Skip to content

Commit 65364a5

Browse files
dhurley14dhurley14
committed
add log info level for logging in cloud
1 parent 52f5403 commit 65364a5

3 files changed

Lines changed: 23 additions & 1 deletion

File tree

x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,7 @@ export const searchAfterAndBulkCreate = async ({
7070
interval,
7171
buildRuleMessage,
7272
});
73+
const tuplesToBeLogged = [...totalToFromTuples];
7374
logger.debug(buildRuleMessage(`totalToFromTuples: ${totalToFromTuples.length}`));
7475

7576
while (totalToFromTuples.length > 0) {
@@ -294,5 +295,6 @@ export const searchAfterAndBulkCreate = async ({
294295
}
295296
}
296297
logger.debug(buildRuleMessage(`[+] completed bulk index of ${toReturn.createdSignalsCount}`));
298+
toReturn.totalToFromTuples = tuplesToBeLogged;
297299
return toReturn;
298300
};

x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -670,6 +670,21 @@ export const signalRulesAlertType = ({
670670
lastLookBackDate: result.lastLookBackDate?.toISOString(),
671671
});
672672
}
673+
674+
// adding this log line so we can get some information from cloud
675+
logger.info(
676+
buildRuleMessage(
677+
`[+] Finished indexing ${result.createdSignalsCount} ${
678+
!isEmpty(result.totalToFromTuples)
679+
? `signals searched between date ranges ${JSON.stringify(
680+
result.totalToFromTuples,
681+
null,
682+
2
683+
)}`
684+
: ''
685+
}`
686+
)
687+
);
673688
} else {
674689
const errorMessage = buildRuleMessage(
675690
'Bulk Indexing of signals failed:',

x-pack/plugins/security_solution/server/lib/detection_engine/signals/types.ts

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
*/
66

77
import { DslQuery, Filter } from 'src/plugins/data/common';
8-
import moment from 'moment';
8+
import moment, { Moment } from 'moment';
99
import { Status } from '../../../../common/detection_engine/schemas/common/schemas';
1010
import { RulesSchema } from '../../../../common/detection_engine/schemas/response/rules_schema';
1111
import {
@@ -263,6 +263,11 @@ export interface SearchAfterAndBulkCreateReturnType {
263263
createdSignalsCount: number;
264264
createdSignals: SignalHit[];
265265
errors: string[];
266+
totalToFromTuples?: Array<{
267+
to: Moment | undefined;
268+
from: Moment | undefined;
269+
maxSignals: number;
270+
}>;
266271
}
267272

268273
export interface ThresholdAggregationBucket extends TermAggregationBucket {

0 commit comments

Comments
 (0)