Skip to content

Commit e4c5153

Browse files
jonathan-buttnerjonathan-buttner
committed
Adding tests for mapping without entity_id
1 parent 3c3cba4 commit e4c5153

File tree

4 files changed

+3292
-54
lines changed

4 files changed

+3292
-54
lines changed

x-pack/plugins/security_solution/server/endpoint/routes/resolver/entity.ts

Lines changed: 9 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -31,8 +31,8 @@ export function handleEntities(): RequestHandler<unknown, TypeOf<typeof validate
3131
| [
3232
{
3333
_source: {
34-
process: {
35-
entity_id: string;
34+
process?: {
35+
entity_id?: string;
3636
};
3737
};
3838
}
@@ -59,19 +59,6 @@ export function handleEntities(): RequestHandler<unknown, TypeOf<typeof validate
5959
values: _id,
6060
},
6161
},
62-
{
63-
exists: {
64-
// only return documents that have process.entity_id
65-
field: 'process.entity_id',
66-
},
67-
},
68-
{
69-
bool: {
70-
must_not: {
71-
term: { 'process.entity_id': '' },
72-
},
73-
},
74-
},
7562
],
7663
},
7764
},
@@ -80,15 +67,13 @@ export function handleEntities(): RequestHandler<unknown, TypeOf<typeof validate
8067
);
8168

8269
const responseBody: ResolverEntityIndex = [];
83-
for (const {
84-
_source: {
85-
// eslint-disable-next-line @typescript-eslint/naming-convention
86-
process: { entity_id },
87-
},
88-
} of queryResponse.hits.hits) {
89-
responseBody.push({
90-
entity_id,
91-
});
70+
for (const hit of queryResponse.hits.hits) {
71+
// check that the field is defined and that is not an empty string
72+
if (hit._source.process?.entity_id) {
73+
responseBody.push({
74+
entity_id: hit._source.process.entity_id,
75+
});
76+
}
9277
}
9378
return response.ok({ body: responseBody });
9479
};

x-pack/test/functional/es_archives/endpoint/resolver/signals/data.json.gz

3.27 KB
Binary file not shown.

0 commit comments

Comments
 (0)