change setting workflow usage enabled to true by default

Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
eirsep · Sep 7, 2023 · 0cff38c · 0cff38c
1 parent 97a711e
commit 0cff38c
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 7 deletions.
diff --git a/src/main/java/org/opensearch/securityanalytics/settings/SecurityAnalyticsSettings.java b/src/main/java/org/opensearch/securityanalytics/settings/SecurityAnalyticsSettings.java
@@ -100,7 +100,7 @@ public class SecurityAnalyticsSettings {
 
     public static final Setting<Boolean> ENABLE_WORKFLOW_USAGE = Setting.boolSetting(
         "plugins.security_analytics.enable_workflow_usage",
-        false,
+        true,
         Setting.Property.NodeScope, Setting.Property.Dynamic
     );
 

diff --git a/src/test/java/org/opensearch/securityanalytics/resthandler/DetectorMonitorRestApiIT.java b/src/test/java/org/opensearch/securityanalytics/resthandler/DetectorMonitorRestApiIT.java
@@ -733,6 +733,7 @@ public void testReplaceAggregationRule_verifyFindings_success() throws IOExcepti
     }
 
     public void testMinAggregationRule_findingSuccess() throws IOException {
+        updateClusterSetting(ENABLE_WORKFLOW_USAGE.getKey(), "false");
         String index = createTestIndex(randomIndex(), windowsIndexMapping());
         // Execute CreateMappingsAction to add alias mapping for index
         Request createMappingRequest = new Request("POST", SecurityAnalyticsPlugin.MAPPER_BASE_URI);
@@ -867,7 +868,7 @@ public void testMultipleAggregationAndDocRules_findingSuccess() throws IOExcepti
             "}";
         SearchResponse response = executeSearchAndGetResponse(DetectorMonitorConfig.getRuleIndex(randomDetectorType()), request, true);
 
-        assertEquals(6, response.getHits().getTotalHits().value);
+        assertEquals(7, response.getHits().getTotalHits().value);
 
         assertEquals("Create detector failed", RestStatus.CREATED, restStatus(createResponse));
         Map<String, Object> responseBody = asMap(createResponse);
@@ -888,7 +889,7 @@ public void testMultipleAggregationAndDocRules_findingSuccess() throws IOExcepti
 
         List<String> monitorIds = ((List<String>) (updatedDetectorMap).get("monitor_id"));
 
-        assertEquals(6, monitorIds.size());
+        assertEquals(7, monitorIds.size());
 
         indexDoc(index, "1", randomDoc(2, 4, infoOpCode));
         indexDoc(index, "2", randomDoc(3, 4, infoOpCode));
@@ -908,11 +909,11 @@ public void testMultipleAggregationAndDocRules_findingSuccess() throws IOExcepti
 
             // Assert monitor executions
             Map<String, Object> executeResults = entityAsMap(executeResponse);
-            if (MonitorType.DOC_LEVEL_MONITOR.getValue().equals(monitor.get("monitor_type"))) {
+            if (MonitorType.DOC_LEVEL_MONITOR.getValue().equals(monitor.get("monitor_type")) && false == monitor.get("name").equals(detector.getName() + "_chained_findings")) {
                 int noOfSigmaRuleMatches = ((List<Map<String, Object>>) ((Map<String, Object>) executeResults.get("input_results")).get("results")).get(0).size();
                 // 5 prepackaged and 1 custom doc level rule
                 assertEquals(6, noOfSigmaRuleMatches);
-            } else {
+            } else if (MonitorType.BUCKET_LEVEL_MONITOR.getValue().equals(monitor.get("monitor_type"))) {
                 for(String ruleId: aggRuleIds) {
                     Object rule = (((Map<String,Object>)((Map<String, Object>)((List<Object>)((Map<String, Object>)executeResults.get("input_results")).get("results")).get(0)).get("aggregations")).get(ruleId));
                     if(rule != null) {
@@ -930,7 +931,7 @@ else if (ruleId == minRuleId) {
         }
 
         assertEquals(5, numberOfMonitorTypes.get(MonitorType.BUCKET_LEVEL_MONITOR.getValue()).intValue());
-        assertEquals(1, numberOfMonitorTypes.get(MonitorType.DOC_LEVEL_MONITOR.getValue()).intValue());
+        assertEquals(2, numberOfMonitorTypes.get(MonitorType.DOC_LEVEL_MONITOR.getValue()).intValue());
 
         Map<String, String> params = new HashMap<>();
         params.put("detector_id", detectorId);
@@ -940,7 +941,7 @@ else if (ruleId == minRuleId) {
         // Assert findings
         assertNotNull(getFindingsBody);
         // 8 findings from doc level rules, and 3 findings for aggregation (sum, max and min)
-        assertEquals(11, getFindingsBody.get("total_findings"));
+        assertEquals(19, getFindingsBody.get("total_findings"));
 
         String findingDetectorId = ((Map<String, Object>)((List)getFindingsBody.get("findings")).get(0)).get("detectorId").toString();
         assertEquals(detectorId, findingDetectorId);
-Original file line number
+Diff line change
@@ Expand Up / @@ -100,7 +100,7 @@ public class SecurityAnalyticsSettings { @@
         public static final Setting<Boolean> ENABLE_WORKFLOW_USAGE = Setting.boolSetting(
             "plugins.security_analytics.enable_workflow_usage",
-            false,
+            true,
             Setting.Property.NodeScope, Setting.Property.Dynamic
         );
@@ Expand Down @@