Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Detections] Performance enhancement for readRules function #76398

Closed

Conversation

dhurley14
Copy link
Contributor

@dhurley14 dhurley14 commented Sep 1, 2020

Summary

UPDATE: splitting these changes into two PR's. The second bug reported below is only a problem in 7.10.0 which has not been released yet. I will separate out the validation bug from the changes to readRules so as to not touch too many things at once since we need the validation bug backported to 7.9.2.

Fixes two bugs.

  1. io-ts validation on the rule import file object was creating performance issues. We replace this validation with kbn schema.any() since the validation on the rules occurs later in the route handler. This is now fixed in [Security Solution] [Detections] Remove file validation on import route #77770

  2. The second bug was related to performance issues discovered in the find api from the alerts client (https://github.com/elastic/security-team/issues/190, KQL expression parsing is slow #76811). The suggested resolution was to pass in many ruleIds into the alerts client find api to create a kind of "bulk find". This implements that suggestion and creates the necessary changes to the other routes that utilize the readRules function (which uses find under-the-hood.) Without this change I couldn't even run the functional test where we create 1000 rules, as Elasticsearch would throw a timeout error. With the "batching" of these ruleIds into a single find call, we can now import 1000 rules in about 11 seconds.

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@dhurley14 dhurley14 force-pushed the remove-file-validation-import-rule branch 2 times, most recently from bdd9e31 to f352b89 Compare September 9, 2020 00:35
@@ -12,7 +12,7 @@ export const getFilter = (filter: string | null | undefined) => {
if (filter == null) {
return `alert.attributes.alertTypeId: ${SIGNALS_ID}`;
} else {
return `alert.attributes.alertTypeId: ${SIGNALS_ID} AND ${filter}`;
return `alert.attributes.alertTypeId: ${SIGNALS_ID} AND (${filter})`;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

adding parenthesis due to OR joins in KQL passed to alerts client find here -> https://github.com/elastic/kibana/pull/76398/files#diff-a8b6548cd6fceb9a3bb78453de9e2d17R44-R45

@dhurley14 dhurley14 self-assigned this Sep 9, 2020
Comment on lines 19 to +23
export const readRules = async ({
alertsClient,
id,
ruleId,
}: ReadRuleOptions): Promise<SanitizedAlert | null> => {
ruleIds,
}: ReadRuleOptions): Promise<RuleAlertType[] | null> => {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

readRules currently takes either a single id which is used on the alerts client get api or an array of ruleIds which are used on the find api. I'm wondering if there is impetus for re-working the function to also accept an array of ids in addition to this array of ruleIds?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That makes sense to me. Has it just not yet been the case to need to pass in an array of ids?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll work on refactoring to take in an array of ids as well. I wasn't sure if that would result in me touching too much stuff in this PR. But I think it'll help to have the same interface between the two parameters.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

since the bug was only related to the kql filter in the alerts client find api and not their get api I don't think it's worth also refactoring the readRules function to accept an array of ids. This is probably tech debt now that should be resolved in 7.10.

ruleFromFind.data.length > 0 &&
rules.every((rule): rule is RuleAlertType => isAlertType(rule))
) {
return rules;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also debated returning an array of found rules or an object of found rules where the keys are the ruleIds. Open to hearing opinions on this too.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking through these changes it seems like returning an array makes sense. Seems like we're either a) passing in a bunch of ids and using all the rules returned or b) just accessing the first item in the array on none bulk actions. I could see the object being useful if we were having to constantly loop through the rules to find x rule, which I don't think is the case? Just saying that based off this PR not having looked at all the various use cases, so could be totally wrong! What tradeoffs were you considering for each?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was just thinking since we do iterate over the array returned by the readRules function pretty heavily it might make things faster if each .find was replaced with foundRuleObject[myruleId] which would result in faster checking for the existence of the rule returned by this function. I think that would be cleaner.

@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

if (rule != null) {
if (
foundRules != null &&
foundRules.length > 0 &&
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super nit, but I think this length check is unnecessary?

@@ -187,7 +196,11 @@ export const importRulesRoute = (router: IRouter, config: ConfigType, ml: SetupP

throwHttpError(await mlAuthz.validateRuleType(type));

const rule = await readRules({ alertsClient, ruleId, id: undefined });
let rule;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could get rid of this let by doing something like: const rule = rules?.find((aRule) => aRule.params.ruleId === ruleId);

const existingRule = await readRules({ alertsClient, ruleId, id });
if (existingRule?.params.type) {
const foundRule = foundRules?.find((rule) => rule.params.ruleId === ruleId);
let existingRule = foundRule != null ? [foundRule] : null;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could also combine these statements to get rid of the let ...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we even need this check here since .find will return undefined if none found which would match up agains our == null or != null checks?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do need the check there since the type would be RuleAlertType | RuleAlertType[] | null which would cause the below checks to increase in complexity since we'd have to check if it's an array first before attempting to access etc.. But thanks @madirey for the suggestion! I will combine the two.

Copy link
Contributor

@yctercero yctercero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much for these fixes/updates! I pulled down and tested basic CRUD with rules, importing 200 rules, deleting 200 rules - it all looked good to me. The speeds were significantly faster on 7.9 cloud instance, but @dhurley14 pointed out that this is pre new rbac changes. Between pulling PR down and comparing it to master locally, times were pretty consistent. Just left some super nit comments, nothing that would block PR from going in.

if (
foundRules != null &&
foundRules.length > 0 &&
foundRules.find((rule) => rule.params.ruleId === ruleId)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super duper nit: would .some() fit in a bit better here since it explicitly returns a boolean?

@@ -135,8 +140,11 @@ export const createRulesBulkRoute = (router: IRouter, ml: SetupPlugins['ml']) =>
});
}
if (ruleId != null) {
const rule = await readRules({ alertsClient, ruleId, id: undefined });
if (rule != null) {
if (
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super nit: can the if blocks on 142 and 143 be merged?

const existingRule = await readRules({ alertsClient, ruleId, id });
if (existingRule?.params.type) {
const foundRule = foundRules?.find((rule) => rule.params.ruleId === ruleId);
let existingRule = foundRule != null ? [foundRule] : null;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we even need this check here since .find will return undefined if none found which would match up agains our == null or != null checks?

@@ -104,10 +104,14 @@ export const patchRulesRoute = (router: IRouter, ml: SetupPlugins['ml']) => {
throwHttpError(await mlAuthz.validateRuleType(type));
}

const existingRule = await readRules({ alertsClient, ruleId, id });
if (existingRule?.params.type) {
const existingRules = await readRules({
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super nit: seems like theres some repeated logic being used in the routes, is it worth pulling out somewhere? Maybe not since they're small chunks.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah I think we could pull out the logic for rejecting unauthorized modification of an ML rule into a little function. That's a good idea. Not sure if that refactor would be a good fit for a minor release like this PR but that would clean up the code nicely. I'll take a look.

Comment on lines 19 to +23
export const readRules = async ({
alertsClient,
id,
ruleId,
}: ReadRuleOptions): Promise<SanitizedAlert | null> => {
ruleIds,
}: ReadRuleOptions): Promise<RuleAlertType[] | null> => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That makes sense to me. Has it just not yet been the case to need to pass in an array of ids?

ruleFromFind.data.length > 0 &&
rules.every((rule): rule is RuleAlertType => isAlertType(rule))
) {
return rules;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking through these changes it seems like returning an array makes sense. Seems like we're either a) passing in a bunch of ids and using all the rules returned or b) just accessing the first item in the array on none bulk actions. I could see the object being useful if we were having to constantly loop through the rules to find x rule, which I don't think is the case? Just saying that based off this PR not having looked at all the various use cases, so could be totally wrong! What tradeoffs were you considering for each?

@ghost
Copy link

ghost commented Sep 16, 2020

Hi @dhurley14

We have gone through the ticket and observed it required DEV_Validation to test the ticket .
Please let us know if anything is missing from our end.

thanks !!

@spong
Copy link
Member

spong commented Sep 16, 2020

@elasticmachine merge upstream

@dhurley14 dhurley14 force-pushed the remove-file-validation-import-rule branch 2 times, most recently from 35c3bb7 to ec5ce0c Compare September 17, 2020 00:22
@dhurley14
Copy link
Contributor Author

@elasticmachine merge upstream

@dhurley14
Copy link
Contributor Author

jenkins test this

@dhurley14 dhurley14 force-pushed the remove-file-validation-import-rule branch from 4a0e8dc to 377b543 Compare September 17, 2020 03:51
@kibanamachine
Copy link
Contributor

💛 Build succeeded, but was flaky


Test Failures

X-Pack Endpoint Functional Tests.x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_list·ts.endpoint endpoint list when there is data, when the hostname is clicked on, navigates to ingest fleet when the Reassign Policy link is clicked

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has failed 2 times on tracked branches: https://github.com/elastic/kibana/issues/77701

[00:00:00]       │
[00:00:00]         └-: endpoint
[00:00:00]           └-> "before all" hook
[00:00:00]           └-> "before all" hook
[00:00:00]             │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [logs-index_pattern_placeholder] creating index, cause [api], templates [], shards [1]/[1]
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47964, url.original: /search?package=system&internal=true&experimental=true
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47966, url.original: /search?package=endpoint&internal=true&experimental=true
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47972, url.original: /search?package=system&internal=true&experimental=true
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47974, url.original: /search?package=endpoint&internal=true&experimental=true
[00:00:00]             │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [metrics-index_pattern_placeholder] creating index, cause [api], templates [], shards [1]/[1]
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47982, url.original: /package/endpoint/0.16.0-dev.0
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47980, url.original: /package/system/0.5.3
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47988, url.original: /package/endpoint/0.16.0-dev.0/
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:47990, url.original: /package/system/0.5.3/
[00:00:00]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:00]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:48000, url.original: /epr/system/system-0.5.3.tar.gz
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:48006, url.original: /epr/endpoint/endpoint-0.16.0-dev.0.tar.gz
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:48014, url.original: /package/endpoint/0.16.0-dev.0
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:48018, url.original: /package/endpoint/0.16.0-dev.0/
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:48032, url.original: /package/system/0.5.3
[00:00:00]             │ info [docker:registry] 2020/09/17 05:08:27 source.ip: 172.17.0.1:48036, url.original: /package/system/0.5.3/
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48090, url.original: /search
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48088, url.original: /search
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48100, url.original: /package/system/0.5.3
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48096, url.original: /package/endpoint/0.16.0-dev.0
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48104, url.original: /package/endpoint/0.16.0-dev.0
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48106, url.original: /package/system/0.5.3
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48116, url.original: /package/system/0.5.3/
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48120, url.original: /package/endpoint/0.16.0-dev.0/
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48114, url.original: /package/endpoint/0.16.0-dev.0/
[00:00:01]             │ info [docker:registry] 2020/09/17 05:08:28 source.ip: 172.17.0.1:48122, url.original: /package/system/0.5.3/
[00:00:01]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:02]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:02]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:02]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.core] for index patterns [metrics-system.core-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.raid] for index patterns [metrics-system.raid-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.process_summary] for index patterns [metrics-system.process_summary-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.network_summary] for index patterns [metrics-system.network_summary-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.memory] for index patterns [metrics-system.memory-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.network] for index patterns [metrics-system.network-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.load] for index patterns [metrics-system.load-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.filesystem] for index patterns [metrics-system.filesystem-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.process] for index patterns [metrics-system.process-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.entropy] for index patterns [metrics-system.entropy-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.fsstat] for index patterns [metrics-system.fsstat-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-system.auth] for index patterns [logs-system.auth-*]
[00:00:05]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.cpu] for index patterns [metrics-system.cpu-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.diskio] for index patterns [metrics-system.diskio-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-system.syslog] for index patterns [logs-system.syslog-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.service] for index patterns [metrics-system.service-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.socket] for index patterns [metrics-system.socket-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.uptime] for index patterns [metrics-system.uptime-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.users] for index patterns [metrics-system.users-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-system.socket_summary] for index patterns [metrics-system.socket_summary-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [logs-endpoint.alerts-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [logs-endpoint.events.library-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [metrics-endpoint.metadata_current-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [logs-endpoint.events.file-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [metrics-endpoint.metrics-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [logs-endpoint.events.registry-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [metrics-endpoint.metadata-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [logs-endpoint.events.process-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [metrics-endpoint.policy-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [logs-endpoint.events.network-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding component template [logs-endpoint.events.security-mappings]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-endpoint.alerts] for index patterns [logs-endpoint.alerts-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-endpoint.events.library] for index patterns [logs-endpoint.events.library-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-endpoint.metadata_current] for index patterns [metrics-endpoint.metadata_current-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-endpoint.events.file] for index patterns [logs-endpoint.events.file-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-endpoint.metrics] for index patterns [metrics-endpoint.metrics-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-endpoint.events.registry] for index patterns [logs-endpoint.events.registry-*]
[00:00:06]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-endpoint.metadata] for index patterns [metrics-endpoint.metadata-*]
[00:00:07]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-endpoint.events.process] for index patterns [logs-endpoint.events.process-*]
[00:00:07]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [metrics-endpoint.policy] for index patterns [metrics-endpoint.policy-*]
[00:00:07]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-endpoint.events.network] for index patterns [logs-endpoint.events.network-*]
[00:00:07]             │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] adding index template [logs-endpoint.events.security] for index patterns [logs-endpoint.events.security-*]
[00:00:07]             │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.transform-internal-005] creating index, cause [auto(bulk api)], templates [.transform-internal-005], shards [1]/[1]
[00:00:07]             │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] updating number_of_replicas to [0] for indices [.transform-internal-005]
[00:00:07]             │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.transform-notifications-000002] creating index, cause [auto(bulk api)], templates [.transform-notifications-000002], shards [1]/[1]
[00:00:07]             │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] updating number_of_replicas to [0] for indices [.transform-notifications-000002]
[00:00:07]             │ info [o.e.x.t.t.p.SchemaUtil] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] Failed to deduce mapping for [agent.id], fall back to keyword.
[00:00:07]             │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [metrics-endpoint.metadata_current-default] creating index, cause [api], templates [metrics-endpoint.metadata_current], shards [1]/[1]
[00:00:07]             │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] updating number_of_replicas to [0] for indices [metrics-endpoint.metadata_current-default]
[00:00:07]             │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] moving index [metrics-endpoint.metadata_current-default] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [metrics]
[00:00:07]             │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] moving index [metrics-endpoint.metadata_current-default] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"wait-for-indexing-complete"}] in policy [metrics]
[00:00:07]             │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] moving index [metrics-endpoint.metadata_current-default] from [{"phase":"hot","action":"unfollow","name":"wait-for-indexing-complete"}] to [{"phase":"hot","action":"unfollow","name":"wait-for-follow-shard-tasks"}] in policy [metrics]
[00:00:07]             │ info [o.e.x.t.t.TransformTask] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [metrics-endpoint.metadata-current-default-0.16.0-dev.0] updating state for transform to [{"task_state":"started","indexer_state":"stopped","checkpoint":0,"should_stop_at_checkpoint":false}].
[00:00:07]             │ info [o.e.x.t.t.TransformPersistentTasksExecutor] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [metrics-endpoint.metadata-current-default-0.16.0-dev.0] successfully completed and scheduled task in node operation
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48650, url.original: /package/system/0.5.3
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48648, url.original: /search?package=system&internal=true&experimental=true
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48656, url.original: /package/system/0.5.3/
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48672, url.original: /search?package=system&internal=true&experimental=true
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48674, url.original: /package/system/0.5.3
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48678, url.original: /package/system/0.5.3/
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48686, url.original: /package/system/0.5.3
[00:00:08]             │ info [docker:registry] 2020/09/17 05:08:36 source.ip: 172.17.0.1:48690, url.original: /package/system/0.5.3/
[00:00:08]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:10]             │ info [o.e.x.s.a.r.TransportPutRoleAction] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] added role [fleet_enroll]
[00:00:10]             │ info [o.e.x.s.a.u.TransportPutUserAction] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] added user [fleet_enroll]
[00:00:12]             │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-centos-tests-xxl-1600314726875827755] [.kibana_1/JiX1LPs2Q_CqVnC__vmrOQ] update_mapping [_doc]
[00:00:13]           └-: endpoint list
[00:00:13]             └-> "before all" hook
[00:00:36]             └-: when there is data,
[00:00:36]               └-> "before all" hook
[00:00:36]               └-> "before all" hook
[00:00:36]                 │ info [endpoint/metadata/destination_index] Loading "data.json"
[00:00:36]                 │ info [endpoint/metadata/destination_index] Indexed 3 docs into "metrics-endpoint.metadata_current-default"
[00:00:36]                 │ debg navigateToActualUrl http://localhost:61161/app/security/administration/endpoints
[00:00:36]                 │ debg browser[INFO] http://localhost:61161/app/security/administration/endpoints?_t=1600319344172 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:00:36]                 │
[00:00:36]                 │ debg browser[INFO] http://localhost:61161/bootstrap.js 42:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:00:36]                 │ debg currentUrl = http://localhost:61161/app/security/administration/endpoints
[00:00:36]                 │          appUrl = http://localhost:61161/app/security/administration/endpoints
[00:00:36]                 │ debg TestSubjects.find(kibanaChrome)
[00:00:36]                 │ debg Find.findByCssSelector('[data-test-subj="kibanaChrome"]') with timeout=60000
[00:00:38]                 │ debg isGlobalLoadingIndicatorVisible
[00:00:38]                 │ debg TestSubjects.exists(globalLoadingIndicator)
[00:00:38]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="globalLoadingIndicator"]') with timeout=1500
[00:00:39]                 │ debg TestSubjects.exists(globalLoadingIndicator-hidden)
[00:00:39]                 │ debg Find.existsByCssSelector('[data-test-subj="globalLoadingIndicator-hidden"]') with timeout=100000
[00:00:39]                 │ info [docker:registry] 2020/09/17 05:09:06 source.ip: 172.17.0.1:51726, url.original: /search?category=security
[00:00:39]                 │ info [docker:registry] 2020/09/17 05:09:06 source.ip: 172.17.0.1:51746, url.original: /search?category=security
[00:00:39]                 │ proc [kibana]   log   [05:09:07.243] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:39]                 │ proc [kibana]   log   [05:09:07.244] [warning][metadata][plugins][securitySolution] agent with id 92ac1ce0-e1f7-409e-8af6-f17e97b1fc71 not found
[00:00:39]                 │ proc [kibana]   log   [05:09:07.244] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:39]                 │ proc [kibana]   log   [05:09:07.246] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:39]                 │ proc [kibana]   log   [05:09:07.246] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:39]                 │ proc [kibana]   log   [05:09:07.247] [warning][metadata][plugins][securitySolution] agent with id 92ac1ce0-e1f7-409e-8af6-f17e97b1fc71 not found
[00:00:40]               └-> finds page title
[00:00:40]                 └-> "before each" hook: global before each
[00:00:40]                 │ debg TestSubjects.getVisibleText(header-page-title)
[00:00:40]                 │ debg TestSubjects.find(header-page-title)
[00:00:40]                 │ debg Find.findByCssSelector('[data-test-subj="header-page-title"]') with timeout=10000
[00:00:40]                 └- ✓ pass  (35ms) "endpoint endpoint list when there is data, finds page title"
[00:00:40]               └-> displays table data
[00:00:40]                 └-> "before each" hook: global before each
[00:00:40]                 │ debg TestSubjects.exists(endpointListTable)
[00:00:40]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="endpointListTable"]') with timeout=2500
[00:00:40]                 │ debg TestSubjects.find(endpointListTable)
[00:00:40]                 │ debg Find.findByCssSelector('[data-test-subj="endpointListTable"]') with timeout=10000
[00:00:40]                 └- ✓ pass  (64ms) "endpoint endpoint list when there is data, displays table data"
[00:00:40]               └-> does not show the details flyout initially
[00:00:40]                 └-> "before each" hook: global before each
[00:00:40]                 │ debg TestSubjects.missingOrFail(endpointDetailsFlyout)
[00:00:40]                 │ debg Find.waitForDeletedByCssSelector('[data-test-subj="endpointDetailsFlyout"]') with timeout=2500
[00:00:40]                 └- ✓ pass  (529ms) "endpoint endpoint list when there is data, does not show the details flyout initially"
[00:00:40]               └-: when the hostname is clicked on,
[00:00:40]                 └-> "before all" hook
[00:00:40]                 └-> display the details flyout
[00:00:40]                   └-> "before each" hook: global before each
[00:00:40]                   │ debg TestSubjects.find(hostnameCellLink)
[00:00:40]                   │ debg Find.findByCssSelector('[data-test-subj="hostnameCellLink"]') with timeout=10000
[00:00:40]                   │ debg TestSubjects.exists(endpointDetailsUpperList)
[00:00:40]                   │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="endpointDetailsUpperList"]') with timeout=120000
[00:00:40]                   │ proc [kibana]   log   [05:09:08.415] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:40]                   │ proc [kibana]   log   [05:09:08.421] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:40]                   │ debg TestSubjects.exists(endpointDetailsLowerList)
[00:00:40]                   │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="endpointDetailsLowerList"]') with timeout=120000
[00:00:41]                   └- ✓ pass  (397ms) "endpoint endpoint list when there is data, when the hostname is clicked on, display the details flyout"
[00:00:41]                 └-> updates the details flyout when a new hostname is selected from the list
[00:00:41]                   └-> "before each" hook: global before each
[00:00:41]                     │ERROR browser[SEVERE] http://localhost:61161/api/endpoint/policy_response?hostId=fc0ff548-feba-41b6-8367-65e8790d0eaf - Failed to load resource: the server responded with a status of 404 (Not Found)
[00:00:41]                   │ debg TestSubjects.findAll(hostnameCellLink)
[00:00:41]                   │ debg Find.allByCssSelector('[data-test-subj="hostnameCellLink"]') with timeout=10000
[00:00:41]                   │ debg TestSubjects.exists(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="endpointDetailsFlyoutTitle"]') with timeout=120000
[00:00:41]                   │ proc [kibana]   log   [05:09:08.801] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:41]                   │ proc [kibana]   log   [05:09:08.807] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:41]                   │ debg TestSubjects.getVisibleText(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg TestSubjects.find(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg Find.findByCssSelector('[data-test-subj="endpointDetailsFlyoutTitle"]') with timeout=10000
[00:00:41]                   │ERROR browser[SEVERE] http://localhost:61161/api/endpoint/policy_response?hostId=fc0ff548-feba-41b6-8367-65e8790d0eaf - Failed to load resource: the server responded with a status of 404 (Not Found)
[00:00:41]                   │ debg TestSubjects.findAll(hostnameCellLink)
[00:00:41]                   │ debg Find.allByCssSelector('[data-test-subj="hostnameCellLink"]') with timeout=10000
[00:00:41]                   │ debg Waiting up to 2000ms for visible text to change...
[00:00:41]                   │ debg TestSubjects.getVisibleText(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg TestSubjects.find(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg Find.findByCssSelector('[data-test-subj="endpointDetailsFlyoutTitle"]') with timeout=10000
[00:00:41]                   │ proc [kibana]   log   [05:09:09.109] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:41]                   │ proc [kibana]   log   [05:09:09.115] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:41]                   │ debg TestSubjects.getVisibleText(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg TestSubjects.find(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg Find.findByCssSelector('[data-test-subj="endpointDetailsFlyoutTitle"]') with timeout=10000
[00:00:41]                   └- ✓ pass  (610ms) "endpoint endpoint list when there is data, when the hostname is clicked on, updates the details flyout when a new hostname is selected from the list"
[00:00:41]                 │ERROR browser[SEVERE] http://localhost:61161/api/endpoint/policy_response?hostId=1fb3e58f-6ab0-4406-9d2a-91911207a712 - Failed to load resource: the server responded with a status of 404 (Not Found)
[00:00:41]                 └-> has the same flyout info when the same hostname is selected
[00:00:41]                   └-> "before each" hook: global before each
[00:00:41]                   │ debg TestSubjects.findAll(hostnameCellLink)
[00:00:41]                   │ debg Find.allByCssSelector('[data-test-subj="hostnameCellLink"]') with timeout=10000
[00:00:41]                   │ debg TestSubjects.exists(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="endpointDetailsFlyoutTitle"]') with timeout=120000
[00:00:41]                   │ proc [kibana]   log   [05:09:09.435] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:41]                   │ proc [kibana]   log   [05:09:09.441] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:41]                   │ debg TestSubjects.getVisibleText(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg TestSubjects.find(endpointDetailsFlyoutTitle)
[00:00:41]                   │ debg Find.findByCssSelector('[data-test-subj="endpointDetailsFlyoutTitle"]') with timeout=10000
[00:00:41]                   │ERROR browser[SEVERE] http://localhost:61161/api/endpoint/policy_response?hostId=1fb3e58f-6ab0-4406-9d2a-91911207a712 - Failed to load resource: the server responded with a status of 404 (Not Found)
[00:00:42]                   │ debg TestSubjects.findAll(hostnameCellLink)
[00:00:42]                   │ debg Find.allByCssSelector('[data-test-subj="hostnameCellLink"]') with timeout=10000
[00:00:42]                   │ proc [kibana]   log   [05:09:09.723] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:42]                   │ proc [kibana]   log   [05:09:09.729] [warning][metadata][plugins][securitySolution] agent with id 11488bae-880b-4e7b-8d28-aac2aa9de816 not found
[00:00:42]                   │ERROR browser[SEVERE] http://localhost:61161/api/endpoint/policy_response?hostId=1fb3e58f-6ab0-4406-9d2a-91911207a712 - Failed to load resource: the server responded with a status of 404 (Not Found)
[00:00:42]                   │ debg TestSubjects.getVisibleText(endpointDetailsFlyoutTitle)
[00:00:42]                   │ debg TestSubjects.find(endpointDetailsFlyoutTitle)
[00:00:42]                   │ debg Find.findByCssSelector('[data-test-subj="endpointDetailsFlyoutTitle"]') with timeout=10000
[00:00:42]                   └- ✓ pass  (997ms) "endpoint endpoint list when there is data, when the hostname is clicked on, has the same flyout info when the same hostname is selected"
[00:00:42]                 └-> navigates to ingest fleet when the Reassign Policy link is clicked
[00:00:42]                   └-> "before each" hook: global before each
[00:00:42]                   │ debg TestSubjects.find(hostnameCellLink)
[00:00:42]                   │ debg Find.findByCssSelector('[data-test-subj="hostnameCellLink"]') with timeout=10000
[00:00:42]                   │ debg TestSubjects.find(hostnameCellLink)
[00:00:42]                   │ debg Find.findByCssSelector('[data-test-subj="hostnameCellLink"]') with timeout=10000
[00:00:42]                   │ debg TestSubjects.find(endpointDetailsLinkToIngest)
[00:00:42]                   │ debg Find.findByCssSelector('[data-test-subj="endpointDetailsLinkToIngest"]') with timeout=10000
[00:00:43]                   │ proc [kibana]   log   [05:09:10.586] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:43]                   │ proc [kibana]   log   [05:09:10.591] [warning][metadata][plugins][securitySolution] agent with id 023fa40c-411d-4188-a941-4147bfadd095 not found
[00:00:43]                   │ info Taking screenshot "/dev/shm/workspace/parallel/16/kibana/x-pack/test/functional/screenshots/failure/endpoint endpoint list when there is data_ when the hostname is clicked on_ navigates to ingest fleet when the Reassign Policy link is clicked.png"
[00:00:43]                   │ERROR browser[SEVERE] http://localhost:61161/api/endpoint/policy_response?hostId=fc0ff548-feba-41b6-8367-65e8790d0eaf - Failed to load resource: the server responded with a status of 404 (Not Found)
[00:00:43]                   │ info Current URL is: http://localhost:61161/app/security/administration/endpoints?page_index=0&page_size=10&selected_endpoint=fc0ff548-feba-41b6-8367-65e8790d0eaf&show=
[00:00:43]                   │ info Saving page source to: /dev/shm/workspace/parallel/16/kibana/x-pack/test/functional/failure_debug/html/endpoint endpoint list when there is data_ when the hostname is clicked on_ navigates to ingest fleet when the Reassign Policy link is clicked.html
[00:00:43]                   └- ✖ fail: endpoint endpoint list when there is data, when the hostname is clicked on, navigates to ingest fleet when the Reassign Policy link is clicked
[00:00:43]                   │      Error: expected 'http://localhost:61161/app/ingestManager#/fleet/agents/11488bae-880b-4e7b-8d28-aac2aa9de816/activity?openReassignFlyout=true' to contain '/app/ingestManager#/fleet/agents/023fa40c-411d-4188-a941-4147bfadd095/activity?openReassignFlyout=true'
[00:00:43]                   │       at Assertion.assert (/dev/shm/workspace/parallel/16/kibana/packages/kbn-expect/expect.js:100:11)
[00:00:43]                   │       at Assertion.contain (/dev/shm/workspace/parallel/16/kibana/packages/kbn-expect/expect.js:442:10)
[00:00:43]                   │       at Context.it (test/security_solution_endpoint/apps/endpoint/endpoint_list.ts:173:31)
[00:00:43]                   │       at process._tickCallback (internal/process/next_tick.js:68:7)
[00:00:43]                   │ 
[00:00:43]                   │ 

Stack Trace

Error: expected 'http://localhost:61161/app/ingestManager#/fleet/agents/11488bae-880b-4e7b-8d28-aac2aa9de816/activity?openReassignFlyout=true' to contain '/app/ingestManager#/fleet/agents/023fa40c-411d-4188-a941-4147bfadd095/activity?openReassignFlyout=true'
    at Assertion.assert (/dev/shm/workspace/parallel/16/kibana/packages/kbn-expect/expect.js:100:11)
    at Assertion.contain (/dev/shm/workspace/parallel/16/kibana/packages/kbn-expect/expect.js:442:10)
    at Context.it (test/security_solution_endpoint/apps/endpoint/endpoint_list.ts:173:31)
    at process._tickCallback (internal/process/next_tick.js:68:7)

Build metrics

page load bundle size

id value diff baseline
securitySolution 793.5KB +188.0B 793.3KB

History

  • 💔 Build #75048 failed ec5ce0c82994dedf823a747374434640c12cd100
  • 💔 Build #75010 failed 35c3bb708cb73c34484a81a0029aa0af01589db2
  • 💚 Build #74959 succeeded fbb25f31cc5301e4f512de368c7b95d8fc02810e
  • 💚 Build #73528 succeeded 26181e2930d978908348ad2c59bb348db2d39209
  • 💔 Build #73476 failed 6637ffe8ae2a2c332b162bffc7838dd113a98c29

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@dhurley14 dhurley14 removed the v7.9.2 label Sep 17, 2020
@dhurley14 dhurley14 changed the title [Security Solution][Detections] Replace io-ts validation with kbn schema to fix performance bug on import rules route [Security Solution][Detections] Performance enhancement for readRules function Sep 18, 2020
@dhurley14
Copy link
Contributor Author

Closing since #77040 fixes the underlying performances issues. Tested this with importing 200+ rules and they imported just as fast as on 7.9 so I don't think these changes are needed right now. Maybe in the future this PR will help clean up the code and reduce network calls but for now I will be closing it to continue on higher priority items for the next release.

@dhurley14 dhurley14 closed this Sep 21, 2020
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release_note:fix review Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.10.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants