forked from elastic/rally-tracks
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Enable
logsdb
index mode in security track (elastic#670)
This PR changes the security track so that we can enable LogsDB in index templates. Note that the failure store is only available in serverless so we gate its usage excluding it in case the deployment is not serverless. For LogsDB testing we rely on Kibana to install all other component/composable templates. This is to make sure we need limited changes to the Rally track. While testing this new configuration we discovered that installation of (component) templates done by Kibana is Serverless only happens when a user interacts with it. This means (component) templates are not installed and the `elastic/security` track execution fails as a result of using (component) templates that do not exist.
- Loading branch information
1 parent
d087d82
commit 2423ac1
Showing
9 changed files
with
342 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
44 changes: 44 additions & 0 deletions
44
elastic/security/templates/composable-logsdb/logs-endpoint.alerts.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{ | ||
"name": "logs-endpoint.alerts", | ||
"index_template": { | ||
"index_patterns": [ | ||
"logs-endpoint.alerts-*" | ||
], | ||
"template": { | ||
"settings": {}, | ||
"mappings": { | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
} | ||
} | ||
}, | ||
"composed_of": [ | ||
"logs@mappings", | ||
"logs@settings", | ||
"logs-endpoint.alerts@package", | ||
"ecs@mappings", | ||
".fleet_globals-1", | ||
".fleet_agent_id_verification-1", | ||
"track-shared-logsdb-mode" | ||
], | ||
"priority": 200, | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
}, | ||
"data_stream": { | ||
"hidden": false, | ||
"allow_custom_routing": false | ||
{% if build_flavor != "serverless" %}, | ||
"failure_store": false | ||
{% endif %} | ||
} | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
elastic/security/templates/composable-logsdb/logs-endpoint.events.file.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{ | ||
"name": "logs-endpoint.events.file", | ||
"index_template": { | ||
"index_patterns": [ | ||
"logs-endpoint.events.file-*" | ||
], | ||
"template": { | ||
"settings": {}, | ||
"mappings": { | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
} | ||
} | ||
}, | ||
"composed_of": [ | ||
"logs@mappings", | ||
"logs@settings", | ||
"logs-endpoint.events.file@package", | ||
"ecs@mappings", | ||
".fleet_globals-1", | ||
".fleet_agent_id_verification-1", | ||
"track-shared-logsdb-mode" | ||
], | ||
"priority": 200, | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
}, | ||
"data_stream": { | ||
"hidden": false, | ||
"allow_custom_routing": false | ||
{% if build_flavor != "serverless" %}, | ||
"failure_store": false | ||
{% endif %} | ||
} | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
elastic/security/templates/composable-logsdb/logs-endpoint.events.library.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{ | ||
"name": "logs-endpoint.events.library", | ||
"index_template": { | ||
"index_patterns": [ | ||
"logs-endpoint.events.library-*" | ||
], | ||
"template": { | ||
"settings": {}, | ||
"mappings": { | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
} | ||
} | ||
}, | ||
"composed_of": [ | ||
"logs@mappings", | ||
"logs@settings", | ||
"logs-endpoint.events.library@package", | ||
"ecs@mappings", | ||
".fleet_globals-1", | ||
".fleet_agent_id_verification-1", | ||
"track-shared-logsdb-mode" | ||
], | ||
"priority": 200, | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
}, | ||
"data_stream": { | ||
"hidden": false, | ||
"allow_custom_routing": false | ||
{% if build_flavor != "serverless" %}, | ||
"failure_store": false | ||
{% endif %} | ||
} | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
elastic/security/templates/composable-logsdb/logs-endpoint.events.network.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{ | ||
"name": "logs-endpoint.events.network", | ||
"index_template": { | ||
"index_patterns": [ | ||
"logs-endpoint.events.network-*" | ||
], | ||
"template": { | ||
"settings": {}, | ||
"mappings": { | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
} | ||
} | ||
}, | ||
"composed_of": [ | ||
"logs@mappings", | ||
"logs@settings", | ||
"logs-endpoint.events.network@package", | ||
"ecs@mappings", | ||
".fleet_globals-1", | ||
".fleet_agent_id_verification-1", | ||
"track-shared-logsdb-mode" | ||
], | ||
"priority": 200, | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
}, | ||
"data_stream": { | ||
"hidden": false, | ||
"allow_custom_routing": false | ||
{% if build_flavor != "serverless" %}, | ||
"failure_store": false | ||
{% endif %} | ||
} | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
elastic/security/templates/composable-logsdb/logs-endpoint.events.process.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{ | ||
"name": "logs-endpoint.events.process", | ||
"index_template": { | ||
"index_patterns": [ | ||
"logs-endpoint.events.process-*" | ||
], | ||
"template": { | ||
"settings": {}, | ||
"mappings": { | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
} | ||
} | ||
}, | ||
"composed_of": [ | ||
"logs@mappings", | ||
"logs@settings", | ||
"logs-endpoint.events.process@package", | ||
"ecs@mappings", | ||
".fleet_globals-1", | ||
".fleet_agent_id_verification-1", | ||
"track-shared-logsdb-mode" | ||
], | ||
"priority": 200, | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
}, | ||
"data_stream": { | ||
"hidden": false, | ||
"allow_custom_routing": false | ||
{% if build_flavor != "serverless" %}, | ||
"failure_store": false | ||
{% endif %} | ||
} | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
elastic/security/templates/composable-logsdb/logs-endpoint.events.registry.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{ | ||
"name": "logs-endpoint.events.registry", | ||
"index_template": { | ||
"index_patterns": [ | ||
"logs-endpoint.events.registry-*" | ||
], | ||
"template": { | ||
"settings": {}, | ||
"mappings": { | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
} | ||
} | ||
}, | ||
"composed_of": [ | ||
"logs@mappings", | ||
"logs@settings", | ||
"logs-endpoint.events.registry@package", | ||
"ecs@mappings", | ||
".fleet_globals-1", | ||
".fleet_agent_id_verification-1", | ||
"track-shared-logsdb-mode" | ||
], | ||
"priority": 200, | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
}, | ||
"data_stream": { | ||
"hidden": false, | ||
"allow_custom_routing": false | ||
{% if build_flavor != "serverless" %}, | ||
"failure_store": false | ||
{% endif %} | ||
} | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
elastic/security/templates/composable-logsdb/logs-endpoint.events.security.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{ | ||
"name": "logs-endpoint.events.security", | ||
"index_template": { | ||
"index_patterns": [ | ||
"logs-endpoint.events.security-*" | ||
], | ||
"template": { | ||
"settings": {}, | ||
"mappings": { | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
} | ||
} | ||
}, | ||
"composed_of": [ | ||
"logs@mappings", | ||
"logs@settings", | ||
"logs-endpoint.events.security@package", | ||
"ecs@mappings", | ||
".fleet_globals-1", | ||
".fleet_agent_id_verification-1", | ||
"track-shared-logsdb-mode" | ||
], | ||
"priority": 200, | ||
"_meta": { | ||
"package": { | ||
"name": "endpoint" | ||
}, | ||
"managed_by": "fleet", | ||
"managed": true | ||
}, | ||
"data_stream": { | ||
"hidden": false, | ||
"allow_custom_routing": false | ||
{% if build_flavor != "serverless" %}, | ||
"failure_store": false | ||
{% endif %} | ||
} | ||
} | ||
} |
Oops, something went wrong.