Merge branch 'feat/output-per-integration' of github.com:jen-huang/ki…

…bana into feat/output-per-integration
elastic · Aug 7, 2024 · bd713b7 · bd713b7
2 parents f59c5ca + 7d092ba
commit bd713b7
Show file tree

Hide file tree

Showing 147 changed files with 8,091 additions and 2,640 deletions.
diff --git a/packages/kbn-securitysolution-utils/src/esql/compute_if_esql_query_aggregating.ts b/packages/kbn-securitysolution-utils/src/esql/compute_if_esql_query_aggregating.ts
@@ -6,11 +6,18 @@
  * Side Public License, v 1.
  */
 
+import { ESQLAst, getAstAndSyntaxErrors } from '@kbn/esql-ast';
+
+export const isAggregatingQuery = (ast: ESQLAst): boolean => {
+  return ast.some((astItem) => astItem.type === 'command' && astItem.name === 'stats');
+};
+
 /**
  * compute if esqlQuery is aggregating/grouping, i.e. using STATS...BY command
  * @param esqlQuery
  * @returns boolean
  */
 export const computeIsESQLQueryAggregating = (esqlQuery: string): boolean => {
-  return /\|\s+stats\s/i.test(esqlQuery);
+  const { ast } = getAstAndSyntaxErrors(esqlQuery);
+  return isAggregatingQuery(ast);
 };
diff --git a/packages/kbn-securitysolution-utils/tsconfig.json b/packages/kbn-securitysolution-utils/tsconfig.json
@@ -12,7 +12,8 @@
   ],
   "kbn_references": [
     "@kbn/i18n",
-    "@kbn/esql-utils"
+    "@kbn/esql-utils",
+    "@kbn/esql-ast"
   ],
   "exclude": [
     "target/**/*",

diff --git a/...i_assistant_management/selection/public/routes/components/ai_assistant_selection_page.tsx b/...i_assistant_management/selection/public/routes/components/ai_assistant_selection_page.tsx
@@ -72,6 +72,7 @@ export function AiAssistantSelectionPage() {
       <EuiFlexGrid columns={2}>
         <EuiFlexItem grow>
           <EuiCard
+            data-test-subj="aiAssistantSelectionPageObservabilityCard"
             description={
               <div>
                 {!observabilityAIAssistantEnabled ? (

diff --git a/x-pack/packages/ml/aiops_log_pattern_analysis/create_category_request.ts b/x-pack/packages/ml/aiops_log_pattern_analysis/create_category_request.ts
@@ -112,11 +112,11 @@ export function createCategoryRequest(
   return {
     params: {
       index,
-      size: 0,
       body: {
         query,
         aggs: wrap(aggs),
         ...(isPopulatedObject(runtimeMappings) ? { runtime_mappings: runtimeMappings } : {}),
+        size: 0,
       },
     },
   };

diff --git a/x-pack/packages/ml/aiops_log_rate_analysis/queries/__mocks__/top_categories_result.ts b/x-pack/packages/ml/aiops_log_rate_analysis/queries/__mocks__/top_categories_result.ts
@@ -0,0 +1,37 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const topCategoriesResultMock = [
+  {
+    bg_count: 0,
+    doc_count: 1642,
+    fieldName: 'message',
+    fieldValue:
+      '71.231.222.196 - - [2018-08-13T05:04:08.731Z] "GET /kibana/kibana-6.3.2-windows-x86_64.zip HTTP/1.1" 200 15139 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:6.0a1) Gecko/20110421 Firefox/6.0a1"',
+    key: 'GET HTTP/1.1 Mozilla/5.0 X11 Linux x86_64 rv Gecko/20110421 Firefox/6.0a1',
+    normalizedScore: 0,
+    pValue: 1,
+    score: 0,
+    total_bg_count: 0,
+    total_doc_count: 0,
+    type: 'log_pattern',
+  },
+  {
+    bg_count: 0,
+    doc_count: 1488,
+    fieldName: 'message',
+    fieldValue:
+      '7.210.210.41 - - [2018-08-13T04:20:49.558Z] "GET /elasticsearch/elasticsearch-6.3.2.deb HTTP/1.1" 404 6699 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.50 Safari/534.24"',
+    key: 'GET HTTP/1.1 Mozilla/5.0 X11 Linux i686 AppleWebKit/534.24 KHTML like Gecko Chrome/11.0.696.50 Safari/534.24',
+    normalizedScore: 0,
+    pValue: 1,
+    score: 0,
+    total_bg_count: 0,
+    total_doc_count: 0,
+    type: 'log_pattern',
+  },
+];
diff --git a/...k/packages/ml/aiops_log_rate_analysis/queries/__mocks__/top_categories_search_response.ts b/...k/packages/ml/aiops_log_rate_analysis/queries/__mocks__/top_categories_search_response.ts
@@ -0,0 +1,75 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const topCategoriesSearchResponseMock = {
+  took: 98,
+  responses: [
+    {
+      took: 98,
+      timed_out: false,
+      _shards: { total: 1, successful: 1, skipped: 0, failed: 0 },
+      hits: { total: { value: 4413, relation: 'eq' }, max_score: null, hits: [] },
+      aggregations: {
+        categories: {
+          buckets: [
+            {
+              doc_count: 1642,
+              key: 'GET HTTP/1.1 Mozilla/5.0 X11 Linux x86_64 rv Gecko/20110421 Firefox/6.0a1',
+              regex:
+                '.*?GET.+?HTTP/1\\.1.+?Mozilla/5\\.0.+?X11.+?Linux.+?x86_64.+?rv.+?Gecko/20110421.+?Firefox/6\\.0a1.*?',
+              max_matching_length: 233,
+              examples: {
+                hits: {
+                  total: { value: 1642, relation: 'eq' },
+                  max_score: null,
+                  hits: [
+                    {
+                      _index: '.ds-kibana_sample_data_logs-2024.07.08-000001',
+                      _id: 'zpkLk5AB4oRN3GwDmOW1',
+                      _score: null,
+                      _source: {
+                        message:
+                          '71.231.222.196 - - [2018-08-13T05:04:08.731Z] "GET /kibana/kibana-6.3.2-windows-x86_64.zip HTTP/1.1" 200 15139 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:6.0a1) Gecko/20110421 Firefox/6.0a1"',
+                      },
+                      sort: [1721624648731],
+                    },
+                  ],
+                },
+              },
+            },
+            {
+              doc_count: 1488,
+              key: 'GET HTTP/1.1 Mozilla/5.0 X11 Linux i686 AppleWebKit/534.24 KHTML like Gecko Chrome/11.0.696.50 Safari/534.24',
+              regex:
+                '.*?GET.+?HTTP/1\\.1.+?Mozilla/5\\.0.+?X11.+?Linux.+?i686.+?AppleWebKit/534\\.24.+?KHTML.+?like.+?Gecko.+?Chrome/11\\.0\\.696\\.50.+?Safari/534\\.24.*?',
+              max_matching_length: 266,
+              examples: {
+                hits: {
+                  total: { value: 1488, relation: 'eq' },
+                  max_score: null,
+                  hits: [
+                    {
+                      _index: '.ds-kibana_sample_data_logs-2024.07.08-000001',
+                      _id: 'VpkLk5AB4oRN3GwDmOW1',
+                      _score: null,
+                      _source: {
+                        message:
+                          '7.210.210.41 - - [2018-08-13T04:20:49.558Z] "GET /elasticsearch/elasticsearch-6.3.2.deb HTTP/1.1" 404 6699 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.50 Safari/534.24"',
+                      },
+                      sort: [1721622049558],
+                    },
+                  ],
+                },
+              },
+            },
+          ],
+        },
+      },
+      status: 200,
+    },
+  ],
+};