diff --git a/x-pack/plugins/security_solution/server/lib/hosts/query.detail_host.dsl.ts b/x-pack/plugins/security_solution/server/lib/hosts/query.detail_host.dsl.ts index 2c1c39259aae3..4dd5a86e46bf6 100644 --- a/x-pack/plugins/security_solution/server/lib/hosts/query.detail_host.dsl.ts +++ b/x-pack/plugins/security_solution/server/lib/hosts/query.detail_host.dsl.ts @@ -39,13 +39,13 @@ export const buildHostOverviewQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { ...buildFieldsTermAggregation(esFields.filter((field) => !['@timestamp'].includes(field))), }, query: { bool: { filter } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/lib/hosts/query.hosts.dsl.ts b/x-pack/plugins/security_solution/server/lib/hosts/query.hosts.dsl.ts index d83b4c9f9fd80..16c53aa6a85eb 100644 --- a/x-pack/plugins/security_solution/server/lib/hosts/query.hosts.dsl.ts +++ b/x-pack/plugins/security_solution/server/lib/hosts/query.hosts.dsl.ts @@ -44,6 +44,7 @@ export const buildHostsQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggregations: { @@ -72,7 +73,6 @@ export const buildHostsQuery = ({ }, query: { bool: { filter } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/lib/hosts/query.last_first_seen_host.dsl.ts b/x-pack/plugins/security_solution/server/lib/hosts/query.last_first_seen_host.dsl.ts index e7e9ec48fc534..a047be8ed2674 100644 --- a/x-pack/plugins/security_solution/server/lib/hosts/query.last_first_seen_host.dsl.ts +++ b/x-pack/plugins/security_solution/server/lib/hosts/query.last_first_seen_host.dsl.ts @@ -19,6 +19,7 @@ export const buildLastFirstSeenHostQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggregations: { @@ -27,7 +28,6 @@ export const buildLastFirstSeenHostQuery = ({ }, query: { bool: { filter } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/__mocks__/index.ts index 96082ee1b4be8..b6a5435a0e046 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/__mocks__/index.ts @@ -621,6 +621,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { docvalue_fields: mockOptions.docValueFields, aggregations: { @@ -656,7 +657,6 @@ export const formattedSearchStrategyResponse = { }, }, size: 0, - track_total_hits: false, }, }, null, @@ -782,6 +782,7 @@ export const mockBuckets: HostAggEsItem = { export const expectedDsl = { allowNoIndices: true, + track_total_hits: false, body: { aggregations: { host_count: { cardinality: { field: 'host.name' } }, @@ -817,7 +818,6 @@ export const expectedDsl = { }, docvalue_fields: mockOptions.docValueFields, size: 0, - track_total_hits: false, }, ignoreUnavailable: true, index: [ diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts index 5196eaa257444..08c9711794978 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/all/query.all_hosts.dsl.ts @@ -43,6 +43,7 @@ export const buildHostsQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggregations: { @@ -71,7 +72,6 @@ export const buildHostsQuery = ({ }, query: { bool: { filter } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/__mocks__/index.ts index 9c3380191507c..7561682e070fc 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/__mocks__/index.ts @@ -1311,6 +1311,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { host_architecture: { @@ -1387,7 +1388,6 @@ export const formattedSearchStrategyResponse = { }, }, size: 0, - track_total_hits: false, }, }, null, @@ -1410,6 +1410,7 @@ export const expectedDsl = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { host_architecture: { @@ -1645,6 +1646,5 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/query.host_details.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/query.host_details.dsl.ts index fa720825bb3f9..f340e4d905666 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/query.host_details.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/details/query.host_details.dsl.ts @@ -36,13 +36,13 @@ export const buildHostDetailsQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { ...buildFieldsTermAggregation(esFields.filter((field) => !['@timestamp'].includes(field))), }, query: { bool: { filter } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/authentications/query.hosts_kpi_authentications.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/authentications/query.hosts_kpi_authentications.dsl.ts index 455eeed5ba80f..a5c82688e01ba 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/authentications/query.hosts_kpi_authentications.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/authentications/query.hosts_kpi_authentications.dsl.ts @@ -41,6 +41,7 @@ export const buildHostsKpiAuthenticationsQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: false, body: { aggs: { authentication_success: { @@ -94,7 +95,6 @@ export const buildHostsKpiAuthenticationsQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/hosts/query.hosts_kpi_hosts.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/hosts/query.hosts_kpi_hosts.dsl.ts index 21e862e3858d0..0e0cbd8a2649d 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/hosts/query.hosts_kpi_hosts.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/hosts/query.hosts_kpi_hosts.dsl.ts @@ -30,6 +30,7 @@ export const buildHostsKpiHostsQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { hosts: { @@ -57,7 +58,6 @@ export const buildHostsKpiHostsQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/unique_ips/query.hosts_kpi_unique_ips.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/unique_ips/query.hosts_kpi_unique_ips.dsl.ts index 815a2644355eb..a702982ab8253 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/unique_ips/query.hosts_kpi_unique_ips.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/kpi/unique_ips/query.hosts_kpi_unique_ips.dsl.ts @@ -30,6 +30,7 @@ export const buildHostsKpiUniqueIpsQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { unique_source_ips: { @@ -75,7 +76,6 @@ export const buildHostsKpiUniqueIpsQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/__mocks__/index.ts index b43727e977a12..0cad31bffb2a1 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/__mocks__/index.ts @@ -69,6 +69,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { firstSeen: { min: { field: '@timestamp' } }, @@ -76,7 +77,6 @@ export const formattedSearchStrategyResponse = { }, query: { bool: { filter: [{ term: { 'host.name': 'siem-kibana' } }] } }, size: 0, - track_total_hits: false, }, }, null, @@ -100,6 +100,7 @@ export const expectedDsl = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { firstSeen: { min: { field: '@timestamp' } }, @@ -107,6 +108,5 @@ export const expectedDsl = { }, query: { bool: { filter: [{ term: { 'host.name': 'siem-kibana' } }] } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/query.last_first_seen_host.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/query.last_first_seen_host.dsl.ts index f14727f94b30a..d601a5905dd6e 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/query.last_first_seen_host.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/last_first_seen/query.last_first_seen_host.dsl.ts @@ -20,6 +20,7 @@ export const buildFirstLastSeenHostQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggregations: { @@ -28,7 +29,6 @@ export const buildFirstLastSeenHostQuery = ({ }, query: { bool: { filter } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/__mocks__/index.ts index 1105914fa5d7f..987754420430d 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/__mocks__/index.ts @@ -127,6 +127,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { auditd_count: { filter: { term: { 'event.module': 'auditd' } } }, @@ -299,7 +300,6 @@ export const formattedSearchStrategyResponse = { }, }, size: 0, - track_total_hits: false, }, }, null, @@ -339,6 +339,7 @@ export const expectedDsl = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { auditd_count: { filter: { term: { 'event.module': 'auditd' } } }, @@ -511,6 +512,5 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/query.overview_host.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/query.overview_host.dsl.ts index d7c9b2b25f35e..2c237ab75bcbb 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/query.overview_host.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/hosts/overview/query.overview_host.dsl.ts @@ -31,6 +31,7 @@ export const buildOverviewHostQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { auditd_count: { @@ -289,7 +290,6 @@ export const buildOverviewHostQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/__mocks__/index.ts index b43bd7e378fa6..07ae64bc63f19 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/__mocks__/index.ts @@ -42,6 +42,7 @@ export const formattedAlertsSearchStrategyResponse: MatrixHistogramStrategyRespo ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { alertsGroup: { @@ -113,7 +114,6 @@ export const formattedAlertsSearchStrategyResponse: MatrixHistogramStrategyRespo }, }, size: 0, - track_total_hits: true, }, }, null, @@ -127,6 +127,7 @@ export const formattedAlertsSearchStrategyResponse: MatrixHistogramStrategyRespo export const expectedDsl = { allowNoIndices: true, + track_total_hits: false, body: { aggregations: { host_count: { cardinality: { field: 'host.name' } }, @@ -161,7 +162,6 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: false, }, ignoreUnavailable: true, index: [ @@ -208,6 +208,7 @@ export const formattedAnomaliesSearchStrategyResponse: MatrixHistogramStrategyRe ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggs: { anomalyActionGroup: { @@ -258,7 +259,6 @@ export const formattedAnomaliesSearchStrategyResponse: MatrixHistogramStrategyRe }, }, size: 0, - track_total_hits: true, }, }, null, @@ -390,6 +390,7 @@ export const formattedAuthenticationsSearchStrategyResponse: MatrixHistogramStra ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { eventActionGroup: { @@ -429,7 +430,6 @@ export const formattedAuthenticationsSearchStrategyResponse: MatrixHistogramStra }, }, size: 0, - track_total_hits: true, }, }, null, @@ -956,6 +956,7 @@ export const formattedEventsSearchStrategyResponse: MatrixHistogramStrategyRespo ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { eventActionGroup: { @@ -994,7 +995,6 @@ export const formattedEventsSearchStrategyResponse: MatrixHistogramStrategyRespo }, }, size: 0, - track_total_hits: true, }, }, null, diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/__mocks__/index.ts index 74b7e8b18028b..86006c3155447 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/__mocks__/index.ts @@ -36,6 +36,7 @@ export const expectedDsl = { ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { alertsGroup: { @@ -104,6 +105,5 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/query.alerts_histogram.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/query.alerts_histogram.dsl.ts index 7dd867b19f284..54ee066b64119 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/query.alerts_histogram.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/alerts/query.alerts_histogram.dsl.ts @@ -85,6 +85,7 @@ export const buildAlertsHistogramQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: getHistogramAggregation(), query: { @@ -93,7 +94,6 @@ export const buildAlertsHistogramQuery = ({ }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/__mocks__/index.ts index 561e2fb1f0058..81da78a132084 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/__mocks__/index.ts @@ -36,6 +36,7 @@ export const expectedDsl = { ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggs: { anomalyActionGroup: { @@ -83,6 +84,5 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/query.anomalies_histogram.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/query.anomalies_histogram.dsl.ts index 34e5831b52b92..78fc0a30d0477 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/query.anomalies_histogram.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/anomalies/query.anomalies_histogram.dsl.ts @@ -66,6 +66,7 @@ export const buildAnomaliesHistogramQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggs: getHistogramAggregation(), query: { @@ -74,7 +75,6 @@ export const buildAnomaliesHistogramQuery = ({ }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/__mocks__/index.ts index 169f1569adc37..5cf667a0085fa 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/__mocks__/index.ts @@ -35,6 +35,7 @@ export const expectedDsl = { ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { eventActionGroup: { @@ -74,6 +75,5 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/query.authentications_histogram.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/query.authentications_histogram.dsl.ts index 4a208f2ab341e..8661fff574b4a 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/query.authentications_histogram.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/authentications/query.authentications_histogram.dsl.ts @@ -78,6 +78,7 @@ export const buildAuthenticationsHistogramQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: getHistogramAggregation(), query: { @@ -86,7 +87,6 @@ export const buildAuthenticationsHistogramQuery = ({ }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/__mocks__/index.ts index 312c0d528f20b..0bf1118835414 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/__mocks__/index.ts @@ -40,6 +40,7 @@ export const expectedDsl = { ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { eventActionGroup: { @@ -78,7 +79,6 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: true, }, }; @@ -94,6 +94,7 @@ export const expectedThresholdDsl = { ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { eventActionGroup: { @@ -132,7 +133,6 @@ export const expectedThresholdDsl = { }, }, size: 0, - track_total_hits: true, }, }; @@ -148,6 +148,7 @@ export const expectedThresholdMissingFieldDsl = { ], allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: { eventActionGroup: { @@ -187,6 +188,5 @@ export const expectedThresholdMissingFieldDsl = { }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/query.events_histogram.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/query.events_histogram.dsl.ts index aa1e1d47c87c6..04b428f9de89e 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/query.events_histogram.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/matrix_histogram/events/query.events_histogram.dsl.ts @@ -97,6 +97,7 @@ export const buildEventsHistogramQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { aggregations: getHistogramAggregation(), query: { @@ -105,7 +106,6 @@ export const buildEventsHistogramQuery = ({ }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/__mocks__/index.ts index 46d9c23321a8f..1cea4c3eb63bc 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/__mocks__/index.ts @@ -314,6 +314,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { docvalue_fields: mockOptions.docValueFields, aggs: { @@ -390,7 +391,6 @@ export const formattedSearchStrategyResponse = { }, query: { bool: { should: [] } }, size: 0, - track_total_hits: false, }, }, null, @@ -455,6 +455,7 @@ export const expectedDsl = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggs: { source: { @@ -521,6 +522,5 @@ export const expectedDsl = { docvalue_fields: mockOptions.docValueFields, query: { bool: { should: [] } }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/query.details_network.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/query.details_network.dsl.ts index b20de12624db4..d1d0c44d9b61b 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/query.details_network.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/details/query.details_network.dsl.ts @@ -106,6 +106,7 @@ export const buildNetworkDetailsQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggs: { @@ -119,7 +120,6 @@ export const buildNetworkDetailsQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/dns/query.network_kpi_dns.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/dns/query.network_kpi_dns.dsl.ts index 0c4379fa89fd8..1d1aa50cc3ee2 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/dns/query.network_kpi_dns.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/dns/query.network_kpi_dns.dsl.ts @@ -58,6 +58,7 @@ export const buildDnsQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { query: { bool: { @@ -65,7 +66,6 @@ export const buildDnsQuery = ({ }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/network_events/query.network_kpi_network_events.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/network_events/query.network_kpi_network_events.dsl.ts index 7222519bb0ac0..3d5607c8b443a 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/network_events/query.network_kpi_network_events.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/network_events/query.network_kpi_network_events.dsl.ts @@ -32,6 +32,7 @@ export const buildNetworkEventsQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { query: { bool: { @@ -39,7 +40,6 @@ export const buildNetworkEventsQuery = ({ }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/tls_handshakes/query.network_kpi_tls_handshakes.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/tls_handshakes/query.network_kpi_tls_handshakes.dsl.ts index d8d27a8ad7e35..0a826938e95b8 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/tls_handshakes/query.network_kpi_tls_handshakes.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/tls_handshakes/query.network_kpi_tls_handshakes.dsl.ts @@ -58,6 +58,7 @@ export const buildTlsHandshakeQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: true, body: { query: { bool: { @@ -65,7 +66,6 @@ export const buildTlsHandshakeQuery = ({ }, }, size: 0, - track_total_hits: true, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_flows/query.network_kpi_unique_flows.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_flows/query.network_kpi_unique_flows.dsl.ts index 13a404ec3720b..ec8de30cfff85 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_flows/query.network_kpi_unique_flows.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_flows/query.network_kpi_unique_flows.dsl.ts @@ -32,6 +32,7 @@ export const buildUniqueFlowsQuery = ({ index: defaultIndex, allowNoIndices: true, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { unique_flow_id: { @@ -46,7 +47,6 @@ export const buildUniqueFlowsQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_private_ips/query.network_kpi_unique_private_ips.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_private_ips/query.network_kpi_unique_private_ips.dsl.ts index e12ccf5b7889b..590e7117826d7 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_private_ips/query.network_kpi_unique_private_ips.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/kpi/unique_private_ips/query.network_kpi_unique_private_ips.dsl.ts @@ -87,6 +87,7 @@ export const buildUniquePrivateIpsQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { ...getAggs('source'), @@ -98,7 +99,6 @@ export const buildUniquePrivateIpsQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/__mocks__/index.ts index 79ad6489558de..fcb30be7a403d 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/__mocks__/index.ts @@ -111,6 +111,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { unique_flow_count: { filter: { term: { type: 'flow' } } }, @@ -182,7 +183,6 @@ export const formattedSearchStrategyResponse = { }, }, size: 0, - track_total_hits: false, }, }, null, diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/query.overview_network.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/query.overview_network.dsl.ts index c5e2892bd9f82..7e35ae2fd4308 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/query.overview_network.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/overview/query.overview_network.dsl.ts @@ -31,6 +31,7 @@ export const buildOverviewNetworkQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { aggregations: { unique_flow_count: { @@ -99,7 +100,6 @@ export const buildOverviewNetworkQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/__mocks__/index.ts index 5028e4a27c93e..16750acc5adee 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/__mocks__/index.ts @@ -69,6 +69,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggs: { count: { cardinality: { field: 'tls.server.hash.sha1' } }, @@ -99,7 +100,6 @@ export const formattedSearchStrategyResponse = { }, }, size: 0, - track_total_hits: false, }, }, null, @@ -123,6 +123,7 @@ export const expectedDsl = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggs: { count: { cardinality: { field: 'tls.server.hash.sha1' } }, @@ -153,6 +154,5 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts index ff5fe20f685f1..be60b33ae2d22 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/tls/query.tls_network.dsl.ts @@ -78,6 +78,7 @@ export const buildNetworkTlsQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { aggs: { ...getAggs(querySize, sort), @@ -88,7 +89,6 @@ export const buildNetworkTlsQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/__mocks__/index.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/__mocks__/index.ts index 252f165f11ad9..3837afabe5799 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/__mocks__/index.ts @@ -129,6 +129,7 @@ export const formattedSearchStrategyResponse = { 'winlogbeat-*', ], ignoreUnavailable: true, + track_total_hits: false, body: { aggs: { user_count: { cardinality: { field: 'user.name' } }, @@ -160,7 +161,6 @@ export const formattedSearchStrategyResponse = { }, }, size: 0, - track_total_hits: false, }, }, null, @@ -174,6 +174,7 @@ export const formattedSearchStrategyResponse = { export const expectedDsl = { allowNoIndices: true, + track_total_hits: false, body: { aggs: { user_count: { cardinality: { field: 'user.name' } }, @@ -205,7 +206,6 @@ export const expectedDsl = { }, }, size: 0, - track_total_hits: false, }, ignoreUnavailable: true, index: [ diff --git a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/query.users_network.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/query.users_network.dsl.ts index 57cb6093ae355..2b02b25292a32 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/query.users_network.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/security_solution/factory/network/users/query.users_network.dsl.ts @@ -37,6 +37,7 @@ export const buildUsersQuery = ({ allowNoIndices: true, index: defaultIndex, ignoreUnavailable: true, + track_total_hits: false, body: { aggs: { user_count: { @@ -84,7 +85,6 @@ export const buildUsersQuery = ({ }, }, size: 0, - track_total_hits: false, }, }; diff --git a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/events/last_event_time/query.events_last_event_time.dsl.ts b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/events/last_event_time/query.events_last_event_time.dsl.ts index 1e7b531d7fcf1..ccc156af84922 100644 --- a/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/events/last_event_time/query.events_last_event_time.dsl.ts +++ b/x-pack/plugins/security_solution/server/search_strategy/timeline/factory/events/last_event_time/query.events_last_event_time.dsl.ts @@ -40,6 +40,7 @@ export const buildLastEventTimeQuery = ({ allowNoIndices: true, index: indicesToQuery.network, ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggregations: { @@ -47,7 +48,6 @@ export const buildLastEventTimeQuery = ({ }, query: { bool: { should: getIpDetailsFilter(details.ip) } }, size: 0, - track_total_hits: false, }, }; } @@ -58,6 +58,7 @@ export const buildLastEventTimeQuery = ({ allowNoIndices: true, index: indicesToQuery.hosts, ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggregations: { @@ -65,7 +66,6 @@ export const buildLastEventTimeQuery = ({ }, query: { bool: { filter: getHostDetailsFilter(details.hostName) } }, size: 0, - track_total_hits: false, }, }; } @@ -76,6 +76,7 @@ export const buildLastEventTimeQuery = ({ allowNoIndices: true, index: indicesToQuery[indexKey], ignoreUnavailable: true, + track_total_hits: false, body: { ...(!isEmpty(docValueFields) ? { docvalue_fields: docValueFields } : {}), aggregations: { @@ -83,7 +84,6 @@ export const buildLastEventTimeQuery = ({ }, query: { match_all: {} }, size: 0, - track_total_hits: false, }, }; default: