[Security Solution][Endpoint] Fix error message for all SentinelOne response actions so that its consistent when no stack connector is setup #208405
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/ci |
1 task
|
Pinging @elastic/security-defend-workflows (Team:Defend Workflows) |
Comment on lines
257
to
264
|
|
||
| let s1ApiResponse: SentinelOneGetAgentsResponse | undefined; | ||
|
|
||
| try { | ||
| const response = await this.sendAction< | ||
| SentinelOneGetAgentsResponse, | ||
| SentinelOneGetAgentsParams | ||
| >(SUB_ACTION.GET_AGENTS, { ids: agentId }); | ||
|
|
||
| s1ApiResponse = response.data; | ||
| } catch (err) { | ||
| throw new ResponseActionsClientError( | ||
| `Error while attempting to retrieve SentinelOne host with agent id [${agentId}]: ${err.message}`, | ||
| 500, | ||
| err | ||
| ); | ||
| } | ||
| const s1ApiResponse = ( | ||
| await this.sendAction<SentinelOneGetAgentsResponse, SentinelOneGetAgentsParams>( | ||
| SUB_ACTION.GET_AGENTS, | ||
| { ids: agentId } | ||
| ) | ||
| ).data; | ||
|
|
There was a problem hiding this comment.
Could you please double-check if the error thrown by sendAction is properly handled? From reviewing the code, it’s not immediately clear.
There was a problem hiding this comment.
Yeah, I did. The sendAction() will already handles errors correctly and (more important) returns a ResponseActionsClientError that has the desired HTTP status code (400)
szwarckonrad
approved these changes
Jan 28, 2025
ashokaditya
approved these changes
Jan 28, 2025
|
Starting backport for target branches: 8.x https://github.com/elastic/kibana/actions/runs/13019534636 |
💚 Build Succeeded
Metrics [docs]Async chunks
History
|
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jan 28, 2025
…esponse actions so that its consistent when no stack connector is setup (elastic#208405) ## Summary - Fixes the API error messages for SentinelOne so that they are consistent when there is no stack connector setup for it - All commands now return a `400: Bad Request, statusCode: 400, error: Bad Request, message: No stack connector instance configured for [.sentinelone]` for this condition - Improve the error message title on the UI (console) to clarify that the Action Request failed to be created - Background: Before this change, all failures showed a title of `Action failed` regardless if the action request API call failed **-OR-** the response of the action was a failure - The UI will now show a message title of `Failed to create action request.` when the API call to create the action fails - Response actions that were successful created, but the result of them is an error will continue to show `Action failed.` (cherry picked from commit 19f8506)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Jan 28, 2025
…lOne response actions so that its consistent when no stack connector is setup (#208405) (#208631) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution][Endpoint] Fix error message for all SentinelOne response actions so that its consistent when no stack connector is setup (#208405)](#208405) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Paul Tavares","email":"56442535+paul-tavares@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-28T21:05:35Z","message":"[Security Solution][Endpoint] Fix error message for all SentinelOne response actions so that its consistent when no stack connector is setup (#208405)\n\n## Summary\r\n\r\n- Fixes the API error messages for SentinelOne so that they are\r\nconsistent when there is no stack connector setup for it\r\n- All commands now return a `400: Bad Request, statusCode: 400, error:\r\nBad Request, message: No stack connector instance configured for\r\n[.sentinelone]` for this condition\r\n- Improve the error message title on the UI (console) to clarify that\r\nthe Action Request failed to be created\r\n- Background: Before this change, all failures showed a title of `Action\r\nfailed` regardless if the action request API call failed **-OR-** the\r\nresponse of the action was a failure\r\n- The UI will now show a message title of `Failed to create action\r\nrequest.` when the API call to create the action fails\r\n- Response actions that were successful created, but the result of them\r\nis an error will continue to show `Action failed.`","sha":"19f8506d7fea351b27af457ff484914f042c070f","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Defend Workflows","backport:prev-minor","v8.18.0"],"title":"[Security Solution][Endpoint] Fix error message for all SentinelOne response actions so that its consistent when no stack connector is setup","number":208405,"url":"https://github.com/elastic/kibana/pull/208405","mergeCommit":{"message":"[Security Solution][Endpoint] Fix error message for all SentinelOne response actions so that its consistent when no stack connector is setup (#208405)\n\n## Summary\r\n\r\n- Fixes the API error messages for SentinelOne so that they are\r\nconsistent when there is no stack connector setup for it\r\n- All commands now return a `400: Bad Request, statusCode: 400, error:\r\nBad Request, message: No stack connector instance configured for\r\n[.sentinelone]` for this condition\r\n- Improve the error message title on the UI (console) to clarify that\r\nthe Action Request failed to be created\r\n- Background: Before this change, all failures showed a title of `Action\r\nfailed` regardless if the action request API call failed **-OR-** the\r\nresponse of the action was a failure\r\n- The UI will now show a message title of `Failed to create action\r\nrequest.` when the API call to create the action fails\r\n- Response actions that were successful created, but the result of them\r\nis an error will continue to show `Action failed.`","sha":"19f8506d7fea351b27af457ff484914f042c070f"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/208405","number":208405,"mergeCommit":{"message":"[Security Solution][Endpoint] Fix error message for all SentinelOne response actions so that its consistent when no stack connector is setup (#208405)\n\n## Summary\r\n\r\n- Fixes the API error messages for SentinelOne so that they are\r\nconsistent when there is no stack connector setup for it\r\n- All commands now return a `400: Bad Request, statusCode: 400, error:\r\nBad Request, message: No stack connector instance configured for\r\n[.sentinelone]` for this condition\r\n- Improve the error message title on the UI (console) to clarify that\r\nthe Action Request failed to be created\r\n- Background: Before this change, all failures showed a title of `Action\r\nfailed` regardless if the action request API call failed **-OR-** the\r\nresponse of the action was a failure\r\n- The UI will now show a message title of `Failed to create action\r\nrequest.` when the API call to create the action fails\r\n- Response actions that were successful created, but the result of them\r\nis an error will continue to show `Action failed.`","sha":"19f8506d7fea351b27af457ff484914f042c070f"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Paul Tavares <56442535+paul-tavares@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
400: Bad Request, statusCode: 400, error: Bad Request, message: No stack connector instance configured for [.sentinelone]for this conditionAction failedregardless if the action request API call failed -OR- the response of the action was a failureFailed to create action request.when the API call to create the action failsAction failed.Checklist