[SIEM] Updates process and TLS tables to use ECS 1.5 fields by tsg · Pull Request #60854 · elastic/kibana

tsg · 2020-03-21T12:46:37Z

Summary

This adjusts the fields used by the Uncommon Processes and TLS to ECS 1.5.
#60026
#43649

The process changes are easy enough because the code already supported multiple ways to filter the data and this PR just needs to add a new condition (event.category: process AND event.type: start).

For the TLS table, things are more complicated because several of the fields used in the UI are not available in ECS 1.5 and there are no immediate equivalents. More precisely, the common names from Issuer and Subject are no longer separated. Also, Alternative Names are not available.

Upon discussion with @MikePaquette, we've decided to display "Issuer" and "Subject" as columns.

Note that this means that old data won't be shown, but Packetbeat was switched to use ECS 1.4 already in 7.6.

I didn't yet adjust the integration tests, so I expect those to fail for now.

Checklist

Delete any items that are not applicable to this PR.

Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
~~Documentation was added for features that require explanation or tutorials~~
Unit or functional tests were updated or added to match the most common scenarios
T~~his was checked for keyboard-only and screenreader accessibility~~
~~This renders correctly on smaller devices using a responsive layout. (You can test this in your browser~~
~~This was checked for cross-browser compatibility, including a check against IE11~~

For maintainers

This was checked for breaking API changes and was labeled appropriately

elasticmachine · 2020-03-21T12:46:40Z

Pinging @elastic/siem (Team:SIEM)

angorayc

Thanks for updating the query!! Ran and played around on local branch, all looks fine. Good to go when all check passed.

tsg · 2020-03-23T15:04:22Z

@elasticmachine merge upstream

…60854) * Added new process filter * Use new ECS TLS fields

* master: (34 commits) [APM] add service map config options to legacy plugin (elastic#61002) [App Arch] migrate legacy CSS to new platform (core_plugins/kibana_react) (elastic#59882) Migrated styles for "share" plugin to new platform (elastic#59981) [ML] Module setup with dynamic model memory estimation (elastic#60656) Drilldowns (elastic#59632) Upgrade mocha dev-dependency from 6.2.2 to 7.1.1 (elastic#60779) [SIEM] Overview: Recent cases widget (elastic#60993) [ML] Functional tests - stabilize df analytics clone tests (elastic#60497) [SIEM] Updates process and TLS tables to use ECS 1.5 fields (elastic#60854) Migrate doc view part of discover (elastic#58094) Revert "[APM] Collect telemetry about data/API performance (elastic#51612)" fix(NA): log rotation watchers usage (elastic#60956) [SIEM] [CASES] Build lego blocks case details view (elastic#60864) Create Painless Lab app (elastic#57538) [SIEM] Move Timeline Template field to first step of rule creation (elastic#60840) [Reporting/New Platform Migration] Use a new config service on server-side (elastic#55882) [Alerting] allow email action to not require auth (elastic#60839) [Maps] Default ES document layer scaling type to clusters and show scaling UI in the create wizard (elastic#60668) [APM] Collect telemetry about data/API performance (elastic#51612) Implement Kibana Login Selector (elastic#53010) ...

…61031) * Added new process filter * Use new ECS TLS fields

kibanamachine · 2020-04-04T18:37:52Z

💔 Build Failed

continuous-integration/kibana-ci/pull-request
Commit: 3244646
Pipeline Steps (look for red circles / failed steps)
Interpreting CI Failures

Failed CI Steps

Test Failures

Kibana Pipeline / kibana-oss-agent / Chrome UI Functional Tests.test/functional/apps/discover/_errors·js.discover app errors invalid scripted field error is rendered

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has not failed recently on tracked branches

[00:00:00]       │
[00:01:41]         └-: discover app
[00:01:41]           └-> "before all" hook
[00:01:41]           └-> "before all" hook
[00:09:18]           └-: errors
[00:09:18]             └-> "before all" hook
[00:09:18]             └-> "before all" hook
[00:09:18]               │ info [logstash_functional] Loading "mappings.json"
[00:09:18]               │ info [logstash_functional] Loading "data.json.gz"
[00:09:18]               │ info [logstash_functional] Skipped restore for existing index "logstash-2015.09.22"
[00:09:18]               │ info [logstash_functional] Skipped restore for existing index "logstash-2015.09.20"
[00:09:18]               │ info [logstash_functional] Skipped restore for existing index "logstash-2015.09.21"
[00:09:19]               │ info [invalid_scripted_field] Loading "mappings.json"
[00:09:19]               │ info [invalid_scripted_field] Loading "data.json.gz"
[00:09:19]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/5Npm1HhkTimPYdGKHzpz0w] deleting index
[00:09:19]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_1/t4nBMgJlR0S-JmPcDcHD1Q] deleting index
[00:09:19]               │ info [invalid_scripted_field] Deleted existing index [".kibana_2",".kibana_1"]
[00:09:19]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] applying create index request using v1 templates []
[00:09:19]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana] creating index, cause [api], templates [], shards [1]/[0], mappings [_doc]
[00:09:19]               │ info [invalid_scripted_field] Created index ".kibana"
[00:09:19]               │ debg [invalid_scripted_field] ".kibana" settings {"index":{"number_of_replicas":"0","number_of_shards":"1"}}
[00:09:19]               │ info [invalid_scripted_field] Indexed 2 docs into ".kibana"
[00:09:19]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana/jmy4gL6NR_yCKpRRwJEA3w] update_mapping [_doc]
[00:09:19]               │ debg Migrating saved objects
[00:09:19]               │ proc [kibana]   log   [17:35:04.635] [info][savedobjects-service] Creating index .kibana_2.
[00:09:19]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] applying create index request using v1 templates []
[00:09:19]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2] creating index, cause [api], templates [], shards [1]/[1], mappings [_doc]
[00:09:19]               │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] updating number_of_replicas to [0] for indices [.kibana_2]
[00:09:19]               │ proc [kibana]   log   [17:35:04.675] [info][savedobjects-service] Reindexing .kibana to .kibana_1
[00:09:19]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] applying create index request using v1 templates []
[00:09:19]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_1] creating index, cause [api], templates [], shards [1]/[1], mappings [_doc]
[00:09:19]               │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] updating number_of_replicas to [0] for indices [.kibana_1]
[00:09:20]               │ info [o.e.t.LoggingTaskListener] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] 8411 finished with response BulkByScrollResponse[took=20.5ms,timed_out=false,sliceId=null,updated=0,created=2,deleted=0,batches=1,versionConflicts=0,noops=0,retries=0,throttledUntil=0s,bulk_failures=[],search_failures=[]]
[00:09:20]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana/jmy4gL6NR_yCKpRRwJEA3w] deleting index
[00:09:20]               │ proc [kibana]   log   [17:35:04.988] [info][savedobjects-service] Migrating .kibana_1 saved objects to .kibana_2
[00:09:20]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/OVkVW1_XTC6qnRXVCpSgDw] update_mapping [_doc]
[00:09:20]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/OVkVW1_XTC6qnRXVCpSgDw] update_mapping [_doc]
[00:09:20]               │ proc [kibana]   log   [17:35:05.036] [info][savedobjects-service] Pointing alias .kibana to .kibana_2.
[00:09:20]               │ proc [kibana]   log   [17:35:05.058] [info][savedobjects-service] Finished in 424ms.
[00:09:20]               │ debg applying update to kibana config: {"accessibility:disableAnimations":true,"dateFormat:tz":"UTC"}
[00:09:20]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/OVkVW1_XTC6qnRXVCpSgDw] update_mapping [_doc]
[00:09:21]               │ debg navigating to discover url: http://localhost:6161/app/kibana#/discover
[00:09:21]               │ debg Navigate to: http://localhost:6161/app/kibana#/discover
[00:09:22]               │ debg ... sleep(700) start
[00:09:22]               │ debg browser[INFO] http://localhost:6161/app/kibana?_t=1586021706681#/discover 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:09:22]               │
[00:09:22]               │ debg browser[INFO] http://localhost:6161/bundles/app/kibana/bootstrap.js 9:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:09:22]               │ debg ... sleep(700) end
[00:09:22]               │ debg returned from get, calling refresh
[00:09:22]               │ debg browser[INFO] http://localhost:6161/app/kibana?_t=1586021706681#/discover 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:09:22]               │
[00:09:22]               │ debg browser[INFO] http://localhost:6161/bundles/app/kibana/bootstrap.js 9:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:09:22]               │ debg currentUrl = http://localhost:6161/app/kibana#/discover
[00:09:22]               │          appUrl = http://localhost:6161/app/kibana#/discover
[00:09:22]               │ debg TestSubjects.find(kibanaChrome)
[00:09:22]               │ debg Find.findByCssSelector('[data-test-subj="kibanaChrome"]') with timeout=60000
[00:09:25]               │ debg TestSubjects.find(kibanaChrome)
[00:09:25]               │ debg Find.findByCssSelector('[data-test-subj="kibanaChrome"]') with timeout=10000
[00:09:25]               │ debg browser[INFO] http://localhost:6161/bundles/plugin/data/data.plugin.js 96:139970 "INFO: 2020-04-04T17:35:09Z
[00:09:25]               │        Adding connection to http://localhost:6161/elasticsearch
[00:09:25]               │
[00:09:25]               │      "
[00:09:25]               │ debg ... sleep(501) start
[00:09:26]               │ debg ... sleep(501) end
[00:09:26]               │ debg in navigateTo url = http://localhost:6161/app/kibana#/discover?_g=(filters:!(),refreshInterval:(pause:!t,value:0),time:(from:now-15m,to:now))&_a=(columns:!(_source),filters:!(),index:%2718ea0c30-2d77-11e8-93f2-6f8a391f33ef%27,interval:auto,query:(language:kuery,query:%27%27),sort:!())
[00:09:26]               │ debg --- retry.try error: URL changed, waiting for it to settle
[00:09:26]               │ debg ... sleep(501) start
[00:09:27]               │ debg ... sleep(501) end
[00:09:27]               │ debg in navigateTo url = http://localhost:6161/app/kibana#/discover?_g=(filters:!(),refreshInterval:(pause:!t,value:0),time:(from:now-15m,to:now))&_a=(columns:!(_source),filters:!(),index:%2718ea0c30-2d77-11e8-93f2-6f8a391f33ef%27,interval:auto,query:(language:kuery,query:%27%27),sort:!())
[00:09:27]               │ debg TestSubjects.exists(statusPageContainer)
[00:09:27]               │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="statusPageContainer"]') with timeout=2500
[00:09:29]               │ debg --- retry.tryForTime error: [data-test-subj="statusPageContainer"] is not displayed
[00:09:30]             └-: invalid scripted field error
[00:09:30]               └-> "before all" hook
[00:09:30]               └-> is rendered
[00:09:30]                 └-> "before each" hook: global before each
[00:09:30]                 │ debg TestSubjects.exists(discoverFetchError)
[00:09:30]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="discoverFetchError"]') with timeout=2500
[00:09:32]                 │ debg --- retry.tryForTime error: [data-test-subj="discoverFetchError"] is not displayed
[00:09:33]                 │ info Taking screenshot "/dev/shm/workspace/kibana/test/functional/screenshots/failure/discover app errors invalid scripted field error is rendered.png"
[00:09:33]                 │ info Current URL is: http://localhost:6161/app/kibana#/discover?_g=(filters:!(),refreshInterval:(pause:!t,value:0),time:(from:now-15m,to:now))&_a=(columns:!(_source),filters:!(),index:%2718ea0c30-2d77-11e8-93f2-6f8a391f33ef%27,interval:auto,query:(language:kuery,query:%27%27),sort:!())
[00:09:33]                 │ info Saving page source to: /dev/shm/workspace/kibana/test/functional/failure_debug/html/discover app errors invalid scripted field error is rendered.html
[00:09:33]                 └- ✖ fail: "discover app errors invalid scripted field error is rendered"
[00:09:33]                 │

Stack Trace

Error: expected false to equal true
    at Assertion.assert (packages/kbn-expect/expect.js:100:11)
    at Assertion.be.Assertion.equal (packages/kbn-expect/expect.js:227:8)
    at Assertion.be (packages/kbn-expect/expect.js:69:22)
    at Context.it (test/functional/apps/discover/_errors.js:41:40)

Kibana Pipeline / kibana-intake-agent / Jest Integration Tests.packages/kbn-plugin-generator/integration_tests.running the plugin-generator via 'node scripts/generate_plugin.js plugin-name' with default config then running with es instance 'yarn start' should result in the spec plugin being initialized on kibana's stdout

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has failed 4 times on tracked branches: https://github.com/elastic/kibana/issues/54481

Stack Trace

Error: Command failed with exit code 126: ./bin/elasticsearch-keystore create
./bin/elasticsearch-env: line 77: /var/lib/jenkins/workspace/elastic+kibana+pipeline-pull-request/kibana/.es/job-kibana-intake-es-test-cluster/jdk/bin/java: cannot execute binary file
warning: ignoring JAVA_TOOL_OPTIONS=-Dfile.encoding=UTF8
    at makeError (/var/lib/jenkins/workspace/elastic+kibana+pipeline-pull-request/kibana/node_modules/execa/lib/error.js:58:11)
    at handlePromise (/var/lib/jenkins/workspace/elastic+kibana+pipeline-pull-request/kibana/node_modules/execa/index.js:114:26)
    at process._tickCallback (internal/process/next_tick.js:68:7)

Kibana Pipeline / kibana-oss-agent / Chrome UI Functional Tests.test/functional/apps/discover/_errors·js.discover app errors invalid scripted field error is rendered

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has failed 1 times on tracked branches: https://dryrun

[00:00:00]       │
[00:01:42]         └-: discover app
[00:01:42]           └-> "before all" hook
[00:01:42]           └-> "before all" hook
[00:09:45]           └-: errors
[00:09:45]             └-> "before all" hook
[00:09:45]             └-> "before all" hook
[00:09:45]               │ info [logstash_functional] Loading "mappings.json"
[00:09:45]               │ info [logstash_functional] Loading "data.json.gz"
[00:09:45]               │ info [logstash_functional] Skipped restore for existing index "logstash-2015.09.22"
[00:09:45]               │ info [logstash_functional] Skipped restore for existing index "logstash-2015.09.20"
[00:09:45]               │ info [logstash_functional] Skipped restore for existing index "logstash-2015.09.21"
[00:09:46]               │ info [invalid_scripted_field] Loading "mappings.json"
[00:09:46]               │ info [invalid_scripted_field] Loading "data.json.gz"
[00:09:46]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/gP1OPlwySBSNqKNwXrZ9uw] deleting index
[00:09:46]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_1/ptKEoTcYQHCcgi1mL9_GKQ] deleting index
[00:09:46]               │ info [invalid_scripted_field] Deleted existing index [".kibana_2",".kibana_1"]
[00:09:46]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] applying create index request using v1 templates []
[00:09:46]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana] creating index, cause [api], templates [], shards [1]/[0], mappings [_doc]
[00:09:46]               │ info [invalid_scripted_field] Created index ".kibana"
[00:09:46]               │ debg [invalid_scripted_field] ".kibana" settings {"index":{"number_of_replicas":"0","number_of_shards":"1"}}
[00:09:46]               │ info [invalid_scripted_field] Indexed 2 docs into ".kibana"
[00:09:46]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana/A2tBU-iKR2ea1XRWoU0IAA] update_mapping [_doc]
[00:09:47]               │ debg Migrating saved objects
[00:09:47]               │ proc [kibana]   log   [17:23:52.094] [info][savedobjects-service] Creating index .kibana_2.
[00:09:47]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] applying create index request using v1 templates []
[00:09:47]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2] creating index, cause [api], templates [], shards [1]/[1], mappings [_doc]
[00:09:47]               │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] updating number_of_replicas to [0] for indices [.kibana_2]
[00:09:47]               │ proc [kibana]   log   [17:23:52.161] [info][savedobjects-service] Reindexing .kibana to .kibana_1
[00:09:47]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] applying create index request using v1 templates []
[00:09:47]               │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_1] creating index, cause [api], templates [], shards [1]/[1], mappings [_doc]
[00:09:47]               │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] updating number_of_replicas to [0] for indices [.kibana_1]
[00:09:47]               │ info [o.e.t.LoggingTaskListener] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] 8466 finished with response BulkByScrollResponse[took=50.6ms,timed_out=false,sliceId=null,updated=0,created=2,deleted=0,batches=1,versionConflicts=0,noops=0,retries=0,throttledUntil=0s,bulk_failures=[],search_failures=[]]
[00:09:47]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana/A2tBU-iKR2ea1XRWoU0IAA] deleting index
[00:09:47]               │ proc [kibana]   log   [17:23:52.522] [info][savedobjects-service] Migrating .kibana_1 saved objects to .kibana_2
[00:09:47]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/-jEoFGT8QCmLfKCkmVbdiw] update_mapping [_doc]
[00:09:47]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/-jEoFGT8QCmLfKCkmVbdiw] update_mapping [_doc]
[00:09:47]               │ proc [kibana]   log   [17:23:52.601] [info][savedobjects-service] Pointing alias .kibana to .kibana_2.
[00:09:47]               │ proc [kibana]   log   [17:23:52.657] [info][savedobjects-service] Finished in 565ms.
[00:09:47]               │ debg applying update to kibana config: {"accessibility:disableAnimations":true,"dateFormat:tz":"UTC"}
[00:09:48]               │ info [o.e.c.m.MetadataMappingService] [kibana-ci-immutable-debian-tests-xl-1586019309640426591] [.kibana_2/-jEoFGT8QCmLfKCkmVbdiw] update_mapping [_doc]
[00:09:49]               │ debg navigating to discover url: http://localhost:6161/app/kibana#/discover
[00:09:49]               │ debg Navigate to: http://localhost:6161/app/kibana#/discover
[00:09:49]               │ debg ... sleep(700) start
[00:09:49]               │ debg browser[INFO] http://localhost:6161/app/kibana?_t=1586021034180#/discover 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:09:49]               │
[00:09:49]               │ debg browser[INFO] http://localhost:6161/bundles/app/kibana/bootstrap.js 9:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:09:49]               │ debg ... sleep(700) end
[00:09:49]               │ debg returned from get, calling refresh
[00:09:50]               │ debg browser[INFO] http://localhost:6161/app/kibana?_t=1586021034180#/discover 341 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
[00:09:50]               │
[00:09:50]               │ debg browser[INFO] http://localhost:6161/bundles/app/kibana/bootstrap.js 9:19 "^ A single error about an inline script not firing due to content security policy is expected!"
[00:09:50]               │ debg currentUrl = http://localhost:6161/app/kibana#/discover
[00:09:50]               │          appUrl = http://localhost:6161/app/kibana#/discover
[00:09:50]               │ debg TestSubjects.find(kibanaChrome)
[00:09:50]               │ debg Find.findByCssSelector('[data-test-subj="kibanaChrome"]') with timeout=60000
[00:09:53]               │ debg TestSubjects.find(kibanaChrome)
[00:09:53]               │ debg Find.findByCssSelector('[data-test-subj="kibanaChrome"]') with timeout=10000
[00:09:53]               │ debg browser[INFO] http://localhost:6161/bundles/plugin/data/data.plugin.js 96:139970 "INFO: 2020-04-04T17:23:57Z
[00:09:53]               │        Adding connection to http://localhost:6161/elasticsearch
[00:09:53]               │
[00:09:53]               │      "
[00:09:53]               │ debg ... sleep(501) start
[00:09:54]               │ debg ... sleep(501) end
[00:09:54]               │ debg in navigateTo url = http://localhost:6161/app/kibana#/discover?_g=(filters:!(),refreshInterval:(pause:!t,value:0),time:(from:now-15m,to:now))&_a=(columns:!(_source),filters:!(),index:%2718ea0c30-2d77-11e8-93f2-6f8a391f33ef%27,interval:auto,query:(language:kuery,query:%27%27),sort:!())
[00:09:54]               │ debg --- retry.try error: URL changed, waiting for it to settle
[00:09:54]               │ debg ... sleep(501) start
[00:09:55]               │ debg ... sleep(501) end
[00:09:55]               │ debg in navigateTo url = http://localhost:6161/app/kibana#/discover?_g=(filters:!(),refreshInterval:(pause:!t,value:0),time:(from:now-15m,to:now))&_a=(columns:!(_source),filters:!(),index:%2718ea0c30-2d77-11e8-93f2-6f8a391f33ef%27,interval:auto,query:(language:kuery,query:%27%27),sort:!())
[00:09:55]               │ debg TestSubjects.exists(statusPageContainer)
[00:09:55]               │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="statusPageContainer"]') with timeout=2500
[00:09:57]               │ debg --- retry.tryForTime error: [data-test-subj="statusPageContainer"] is not displayed
[00:09:58]             └-: invalid scripted field error
[00:09:58]               └-> "before all" hook
[00:09:58]               └-> is rendered
[00:09:58]                 └-> "before each" hook: global before each
[00:09:58]                 │ debg TestSubjects.exists(discoverFetchError)
[00:09:58]                 │ debg Find.existsByDisplayedByCssSelector('[data-test-subj="discoverFetchError"]') with timeout=2500
[00:10:00]                 │ debg --- retry.tryForTime error: [data-test-subj="discoverFetchError"] is not displayed
[00:10:01]                 │ info Taking screenshot "/dev/shm/workspace/kibana/test/functional/screenshots/failure/discover app errors invalid scripted field error is rendered.png"
[00:10:01]                 │ info Current URL is: http://localhost:6161/app/kibana#/discover?_g=(filters:!(),refreshInterval:(pause:!t,value:0),time:(from:now-15m,to:now))&_a=(columns:!(_source),filters:!(),index:%2718ea0c30-2d77-11e8-93f2-6f8a391f33ef%27,interval:auto,query:(language:kuery,query:%27%27),sort:!())
[00:10:01]                 │ info Saving page source to: /dev/shm/workspace/kibana/test/functional/failure_debug/html/discover app errors invalid scripted field error is rendered.html
[00:10:01]                 └- ✖ fail: "discover app errors invalid scripted field error is rendered"
[00:10:01]                 │

Stack Trace

Error: expected false to equal true
    at Assertion.assert (packages/kbn-expect/expect.js:100:11)
    at Assertion.be.Assertion.equal (packages/kbn-expect/expect.js:227:8)
    at Assertion.be (packages/kbn-expect/expect.js:69:22)
    at Context.it (test/functional/apps/discover/_errors.js:41:40)

History

💚 Build #35596 succeeded 3244646
💔 Build #35439 failed 6e9cf70
💔 Build #35178 failed 5aef9eb

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

elasticmachine · 2021-09-23T14:37:48Z

Pinging @elastic/security-solution (Team: SecuritySolution)

tsg added 2 commits March 20, 2020 18:45

Added new process filter

6ef0960

Use new ECS TLS fields

5aef9eb

tsg added Team:SIEM v7.7.0 labels Mar 21, 2020

tsg requested a review from a team as a code owner March 21, 2020 12:46

tsg changed the title ~~Update process and TLS tables to ECS 1.5~~ [SIEM] Updates process and TLS tables to use ECS 1.5 fields Mar 21, 2020

tsg added the release_note:fix label Mar 21, 2020

tsg requested a review from angorayc March 21, 2020 13:13

angorayc approved these changes Mar 23, 2020

View reviewed changes

Fix TLS tests

f02116e

elasticmachine and others added 2 commits March 23, 2020 11:04

Merge branch 'master' into update_ecs_1.5

6e9cf70

C&P error caught by the type check

3244646

tsg merged commit e6dbc3f into elastic:master Mar 24, 2020

tsg added a commit to tsg/kibana that referenced this pull request Mar 24, 2020

[SIEM] Updates process and TLS tables to use ECS 1.5 fields (elastic#…

adef3ad

…60854) * Added new process filter * Use new ECS TLS fields

tsg mentioned this pull request Mar 24, 2020

[7.x] [SIEM] Updates process and TLS tables to use ECS 1.5 fields (#60854) #61031

Merged

tsg added a commit that referenced this pull request Mar 24, 2020

[SIEM] Updates process and TLS tables to use ECS 1.5 fields (#60854) (#…

0dba353

…61031) * Added new process filter * Use new ECS TLS fields

FrankHassanabad added the v8.0.0 label Mar 30, 2020

FrankHassanabad assigned tsg Apr 4, 2020

FrankHassanabad added the v7.8.0 label Apr 4, 2020

antcodd mentioned this pull request May 26, 2020

[SIEM] Network TLS table using wrong fields for drag and drop to timelines #67299

Closed

MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SIEM] Updates process and TLS tables to use ECS 1.5 fields#60854

[SIEM] Updates process and TLS tables to use ECS 1.5 fields#60854
tsg merged 5 commits intoelastic:masterfrom
tsg:update_ecs_1.5

tsg commented Mar 21, 2020 •

edited by FrankHassanabad

Loading

Uh oh!

elasticmachine commented Mar 21, 2020

Uh oh!

angorayc left a comment

Uh oh!

tsg commented Mar 23, 2020

Uh oh!

kibanamachine commented Apr 4, 2020

Standard Out

Stack Trace

Standard Out

Stack Trace

Standard Out

Stack Trace

Uh oh!

elasticmachine commented Sep 23, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

Conversation

tsg commented Mar 21, 2020 • edited by FrankHassanabad Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Checklist

For maintainers

Uh oh!

elasticmachine commented Mar 21, 2020

Uh oh!

angorayc left a comment

Choose a reason for hiding this comment

Uh oh!

tsg commented Mar 23, 2020

Uh oh!

kibanamachine commented Apr 4, 2020

💔 Build Failed

Failed CI Steps

Test Failures

Standard Out

Stack Trace

Standard Out

Stack Trace

Standard Out

Stack Trace

History

Uh oh!

elasticmachine commented Sep 23, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

tsg commented Mar 21, 2020 •

edited by FrankHassanabad

Loading