Security Analytics 2.7 Backports by toepkerd · Pull Request #938 · opensearch-project/security-analytics

toepkerd · 2024-03-19T00:06:41Z

Description

Bump build version to 2.7.1
Fix build

Issues Resolved

[List any issues this PR will resolve]

Check List

New functionality includes testing.
- All tests pass
New functionality has been documented.
- New functionality has javadoc added
Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

Signed-off-by: Megha Goyal <goyamegh@amazon.com>

* fix detector writeTo() method missing fields Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * fix test Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>

* fix null query filter conversion from sigma to query string query Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * fix rule to query conversion tests for null filter Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * enhance test to verify non null doc doesnt match null query Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>

Signed-off-by: Megha Goyal <goyamegh@amazon.com> * Adding integ tests for empty mappings/aliases use-cases Signed-off-by: Megha Goyal <goyamegh@amazon.com> * Fix unit tests for MappingsTraverser Signed-off-by: Megha Goyal <goyamegh@amazon.com> --------- Signed-off-by: Megha Goyal <goyamegh@amazon.com>

…quashed) Signed-off-by: Dennis Toepker <toepkerd@amazon.com>

…emove blocking actionGet() calls (#873) * pass query field names in doc level queries during monitor creation/updation Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * remove actionGet() and change get index mapping call to event driven flow Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * fix chained findings monitor Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add finding mappings Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * remove test messages from logs Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * revert build.gradle change Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>

codecov · 2024-03-19T00:13:59Z

Codecov Report

Attention: Patch coverage is 5.66667% with 283 lines in your changes are missing coverage. Please review.

Project coverage is 27.77%. Comparing base (58c33a9) to head (e12f6fb).
Report is 1 commits behind head on 2.7.

Files	Patch %	Lines
...lytics/transport/TransportIndexDetectorAction.java	0.00%	278 Missing ⚠️
...search/securityanalytics/mapper/MapperService.java	0.00%	5 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##                2.7     #938      +/-   ##
============================================
- Coverage     28.09%   27.77%   -0.32%     
- Complexity      900      902       +2     
============================================
  Files           231      231              
  Lines          9341     9495     +154     
  Branches       1076     1081       +5     
============================================
+ Hits           2624     2637      +13     
- Misses         6481     6623     +142     
+ Partials        236      235       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

engechas · 2024-03-19T00:11:06Z

src/main/java/org/opensearch/securityanalytics/transport/TransportIndexDetectorAction.java

 import org.apache.logging.log4j.Logger;
 import org.apache.lucene.search.join.ScoreMode;
-import org.opensearch.common.SetOnce;
+import org.apache.lucene.util.SetOnce;


Don't think this was supposed to change. Not sure what the ramifications are

Signed-off-by: Dennis Toepker <toepkerd@amazon.com>

engechas

Code LGTM, approving. Will rerun the CIs to make sure they are just flaky

…) (opensearch-project#938) (cherry picked from commit e0b7a5a7905b977e58d80e3b9134b14893d122b0) * remove unneeded import --------- * Stashed user together with it's roles --------- * Added workflow execution logic (opensearch-project#850) * Added workflow execution logic * Adjusted code according to comments * Updated version of the findings json * Updating the workflow metadata in the case of updating flag set to false while the metadata alerady exist * Added logging for workflow metadata update * Added Rest Execute Workflow action * Extended workflow context with workflowMetadataId. Adjusted the doc level monitor findings * Updated conditions for unstashing the context when indexing and deleting the workflow --------- * Added fix when executing the workflow and when chained findings index… (opensearch-project#890) * Fixed deleting monitor workflow metadata (#882) * Fixed deleting monitor metadata and workflow metadata. * fix monitor metadata error from conflict resolution * remove unused import * remove rest execute workflow action * increment schema version for findings mapping json --------- Signed-off-by: Stevan Buzejic <buzejic.stevan@gmail.com> Signed-off-by: Angie Zhang <langelzh@amazon.com> Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> Co-authored-by: Stevan Buzejic <buzejic.stevan@gmail.com> Co-authored-by: Angie Zhang <langelzh@amazon.com> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Petar Dzepina <petar.dzepina@gmail.com> Co-authored-by: Ashish Agrawal <ashisagr@amazon.com>

goyamegh and others added 6 commits March 13, 2024 19:54

Version bump to 2.7.1

a94d9c4

Signed-off-by: Megha Goyal <goyamegh@amazon.com>

fixing build failures for previous cherry-pick PR for SAP2.7 (to be s…

4b2206a

…quashed) Signed-off-by: Dennis Toepker <toepkerd@amazon.com>

toepkerd changed the title ~~Backports 2.7~~ Security Analytics 2.7 Backports Mar 19, 2024

engechas reviewed Mar 19, 2024

View reviewed changes

fixing an import

e12f6fb

Signed-off-by: Dennis Toepker <toepkerd@amazon.com>

toepkerd marked this pull request as ready for review March 19, 2024 00:44

engechas approved these changes Mar 19, 2024

View reviewed changes

sbcd90 approved these changes Mar 19, 2024

View reviewed changes

engechas merged commit 0f8369c into opensearch-project:2.7 Mar 19, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security Analytics 2.7 Backports#938

Security Analytics 2.7 Backports#938
engechas merged 7 commits intoopensearch-project:2.7from
toepkerd:backports-2.7

toepkerd commented Mar 19, 2024

Uh oh!

codecov bot commented Mar 19, 2024 •

edited

Loading

Uh oh!

engechas Mar 19, 2024

Uh oh!

engechas left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

Conversation

toepkerd commented Mar 19, 2024

Description

Issues Resolved

Check List

Uh oh!

codecov bot commented Mar 19, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

engechas Mar 19, 2024

Choose a reason for hiding this comment

Uh oh!

engechas left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

codecov bot commented Mar 19, 2024 •

edited

Loading