From 76d2171da80db8268dde85c7d62fc393ee1f0c5b Mon Sep 17 00:00:00 2001 From: Gloria Hornero Date: Thu, 28 Mar 2024 16:09:44 +0100 Subject: [PATCH 1/2] adding tags --- .../entity_analytics/legacy_risk_score.cy.ts | 356 +++++++++--------- .../entity_analytics/new_risk_score.cy.ts | 2 +- 2 files changed, 181 insertions(+), 177 deletions(-) diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts index 380866b8d7f12..c24eed8c909ef 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts @@ -46,251 +46,255 @@ const SIEM_KIBANA_HOST_NAME = 'siem-kibana'; const DATE_FORMAT = 'MMM D, YYYY @ HH:mm:ss.SSS'; const DATE_BEFORE_ALERT_CREATION = moment().format(DATE_FORMAT); -describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'auditbeat_multiple' }); - }); - - after(() => { - cy.task('esArchiverUnload', { archiveName: 'auditbeat_multiple' }); - }); - - describe('legacy risk score', () => { - describe('Without data', () => { - beforeEach(() => { - login(); - visitWithTimeRange(ENTITY_ANALYTICS_URL); - }); - - it('shows enable host risk button', () => { - cy.get(ENABLE_HOST_RISK_SCORE_BUTTON).should('be.visible'); - }); - - it('shows enable user risk button', () => { - cy.get(ENABLE_USER_RISK_SCORE_BUTTON).should('be.visible'); - }); +describe( + 'Entity Analytics Dashboard', + { tags: ['@ess', '@serverless', '@brokenInServerlessQA'] }, + () => { + before(() => { + cy.task('esArchiverLoad', { archiveName: 'auditbeat_multiple' }); }); - describe('Risk Score enabled but still no data', () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'risk_hosts_no_data' }); - cy.task('esArchiverLoad', { archiveName: 'risk_users_no_data' }); - }); - - beforeEach(() => { - login(); - visitWithTimeRange(ENTITY_ANALYTICS_URL); - }); - - after(() => { - cy.task('esArchiverUnload', { archiveName: 'risk_hosts_no_data' }); - cy.task('esArchiverUnload', { archiveName: 'risk_users_no_data' }); - }); - - it('shows no data detected prompt for host risk score module', () => { - cy.get(HOST_RISK_SCORE_NO_DATA_DETECTED).should('be.visible'); - }); - - it('shows no data detected prompt for user risk score module', () => { - cy.get(USER_RISK_SCORE_NO_DATA_DETECTED).should('be.visible'); - }); + after(() => { + cy.task('esArchiverUnload', { archiveName: 'auditbeat_multiple' }); }); - describe('With Legacy data', () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'risk_hosts_legacy_data' }); - cy.task('esArchiverLoad', { archiveName: 'risk_users_legacy_data' }); - }); - - beforeEach(() => { - login(); - visitWithTimeRange(ENTITY_ANALYTICS_URL); - }); - - after(() => { - cy.task('esArchiverUnload', { archiveName: 'risk_hosts_legacy_data' }); - cy.task('esArchiverUnload', { archiveName: 'risk_users_legacy_data' }); - }); - - it('shows enable host risk button', () => { - cy.get(ENABLE_HOST_RISK_SCORE_BUTTON).should('be.visible'); - }); + describe('legacy risk score', () => { + describe('Without data', () => { + beforeEach(() => { + login(); + visitWithTimeRange(ENTITY_ANALYTICS_URL); + }); - it('shows enable user risk button', () => { - cy.get(ENABLE_USER_RISK_SCORE_BUTTON).should('be.visible'); - }); - }); + it('shows enable host risk button', () => { + cy.get(ENABLE_HOST_RISK_SCORE_BUTTON).should('be.visible'); + }); - describe('With host risk data', () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'risk_hosts' }); + it('shows enable user risk button', () => { + cy.get(ENABLE_USER_RISK_SCORE_BUTTON).should('be.visible'); + }); }); - beforeEach(() => { - login(); - visitWithTimeRange(ENTITY_ANALYTICS_URL); - }); + describe('Risk Score enabled but still no data', () => { + before(() => { + cy.task('esArchiverLoad', { archiveName: 'risk_hosts_no_data' }); + cy.task('esArchiverLoad', { archiveName: 'risk_users_no_data' }); + }); - after(() => { - cy.task('esArchiverUnload', { archiveName: 'risk_hosts' }); - }); + beforeEach(() => { + login(); + visitWithTimeRange(ENTITY_ANALYTICS_URL); + }); - it('renders donut chart', () => { - cy.get(HOSTS_DONUT_CHART).should('include.text', '6Total'); - }); + after(() => { + cy.task('esArchiverUnload', { archiveName: 'risk_hosts_no_data' }); + cy.task('esArchiverUnload', { archiveName: 'risk_users_no_data' }); + }); - it('renders table', () => { - cy.get(HOSTS_TABLE).should('be.visible'); - cy.get(HOSTS_TABLE_ROWS).should('have.length', 5); - }); + it('shows no data detected prompt for host risk score module', () => { + cy.get(HOST_RISK_SCORE_NO_DATA_DETECTED).should('be.visible'); + }); - it('renders alerts column', () => { - cy.get(HOSTS_TABLE_ALERT_CELL).should('have.length', 5); + it('shows no data detected prompt for user risk score module', () => { + cy.get(USER_RISK_SCORE_NO_DATA_DETECTED).should('be.visible'); + }); }); - it('filters by risk level', () => { - cy.get(HOSTS_TABLE).should('be.visible'); - cy.get(HOSTS_TABLE_ROWS).should('have.length', 5); - openRiskTableFilterAndSelectTheLowOption(); + describe('With Legacy data', () => { + before(() => { + cy.task('esArchiverLoad', { archiveName: 'risk_hosts_legacy_data' }); + cy.task('esArchiverLoad', { archiveName: 'risk_users_legacy_data' }); + }); - cy.get(HOSTS_DONUT_CHART).should('include.text', '1Total'); - cy.get(HOSTS_TABLE_ROWS).should('have.length', 1); + beforeEach(() => { + login(); + visitWithTimeRange(ENTITY_ANALYTICS_URL); + }); - removeLowFilterAndCloseRiskTableFilter(); - }); + after(() => { + cy.task('esArchiverUnload', { archiveName: 'risk_hosts_legacy_data' }); + cy.task('esArchiverUnload', { archiveName: 'risk_users_legacy_data' }); + }); - it('filters the host risk table with KQL search bar query', () => { - kqlSearch(`host.name : ${SIEM_KIBANA_HOST_NAME}{enter}`); + it('shows enable host risk button', () => { + cy.get(ENABLE_HOST_RISK_SCORE_BUTTON).should('be.visible'); + }); - cy.get(HOSTS_DONUT_CHART).should('include.text', '1Total'); - cy.get(HOSTS_TABLE_ROWS).should('have.length', 1); + it('shows enable user risk button', () => { + cy.get(ENABLE_USER_RISK_SCORE_BUTTON).should('be.visible'); + }); }); - // FLAKY: https://github.com/elastic/kibana/issues/178914 - describe.skip('With alerts data', () => { + describe('With host risk data', () => { before(() => { - createRule(getNewRule()); + cy.task('esArchiverLoad', { archiveName: 'risk_hosts' }); }); beforeEach(() => { login(); - visitWithTimeRange(ALERTS_URL); - waitForAlertsToPopulate(); visitWithTimeRange(ENTITY_ANALYTICS_URL); }); after(() => { - deleteAlertsAndRules(); + cy.task('esArchiverUnload', { archiveName: 'risk_hosts' }); }); - it('populates alerts column', () => { - cy.get(HOSTS_TABLE_ALERT_CELL).first().should('include.text', SIEM_KIBANA_HOST_ALERTS); + it('renders donut chart', () => { + cy.get(HOSTS_DONUT_CHART).should('include.text', '6Total'); }); - it('filters the alerts count with time range', () => { - setEndDate(DATE_BEFORE_ALERT_CREATION); - - updateDates(); + it('renders table', () => { + cy.get(HOSTS_TABLE).should('be.visible'); + cy.get(HOSTS_TABLE_ROWS).should('have.length', 5); + }); - cy.get(HOSTS_TABLE_ALERT_CELL).first().should('include.text', 0); + it('renders alerts column', () => { + cy.get(HOSTS_TABLE_ALERT_CELL).should('have.length', 5); }); + it('filters by risk level', () => { + cy.get(HOSTS_TABLE).should('be.visible'); + cy.get(HOSTS_TABLE_ROWS).should('have.length', 5); - it('opens alerts page when alerts count is clicked', () => { - clickOnFirstHostsAlerts(); - cy.url().should('include', ALERTS_URL); + openRiskTableFilterAndSelectTheLowOption(); - cy.get(OPTION_LIST_LABELS).eq(0).should('include.text', 'Status'); - cy.get(OPTION_LIST_VALUES(0)).should('include.text', 'open'); - cy.get(OPTION_LIST_LABELS).eq(1).should('include.text', 'Host'); - cy.get(OPTION_LIST_VALUES(1)).should('include.text', SIEM_KIBANA_HOST_NAME); - }); - }); - }); + cy.get(HOSTS_DONUT_CHART).should('include.text', '1Total'); + cy.get(HOSTS_TABLE_ROWS).should('have.length', 1); - describe('With user risk data', () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'risk_users' }); - }); + removeLowFilterAndCloseRiskTableFilter(); + }); - beforeEach(() => { - login(); - visitWithTimeRange(ENTITY_ANALYTICS_URL); - }); + it('filters the host risk table with KQL search bar query', () => { + kqlSearch(`host.name : ${SIEM_KIBANA_HOST_NAME}{enter}`); - after(() => { - cy.task('esArchiverUnload', { archiveName: 'risk_users' }); - }); + cy.get(HOSTS_DONUT_CHART).should('include.text', '1Total'); + cy.get(HOSTS_TABLE_ROWS).should('have.length', 1); + }); - it('renders donut chart', () => { - cy.get(USERS_DONUT_CHART).should('include.text', '7Total'); - }); + // FLAKY: https://github.com/elastic/kibana/issues/178914 + describe.skip('With alerts data', () => { + before(() => { + createRule(getNewRule()); + }); - it('renders table', () => { - cy.get(USERS_TABLE).should('be.visible'); - cy.get(USERS_TABLE_ROWS).should('have.length', 5); - }); + beforeEach(() => { + login(); + visitWithTimeRange(ALERTS_URL); + waitForAlertsToPopulate(); + visitWithTimeRange(ENTITY_ANALYTICS_URL); + }); - it('renders alerts column', () => { - cy.get(USERS_TABLE_ALERT_CELL).should('have.length', 5); - }); + after(() => { + deleteAlertsAndRules(); + }); - it('filters by risk level', () => { - cy.get(USERS_TABLE).should('be.visible'); - cy.get(USERS_TABLE_ROWS).should('have.length', 5); + it('populates alerts column', () => { + cy.get(HOSTS_TABLE_ALERT_CELL).first().should('include.text', SIEM_KIBANA_HOST_ALERTS); + }); - openRiskTableFilterAndSelectTheLowOption(); + it('filters the alerts count with time range', () => { + setEndDate(DATE_BEFORE_ALERT_CREATION); - cy.get(USERS_DONUT_CHART).should('include.text', '2Total'); - cy.get(USERS_TABLE_ROWS).should('have.length', 2); + updateDates(); - removeLowFilterAndCloseRiskTableFilter(); - }); + cy.get(HOSTS_TABLE_ALERT_CELL).first().should('include.text', 0); + }); - it('filters the host risk table with KQL search bar query', () => { - kqlSearch(`user.name : ${TEST_USER_NAME}{enter}`); + it('opens alerts page when alerts count is clicked', () => { + clickOnFirstHostsAlerts(); + cy.url().should('include', ALERTS_URL); - cy.get(USERS_DONUT_CHART).should('include.text', '1Total'); - cy.get(USERS_TABLE_ROWS).should('have.length', 1); + cy.get(OPTION_LIST_LABELS).eq(0).should('include.text', 'Status'); + cy.get(OPTION_LIST_VALUES(0)).should('include.text', 'open'); + cy.get(OPTION_LIST_LABELS).eq(1).should('include.text', 'Host'); + cy.get(OPTION_LIST_VALUES(1)).should('include.text', SIEM_KIBANA_HOST_NAME); + }); + }); }); - describe('With alerts data', () => { + describe('With user risk data', () => { before(() => { - createRule(getNewRule()); + cy.task('esArchiverLoad', { archiveName: 'risk_users' }); }); beforeEach(() => { login(); - visitWithTimeRange(ALERTS_URL); - waitForAlertsToPopulate(); visitWithTimeRange(ENTITY_ANALYTICS_URL); }); after(() => { - deleteAlertsAndRules(); + cy.task('esArchiverUnload', { archiveName: 'risk_users' }); }); - it('populates alerts column', () => { - cy.get(USERS_TABLE_ALERT_CELL).first().should('include.text', TEST_USER_ALERTS); + it('renders donut chart', () => { + cy.get(USERS_DONUT_CHART).should('include.text', '7Total'); }); - it('filters the alerts count with time range', () => { - setEndDate(DATE_BEFORE_ALERT_CREATION); - updateDates(); + it('renders table', () => { + cy.get(USERS_TABLE).should('be.visible'); + cy.get(USERS_TABLE_ROWS).should('have.length', 5); + }); - cy.get(USERS_TABLE_ALERT_CELL).first().should('include.text', 0); + it('renders alerts column', () => { + cy.get(USERS_TABLE_ALERT_CELL).should('have.length', 5); }); - it('opens alerts page when alerts count is clicked', () => { - clickOnFirstUsersAlerts(); + it('filters by risk level', () => { + cy.get(USERS_TABLE).should('be.visible'); + cy.get(USERS_TABLE_ROWS).should('have.length', 5); + + openRiskTableFilterAndSelectTheLowOption(); + + cy.get(USERS_DONUT_CHART).should('include.text', '2Total'); + cy.get(USERS_TABLE_ROWS).should('have.length', 2); + + removeLowFilterAndCloseRiskTableFilter(); + }); + + it('filters the host risk table with KQL search bar query', () => { + kqlSearch(`user.name : ${TEST_USER_NAME}{enter}`); + + cy.get(USERS_DONUT_CHART).should('include.text', '1Total'); + cy.get(USERS_TABLE_ROWS).should('have.length', 1); + }); + + describe('With alerts data', () => { + before(() => { + createRule(getNewRule()); + }); + + beforeEach(() => { + login(); + visitWithTimeRange(ALERTS_URL); + waitForAlertsToPopulate(); + visitWithTimeRange(ENTITY_ANALYTICS_URL); + }); + + after(() => { + deleteAlertsAndRules(); + }); + + it('populates alerts column', () => { + cy.get(USERS_TABLE_ALERT_CELL).first().should('include.text', TEST_USER_ALERTS); + }); + + it('filters the alerts count with time range', () => { + setEndDate(DATE_BEFORE_ALERT_CREATION); + updateDates(); + + cy.get(USERS_TABLE_ALERT_CELL).first().should('include.text', 0); + }); + + it('opens alerts page when alerts count is clicked', () => { + clickOnFirstUsersAlerts(); - cy.url().should('include', ALERTS_URL); + cy.url().should('include', ALERTS_URL); - cy.get(OPTION_LIST_LABELS).eq(0).should('include.text', 'Status'); - cy.get(OPTION_LIST_VALUES(0)).should('include.text', 'open'); - cy.get(OPTION_LIST_LABELS).eq(1).should('include.text', 'User'); - cy.get(OPTION_LIST_VALUES(1)).should('include.text', TEST_USER_NAME); + cy.get(OPTION_LIST_LABELS).eq(0).should('include.text', 'Status'); + cy.get(OPTION_LIST_VALUES(0)).should('include.text', 'open'); + cy.get(OPTION_LIST_LABELS).eq(1).should('include.text', 'User'); + cy.get(OPTION_LIST_VALUES(1)).should('include.text', TEST_USER_NAME); + }); }); }); }); - }); -}); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts index 75fe79d95b120..efb7193dda672 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts @@ -75,7 +75,7 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => }); }); - describe('When risk engine is enabled', () => { + describe('When risk engine is enabled', { tags: ['@brokenInServerlessQA'] }, () => { beforeEach(() => { login(); mockRiskEngineEnabled(); From 79fc3093016b116f07d9d4d491fa6f704dec1abb Mon Sep 17 00:00:00 2001 From: Gloria Hornero Date: Fri, 29 Mar 2024 12:48:56 +0100 Subject: [PATCH 2/2] adding tickets links to the tests skipped on MKI --- .../dashboards/entity_analytics/legacy_risk_score.cy.ts | 1 + .../dashboards/entity_analytics/new_risk_score.cy.ts | 1 + 2 files changed, 2 insertions(+) diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts index c24eed8c909ef..32b27077ed9d3 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/legacy_risk_score.cy.ts @@ -46,6 +46,7 @@ const SIEM_KIBANA_HOST_NAME = 'siem-kibana'; const DATE_FORMAT = 'MMM D, YYYY @ HH:mm:ss.SSS'; const DATE_BEFORE_ALERT_CREATION = moment().format(DATE_FORMAT); +// https://github.com/elastic/kibana/issues/179686 describe( 'Entity Analytics Dashboard', { tags: ['@ess', '@serverless', '@brokenInServerlessQA'] }, diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts index efb7193dda672..6bacd88defad7 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/dashboards/entity_analytics/new_risk_score.cy.ts @@ -75,6 +75,7 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@serverless'] }, () => }); }); + // https://github.com/elastic/kibana/issues/179687 describe('When risk engine is enabled', { tags: ['@brokenInServerlessQA'] }, () => { beforeEach(() => { login();