Skip to content

Commit d1638e2

Browse files
angoraycangorayc
committed
add unit tests for histograms
1 parent 6508784 commit d1638e2

17 files changed

Lines changed: 2496 additions & 0 deletions

File tree

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/__mocks__/index.ts

Lines changed: 1734 additions & 0 deletions
Large diffs are not rendered by default.

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/__mocks__/index.ts

Lines changed: 83 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,83 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
export const mockOptions = {
8+
filterQuery: '{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
9+
timerange: { from: '2020-09-08T13:32:02.875Z', to: '2020-09-09T13:32:02.875Z' },
10+
defaultIndex: [
11+
'apm-*-transaction*',
12+
'auditbeat-*',
13+
'endgame-*',
14+
'filebeat-*',
15+
'logs-*',
16+
'packetbeat-*',
17+
'winlogbeat-*',
18+
],
19+
stackByField: 'event.module',
20+
};
21+
22+
export const expectedDsl = {
23+
index: [
24+
'apm-*-transaction*',
25+
'auditbeat-*',
26+
'endgame-*',
27+
'filebeat-*',
28+
'logs-*',
29+
'packetbeat-*',
30+
'winlogbeat-*',
31+
],
32+
allowNoIndices: true,
33+
ignoreUnavailable: true,
34+
body: {
35+
aggregations: {
36+
alertsGroup: {
37+
terms: {
38+
field: 'event.module',
39+
missing: 'All others',
40+
order: { _count: 'desc' },
41+
size: 10,
42+
},
43+
aggs: {
44+
alerts: {
45+
date_histogram: {
46+
field: '@timestamp',
47+
fixed_interval: '2700000ms',
48+
min_doc_count: 0,
49+
extended_bounds: { min: 1599571922875, max: 1599658322875 },
50+
},
51+
},
52+
},
53+
},
54+
},
55+
query: {
56+
bool: {
57+
filter: [
58+
'{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
59+
{
60+
bool: {
61+
filter: [
62+
{
63+
bool: { should: [{ match: { 'event.kind': 'alert' } }], minimum_should_match: 1 },
64+
},
65+
],
66+
},
67+
},
68+
{
69+
range: {
70+
'@timestamp': {
71+
gte: '2020-09-08T13:32:02.875Z',
72+
lte: '2020-09-09T13:32:02.875Z',
73+
format: 'strict_date_optional_time',
74+
},
75+
},
76+
},
77+
],
78+
},
79+
},
80+
size: 0,
81+
track_total_hits: true,
82+
},
83+
};

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/index.test.ts

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
import { alertsMatrixHistogramConfig } from '.';
8+
import { buildAlertsHistogramQuery } from './query.alerts_histogram.dsl';
9+
10+
jest.mock('./query.alerts_histogram.dsl', () => ({
11+
buildAlertsHistogramQuery: jest.fn(),
12+
}));
13+
14+
describe('alertsMatrixHistogramConfig', () => {
15+
test('should export alertsMatrixHistogramConfig corrrectly', () => {
16+
expect(alertsMatrixHistogramConfig).toEqual({
17+
aggName: 'aggregations.alertsGroup.buckets',
18+
parseKey: 'alerts.buckets',
19+
buildDsl: buildAlertsHistogramQuery,
20+
});
21+
});
22+
});

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/query.alerts_histogram.dsl.test.ts

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
import { buildAlertsHistogramQuery } from './query.alerts_histogram.dsl';
7+
import { mockOptions, expectedDsl } from './__mocks__/';
8+
9+
describe('buildAlertsHistogramQuery', () => {
10+
test('build query from options correctly', () => {
11+
expect(buildAlertsHistogramQuery(mockOptions)).toEqual(expectedDsl);
12+
});
13+
});

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/__mocks__/index.ts

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
export const mockOptions = {
8+
filterQuery:
9+
'{"bool":{"must":[],"filter":[{"match_all":{}},{"bool":{"should":[],"minimum_should_match":1}},{"match_phrase":{"result_type":"record"}},null,{"range":{"record_score":{"gte":50}}}],"should":[],"must_not":[]}}',
10+
timerange: { from: '2020-09-08T13:51:04.932Z', to: '2020-09-09T13:51:04.933Z' },
11+
defaultIndex: [
12+
'apm-*-transaction*',
13+
'auditbeat-*',
14+
'endgame-*',
15+
'filebeat-*',
16+
'logs-*',
17+
'packetbeat-*',
18+
'winlogbeat-*',
19+
],
20+
stackByField: 'job_id',
21+
};
22+
23+
export const expectedDsl = {
24+
index: [
25+
'apm-*-transaction*',
26+
'auditbeat-*',
27+
'endgame-*',
28+
'filebeat-*',
29+
'logs-*',
30+
'packetbeat-*',
31+
'winlogbeat-*',
32+
],
33+
allowNoIndices: true,
34+
ignoreUnavailable: true,
35+
body: {
36+
aggs: {
37+
anomalyActionGroup: {
38+
terms: { field: 'job_id', order: { _count: 'desc' }, size: 10 },
39+
aggs: {
40+
anomalies: {
41+
date_histogram: {
42+
field: 'timestamp',
43+
fixed_interval: '2700000ms',
44+
min_doc_count: 0,
45+
extended_bounds: { min: 1599573064932, max: 1599659464933 },
46+
},
47+
},
48+
},
49+
},
50+
},
51+
query: {
52+
bool: {
53+
filter: [
54+
'{"bool":{"must":[],"filter":[{"match_all":{}},{"bool":{"should":[],"minimum_should_match":1}},{"match_phrase":{"result_type":"record"}},null,{"range":{"record_score":{"gte":50}}}],"should":[],"must_not":[]}}',
55+
{
56+
range: {
57+
timestamp: {
58+
gte: '2020-09-08T13:51:04.932Z',
59+
lte: '2020-09-09T13:51:04.933Z',
60+
format: 'strict_date_optional_time',
61+
},
62+
},
63+
},
64+
],
65+
},
66+
},
67+
size: 0,
68+
track_total_hits: true,
69+
},
70+
};

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/index.test.ts

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
import { anomaliesMatrixHistogramConfig } from '.';
8+
import { buildAnomaliesHistogramQuery } from './query.anomalies_histogram.dsl';
9+
10+
jest.mock('./query.anomalies_histogram.dsl', () => ({
11+
buildAnomaliesHistogramQuery: jest.fn(),
12+
}));
13+
14+
describe('anomaliesMatrixHistogramConfig', () => {
15+
test('should export anomaliesMatrixHistogramConfig corrrectly', () => {
16+
expect(anomaliesMatrixHistogramConfig).toEqual({
17+
aggName: 'aggregations.anomalyActionGroup.buckets',
18+
parseKey: 'anomalies.buckets',
19+
buildDsl: buildAnomaliesHistogramQuery,
20+
});
21+
});
22+
});

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/query.anomalies_histogram.dsl.test.ts

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
import { buildAnomaliesHistogramQuery } from './query.anomalies_histogram.dsl';
7+
import { mockOptions, expectedDsl } from './__mocks__';
8+
9+
describe('buildAnomaliesHistogramQuery', () => {
10+
test('build query from options correctly', () => {
11+
expect(buildAnomaliesHistogramQuery(mockOptions)).toEqual(expectedDsl);
12+
});
13+
});

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/__mocks__/index.ts

Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
export const mockOptions = {
8+
filterQuery: '{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
9+
timerange: { from: '2020-09-08T14:03:36.140Z', to: '2020-09-09T14:03:36.140Z' },
10+
defaultIndex: [
11+
'apm-*-transaction*',
12+
'auditbeat-*',
13+
'endgame-*',
14+
'filebeat-*',
15+
'logs-*',
16+
'packetbeat-*',
17+
'winlogbeat-*',
18+
],
19+
stackByField: 'event.outcome',
20+
};
21+
22+
export const expectedDsl = {
23+
index: [
24+
'apm-*-transaction*',
25+
'auditbeat-*',
26+
'endgame-*',
27+
'filebeat-*',
28+
'logs-*',
29+
'packetbeat-*',
30+
'winlogbeat-*',
31+
],
32+
allowNoIndices: true,
33+
ignoreUnavailable: true,
34+
body: {
35+
aggregations: {
36+
eventActionGroup: {
37+
terms: {
38+
field: 'event.outcome',
39+
include: ['success', 'failure'],
40+
order: { _count: 'desc' },
41+
size: 2,
42+
},
43+
aggs: {
44+
events: {
45+
date_histogram: {
46+
field: '@timestamp',
47+
fixed_interval: '2700000ms',
48+
min_doc_count: 0,
49+
extended_bounds: { min: 1599573816140, max: 1599660216140 },
50+
},
51+
},
52+
},
53+
},
54+
},
55+
query: {
56+
bool: {
57+
filter: [
58+
'{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
59+
{ bool: { must: [{ term: { 'event.category': 'authentication' } }] } },
60+
{
61+
range: {
62+
'@timestamp': {
63+
gte: '2020-09-08T14:03:36.140Z',
64+
lte: '2020-09-09T14:03:36.140Z',
65+
format: 'strict_date_optional_time',
66+
},
67+
},
68+
},
69+
],
70+
},
71+
},
72+
size: 0,
73+
track_total_hits: true,
74+
},
75+
};

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/index.test.ts

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
import { authenticationsMatrixHistogramConfig } from '.';
8+
import { buildAuthenticationsHistogramQuery } from './query.authentications_histogram.dsl';
9+
10+
jest.mock('./query.authentications_histogram.dsl', () => ({
11+
buildAuthenticationsHistogramQuery: jest.fn(),
12+
}));
13+
14+
describe('authenticationsMatrixHistogramConfig', () => {
15+
test('should export authenticationsMatrixHistogramConfig corrrectly', () => {
16+
expect(authenticationsMatrixHistogramConfig).toEqual({
17+
aggName: 'aggregations.eventActionGroup.buckets',
18+
parseKey: 'events.buckets',
19+
buildDsl: buildAuthenticationsHistogramQuery,
20+
});
21+
});
22+
});

x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/query.authentications_histogram.dsl.test.ts

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
import { buildAuthenticationsHistogramQuery } from './query.authentications_histogram.dsl';
7+
import { mockOptions, expectedDsl } from './__mocks__/';
8+
9+
describe('buildAuthenticationsHistogramQuery', () => {
10+
test('build query from options correctly', () => {
11+
expect(buildAuthenticationsHistogramQuery(mockOptions)).toEqual(expectedDsl);
12+
});
13+
});

0 commit comments

Comments
 (0)