[ReaponseOps] Add name property to audit logs SO #193323
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
guskovaue
added
v8.16.0
Team:ResponseOps
guskovaue
force-pushed
the
MX-19823-add-name-property-audit-logs-so
branch
from
8d0d50c
to
5138ba4
Compare
|
Pinging @elastic/response-ops (Team:ResponseOps) |
cnasikas
added
v9.0.0
backport:prev-minor
cnasikas
approved these changes
Sep 23, 2024
| @@ -382,8 +384,8 @@ describe('scheduleBackfill()', () => { | |||
| outcome: 'success', | |||
| type: ['access'], | |||
| }, | |||
| kibana: { saved_object: { id: '1', type: RULE_SAVED_OBJECT_TYPE } }, | |||
| message: 'User has scheduled backfill for rule [id=1]', | |||
| kibana: { saved_object: { id: '1', type: RULE_SAVED_OBJECT_TYPE, name: 'my rule name' } }, | |||
There was a problem hiding this comment.
nit: Should not this be fakeRuleName?
| @@ -179,6 +179,7 @@ export class AlertingAuthorization { | |||
| entity, | |||
| additionalPrivileges = [], | |||
| }: EnsureAuthorizedOpts) { | |||
| console.log('ensureAuthorized', ensureAuthorized); | |||
There was a problem hiding this comment.
Do not forget to remove this 😄
There was a problem hiding this comment.
I think this file is not related to this PR. What about deleting it?
| @@ -161,7 +161,12 @@ export function ruleAuditEvent({ | |||
| outcome, | |||
| error, | |||
| }: RuleAuditEventParams): AuditEvent { | |||
| const doc = savedObject ? `rule [id=${savedObject.id}]` : 'a rule'; | |||
| const doc = savedObject | |||
| ? [`rule [id=${savedObject.id}]`, savedObject.name && `[name:${savedObject.name}]`] | |||
There was a problem hiding this comment.
I believe it is nice to be consistent with our formatting. In the ID we have = but in the name :. I would say to go with = for the name. For example [name=${savedObject.name}]
| ? `${AD_HOC_RUN_SAVED_OBJECT_TYPE} [id=${savedObject.id}]` | ||
| ? [ | ||
| `${AD_HOC_RUN_SAVED_OBJECT_TYPE} [id=${savedObject.id}]`, | ||
| savedObject.name && `${savedObject.name}`, |
There was a problem hiding this comment.
Same here: [name=${savedObject.name}]
There was a problem hiding this comment.
It's for add hoc. And name is not rule name, but phrase like this:
savedObject: {
type: AD_HOC_RUN_SAVED_OBJECT_TYPE,
id,
name: `backfill for rule "${result.attributes.rule.name}"`,
},
Ying add this line before, but I decided to keep it and add to the doc. (before it was not used somehow)
cnasikas
approved these changes
Sep 24, 2024
…:guskovaue/kibana into MX-19823-add-name-property-audit-logs-so
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]
History
To update your PR or re-run it, just comment with: cc @guskovaue |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 25, 2024
Issue: elastic/enhancements#19823 So the purpose of this PR is to add a rule name to each audit log in alerting API. Previously if with a rule was done some action (like create, delete, etc.), the user could see it in an audit log. But this log included only rule SO id, but not name. Users wanted to see a rule name associated with the audit log. So here I added it. The principle I follow here to accelerate development (agreed with @cnasikas): if it is easy (name easy to extract in the code the `savedObject`) to pass it. If it is not do not. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 45b4089)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Sep 25, 2024
…3954) # Backport This will backport the following commits from `main` to `8.x`: - [[ReaponseOps] Add name property to audit logs SO (#193323)](#193323) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Julia","email":"iuliia.guskova@elastic.co"},"sourceCommit":{"committedDate":"2024-09-25T09:34:55Z","message":"[ReaponseOps] Add name property to audit logs SO (#193323)\n\nIssue: elastic/enhancements#19823 the purpose of this PR is to add a rule name to each audit log in\r\nalerting API.\r\nPreviously if with a rule was done some action (like create, delete,\r\netc.), the user could see it in an audit log. But this log included only\r\nrule SO id, but not name. Users wanted to see a rule name associated\r\nwith the audit log.\r\nSo here I added it.\r\n\r\nThe principle I follow here to accelerate development (agreed with\r\n@cnasikas): if it is easy (name easy to extract in the code the\r\n`savedObject`) to pass it. If it is not do not.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"45b4089371f5b7694fde7d08b6a7aaeb70c4a56e","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[ReaponseOps] Add name property to audit logs SO","number":193323,"url":"#193323 Add name property to audit logs SO (#193323)\n\nIssue: elastic/enhancements#19823 the purpose of this PR is to add a rule name to each audit log in\r\nalerting API.\r\nPreviously if with a rule was done some action (like create, delete,\r\netc.), the user could see it in an audit log. But this log included only\r\nrule SO id, but not name. Users wanted to see a rule name associated\r\nwith the audit log.\r\nSo here I added it.\r\n\r\nThe principle I follow here to accelerate development (agreed with\r\n@cnasikas): if it is easy (name easy to extract in the code the\r\n`savedObject`) to pass it. If it is not do not.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"45b4089371f5b7694fde7d08b6a7aaeb70c4a56e"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"#193323 Add name property to audit logs SO (#193323)\n\nIssue: elastic/enhancements#19823 the purpose of this PR is to add a rule name to each audit log in\r\nalerting API.\r\nPreviously if with a rule was done some action (like create, delete,\r\netc.), the user could see it in an audit log. But this log included only\r\nrule SO id, but not name. Users wanted to see a rule name associated\r\nwith the audit log.\r\nSo here I added it.\r\n\r\nThe principle I follow here to accelerate development (agreed with\r\n@cnasikas): if it is easy (name easy to extract in the code the\r\n`savedObject`) to pass it. If it is not do not.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"45b4089371f5b7694fde7d08b6a7aaeb70c4a56e"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Julia <iuliia.guskova@elastic.co>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue: https://github.com/elastic/enhancements/issues/19823
So the purpose of this PR is to add a rule name to each audit log in alerting API.
Previously if with a rule was done some action (like create, delete, etc.), the user could see it in an audit log. But this log included only rule SO id, but not name. Users wanted to see a rule name associated with the audit log.
So here I added it.
The principle I follow here to accelerate development (agreed with @cnasikas): if it is easy (name easy to extract in the code the
savedObject) to pass it. If it is not do not.Checklist