[EDR Workflows][Fleet] Accurate endpoint count across multiple agent policies #193705
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
szwarckonrad
added
release_note:skip
szwarckonrad
changed the title
|
Pinging @elastic/fleet (Team:Fleet) |
|
Pinging @elastic/security-defend-workflows (Team:Defend Workflows) |
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Async chunks
Unknown metric groupsReferences to deprecated APIs
To update your PR or re-run it, just comment with: |
szwarckonrad
requested review from
tomsonpl
and removed request for
gergoabraham
joeypoon
approved these changes
Sep 23, 2024
tomsonpl
approved these changes
Sep 23, 2024
| @@ -328,7 +328,8 @@ export const getAgentStatusForAgentPolicyHandler: FleetRequestHandler< | |||
| soClient, | |||
| request.query.policyId, | |||
There was a problem hiding this comment.
can we get rid of this one since we have policyIds ?
| @@ -71,8 +82,14 @@ export async function getAgentStatusForAgentPolicy( | |||
| ); | |||
| clauses.push(kueryAsElasticsearchQuery); | |||
| } | |||
|
|
|||
| if (agentPolicyId) { | |||
| // If agentPolicyIds is provided, we filter by those, otherwise we filter by depreciated agentPolicyId | |||
There was a problem hiding this comment.
is there a chance that policy_ids is not provided?
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 24, 2024
…policies (elastic#193705) This PR updates the method for counting endpoint statuses. Previously, we fetched agent status using a single agent policy ID. With this change, we now pass an array of policy IDs, allowing us to include the returned stats for endpoints that share the same integration policy assigned to multiple agent policies.    (cherry picked from commit 9cd2cfa)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Sep 24, 2024
…agent policies (#193705) (#193844) # Backport This will backport the following commits from `main` to `8.x`: - [[EDR Workflows][Fleet] Accurate endpoint count across multiple agent policies (#193705)](#193705) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Konrad Szwarc","email":"konrad.szwarc@elastic.co"},"sourceCommit":{"committedDate":"2024-09-24T10:08:54Z","message":"[EDR Workflows][Fleet] Accurate endpoint count across multiple agent policies (#193705)\n\nThis PR updates the method for counting endpoint statuses. Previously,\r\nwe fetched agent status using a single agent policy ID. With this\r\nchange, we now pass an array of policy IDs, allowing us to include the\r\nreturned stats for endpoints that share the same integration policy\r\nassigned to multiple agent policies.\r\n\r\n\r\n\r\n","sha":"9cd2cfa861713ab4dd8351794e3abfdbc7807ca1","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Defend Workflows","v8.16.0","backport:version"],"title":"[EDR Workflows][Fleet] Accurate endpoint count across multiple agent policies","number":193705,"url":"https://github.com/elastic/kibana/pull/193705","mergeCommit":{"message":"[EDR Workflows][Fleet] Accurate endpoint count across multiple agent policies (#193705)\n\nThis PR updates the method for counting endpoint statuses. Previously,\r\nwe fetched agent status using a single agent policy ID. With this\r\nchange, we now pass an array of policy IDs, allowing us to include the\r\nreturned stats for endpoints that share the same integration policy\r\nassigned to multiple agent policies.\r\n\r\n\r\n\r\n","sha":"9cd2cfa861713ab4dd8351794e3abfdbc7807ca1"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193705","number":193705,"mergeCommit":{"message":"[EDR Workflows][Fleet] Accurate endpoint count across multiple agent policies (#193705)\n\nThis PR updates the method for counting endpoint statuses. Previously,\r\nwe fetched agent status using a single agent policy ID. With this\r\nchange, we now pass an array of policy IDs, allowing us to include the\r\nreturned stats for endpoints that share the same integration policy\r\nassigned to multiple agent policies.\r\n\r\n\r\n\r\n","sha":"9cd2cfa861713ab4dd8351794e3abfdbc7807ca1"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Konrad Szwarc <konrad.szwarc@elastic.co>
This was referenced Sep 27, 2024
szwarckonrad
added a commit
that referenced
this pull request
Sep 27, 2024
https://github.com/user-attachments/assets/2b64c1e0-0e6d-4ef5-952d-e4364b4403c4 The PR #193705 introduced an issue when counting active agents for integration policies with only one agent policy assigned. In such cases, `query.policyIds` was treated as a single string instead of an array of strings (as expected with multiple agent policy ids like `/?policyIds=x&policyIds=y`). This PR resolves the issue by ensuring consistent handling of policyIds, regardless of the number of associated agent policies.
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 27, 2024
…4294) https://github.com/user-attachments/assets/2b64c1e0-0e6d-4ef5-952d-e4364b4403c4 The PR elastic#193705 introduced an issue when counting active agents for integration policies with only one agent policy assigned. In such cases, `query.policyIds` was treated as a single string instead of an array of strings (as expected with multiple agent policy ids like `/?policyIds=x&policyIds=y`). This PR resolves the issue by ensuring consistent handling of policyIds, regardless of the number of associated agent policies. (cherry picked from commit 847285b)
kibanamachine
added a commit
that referenced
this pull request
Sep 27, 2024
) (#194351) # Backport This will backport the following commits from `main` to `8.x`: - [[EDR Workflows] Fix agent count for single agent policies (#194294)](#194294) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Konrad Szwarc","email":"konrad.szwarc@elastic.co"},"sourceCommit":{"committedDate":"2024-09-27T21:22:28Z","message":"[EDR Workflows] Fix agent count for single agent policies (#194294)\n\nhttps://github.com/user-attachments/assets/2b64c1e0-0e6d-4ef5-952d-e4364b4403c4\r\n\r\n\r\n\r\nThe PR #193705 introduced an issue when counting active agents for\r\nintegration policies with only one agent policy assigned. In such cases,\r\n`query.policyIds` was treated as a single string instead of an array of\r\nstrings (as expected with multiple agent policy ids like\r\n`/?policyIds=x&policyIds=y`). This PR resolves the issue by ensuring\r\nconsistent handling of policyIds, regardless of the number of associated\r\nagent policies.","sha":"847285ba7191aa6d26fb3dccc06748e1c4a202b1","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Defend Workflows","v8.16.0","backport:version"],"title":"[EDR Workflows] Fix agent count for single agent policies","number":194294,"url":"https://github.com/elastic/kibana/pull/194294","mergeCommit":{"message":"[EDR Workflows] Fix agent count for single agent policies (#194294)\n\nhttps://github.com/user-attachments/assets/2b64c1e0-0e6d-4ef5-952d-e4364b4403c4\r\n\r\n\r\n\r\nThe PR #193705 introduced an issue when counting active agents for\r\nintegration policies with only one agent policy assigned. In such cases,\r\n`query.policyIds` was treated as a single string instead of an array of\r\nstrings (as expected with multiple agent policy ids like\r\n`/?policyIds=x&policyIds=y`). This PR resolves the issue by ensuring\r\nconsistent handling of policyIds, regardless of the number of associated\r\nagent policies.","sha":"847285ba7191aa6d26fb3dccc06748e1c4a202b1"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194294","number":194294,"mergeCommit":{"message":"[EDR Workflows] Fix agent count for single agent policies (#194294)\n\nhttps://github.com/user-attachments/assets/2b64c1e0-0e6d-4ef5-952d-e4364b4403c4\r\n\r\n\r\n\r\nThe PR #193705 introduced an issue when counting active agents for\r\nintegration policies with only one agent policy assigned. In such cases,\r\n`query.policyIds` was treated as a single string instead of an array of\r\nstrings (as expected with multiple agent policy ids like\r\n`/?policyIds=x&policyIds=y`). This PR resolves the issue by ensuring\r\nconsistent handling of policyIds, regardless of the number of associated\r\nagent policies.","sha":"847285ba7191aa6d26fb3dccc06748e1c4a202b1"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Konrad Szwarc <konrad.szwarc@elastic.co>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR updates the method for counting endpoint statuses. Previously, we fetched agent status using a single agent policy ID. With this change, we now pass an array of policy IDs, allowing us to include the returned stats for endpoints that share the same integration policy assigned to multiple agent policies.