From b594dd49bf55148519ca764e46458cc6273f76b6 Mon Sep 17 00:00:00 2001 From: Georgii Gorbachev Date: Wed, 1 Dec 2021 13:10:53 +0100 Subject: [PATCH] Stop updating rule status on enable/disable --- .../routes/rules/perform_bulk_action_route.ts | 2 -- .../lib/detection_engine/rules/enable_rule.ts | 20 +------------------ .../lib/detection_engine/rules/patch_rules.ts | 2 +- .../detection_engine/rules/update_rules.ts | 2 +- 4 files changed, 3 insertions(+), 23 deletions(-) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/perform_bulk_action_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/perform_bulk_action_route.ts index 251ff1e6e5f38..fb766124ea6ee 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/perform_bulk_action_route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/perform_bulk_action_route.ts @@ -89,8 +89,6 @@ export const performBulkActionRoute = ( await enableRule({ rule, rulesClient, - ruleStatusClient, - spaceId: context.securitySolution.getSpaceId(), }); } }) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts index e24da8a2ba0d4..828471a1aea61 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts @@ -7,15 +7,11 @@ import { SanitizedAlert } from '../../../../../alerting/common'; import { RulesClient } from '../../../../../alerting/server'; -import { RuleExecutionStatus } from '../../../../common/detection_engine/schemas/common/schemas'; -import { IRuleExecutionLogClient } from '../rule_execution_log/types'; import { RuleParams } from '../schemas/rule_schemas'; interface EnableRuleArgs { rule: SanitizedAlert; rulesClient: RulesClient; - ruleStatusClient: IRuleExecutionLogClient; - spaceId: string; } /** @@ -23,21 +19,7 @@ interface EnableRuleArgs { * * @param rule - rule to enable * @param rulesClient - Alerts client - * @param ruleStatusClient - ExecLog client */ -export const enableRule = async ({ - rule, - rulesClient, - ruleStatusClient, - spaceId, -}: EnableRuleArgs) => { +export const enableRule = async ({ rule, rulesClient }: EnableRuleArgs) => { await rulesClient.enable({ id: rule.id }); - - await ruleStatusClient.logStatusChange({ - ruleId: rule.id, - ruleName: rule.name, - ruleType: rule.alertTypeId, - spaceId, - newStatus: RuleExecutionStatus['going to run'], - }); }; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts index ee3098b8577d4..8c256c54c24ab 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts @@ -222,7 +222,7 @@ export const patchRules = async ({ if (rule.enabled && enabled === false) { await rulesClient.disable({ id: rule.id }); } else if (!rule.enabled && enabled === true) { - await enableRule({ rule, rulesClient, ruleStatusClient, spaceId }); + await enableRule({ rule, rulesClient }); } else { // enabled is null or undefined and we do not touch the rule } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.ts index eb406cffccbb4..476a9e4d615f2 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.ts @@ -104,7 +104,7 @@ export const updateRules = async ({ if (existingRule.enabled && enabled === false) { await rulesClient.disable({ id: existingRule.id }); } else if (!existingRule.enabled && enabled === true) { - await enableRule({ rule: existingRule, rulesClient, ruleStatusClient, spaceId }); + await enableRule({ rule: existingRule, rulesClient }); } return { ...update, enabled }; };