From cd1fafea15cc61797ead1796e9705bdad3350714 Mon Sep 17 00:00:00 2001 From: Yara Tercero Date: Wed, 30 Oct 2024 10:44:09 -0700 Subject: [PATCH] [Detection Engine][FTRs] Break down long running FTR groups and fix threshold preview bug (#197368) ## Summary This PR breaks down long running FTR groups into smaller chunks that now run in <~15 min. - Addresses https://github.com/elastic/kibana/issues/192109 - There is no existing ticket but rule_execution group tests are taking ~55m to run and will soon be a bottle neck for us. - No edits made to any existing tests. - Purely just a reshuffle of the tests. See https://github.com/elastic/kibana/issues/198209 for details on bug. --- .../ftr_security_serverless_configs.yml | 14 +- .buildkite/ftr_security_stateful_configs.yml | 14 +- .../mki_periodic_detection_engine.yml | 202 +++++++++++++++--- .../mki_quality_gate_detection_engine.yml | 152 ++++++++++++- .../threshold/get_threshold_signal_history.ts | 3 + .../package.json | 94 ++++++-- .../configs/ess.config.ts | 2 +- .../configs/serverless.config.ts | 2 +- .../basic_license_essentials_tier/date.ts | 0 .../basic_license_essentials_tier/index.ts | 13 ++ .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 16 ++ .../basic_license_essentials_tier/double.ts | 0 .../basic_license_essentials_tier/index.ts | 13 ++ .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 16 ++ .../basic_license_essentials_tier/float.ts | 0 .../basic_license_essentials_tier/index.ts | 13 ++ .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 16 ++ .../basic_license_essentials_tier/index.ts | 5 +- .../basic_license_essentials_tier/integer.ts | 0 .../execution_logic => }/README.md | 0 .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 21 ++ .../trial_license_complete_tier}/eql.ts | 2 +- .../eql_alert_suppression.ts | 0 .../eql/trial_license_complete_tier/index.ts | 15 ++ .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 21 ++ .../trial_license_complete_tier}/esql.ts | 0 .../esql_suppression.ts | 0 .../esql/trial_license_complete_tier/index.ts | 15 ++ .../configs/ess.config.ts | 4 +- .../configs/serverless.config.ts | 4 +- .../ignore_fields.ts | 6 +- .../trial_license_complete_tier/index.ts | 5 +- .../keyword_family/README.md | 0 .../keyword_family/const_keyword.ts | 6 +- .../keyword_family/index.ts | 2 +- .../keyword_family/keyword.ts | 6 +- .../keyword_mixed_with_const.ts | 6 +- .../non_ecs_fields.ts | 0 .../trial_license_complete_tier/runtime.ts | 4 +- .../synthetic_source.ts | 0 .../trial_license_complete_tier/timestamps.ts | 8 +- .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 21 ++ .../trial_license_complete_tier/index.ts | 15 ++ .../indicator_match.ts | 0 .../indicator_match_alert_suppression.ts | 0 .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 21 ++ .../trial_license_complete_tier/index.ts | 16 ++ .../machine_learning.ts | 2 +- .../machine_learning_alert_suppression.ts | 0 .../machine_learning_manual_run.ts | 0 .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 21 ++ .../trial_license_complete_tier/index.ts | 15 ++ .../trial_license_complete_tier}/new_terms.ts | 0 .../new_terms_alert_suppression.ts | 0 .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 21 ++ .../custom_query.ts | 0 .../trial_license_complete_tier/index.ts | 15 ++ .../saved_query.ts | 0 .../configs/ess.config.ts | 23 ++ .../configs/serverless.config.ts | 21 ++ .../trial_license_complete_tier/index.ts | 15 ++ .../trial_license_complete_tier}/threshold.ts | 0 .../threshold_alert_suppression.ts | 0 .../execution_logic/index.ts | 30 --- .../execution_logic => }/utils.ts | 0 74 files changed, 1032 insertions(+), 111 deletions(-) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/{date_numeric_types => date_types}/basic_license_essentials_tier/configs/ess.config.ts (84%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/{date_numeric_types => date_types}/basic_license_essentials_tier/configs/serverless.config.ts (79%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/{date_numeric_types => date_types}/basic_license_essentials_tier/date.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/{date_numeric_types => double}/basic_license_essentials_tier/double.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/{date_numeric_types => float}/basic_license_essentials_tier/float.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/{date_numeric_types => integer}/basic_license_essentials_tier/index.ts (67%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/{date_numeric_types => integer}/basic_license_essentials_tier/integer.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => }/README.md (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => eql/trial_license_complete_tier}/eql.ts (99%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => eql/trial_license_complete_tier}/eql_alert_suppression.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => esql/trial_license_complete_tier}/esql.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => esql/trial_license_complete_tier}/esql_suppression.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/configs/ess.config.ts (77%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/configs/serverless.config.ts (76%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/ignore_fields.ts (96%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/index.ts (75%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/keyword_family/README.md (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/keyword_family/const_keyword.ts (96%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/keyword_family/index.ts (88%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/keyword_family/keyword.ts (95%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts (96%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => general_logic/trial_license_complete_tier}/non_ecs_fields.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/runtime.ts (98%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => general_logic/trial_license_complete_tier}/synthetic_source.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{ => general_logic}/trial_license_complete_tier/timestamps.ts (98%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => indicator_match/trial_license_complete_tier}/indicator_match.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => indicator_match/trial_license_complete_tier}/indicator_match_alert_suppression.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => machine_learning/trial_license_complete_tier}/machine_learning.ts (99%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => machine_learning/trial_license_complete_tier}/machine_learning_alert_suppression.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => machine_learning/trial_license_complete_tier}/machine_learning_manual_run.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => new_terms/trial_license_complete_tier}/new_terms.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => new_terms/trial_license_complete_tier}/new_terms_alert_suppression.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => query/trial_license_complete_tier}/custom_query.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => query/trial_license_complete_tier}/saved_query.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => threshold/trial_license_complete_tier}/threshold.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => threshold/trial_license_complete_tier}/threshold_alert_suppression.ts (100%) delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/index.ts rename x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/{trial_license_complete_tier/execution_logic => }/utils.ts (100%) diff --git a/.buildkite/ftr_security_serverless_configs.yml b/.buildkite/ftr_security_serverless_configs.yml index 22d1391034822..cdb66caea4be7 100644 --- a/.buildkite/ftr_security_serverless_configs.yml +++ b/.buildkite/ftr_security_serverless_configs.yml @@ -45,13 +45,23 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts diff --git a/.buildkite/ftr_security_stateful_configs.yml b/.buildkite/ftr_security_stateful_configs.yml index aa37c6f52fb8c..8f780e081b11f 100644 --- a/.buildkite/ftr_security_stateful_configs.yml +++ b/.buildkite/ftr_security_stateful_configs.yml @@ -30,13 +30,23 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/basic_license_essentials_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_gaps/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/ess.config.ts diff --git a/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml b/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml index e25c6dfef0e4b..56b1904925f04 100644 --- a/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml +++ b/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml @@ -1,12 +1,12 @@ steps: - - group: "Cypress MKI - Detection Engine" + - group: 'Cypress MKI - Detection Engine' key: cypress_test_detections_engine steps: - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine - label: "Cypress MKI - Detection Engine" + label: 'Cypress MKI - Detection Engine' key: test_detection_engine env: - BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine" + BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine' agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod @@ -18,10 +18,10 @@ steps: parallelism: 8 - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine:exceptions - label: "Cypress MKI - Detection Engine - Exceptions" + label: 'Cypress MKI - Detection Engine - Exceptions' key: test_detection_engine_exceptions env: - BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine" + BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine' agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod @@ -32,7 +32,7 @@ steps: timeout_in_minutes: 300 parallelism: 6 - - group: "API MKI - Detection Engine - " + - group: 'API MKI - Detection Engine - ' key: api_test_detections_engine steps: - label: Running exception_lists_items:qa:serverless @@ -47,7 +47,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running lists_items:qa:serverless @@ -62,7 +62,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running user_roles:qa:serverless @@ -77,7 +77,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running telemetry:qa:serverless @@ -92,7 +92,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_workflows:essentials:qa:serverless @@ -107,12 +107,12 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running exception_operators_date_numeric_types:essentials:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_date_numeric_types:essentials:qa:serverless - key: exception_operators_date_numeric_types:essentials:qa:serverless + - label: Running exception_operators_date_types:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_date_types:essentials:qa:serverless + key: exception_operators_date_types:essentials:qa:serverless agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod @@ -122,7 +122,52 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' + limit: 2 + + - label: Running exception_operators_double:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_double:essentials:qa:serverless + key: exception_operators_double:essentials:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running exception_operators_float:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_float:essentials:qa:serverless + key: exception_operators_float:essentials:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running exception_operators_integer:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_integer:essentials:qa:serverless + key: exception_operators_integer:essentials:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' limit: 2 - label: Running exception_operators_keyword:essentials:qa:serverless @@ -137,7 +182,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_ips:essentials:qa:serverless @@ -152,7 +197,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_long:essentials:qa:serverless @@ -167,7 +212,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_text:essentials:qa:serverless @@ -182,7 +227,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running actions:qa:serverless @@ -197,7 +242,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running alerts:qa:serverless @@ -212,7 +257,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running alerts:essentials:qa:serverless @@ -227,12 +272,117 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' + limit: 2 + + - label: Running rule_execution_logic:eql:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:eql:qa:serverless + key: rule_execution_logic:eql:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_execution_logic:esql:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:esql:qa:serverless + key: rule_execution_logic:esql:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_execution_logic:general_logic:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:general_logic:qa:serverless + key: rule_execution_logic:general_logic:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_execution_logic:indicator_match:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:indicator_match:qa:serverless + key: rule_execution_logic:indicator_match:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_execution_logic:machine_learning:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:machine_learning:qa:serverless + key: rule_execution_logic:machine_learning:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_execution_logic:new_terms:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:new_terms:qa:serverless + key: rule_execution_logic:new_terms:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_execution_logic:query:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:query:qa:serverless + key: rule_execution_logic:query:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' limit: 2 - - label: Running rule_execution_logic:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:qa:serverless - key: rule_execution_logic:qa:serverless + - label: Running rule_execution_logic:threshold:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:threshold:qa:serverless + key: rule_execution_logic:threshold:qa:serverless agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod @@ -242,5 +392,5 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 diff --git a/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml b/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml index 90c90ae8a3a36..8dd45a3d67306 100644 --- a/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml +++ b/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml @@ -103,9 +103,51 @@ steps: - exit_status: "1" limit: 2 - - label: Running exception_operators_date_numeric_types:essentials:qa:serverless:release - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_date_numeric_types:essentials:qa:serverless:release - key: exception_operators_date_numeric_types:essentials:qa:serverless:release + - label: Running exception_operators_date_types:essentials:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_date_types:essentials:qa:serverless:release + key: exception_operators_date_types:essentials:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + + - label: Running exception_operators_double:essentials:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_double:essentials:qa:serverless:release + key: exception_operators_double:essentials:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + + - label: Running exception_operators_float:essentials:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_float:essentials:qa:serverless:release + key: exception_operators_float:essentials:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + + - label: Running exception_operators_integer:essentials:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_operators_integer:essentials:qa:serverless:release + key: exception_operators_integer:essentials:qa:serverless:release agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod @@ -215,9 +257,107 @@ steps: - exit_status: "1" limit: 2 - - label: Running rule_execution_logic:qa:serverless:release - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:qa:serverless:release - key: rule_execution_logic:qa:serverless:release + - label: Running rule_execution_logic:eql:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:eql:qa:serverless:release + key: rule_execution_logic:eql:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + +- label: Running rule_execution_logic:esql:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:esql:qa:serverless:release + key: rule_execution_logic:esql:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + +- label: Running rule_execution_logic:general_logic:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:general_logic:qa:serverless:release + key: rule_execution_logic:general_logic:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + +- label: Running rule_execution_logic:indicator_match:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:indicator_match:qa:serverless:release + key: rule_execution_logic:indicator_match:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + +- label: Running rule_execution_logic:machine_learning:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:machine_learning:qa:serverless:release + key: rule_execution_logic:machine_learning:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + +- label: Running rule_execution_logic:new_terms:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:new_terms:qa:serverless:release + key: rule_execution_logic:new_terms:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + +- label: Running rule_execution_logic:query:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:query:qa:serverless:release + key: rule_execution_logic:query:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: "1" + limit: 2 + +- label: Running rule_execution_logic:threshold:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:threshold:qa:serverless:release + key: rule_execution_logic:threshold:qa:serverless:release agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/threshold/get_threshold_signal_history.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/threshold/get_threshold_signal_history.ts index 018d63c345e3a..e82e33c9e6e95 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/threshold/get_threshold_signal_history.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/threshold/get_threshold_signal_history.ts @@ -46,6 +46,9 @@ export const getThresholdSignalHistory = async ({ const response = await esClient.search({ ...request, index: indexPattern, + // If alerts index is not yet created, + // do not throw a 404 + ignore_unavailable: true, }); return { signalHistory: buildThresholdSignalHistory({ alerts: response.hits.hits }), diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/test/security_solution_api_integration/package.json index 18c4eba5fe79f..57342fdc264c6 100644 --- a/x-pack/test/security_solution_api_integration/package.json +++ b/x-pack/test/security_solution_api_integration/package.json @@ -171,12 +171,33 @@ "exception_workflows:basic:server:ess": "npm run initialize-server:de:basic_essentials exceptions/workflows ess", "exception_workflows:basic:runner:ess": "npm run run-tests:de:basic_essentials exceptions/workflows ess essEnv", - "exception_operators_date_numeric_types:essentials:server:serverless": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/date_numeric_types serverless", - "exception_operators_date_numeric_types:essentials:runner:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_numeric_types serverless serverlessEnv", - "exception_operators_date_numeric_types:essentials:qa:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_numeric_types serverless qaPeriodicEnv", - "exception_operators_date_numeric_types:essentials:qa:serverless:release": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_numeric_types serverless qaEnv", - "exception_operators_date_numeric_types:basic:server:ess": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/date_numeric_types ess", - "exception_operators_date_numeric_types:basic:runner:ess": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_numeric_types ess essEnv", + "exception_operators_date_types:essentials:server:serverless": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/date_types serverless", + "exception_operators_date_types:essentials:runner:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_types serverless serverlessEnv", + "exception_operators_date_types:essentials:qa:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_types serverless qaPeriodicEnv", + "exception_operators_date_types:essentials:qa:serverless:release": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_types serverless qaEnv", + "exception_operators_date_types:basic:server:ess": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/date_types ess", + "exception_operators_date_types:basic:runner:ess": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/date_types ess essEnv", + + "exception_operators_double:essentials:server:serverless": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/double serverless", + "exception_operators_double:essentials:runner:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/double serverless serverlessEnv", + "exception_operators_double:essentials:qa:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/double serverless qaPeriodicEnv", + "exception_operators_double:essentials:qa:serverless:release": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/double serverless qaEnv", + "exception_operators_double:basic:server:ess": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/double ess", + "exception_operators_double:basic:runner:ess": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/double ess essEnv", + + "exception_operators_float:essentials:server:serverless": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/float serverless", + "exception_operators_float:essentials:runner:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/float serverless serverlessEnv", + "exception_operators_float:essentials:qa:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/float serverless qaPeriodicEnv", + "exception_operators_float:essentials:qa:serverless:release": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/float serverless qaEnv", + "exception_operators_float:basic:server:ess": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/float ess", + "exception_operators_float:basic:runner:ess": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/float ess essEnv", + + "exception_operators_integer:essentials:server:serverless": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/integer serverless", + "exception_operators_integer:essentials:runner:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/integer serverless serverlessEnv", + "exception_operators_integer:essentials:qa:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/integer serverless qaPeriodicEnv", + "exception_operators_integer:essentials:qa:serverless:release": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/integer serverless qaEnv", + "exception_operators_integer:basic:server:ess": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/integer ess", + "exception_operators_integer:basic:runner:ess": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/integer ess essEnv", "exception_operators_keyword:essentials:server:serverless": "npm run initialize-server:de:basic_essentials exceptions/operators_data_types/keyword serverless", "exception_operators_keyword:essentials:runner:serverless": "npm run run-tests:de:basic_essentials exceptions/operators_data_types/keyword serverless serverlessEnv", @@ -227,12 +248,61 @@ "alerts:basic:server:ess": "npm run initialize-server:de:basic_essentials alerts ess", "alerts:basic:runner:ess": "npm run run-tests:de:basic_essentials alerts ess essEnv", - "rule_execution_logic:server:serverless": "npm run initialize-server:de rule_execution_logic serverless", - "rule_execution_logic:runner:serverless": "npm run run-tests:de rule_execution_logic serverless serverlessEnv", - "rule_execution_logic:qa:serverless": "npm run run-tests:de rule_execution_logic serverless qaPeriodicEnv", - "rule_execution_logic:qa:serverless:release": "npm run run-tests:de rule_execution_logic serverless qaEnv", - "rule_execution_logic:server:ess": "npm run initialize-server:de rule_execution_logic ess", - "rule_execution_logic:runner:ess": "npm run run-tests:de rule_execution_logic ess essEnv", + "rule_execution_logic:eql:server:serverless": "npm run initialize-server:de rule_execution_logic/eql serverless", + "rule_execution_logic:eql:runner:serverless": "npm run run-tests:de rule_execution_logic/eql serverless serverlessEnv", + "rule_execution_logic:eql:qa:serverless": "npm run run-tests:de rule_execution_logic/eql serverless qaPeriodicEnv", + "rule_execution_logic:eql:qa:serverless:release": "npm run run-tests:de rule_execution_logic/eql serverless qaEnv", + "rule_execution_logic:eql:server:ess": "npm run initialize-server:de rule_execution_logic/eql ess", + "rule_execution_logic:eql:runner:ess": "npm run run-tests:de rule_execution_logic/eql ess essEnv", + + "rule_execution_logic:esql:server:serverless": "npm run initialize-server:de rule_execution_logic/esql serverless", + "rule_execution_logic:esql:runner:serverless": "npm run run-tests:de rule_execution_logic/esql serverless serverlessEnv", + "rule_execution_logic:esql:qa:serverless": "npm run run-tests:de rule_execution_logic/esql serverless qaPeriodicEnv", + "rule_execution_logic:esql:qa:serverless:release": "npm run run-tests:de rule_execution_logic/esql serverless qaEnv", + "rule_execution_logic:esql:server:ess": "npm run initialize-server:de rule_execution_logic/esql ess", + "rule_execution_logic:esql:runner:ess": "npm run run-tests:de rule_execution_logic/esql ess essEnv", + + "rule_execution_logic:general_logic:server:serverless": "npm run initialize-server:de rule_execution_logic/general_logic serverless", + "rule_execution_logic:general_logic:runner:serverless": "npm run run-tests:de rule_execution_logic/general_logic serverless serverlessEnv", + "rule_execution_logic:general_logic:qa:serverless": "npm run run-tests:de rule_execution_logic/general_logic serverless qaPeriodicEnv", + "rule_execution_logic:general_logic:qa:serverless:release": "npm run run-tests:de rule_execution_logic/general_logic serverless qaEnv", + "rule_execution_logic:general_logic:server:ess": "npm run initialize-server:de rule_execution_logic/general_logic ess", + "rule_execution_logic:general_logic:runner:ess": "npm run run-tests:de rule_execution_logic/general_logic ess essEnv", + + "rule_execution_logic:indicator_match:server:serverless": "npm run initialize-server:de rule_execution_logic/indicator_match serverless", + "rule_execution_logic:indicator_match:runner:serverless": "npm run run-tests:de rule_execution_logic/indicator_match serverless serverlessEnv", + "rule_execution_logic:indicator_match:qa:serverless": "npm run run-tests:de rule_execution_logic/indicator_match serverless qaPeriodicEnv", + "rule_execution_logic:indicator_match:qa:serverless:release": "npm run run-tests:de rule_execution_logic/indicator_match serverless qaEnv", + "rule_execution_logic:indicator_match:server:ess": "npm run initialize-server:de rule_execution_logic/indicator_match ess", + "rule_execution_logic:indicator_match:runner:ess": "npm run run-tests:de rule_execution_logic/indicator_match ess essEnv", + + "rule_execution_logic:machine_learning:server:serverless": "npm run initialize-server:de rule_execution_logic/machine_learning serverless", + "rule_execution_logic:machine_learning:runner:serverless": "npm run run-tests:de rule_execution_logic/machine_learning serverless serverlessEnv", + "rule_execution_logic:machine_learning:qa:serverless": "npm run run-tests:de rule_execution_logic/machine_learning serverless qaPeriodicEnv", + "rule_execution_logic:machine_learning:qa:serverless:release": "npm run run-tests:de rule_execution_logic/machine_learning serverless qaEnv", + "rule_execution_logic:machine_learning:server:ess": "npm run initialize-server:de rule_execution_logic/machine_learning ess", + "rule_execution_logic:machine_learning:runner:ess": "npm run run-tests:de rule_execution_logic/machine_learning ess essEnv", + + "rule_execution_logic:new_terms:server:serverless": "npm run initialize-server:de rule_execution_logic/new_terms serverless", + "rule_execution_logic:new_terms:runner:serverless": "npm run run-tests:de rule_execution_logic/new_terms serverless serverlessEnv", + "rule_execution_logic:new_terms:qa:serverless": "npm run run-tests:de rule_execution_logic/new_terms serverless qaPeriodicEnv", + "rule_execution_logic:new_terms:qa:serverless:release": "npm run run-tests:de rule_execution_logic/new_terms serverless qaEnv", + "rule_execution_logic:new_terms:server:ess": "npm run initialize-server:de rule_execution_logic/new_terms ess", + "rule_execution_logic:new_terms:runner:ess": "npm run run-tests:de rule_execution_logic/new_terms ess essEnv", + + "rule_execution_logic:query:server:serverless": "npm run initialize-server:de rule_execution_logic/query serverless", + "rule_execution_logic:query:runner:serverless": "npm run run-tests:de rule_execution_logic/query serverless serverlessEnv", + "rule_execution_logic:query:qa:serverless": "npm run run-tests:de rule_execution_logic/query serverless qaPeriodicEnv", + "rule_execution_logic:query:qa:serverless:release": "npm run run-tests:de rule_execution_logic/query serverless qaEnv", + "rule_execution_logic:query:server:ess": "npm run initialize-server:de rule_execution_logic/query ess", + "rule_execution_logic:query:runner:ess": "npm run run-tests:de rule_execution_logic/query ess essEnv", + + "rule_execution_logic:threshold:server:serverless": "npm run initialize-server:de rule_execution_logic/threshold serverless", + "rule_execution_logic:threshold:runner:serverless": "npm run run-tests:de rule_execution_logic/threshold serverless serverlessEnv", + "rule_execution_logic:threshold:qa:serverless": "npm run run-tests:de rule_execution_logic/threshold serverless qaPeriodicEnv", + "rule_execution_logic:threshold:qa:serverless:release": "npm run run-tests:de rule_execution_logic/threshold serverless qaEnv", + "rule_execution_logic:threshold:server:ess": "npm run initialize-server:de rule_execution_logic/threshold ess", + "rule_execution_logic:threshold:runner:ess": "npm run run-tests:de rule_execution_logic/threshold ess essEnv", "rule_gaps:server:serverless": "npm run initialize-server:de rule_gaps serverless", "rule_gaps:runner:serverless": "npm run run-tests:de rule_gaps serverless serverlessEnv", diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts similarity index 84% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/ess.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts index e8856e50b064a..f0e57dfa94669 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/ess.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/ess.config.ts @@ -17,7 +17,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { testFiles: [require.resolve('..')], junit: { reportName: - 'Detection Engine - Exception Operators Date & Numeric Types Integration Tests - ESS Env - Basic License', + 'Detection Engine - Exception Operators Date Types Integration Tests - ESS Env - Basic License', }, }; } diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts similarity index 79% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/serverless.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts index 1098fc2b5c0fd..a97dec6dc1129 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/configs/serverless.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/configs/serverless.config.ts @@ -11,6 +11,6 @@ export default createTestConfig({ testFiles: [require.resolve('..')], junit: { reportName: - 'Detection Engine - Exception Operators Date & Numeric Types Integration Tests - Serverless Env - Essentials Tier', + 'Detection Engine - Exception Operators Date Types Integration Tests - Serverless Env - Essentials Tier', }, }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/date.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/date.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/date.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/date.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..dffcf0acfb236 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_types/basic_license_essentials_tier/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; + +export default ({ loadTestFile }: FtrProviderContext): void => { + describe('Detection Engine - Exceptions data types', function () { + loadTestFile(require.resolve('./date')); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..307a12ea51e4a --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception Operators Double Types Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..5984f3a9ccb43 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception Operators Double Types Integration Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/double.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/double.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/double.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/double.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..19c671d52cf93 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/double/basic_license_essentials_tier/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; + +export default ({ loadTestFile }: FtrProviderContext): void => { + describe('Detection Engine - Exceptions double types', function () { + loadTestFile(require.resolve('./double')); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..bfbff1e98372a --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception Operators Float Types Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..b9c953ff672b4 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception Operators Float Types Integration Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/float.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/float.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/float.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/float.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..3c2c57d7badda --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/float/basic_license_essentials_tier/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; + +export default ({ loadTestFile }: FtrProviderContext): void => { + describe('Detection Engine - Exceptions float types', function () { + loadTestFile(require.resolve('./float')); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..a22df8d2e2b92 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception Operators Integer Types Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..6946ae50d1ad5 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception Operators Integer Types Integration Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts similarity index 67% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/index.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts index cc98da2a1c89f..deaae6c929e6b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/index.ts @@ -7,10 +7,7 @@ import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ loadTestFile }: FtrProviderContext): void => { - describe('Detection Engine - Exceptions data and numeric types', function () { - loadTestFile(require.resolve('./date')); - loadTestFile(require.resolve('./double')); - loadTestFile(require.resolve('./float')); + describe('Detection Engine - Exceptions integer types', function () { loadTestFile(require.resolve('./integer')); }); }; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/integer.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/integer.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/basic_license_essentials_tier/integer.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/integer/basic_license_essentials_tier/integer.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/README.md b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/README.md similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/README.md rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/README.md diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..5b269e975de3c --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - EQL Rule Execution Logic Integration Tests - ESS Env - Trial License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..c36cf13538864 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/configs/serverless.config.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - EQL Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + }, + kbnTestServerArgs: [ + `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ + 'testing_ignored.constant', + '/testing_regex*/', + ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" + ], +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts similarity index 99% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts index 9515924213ce6..1934982779a98 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql.ts @@ -55,7 +55,7 @@ import { } from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; -import { getMetricsRequest, getMetricsWithRetry } from './utils'; +import { getMetricsRequest, getMetricsWithRetry } from '../../utils'; /** * Specific AGENT_ID to use for some of the tests. If the archiver changes and you see errors diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql_alert_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql_alert_suppression.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/eql_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts new file mode 100644 index 0000000000000..6f88e7de619df --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/eql/trial_license_complete_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('EQL execution logic API', function () { + loadTestFile(require.resolve('./eql')); + loadTestFile(require.resolve('./eql_alert_suppression')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..6ef7f80905053 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - ESQL Rule Execution Logic Integration Tests - ESS Env - Trial License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..d9e6bc0b29e9f --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/configs/serverless.config.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - ESQL Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + }, + kbnTestServerArgs: [ + `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ + 'testing_ignored.constant', + '/testing_regex*/', + ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" + ], +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql_suppression.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/esql_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts new file mode 100644 index 0000000000000..ea982bbb1b89b --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/esql/trial_license_complete_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('ESQL execution logic API', function () { + loadTestFile(require.resolve('./esql')); + loadTestFile(require.resolve('./esql_suppression')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts similarity index 77% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/ess.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts index 58c11b8487baf..d3b51922c3793 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/ess.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/ess.config.ts @@ -9,7 +9,7 @@ import { FtrConfigProviderContext } from '@kbn/test'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const functionalConfig = await readConfigFile( - require.resolve('../../../../../../config/ess/config.base.trial') + require.resolve('../../../../../../../config/ess/config.base.trial') ); return { @@ -17,7 +17,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { testFiles: [require.resolve('..')], junit: { reportName: - 'Detection Engine - Rule Execution Logic Integration Tests - ESS Env - Trial License', + 'Detection Engine - General Execution Logic Integration Tests - ESS Env - Trial License', }, }; } diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts similarity index 76% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/serverless.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts index 137ee1f67b9b3..db3ad04b3d1b9 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/configs/serverless.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/configs/serverless.config.ts @@ -4,13 +4,13 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { createTestConfig } from '../../../../../../config/serverless/config.base'; +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; export default createTestConfig({ testFiles: [require.resolve('..')], junit: { reportName: - 'Detection Engine - Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + 'Detection Engine - General Execution Logic Integration Tests - Serverless Env - Complete Tier', }, kbnTestServerArgs: [ `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/ignore_fields.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/ignore_fields.ts similarity index 96% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/ignore_fields.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/ignore_fields.ts index 205570fdd96c3..76c44b438db90 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/ignore_fields.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/ignore_fields.ts @@ -7,7 +7,6 @@ import expect from '@kbn/expect'; -import { getEqlRuleForAlertTesting } from '../../../utils'; import { createRule, createAlertsIndex, @@ -16,7 +15,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../../common/utils/security_solution'; +} from '../../../../../../../common/utils/security_solution'; interface Ignore { normal_constant?: string; @@ -25,7 +24,8 @@ interface Ignore { testing_regex?: string; } -import { FtrProviderContext } from '../../../../../ftr_provider_context'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { getEqlRuleForAlertTesting } from '../../../../utils'; export default ({ getService }: FtrProviderContext): void => { /** * See the config file (config.ts) for which field values were added to be ignored diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts similarity index 75% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/index.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts index 226d02c070dea..57f89502f40da 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/index.ts @@ -5,14 +5,15 @@ * 2.0. */ -import { FtrProviderContext } from '../../../../../ftr_provider_context'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; export default function ({ loadTestFile }: FtrProviderContext) { describe('Rule execution logic API', function () { loadTestFile(require.resolve('./keyword_family')); loadTestFile(require.resolve('./ignore_fields')); loadTestFile(require.resolve('./runtime')); - loadTestFile(require.resolve('./execution_logic')); + loadTestFile(require.resolve('./non_ecs_fields')); + loadTestFile(require.resolve('./synthetic_source')); loadTestFile(require.resolve('./timestamps')); }); } diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/README.md b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/README.md similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/README.md rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/README.md diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/const_keyword.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/const_keyword.ts similarity index 96% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/const_keyword.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/const_keyword.ts index 79b118b3b3d94..7ad48747e4e7e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/const_keyword.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/const_keyword.ts @@ -13,7 +13,7 @@ import { } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_THRESHOLD_RESULT } from '@kbn/security-solution-plugin/common/field_maps/field_names'; -import { getEqlRuleForAlertTesting, getThresholdRuleForAlertTesting } from '../../../../utils'; +import { getEqlRuleForAlertTesting, getThresholdRuleForAlertTesting } from '../../../../../utils'; import { createRule, createAlertsIndex, @@ -23,8 +23,8 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../../../common/utils/security_solution'; -import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +} from '../../../../../../../../common/utils/security_solution'; +import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/index.ts similarity index 88% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/index.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/index.ts index fda4ef53c990f..20b32789e2abf 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/index.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ loadTestFile }: FtrProviderContext): void => { describe('Detection Engine - Execution Logic - keyword family data types', function () { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/keyword.ts similarity index 95% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/keyword.ts index 1be8274079663..a7c805b064729 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/keyword.ts @@ -14,7 +14,7 @@ import { ThresholdRuleCreateProps, } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_THRESHOLD_RESULT } from '@kbn/security-solution-plugin/common/field_maps/field_names'; -import { getEqlRuleForAlertTesting, getThresholdRuleForAlertTesting } from '../../../../utils'; +import { getEqlRuleForAlertTesting, getThresholdRuleForAlertTesting } from '../../../../../utils'; import { createRule, createAlertsIndex, @@ -24,8 +24,8 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../../../common/utils/security_solution'; -import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +} from '../../../../../../../../common/utils/security_solution'; +import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts similarity index 96% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts index 9d63a84a1cbe5..b0bc2f32d3361 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts @@ -13,7 +13,7 @@ import { } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_THRESHOLD_RESULT } from '@kbn/security-solution-plugin/common/field_maps/field_names'; -import { getEqlRuleForAlertTesting } from '../../../../utils'; +import { getEqlRuleForAlertTesting } from '../../../../../utils'; import { createRule, createAlertsIndex, @@ -23,8 +23,8 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../../../common/utils/security_solution'; -import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +} from '../../../../../../../../common/utils/security_solution'; +import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/non_ecs_fields.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/non_ecs_fields.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/non_ecs_fields.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/non_ecs_fields.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/runtime.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/runtime.ts similarity index 98% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/runtime.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/runtime.ts index 439f876921da1..1f16dbad37ec4 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/runtime.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/runtime.ts @@ -17,8 +17,8 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../../common/utils/security_solution'; -import { FtrProviderContext } from '../../../../../ftr_provider_context'; +} from '../../../../../../../common/utils/security_solution'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/synthetic_source.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/synthetic_source.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/synthetic_source.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/synthetic_source.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/timestamps.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/timestamps.ts similarity index 98% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/timestamps.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/timestamps.ts index 8f6c6f4aa114e..cb2ba34a67c45 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/timestamps.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/general_logic/trial_license_complete_tier/timestamps.ts @@ -14,7 +14,7 @@ import { } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_maps/field_names'; -import { getAlerts, getEqlRuleForAlertTesting } from '../../../utils'; +import { getAlerts, getEqlRuleForAlertTesting } from '../../../../utils'; import { createAlertsIndex, deleteAllRules, @@ -25,9 +25,9 @@ import { getRuleForAlertTesting, getAlertsByIds, waitForRulePartialFailure, -} from '../../../../../../common/utils/security_solution'; -import { FtrProviderContext } from '../../../../../ftr_provider_context'; -import { EsArchivePathBuilder } from '../../../../../es_archive_path_builder'; +} from '../../../../../../../common/utils/security_solution'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..25691e737539e --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - IM Rule Execution Logic Integration Tests - ESS Env - Trial License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..23254150cb358 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/configs/serverless.config.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - IM Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + }, + kbnTestServerArgs: [ + `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ + 'testing_ignored.constant', + '/testing_regex*/', + ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" + ], +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts new file mode 100644 index 0000000000000..de90422e133ed --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Indicator match execution logic API', function () { + loadTestFile(require.resolve('./indicator_match')); + loadTestFile(require.resolve('./indicator_match_alert_suppression')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/indicator_match.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/indicator_match.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/indicator_match_alert_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/indicator_match_alert_suppression.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/indicator_match/trial_license_complete_tier/indicator_match_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..4ca415a2bbc6f --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Machine Learning Rule Execution Logic Integration Tests - ESS Env - Trial License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..e1f34ed8d8350 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/configs/serverless.config.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Machine Learning Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + }, + kbnTestServerArgs: [ + `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ + 'testing_ignored.constant', + '/testing_regex*/', + ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" + ], +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts new file mode 100644 index 0000000000000..6c43d5c6b912b --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/index.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Machine learning rule execution logic API', function () { + loadTestFile(require.resolve('./machine_learning')); + loadTestFile(require.resolve('./machine_learning_alert_suppression')); + loadTestFile(require.resolve('./machine_learning_manual_run')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts similarity index 99% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts index 2edd2ba9a8cbc..b27846745b011 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning.ts @@ -53,7 +53,7 @@ import { } from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; -import { getMetricsRequest, getMetricsWithRetry } from './utils'; +import { getMetricsRequest, getMetricsWithRetry } from '../../utils'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning_alert_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning_alert_suppression.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning_manual_run.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_manual_run.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning_manual_run.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/machine_learning/trial_license_complete_tier/machine_learning_manual_run.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..0d177d25794a8 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - New Terms Rule Execution Logic Integration Tests - ESS Env - Trial License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..28b07879e767d --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/configs/serverless.config.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - New Terms Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + }, + kbnTestServerArgs: [ + `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ + 'testing_ignored.constant', + '/testing_regex*/', + ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" + ], +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts new file mode 100644 index 0000000000000..9484d4825e816 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('New terms rule execution logic API', function () { + loadTestFile(require.resolve('./new_terms')); + loadTestFile(require.resolve('./new_terms_alert_suppression')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms_alert_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms_alert_suppression.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/new_terms/trial_license_complete_tier/new_terms_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..f01d372ef1880 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Query Rule Execution Logic Integration Tests - ESS Env - Trial License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..10f90ea8e774e --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/configs/serverless.config.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Query Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + }, + kbnTestServerArgs: [ + `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ + 'testing_ignored.constant', + '/testing_regex*/', + ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" + ], +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/custom_query.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/custom_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/custom_query.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/custom_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts new file mode 100644 index 0000000000000..69b8784f7bd80 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Query rule execution logic API', function () { + loadTestFile(require.resolve('./custom_query')); + loadTestFile(require.resolve('./saved_query')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/saved_query.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/saved_query.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/saved_query.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/query/trial_license_complete_tier/saved_query.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..ebdfd943fd8d0 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/ess.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Threshold Rule Execution Logic Integration Tests - ESS Env - Trial License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..50b6e05fdfe83 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/configs/serverless.config.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { createTestConfig } from '../../../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Threshold Rule Execution Logic Integration Tests - Serverless Env - Complete Tier', + }, + kbnTestServerArgs: [ + `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ + 'testing_ignored.constant', + '/testing_regex*/', + ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" + ], +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts new file mode 100644 index 0000000000000..1c1a434f8069e --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Threshold rule execution logic API', function () { + loadTestFile(require.resolve('./threshold')); + loadTestFile(require.resolve('./threshold_alert_suppression')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold_alert_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold_alert_suppression.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold_alert_suppression.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/threshold/trial_license_complete_tier/threshold_alert_suppression.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/index.ts deleted file mode 100644 index ffb728e23d31b..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/index.ts +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../../../../ftr_provider_context'; - -export default ({ loadTestFile }: FtrProviderContext): void => { - describe('Detection Engine - Execution logic', function () { - loadTestFile(require.resolve('./eql')); - loadTestFile(require.resolve('./eql_alert_suppression')); - loadTestFile(require.resolve('./esql')); - loadTestFile(require.resolve('./esql_suppression')); - loadTestFile(require.resolve('./machine_learning')); - loadTestFile(require.resolve('./machine_learning_alert_suppression')); - loadTestFile(require.resolve('./machine_learning_manual_run')); - loadTestFile(require.resolve('./new_terms')); - loadTestFile(require.resolve('./new_terms_alert_suppression')); - loadTestFile(require.resolve('./saved_query')); - loadTestFile(require.resolve('./indicator_match')); - loadTestFile(require.resolve('./indicator_match_alert_suppression')); - loadTestFile(require.resolve('./threshold')); - loadTestFile(require.resolve('./threshold_alert_suppression')); - loadTestFile(require.resolve('./synthetic_source')); - loadTestFile(require.resolve('./non_ecs_fields')); - loadTestFile(require.resolve('./custom_query')); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/utils.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/utils.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/utils.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/utils.ts