Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SecuritySolution] Entity Engine status tab #201235

Merged
merged 20 commits into from
Nov 29, 2024
Merged
Show file tree
Hide file tree
Changes from 19 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
95 changes: 58 additions & 37 deletions oas_docs/output/kibana.serverless.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7560,42 +7560,6 @@ paths:
tags:
- Security Entity Analytics API
x-beta: true
/api/entity_store/engines/{entityType}/stats:
post:
operationId: GetEntityEngineStats
parameters:
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
schema:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType'
responses:
'200':
content:
application/json; Elastic-Api-Version=2023-10-31:
schema:
type: object
properties:
indexPattern:
$ref: '#/components/schemas/Security_Entity_Analytics_API_IndexPattern'
indices:
items:
type: object
type: array
status:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineStatus'
transforms:
items:
type: object
type: array
type:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType'
description: Successful response
summary: Get Entity Engine stats
tags:
- Security Entity Analytics API
x-beta: true
/api/entity_store/engines/{entityType}/stop:
post:
operationId: StopEntityEngine
Expand Down Expand Up @@ -7749,6 +7713,12 @@ paths:
/api/entity_store/status:
get:
operationId: GetEntityStoreStatus
parameters:
- description: If true returns a detailed status of the engine including all it's components
in: query
name: include_components
machadoum marked this conversation as resolved.
Show resolved Hide resolved
schema:
type: boolean
responses:
'200':
content:
Expand All @@ -7758,10 +7728,20 @@ paths:
properties:
engines:
items:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineDescriptor'
allOf:
- $ref: '#/components/schemas/Security_Entity_Analytics_API_EngineDescriptor'
- type: object
properties:
components:
items:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineComponentStatus'
type: array
type: array
status:
$ref: '#/components/schemas/Security_Entity_Analytics_API_StoreStatus'
required:
- status
- engines
description: Successful response
summary: Get the status of the Entity Store
tags:
Expand Down Expand Up @@ -45755,6 +45735,47 @@ components:
$ref: '#/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel'
required:
- criticality_level
Security_Entity_Analytics_API_EngineComponentResource:
enum:
- entity_engine
- entity_definition
- index
- component_template
- index_template
- ingest_pipeline
- enrich_policy
- task
- transform
type: string
Security_Entity_Analytics_API_EngineComponentStatus:
type: object
properties:
errors:
items:
type: object
properties:
message:
type: string
title:
type: string
type: array
health:
enum:
- green
- yellow
- red
- unknown
type: string
id:
type: string
installed:
type: boolean
resource:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineComponentResource'
required:
- id
- installed
- resource
Security_Entity_Analytics_API_EngineDataviewUpdateResult:
type: object
properties:
Expand Down
94 changes: 58 additions & 36 deletions oas_docs/output/kibana.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10445,41 +10445,6 @@ paths:
summary: Start an Entity Engine
tags:
- Security Entity Analytics API
/api/entity_store/engines/{entityType}/stats:
post:
operationId: GetEntityEngineStats
parameters:
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
schema:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType'
responses:
'200':
content:
application/json; Elastic-Api-Version=2023-10-31:
schema:
type: object
properties:
indexPattern:
$ref: '#/components/schemas/Security_Entity_Analytics_API_IndexPattern'
indices:
items:
type: object
type: array
status:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineStatus'
transforms:
items:
type: object
type: array
type:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType'
description: Successful response
summary: Get Entity Engine stats
tags:
- Security Entity Analytics API
/api/entity_store/engines/{entityType}/stop:
post:
operationId: StopEntityEngine
Expand Down Expand Up @@ -10630,6 +10595,12 @@ paths:
/api/entity_store/status:
get:
operationId: GetEntityStoreStatus
parameters:
- description: If true returns a detailed status of the engine including all it's components
in: query
name: include_components
schema:
type: boolean
responses:
'200':
content:
Expand All @@ -10639,10 +10610,20 @@ paths:
properties:
engines:
items:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineDescriptor'
allOf:
- $ref: '#/components/schemas/Security_Entity_Analytics_API_EngineDescriptor'
- type: object
properties:
components:
items:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineComponentStatus'
type: array
type: array
status:
$ref: '#/components/schemas/Security_Entity_Analytics_API_StoreStatus'
required:
- status
- engines
description: Successful response
summary: Get the status of the Entity Store
tags:
Expand Down Expand Up @@ -53478,6 +53459,47 @@ components:
$ref: '#/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel'
required:
- criticality_level
Security_Entity_Analytics_API_EngineComponentResource:
enum:
- entity_engine
- entity_definition
- index
- component_template
- index_template
- ingest_pipeline
- enrich_policy
- task
- transform
type: string
Security_Entity_Analytics_API_EngineComponentStatus:
type: object
properties:
errors:
items:
type: object
properties:
message:
type: string
title:
type: string
type: array
health:
enum:
- green
- yellow
- red
- unknown
type: string
id:
type: string
installed:
type: boolean
resource:
$ref: '#/components/schemas/Security_Entity_Analytics_API_EngineComponentResource'
required:
- id
- installed
- resource
Security_Entity_Analytics_API_EngineDataviewUpdateResult:
type: object
properties:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,37 @@ export const EngineDescriptor = z.object({
error: z.object({}).optional(),
});

export type EngineComponentResource = z.infer<typeof EngineComponentResource>;
export const EngineComponentResource = z.enum([
'entity_engine',
'entity_definition',
'index',
'component_template',
'index_template',
'ingest_pipeline',
'enrich_policy',
'task',
'transform',
]);
export type EngineComponentResourceEnum = typeof EngineComponentResource.enum;
export const EngineComponentResourceEnum = EngineComponentResource.enum;

export type EngineComponentStatus = z.infer<typeof EngineComponentStatus>;
export const EngineComponentStatus = z.object({
id: z.string(),
installed: z.boolean(),
resource: EngineComponentResource,
health: z.enum(['green', 'yellow', 'red', 'unknown']).optional(),
errors: z
.array(
z.object({
title: z.string().optional(),
message: z.string().optional(),
})
)
.optional(),
});

export type StoreStatus = z.infer<typeof StoreStatus>;
export const StoreStatus = z.enum(['not_installed', 'installing', 'running', 'stopped', 'error']);
export type StoreStatusEnum = typeof StoreStatus.enum;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,49 @@ components:
- updating
- error

EngineComponentStatus:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

too many things called status 😅
Each engine has a status field, then my upcoming PR also has a whole store Status thing. Now this one 🤔
Can we come up with some different nomenclature? I'm thinking just Health for this?

Copy link
Member Author

@machadoum machadoum Nov 28, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm 🤔
This is supposed to be a component-by-component breakdown of the Entity Descriptor status. Inside the components, there is already a health property, which is currently only used by the transform.
The status API also returns it, so I am struggling to find a better name. 😓

type: object
required:
- id
- installed
- resource
properties:
id:
type: string
installed:
type: boolean
resource:
$ref: '#/components/schemas/EngineComponentResource'
health:
type: string
enum:
- green
- yellow
- red
- unknown
errors:
type: array
items:
type: object
properties:
title:
type: string
message:
type: string

EngineComponentResource:
type: string
enum:
- entity_engine
- entity_definition
- index
- component_template
- index_template
- ingest_pipeline
- enrich_policy
- task
- transform

StoreStatus:
type: string
enum:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,7 @@

import { z } from '@kbn/zod';

import { IndexPattern, EngineDescriptor, StoreStatus } from './common.gen';

export type GetEntityStoreStatusResponse = z.infer<typeof GetEntityStoreStatusResponse>;
export const GetEntityStoreStatusResponse = z.object({
status: StoreStatus.optional(),
engines: z.array(EngineDescriptor).optional(),
});
import { IndexPattern, EngineDescriptor } from './common.gen';

export type InitEntityStoreRequestBody = z.infer<typeof InitEntityStoreRequestBody>;
export const InitEntityStoreRequestBody = z.object({
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,24 +41,3 @@ paths:
type: array
items:
$ref: './common.schema.yaml#/components/schemas/EngineDescriptor'

/api/entity_store/status:
get:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: GetEntityStoreStatus
summary: Get the status of the Entity Store
responses:
'200':
description: Successful response
content:
application/json:
schema:
type: object
properties:
status:
$ref: './common.schema.yaml#/components/schemas/StoreStatus'
engines:
type: array
items:
$ref: './common.schema.yaml#/components/schemas/EngineDescriptor'
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,5 @@ export * from './get.gen';
export * from './init.gen';
export * from './list.gen';
export * from './start.gen';
export * from './stats.gen';
export * from './stop.gen';
export * from './apply_dataview_indices.gen';
Loading