EQL: small improvements to the testing base class

Extract request settings into dedicated methods for easier adjustments

Author: costin

x-pack/plugin/eql/qa/common/src/main/java/org/elasticsearch/test/eql/BaseEqlSpecTestCase.java

@@ -112,14 +112,16 @@ else if (hits.sequences() != null) {
 
     protected EqlSearchResponse runQuery(String index, String query) throws Exception {
         EqlSearchRequest request = new EqlSearchRequest(index, query);
+
+        request.eventCategoryField(eventCategory());
+        request.timestampField(timestamp());
         String tiebreaker = tiebreaker();
         if (tiebreaker != null) {
             request.tiebreakerField(tiebreaker());
         }
-        // some queries return more than 10 results
-        request.size(50);
-        request.fetchSize(randomIntBetween(2, 50));
-        request.resultPosition(randomBoolean() ? "head" : "tail");
+        request.size(requestSize());
+        request.fetchSize(requestFetchSize());
+        request.resultPosition(requestResultPosition());
         return runRequest(eqlClient(), request);
     }
 
@@ -199,9 +201,30 @@ protected RestClient buildClient(Settings settings, HttpHost[] hosts) throws IOE
         return builder.build();
     }
 
-    protected TimeValue timeout() {
-        return TimeValue.timeValueSeconds(10);
+    protected String timestamp() {
+        return "@timestamp";
+    };
+
+    private String eventCategory() {
+        return "event.category";
     }
 
     protected abstract String tiebreaker();
+
+    protected int requestSize() {
+        // some queries return more than 10 results
+        return 50;
+    }
+
+    protected int requestFetchSize() {
+        return randomIntBetween(2, requestSize());
+    }
+
+    protected String requestResultPosition() {
+        return randomBoolean() ? "head" : "tail";
+    }
+
+    protected TimeValue timeout() {
+        return TimeValue.timeValueSeconds(10);
+    }
 }