Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security] Alert Telemetry for the Security app #77200

Merged
merged 27 commits into from
Sep 30, 2020
Merged

[Security] Alert Telemetry for the Security app #77200

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
e2250a9
Empty recurring task
tsg Aug 17, 2020
da753fe
Added processEvents with tests
tsg Aug 18, 2020
6335857
SendIfDue + tests
tsg Aug 19, 2020
c302fdd
Connect telemetry in the detection engine
tsg Sep 7, 2020
5e14df8
Respect opt-in status
tsg Sep 10, 2020
7bcf141
test fixes + test for telemetry disabled
tsg Sep 10, 2020
483e3cf
Various type fixes
tsg Sep 18, 2020
0cd31af
Merge branch 'master' into telemetry_events
elasticmachine Sep 18, 2020
65a5078
Add cluster_uuid and cluster_name
tsg Sep 21, 2020
fb6b3ea
Filter by endpoint alerts
tsg Sep 22, 2020
2fdc70c
type fixes + tests
tsg Sep 23, 2020
725fc54
mege master
tsg Sep 23, 2020
069147f
fix types
tsg Sep 23, 2020
896ca96
merge master
tsg Sep 28, 2020
0ae4046
Refactor processEvents
tsg Sep 28, 2020
2f31f49
Send events to the telemetry server
tsg Sep 29, 2020
f8309c9
Small refactoring
tsg Sep 29, 2020
b2df3a8
Add license fields
tsg Sep 29, 2020
e6a2d71
Update x-pack/plugins/security_solution/server/lib/detection_engine/s…
tsg Sep 29, 2020
722e68d
Move undefined check in the function to simplify top level code
tsg Sep 29, 2020
5f25435
Correct datastream to data_stream
tsg Sep 29, 2020
1a29cbd
Incorporated Xavier's feedback + add license header
tsg Sep 30, 2020
0dda88c
Test fix + minor changes
tsg Sep 30, 2020
23fbe32
Commented out verbose debug logs
tsg Sep 30, 2020
52390cf
Merge branch 'master' into telemetry_events
elasticmachine Sep 30, 2020
d0d52f4
Merge branch 'master' into telemetry_events
elasticmachine Sep 30, 2020
e8b364d
Merge branch 'master' into telemetry_events
elasticmachine Sep 30, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
SendIfDue + tests
  • Loading branch information
@tsg
tsg committed Sep 7, 2020
commit 63358572c88b1474d269e40c80bd69ab61c4ad55
39 changes: 38 additions & 1 deletion x-pack/plugins/security_solution/server/lib/telemetry/sender.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@
*/

import { TelemetryEventsSender } from './sender.ts';
import { loggingSystemMock } from 'src/core/server/mocks';

describe('TelemetryEventsSender', () => {
describe('processEvents', () => {
it('returns empty array when empty array is passed', async () => {
it('returns empty array when empty array is passed', () => {
const sender = new TelemetryEventsSender();
const result = sender.processEvents([]);
expect(result).toStrictEqual([]);
Expand Down Expand Up @@ -71,4 +72,40 @@ describe('TelemetryEventsSender', () => {
]);
});
});

describe('queueTelemetryEvents', () => {
it('queues two events', () => {
const sender = new TelemetryEventsSender();
sender.queueTelemetryEvents([{ 'event.kind': '1' }, { 'event.kind': '2' }]);
expect(sender.queue.length).toBe(2);
});

it('queues more than maxQueueSize events', () => {
const sender = new TelemetryEventsSender();
sender.maxQueueSize = 5;
sender.queueTelemetryEvents([{ 'event.kind': '1' }, { 'event.kind': '2' }]);
sender.queueTelemetryEvents([{ 'event.kind': '3' }, { 'event.kind': '4' }]);
sender.queueTelemetryEvents([{ 'event.kind': '5' }, { 'event.kind': '6' }]);
sender.queueTelemetryEvents([{ 'event.kind': '7' }, { 'event.kind': '8' }]);
expect(sender.queue.length).toBe(5);
});

it('empties the queue when sending', async () => {
const sender = new TelemetryEventsSender();
sender.logger = loggingSystemMock.create().get();
sender.sendEvents = jest.fn();

sender.queueTelemetryEvents([{ 'event.kind': '1' }, { 'event.kind': '2' }]);
expect(sender.queue.length).toBe(2);
await sender.sendIfDue();
expect(sender.queue.length).toBe(0);
expect(sender.sendEvents).toBeCalledTimes(1);
sender.queueTelemetryEvents([{ 'event.kind': '3' }, { 'event.kind': '4' }]);
sender.queueTelemetryEvents([{ 'event.kind': '5' }, { 'event.kind': '6' }]);
expect(sender.queue.length).toBe(4);
await sender.sendIfDue();
expect(sender.queue.length).toBe(0);
expect(sender.sendEvents).toBeCalledTimes(2);
});
});
});
42 changes: 24 additions & 18 deletions x-pack/plugins/security_solution/server/lib/telemetry/sender.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/

import { pick } from 'lodash';
import { pick, cloneDeep } from 'lodash';

import { PluginInitializerContext, Logger } from '../../../../../../core/server';

Expand Down Expand Up @@ -50,34 +50,20 @@ export class TelemetryEventsSender {
}
}

private async sendIfDue() {
if (this.isSending) {
return;
}

try {
this.isSending = true;
this.logger.debug(`Sending...`);
} catch (err) {
this.logger.warn(`Error sending telemetry events data: ${err}`);
}
this.isSending = false;
}

public queueTelemetryEvents(events: object[]) {
const qlength = this.queue.length;

if (qlength > this.maxQueueSize) {
if (qlength >= this.maxQueueSize) {
// we're full already
return;
}

// TODO check that telemetry is opted-in

if (events.length > this.maxQueueSize - qlength) {
this.queue.push(this.processEvents(events.slice(0, this.maxQueueSize - qlength)));
this.queue.push(...this.processEvents(events.slice(0, this.maxQueueSize - qlength)));
} else {
this.queue.push(this.processEvents(events));
this.queue.push(...this.processEvents(events));
}
}

Expand All @@ -100,4 +86,24 @@ export class TelemetryEventsSender {
return newObj;
});
}

private async sendIfDue() {
if (this.isSending) {
return;
}

try {
this.isSending = true;
const toSend: object[] = cloneDeep(this.queue);
this.queue = [];
this.sendEvents(toSend);
} catch (err) {
this.logger.warn(`Error sending telemetry events data: ${err}`);
}
this.isSending = false;
}

private async sendEvents(events: object[]) {
// TODO
}
}