +600,7 @@ interface GenerateNewAndRecoveredInstanceEventsParams<
598600
alertId: string;
599601
alertLabel: string;
600602
namespace: string | undefined;
603+
ruleTypeId: string;
601604
}
602605

603606
function generateNewAndRecoveredInstanceEvents<
@@ -611,6 +614,7 @@ function generateNewAndRecoveredInstanceEvents<
611614
currentAlertInstances,
612615
originalAlertInstances,
613616
recoveredAlertInstances,
617+
ruleTypeId,
614618
} = params;
615619
const originalAlertInstanceIds = Object.keys(originalAlertInstances);
616620
const currentAlertInstanceIds = Object.keys(currentAlertInstances);
@@ -664,6 +668,7 @@ function generateNewAndRecoveredInstanceEvents<
664668
rel: SAVED_OBJECT_REL_PRIMARY,
665669
type: 'alert',
666670
id: alertId,
671+
type_id: ruleTypeId,
667672
namespace,
668673
},
669674
],

x-pack/plugins/event_log/generated/mappings.json

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -275,6 +275,10 @@
275275
"type": {
276276
"type": "keyword",
277277
"ignore_above": 1024
278+
},
279+
"type_id": {
280+
"type": "keyword",
281+
"ignore_above": 1024
278282
}
279283
}
280284
}

x-pack/plugins/event_log/generated/schemas.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,7 @@ export const EventSchema = schema.maybe(
116116
namespace: ecsString(),
117117
id: ecsString(),
118118
type: ecsString(),
119+
type_id: ecsString(),
119120
})
120121
)
121122
),

x-pack/plugins/event_log/scripts/mappings.js

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,10 @@ exports.EcsCustomPropertyMappings = {
6060
type: 'keyword',
6161
ignore_above: 1024,
6262
},
63+
type_id: {
64+
type: 'keyword',
65+
ignore_above: 1024,
66+
},
6367
},
6468
},
6569
},

x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/execute.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,7 @@ export default function ({ getService }: FtrProviderContext) {
119119
spaceId: space.id,
120120
connectorId: createdAction.id,
121121
outcome: 'success',
122+
actionTypeId: 'test.index-record',
122123
message: `action executed: test.index-record:${createdAction.id}: My action`,
123124
});
124125
break;
@@ -502,13 +503,14 @@ export default function ({ getService }: FtrProviderContext) {
502503
interface ValidateEventLogParams {
503504
spaceId: string;
504505
connectorId: string;
506+
actionTypeId: string;
505507
outcome: string;
506508
message: string;
507509
errorMessage?: string;
508510
}
509511

510512
async function validateEventLog(params: ValidateEventLogParams): Promise<void> {
511-
const { spaceId, connectorId, outcome, message, errorMessage } = params;
513+
const { spaceId, connectorId, actionTypeId, outcome, message, errorMessage } = params;
512514

513515
const events: IValidatedEvent[] = await retry.try(async () => {
514516
return await getEventLog({
@@ -549,6 +551,7 @@ export default function ({ getService }: FtrProviderContext) {
549551
rel: 'primary',
550552
type: 'action',
551553
id: connectorId,
554+
type_id: actionTypeId,
552555
namespace: spaceId,
553556
},
554557
]);

x-pack/test/alerting_api_integration/security_and_spaces/tests/alerting/alerts.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -214,6 +214,7 @@ instanceStateValue: true
214214
await validateEventLog({
215215
spaceId: space.id,
216216
alertId,
217+
ruleTypeId: 'test.always-firing',
217218
outcome: 'success',
218219
message: `alert executed: test.always-firing:${alertId}: 'abc'`,
219220
});
@@ -1244,13 +1245,14 @@ instanceStateValue: true
12441245
interface ValidateEventLogParams {
12451246
spaceId: string;
12461247
alertId: string;
1248+
ruleTypeId: string;
12471249
outcome: string;
12481250
message: string;
12491251
errorMessage?: string;
12501252
}
12511253

12521254
async function validateEventLog(params: ValidateEventLogParams): Promise<void> {
1253-
const { spaceId, alertId, outcome, message, errorMessage } = params;
1255+
const { spaceId, alertId, ruleTypeId, outcome, message, errorMessage } = params;
12541256

12551257
const events: IValidatedEvent[] = await retry.try(async () => {
12561258
return await getEventLog({
@@ -1291,6 +1293,7 @@ instanceStateValue: true
12911293
type: 'alert',
12921294
id: alertId,
12931295
namespace: spaceId,
1296+
type_id: ruleTypeId,
12941297
},
12951298
]);
12961299

0 commit comments

Comments
 (0)