TEMP COMMIT. REBASE ME

elastic · May 4, 2021 · 6269a30 · 6269a30
1 parent 227f73f
commit 6269a30
Showing 1 changed file with 33 additions and 32 deletions.
diff --git a/x-pack/plugins/rule_registry/server/event_log/new_apis_playground.ts b/x-pack/plugins/rule_registry/server/event_log/new_apis_playground.ts
@@ -5,7 +5,9 @@
  * 2.0.
  */
 
+import { KibanaRequest } from 'kibana/server';
 import { Schema } from './event_schema';
+import { EventLogDefinition } from './log';
 import { IEventLogService } from './log/public_api';
 
 // -------------------------------------------------------------------------------------------------
@@ -38,58 +40,58 @@ const ALERTS_LOG = 'detection-alerts';
 const EXECUTION_LOG = 'detection-rule-execution';
 
 const service: IEventLogService = {} as IEventLogService;
+const httpRequest: KibanaRequest = {} as KibanaRequest;
 
 async function registerOneLog() {
-  const eventSchema = Schema.getBase();
-  const provider = service.registerLog({
-    name: SECURITY_LOG,
-    schema: eventSchema,
+  const logDefinition = new EventLogDefinition({
+    name: 'security',
+    schema: Schema.extendBase({
+      'kibana.rac.security.foo': { type: 'long' },
+    }),
   });
 
-  const schema = provider.getEventSchema();
-  const log = await provider.getLog();
+  const logResolver = service.getScopedResolver(httpRequest);
+  const logProvider = logResolver.resolve(logDefinition);
+
+  const schema = logProvider.getEventSchema();
+  const indexSpec = logProvider.getIndexSpec();
+  const log = await logProvider.getLog();
 }
 
 async function registerHierarchyOfLogs() {
-  const securitySchema = Schema.extendBase({
-    'kibana.rac.security.foo': { type: 'long' },
-  });
-
-  const securityLogProvider = service.registerLog({
-    name: SECURITY_LOG,
-    schema: securitySchema,
+  const securityDefinition = new EventLogDefinition({
+    name: 'security',
+    schema: Schema.extendBase({
+      'kibana.rac.security.foo': { type: 'long' },
+    } as const),
   });
 
-  const alertsLogProvider = securityLogProvider.registerLog({
-    name: ALERTS_LOG,
+  const alertsDefinition = securityDefinition.defineChild({
+    name: 'alerts',
     schema: Schema.create({
+      'signal.rule.name': { type: 'text' },
       'kibana.rac.alert.bar': { type: 'keyword' },
     } as const),
   });
 
-  const executionLogProvider = securityLogProvider.registerLog({
-    name: EXECUTION_LOG,
+  const executionEventsDefinition = securityDefinition.defineChild({
+    name: 'execlog',
     schema: Schema.create({
-      'kibana.rac.security.rule_execution.baz': { type: 'boolean' },
+      'kibana.rule.execution.status': { type: 'keyword' },
+      'kibana.rule.execution.status_severity': { type: 'short' },
     } as const),
   });
 
-  const parentSecuritySchema = securityLogProvider.getEventSchema();
-  const alertsSchema = alertsLogProvider.getEventSchema();
-  const executionSchema = executionLogProvider.getEventSchema();
+  const logResolver = service.getScopedResolver(httpRequest);
+
+  const alertsLogProvider = logResolver.resolve(alertsDefinition);
+  const executionLogProvider = logResolver.resolve(executionEventsDefinition);
 
-  const parentSecurityLog = await securityLogProvider.getLog();
   const alertsLog = await alertsLogProvider.getLog();
   const executionLog = await executionLogProvider.getLog();
 
   return {
-    parentSecuritySchema,
-    parentSecurityLog,
-
-    alertsSchema,
     alertsLog,
-
-    executionSchema,
     executionLog,
   };
 }
@@ -114,7 +116,7 @@ async function simpleLoggers() {
 
   executionLogger.logEvent({
     '@timestamp': 'now',
-    'kibana.rac.security.rule_execution.baz': true,
+    'kibana.rule.execution.status': 'warning',
   });
 }
 
@@ -128,13 +130,12 @@ async function hierarchicalLoggers() {
 
   // Logger that can be used by a rule registry within its rule execution logic
   const ruleRegistryLogger = template.getLogger('rule-registry', {
-    'kibana.rac.security.rule_execution.baz': false,
+    'kibana.rule.execution.status': 'warning',
   });
 
   // Logger that can be injected as a dependency to the executor function
   // of a specific rule instance
   const ruleInstanceLogger = template.getLogger('rule-instance', {
-    'kibana.rac.security.rule_execution.baz': true,
     'rule.uuid': '1231234sdfgdf4565675sdv',
     'rule.name': 'My rule',
   });
@@ -154,7 +155,7 @@ async function simpleSearch() {
     .getEvents()
     .filterByLogger('rule-instance')
     .filterByFields({
-      'kibana.rac.security.rule_execution.baz': true,
+      'kibana.rule.execution.status': 'warning',
       'rule.uuid': '1231234sdfgdf4565675sdv',
     })
     .filterByKql('rule.uuid: 1231234sdfgdf4565675sdv')