[Security Solution][Entity Analytics] Scoping the entity store to spaces #193303
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tiansivive
commented
Sep 18, 2024
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/definition.ts
Outdated
Show resolved
Hide resolved
a59597e to
b0d92b5
Compare
|
Pinging @elastic/security-entity-analytics (Team:Entity Analytics) |
… src/core/server/integration_tests/ci_checks'
hop-dev
reviewed
Sep 19, 2024
...ity_solution/server/lib/entity_analytics/entity_store/saved_object/engine_descriptor_type.ts
Outdated
Show resolved
Hide resolved
… src/core/server/integration_tests/ci_checks'
…into ea-entity-store-10530
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]
History
To update your PR or re-run it, just comment with: |
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
tiansivive
added a commit
to tiansivive/kibana
that referenced
this pull request
Sep 23, 2024
…ces (elastic#193303) ## Summary This PR introduces Kibana Spaces support for the Entity Store. It implements elastic/security-team#10530 ### How to test 1. Add some host/user data * Easiest is to use [elastic/security-data-generator](https://github.com/elastic/security-documents-generator) 2. Make sure to add `entityStoreEnabled` under `xpack.securitySolution.enableExperimental` in your `kibana.dev.yml` 3. Make sure to create a second space other than `default`, either via the UI or the spaces API. 4. In the default space kibana dev tools, call the `POST kbn:/api/entity_store/engines/{entity_type}/init {}` route for either `user` or `host`. 5. Switch to the other space and call `INIT` again. 6. Check that calling the `GET kbn:api/entity_store/engines` route in each space returns only one engine. 7. Check that calling `GET /.kibana*/_search?q=type:entity-engine-status` returns 2 engines, one in each space. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 16dcfa8)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
tiansivive
added a commit
that referenced
this pull request
Sep 23, 2024
…to spaces (#193303) (#193697) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution][Entity Analytics] Scoping the entity store to spaces (#193303)](#193303) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Tiago Vila Verde","email":"tiago.vilaverde@elastic.co"},"sourceCommit":{"committedDate":"2024-09-23T09:47:48Z","message":"[Security Solution][Entity Analytics] Scoping the entity store to spaces (#193303)\n\n## Summary\r\n\r\nThis PR introduces Kibana Spaces support for the Entity Store.\r\nIt implements https://github.com/elastic/security-team/issues/10530\r\n\r\n\r\n\r\n\r\n### How to test\r\n\r\n1. Add some host/user data\r\n* Easiest is to use\r\n[elastic/security-data-generator](https://github.com/elastic/security-documents-generator)\r\n2. Make sure to add `entityStoreEnabled` under\r\n`xpack.securitySolution.enableExperimental` in your `kibana.dev.yml`\r\n3. Make sure to create a second space other than `default`, either via\r\nthe UI or the spaces API.\r\n4. In the default space kibana dev tools, call the `POST\r\nkbn:/api/entity_store/engines/{entity_type}/init {}` route for either\r\n`user` or `host`.\r\n5. Switch to the other space and call `INIT` again.\r\n6. Check that calling the `GET kbn:api/entity_store/engines` route in\r\neach space returns only one engine.\r\n7. Check that calling `GET\r\n/.kibana*/_search?q=type:entity-engine-status` returns 2 engines, one in\r\neach space.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"16dcfa84c8e54825bd24a89697bb715012791284","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","Theme: entity_analytics","Feature:Entity Analytics","Team:Entity Analytics","8.16 candidate"],"number":193303,"url":"https://github.com/elastic/kibana/pull/193303","mergeCommit":{"message":"[Security Solution][Entity Analytics] Scoping the entity store to spaces (#193303)\n\n## Summary\r\n\r\nThis PR introduces Kibana Spaces support for the Entity Store.\r\nIt implements https://github.com/elastic/security-team/issues/10530\r\n\r\n\r\n\r\n\r\n### How to test\r\n\r\n1. Add some host/user data\r\n* Easiest is to use\r\n[elastic/security-data-generator](https://github.com/elastic/security-documents-generator)\r\n2. Make sure to add `entityStoreEnabled` under\r\n`xpack.securitySolution.enableExperimental` in your `kibana.dev.yml`\r\n3. Make sure to create a second space other than `default`, either via\r\nthe UI or the spaces API.\r\n4. In the default space kibana dev tools, call the `POST\r\nkbn:/api/entity_store/engines/{entity_type}/init {}` route for either\r\n`user` or `host`.\r\n5. Switch to the other space and call `INIT` again.\r\n6. Check that calling the `GET kbn:api/entity_store/engines` route in\r\neach space returns only one engine.\r\n7. Check that calling `GET\r\n/.kibana*/_search?q=type:entity-engine-status` returns 2 engines, one in\r\neach space.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"16dcfa84c8e54825bd24a89697bb715012791284"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193303","number":193303,"mergeCommit":{"message":"[Security Solution][Entity Analytics] Scoping the entity store to spaces (#193303)\n\n## Summary\r\n\r\nThis PR introduces Kibana Spaces support for the Entity Store.\r\nIt implements https://github.com/elastic/security-team/issues/10530\r\n\r\n\r\n\r\n\r\n### How to test\r\n\r\n1. Add some host/user data\r\n* Easiest is to use\r\n[elastic/security-data-generator](https://github.com/elastic/security-documents-generator)\r\n2. Make sure to add `entityStoreEnabled` under\r\n`xpack.securitySolution.enableExperimental` in your `kibana.dev.yml`\r\n3. Make sure to create a second space other than `default`, either via\r\nthe UI or the spaces API.\r\n4. In the default space kibana dev tools, call the `POST\r\nkbn:/api/entity_store/engines/{entity_type}/init {}` route for either\r\n`user` or `host`.\r\n5. Switch to the other space and call `INIT` again.\r\n6. Check that calling the `GET kbn:api/entity_store/engines` route in\r\neach space returns only one engine.\r\n7. Check that calling `GET\r\n/.kibana*/_search?q=type:entity-engine-status` returns 2 engines, one in\r\neach space.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"16dcfa84c8e54825bd24a89697bb715012791284"}}]}] BACKPORT-->
weizijun
added a commit
to weizijun/kibana
that referenced
this pull request
Sep 23, 2024
* main: (176 commits) [ML][Rules] Fixes deletion in Check interval input for anomaly detection rule (elastic#193420) Bump maximum supported package spec version to 3.2 (elastic#193574) [ES|QL] new pattern for `SORT` autocomplete (elastic#193595) [Inventory][ECO] Entities page search bar (elastic#193546) [Synthetics] Remove extra overview route (elastic#192449) [Obs Alerts table] Fix error on clicking alert reason message (elastic#193693) [Migrations] Remove tests that are not applicable in 9.x (elastic#193699) [EDR Workflows] Set Agent Tamper Protection to false on policy unassignment (elastic#193017) [Inventory][ECO] Enable elastic entity model from inventory (elastic#193557) [EDR Workflows] The host isolation exception tab is hidden on the basic license if no artifacts (elastic#192562) [Entity Analytics] Ensuring definition transforms are managed (elastic#193408) [Automatic Import] Do not remove message field for unstructured logs (elastic#193678) [Fleet] Add missing permissions for connector package (elastic#193573) [Fleet] using @kbn/config-schema part 2 (outputs and other apis) (elastic#193326) [Migrations] Provide testing archives + tooling for migrations integration tests (elastic#193328) [ES|QL] Renames the textbased editor to esql editor (elastic#193521) [ES|QL] Update function metadata (elastic#193662) [Security Solution][Entity Analytics] Scoping the entity store to spaces (elastic#193303) [Docs] Update Sharing docs (elastic#190318) [ML] AIOps: Move Log Rate Analysis results callout to help popover. (elastic#192243) ... # Conflicts: # x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/endpoint_info.test.tsx # x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/endpoint_info.tsx
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR introduces Kibana Spaces support for the Entity Store.
It implements https://github.com/elastic/security-team/issues/10530
How to test
entityStoreEnabledunderxpack.securitySolution.enableExperimentalin yourkibana.dev.ymldefault, either via the UI or the spaces API.POST kbn:/api/entity_store/engines/{entity_type}/init {}route for eitheruserorhost.INITagain.GET kbn:api/entity_store/enginesroute in each space returns only one engine.GET /.kibana*/_search?q=type:entity-engine-statusreturns 2 engines, one in each space.