[Attack discovery] Add utils for testing (#182918)

## Summary Add `load_attack_discovery_data` script that populates alerts data for Attack discovery testing To load Attack discovery data to the existing instance: ``` node x-pack/solutions/security/plugins/security_solution/scripts/load_attack_discovery_data.js --kibanaUrl http://127.0.0.1:5620 --elasticsearchUrl http://127.0.0.1:9220 ``` --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Mark Hopkin <[email protected]>
elastic · Jan 14, 2025 · 2c9e55d · 2c9e55d
1 parent 0640f38
commit 2c9e55d
Show file tree

Hide file tree

Showing 22 changed files with 116,346 additions and 1 deletion.
diff --git a/x-pack/solutions/security/plugins/elastic_assistant/tsconfig.json b/x-pack/solutions/security/plugins/elastic_assistant/tsconfig.json
@@ -52,7 +52,7 @@
     "@kbn/data-views-plugin",
     "@kbn/core-analytics-server",
     "@kbn/llm-tasks-plugin",
-    "@kbn/product-doc-base-plugin"
+    "@kbn/product-doc-base-plugin",
   ],
   "exclude": [
     "target/**/*",

diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/attack_discovery/index.ts b/x-pack/solutions/security/plugins/security_solution/scripts/attack_discovery/index.ts
@@ -0,0 +1,64 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { run } from '@kbn/dev-cli-runner';
+import { createEsClient, createKbnClient } from '../endpoint/common/stack_services';
+import { HORIZONTAL_LINE } from '../endpoint/common/constants';
+import { createToolingLogger } from '../../common/endpoint/data_loaders/utils';
+import { loadAttackDiscoveryData } from './load';
+
+export const cli = () => {
+  run(
+    async (cliContext) => {
+      createToolingLogger.setDefaultLogLevelFromCliFlags(cliContext.flags);
+
+      const log = cliContext.log;
+      const kbnClient = createKbnClient({
+        log,
+        url: cliContext.flags.kibanaUrl as string,
+        username: cliContext.flags.username as string,
+        password: cliContext.flags.password as string,
+      });
+      const esClient = createEsClient({
+        log,
+        url: cliContext.flags.elasticsearchUrl as string,
+        username: cliContext.flags.username as string,
+        password: cliContext.flags.password as string,
+      });
+
+      log.info(`${HORIZONTAL_LINE}
+ Environment Data Loader
+${HORIZONTAL_LINE}
+`);
+      log.info(`Loading data to: ${kbnClient.resolveUrl('')}`);
+
+      await loadAttackDiscoveryData({ kbnClient, esClient, log });
+    },
+
+    // Options
+    {
+      description: `Loads data into a environment for testing/development`,
+      flags: {
+        string: ['kibanaUrl', 'elasticsearchUrl', 'username', 'password'],
+        default: {
+          kibanaUrl: 'http://127.0.0.1:5601',
+          elasticsearchUrl: 'http://127.0.0.1:9200',
+          username: 'elastic',
+          password: 'changeme',
+        },
+        allowUnexpected: false,
+        help: `
+        --username                      User name to be used for auth against elasticsearch and
+                                        kibana (Default: elastic).
+        --password                      User name Password (Default: changeme)
+        --kibanaUrl                     The url to Kibana (Default: http://127.0.0.1:5601)
+        --elasticsearchUrl              The url to Elasticsearch (Default: http://127.0.0.1:9200)
+      `,
+      },
+    }
+  );
+};