diff --git a/x-pack/plugins/security_solution/common/constants.ts b/x-pack/plugins/security_solution/common/constants.ts index 7cd5692176ee3..4e9514feec74f 100644 --- a/x-pack/plugins/security_solution/common/constants.ts +++ b/x-pack/plugins/security_solution/common/constants.ts @@ -59,9 +59,9 @@ export const DEFAULT_INDEX_PATTERN = [ 'auditbeat-*', 'endgame-*', 'filebeat-*', + 'logs-*', 'packetbeat-*', 'winlogbeat-*', - 'logs-*', ]; /** This Kibana Advanced Setting enables the `Security news` feed widget */ diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts index 81832b3d9edea..a51ad4388c428 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts @@ -131,6 +131,7 @@ describe.skip('Detection rules, custom', () => { 'auditbeat-*', 'endgame-*', 'filebeat-*', + 'logs-*', 'packetbeat-*', 'winlogbeat-*', ]; diff --git a/x-pack/plugins/security_solution/public/common/components/drag_and_drop/__snapshots__/drag_drop_context_wrapper.test.tsx.snap b/x-pack/plugins/security_solution/public/common/components/drag_and_drop/__snapshots__/drag_drop_context_wrapper.test.tsx.snap index 0c96d0320d198..16f095e5effbb 100644 --- a/x-pack/plugins/security_solution/public/common/components/drag_and_drop/__snapshots__/drag_drop_context_wrapper.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/common/components/drag_and_drop/__snapshots__/drag_drop_context_wrapper.test.tsx.snap @@ -369,9 +369,9 @@ exports[`DragDropContextWrapper rendering it renders against the snapshot 1`] = "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true, diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/event_details.test.tsx.snap b/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/event_details.test.tsx.snap index 408a4c74e930f..9ca9cd6cce389 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/event_details.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/event_details.test.tsx.snap @@ -377,9 +377,9 @@ exports[`EventDetails rendering should match snapshot 1`] = ` "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true, @@ -1070,9 +1070,9 @@ In other use cases the message field can be used to concatenate different values "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true, diff --git a/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx b/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx index b9daba9a40941..bfde17723aef4 100644 --- a/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx +++ b/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx @@ -29,7 +29,7 @@ describe('Index Fields & Browser Fields', () => { indexPattern: { fields: [], title: - 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,packetbeat-*,winlogbeat-*,logs-*', + 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,winlogbeat-*', }, indicesExist: true, loading: true, @@ -59,7 +59,7 @@ describe('Index Fields & Browser Fields', () => { indexPattern: { fields: mockIndexFields, title: - 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,packetbeat-*,winlogbeat-*,logs-*', + 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,winlogbeat-*', }, loading: false, errorMessage: null, diff --git a/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.test.tsx b/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.test.tsx index c282a204f19a5..0204a2980b9fc 100644 --- a/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.test.tsx +++ b/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.test.tsx @@ -352,9 +352,9 @@ describe('useFetchIndexPatterns', () => { 'auditbeat-*', 'endgame-*', 'filebeat-*', + 'logs-*', 'packetbeat-*', 'winlogbeat-*', - 'logs-*', ], name: 'event.end', searchable: true, @@ -369,9 +369,9 @@ describe('useFetchIndexPatterns', () => { 'auditbeat-*', 'endgame-*', 'filebeat-*', + 'logs-*', 'packetbeat-*', 'winlogbeat-*', - 'logs-*', ], indicesExists: true, indexPatterns: { @@ -418,7 +418,7 @@ describe('useFetchIndexPatterns', () => { { name: 'event.end', searchable: true, type: 'date', aggregatable: true }, ], title: - 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,packetbeat-*,winlogbeat-*,logs-*', + 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,winlogbeat-*', }, }, result.current[1], @@ -450,9 +450,9 @@ describe('useFetchIndexPatterns', () => { 'auditbeat-*', 'endgame-*', 'filebeat-*', + 'logs-*', 'packetbeat-*', 'winlogbeat-*', - 'logs-*', ], indicesExists: false, isLoading: false, diff --git a/x-pack/plugins/security_solution/public/overview/components/overview_host/index.test.tsx b/x-pack/plugins/security_solution/public/overview/components/overview_host/index.test.tsx index bb9fd73d2df8e..d019a480a8045 100644 --- a/x-pack/plugins/security_solution/public/overview/components/overview_host/index.test.tsx +++ b/x-pack/plugins/security_solution/public/overview/components/overview_host/index.test.tsx @@ -58,9 +58,9 @@ const mockOpenTimelineQueryResults: MockedProvidedQuery[] = [ 'auditbeat-*', 'endgame-*', 'filebeat-*', + 'logs-*', 'packetbeat-*', 'winlogbeat-*', - 'logs-*', ], inspect: false, }, diff --git a/x-pack/plugins/security_solution/public/overview/components/overview_network/index.test.tsx b/x-pack/plugins/security_solution/public/overview/components/overview_network/index.test.tsx index 0f6fce1486ee7..c7f7c4f4af254 100644 --- a/x-pack/plugins/security_solution/public/overview/components/overview_network/index.test.tsx +++ b/x-pack/plugins/security_solution/public/overview/components/overview_network/index.test.tsx @@ -73,9 +73,9 @@ const mockOpenTimelineQueryResults: MockedProvidedQuery[] = [ 'auditbeat-*', 'endgame-*', 'filebeat-*', + 'logs-*', 'packetbeat-*', 'winlogbeat-*', - 'logs-*', ], inspect: false, }, diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/__snapshots__/timeline.test.tsx.snap b/x-pack/plugins/security_solution/public/timelines/components/timeline/__snapshots__/timeline.test.tsx.snap index e38f6ad022d78..3508e12cb1be1 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/__snapshots__/timeline.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/__snapshots__/timeline.test.tsx.snap @@ -474,9 +474,9 @@ exports[`Timeline rendering renders correctly against snapshot 1`] = ` "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true, diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/column_headers/__snapshots__/index.test.tsx.snap b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/column_headers/__snapshots__/index.test.tsx.snap index 2436e71a89b86..a5610cabc1774 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/column_headers/__snapshots__/index.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/column_headers/__snapshots__/index.test.tsx.snap @@ -379,9 +379,9 @@ exports[`ColumnHeaders rendering renders correctly against snapshot 1`] = ` "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true, diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/suricata/__snapshots__/suricata_row_renderer.test.tsx.snap b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/suricata/__snapshots__/suricata_row_renderer.test.tsx.snap index cba4b9aa72a25..8672b542eb6c6 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/suricata/__snapshots__/suricata_row_renderer.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/suricata/__snapshots__/suricata_row_renderer.test.tsx.snap @@ -371,9 +371,9 @@ exports[`suricata_row_renderer renders correctly against snapshot 1`] = ` "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true, diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_details.test.tsx.snap b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_details.test.tsx.snap index e1000637147a8..d13c3de00c780 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_details.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_details.test.tsx.snap @@ -369,9 +369,9 @@ exports[`ZeekDetails rendering it renders the default ZeekDetails 1`] = ` "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true, diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_row_renderer.test.tsx.snap b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_row_renderer.test.tsx.snap index d4c80441e6037..b8f28026dfdb5 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_row_renderer.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/zeek/__snapshots__/zeek_row_renderer.test.tsx.snap @@ -371,9 +371,9 @@ exports[`zeek_row_renderer renders correctly against snapshot 1`] = ` "auditbeat-*", "endgame-*", "filebeat-*", + "logs-*", "packetbeat-*", "winlogbeat-*", - "logs-*", ], "name": "event.end", "searchable": true,