[wiz] Initial Release for Wiz by mohitjha-elastic · Pull Request #7839 · elastic/integrations

mohitjha-elastic · 2023-09-15T10:56:58Z

What does this PR do?

Generated the skeleton of the Wiz integration package.
Added data stream.
Added data collection logic for the data stream.
Added the ingest pipeline for the data stream.
Mapped fields according to the ECS schema and added Fields metadata in the appropriate yml files.
Added test for pipeline for the data stream.

Integration release checklist

This checklist is intended for integrations maintainers to ensure consistency when creating or updating a Package, Module or Dataset for an Integration.

All changes

Change follows the contributing guidelines
Supported versions of the monitoring target is documented
Supported operating systems are documented (if applicable)
Integration or System tests exist
Documentation exists
Fields follow ECS and naming conventions
At least a manual test with ES / Kibana / Agent has been performed.
Required Kibana version set to: ^8.8.0

New Package

Screenshot of the "Add Integration" page on Fleet added

Log dataset changes

Pipeline tests exist (if applicable)
Generated output for at least 1 log file exists
Sample event (sample_event.json) exists

How to test this PR locally

Clone integrations repo.
Install elastic package locally.
Start elastic stack using elastic-package.
Move to integrations/packages/wiz directory.
Run the following command to run tests.

elastic-package test

Automated Test

elastic-package test -v
2023/09/15 15:39:24 DEBUG Enable verbose logging
2023/09/15 15:39:24  INFO New version is available - v0.87.0. Download from: https://github.com/elastic/elastic-package/releases/tag/v0.87.0
Run test suite for the package
Run system tests for the package
2023/09/15 15:39:24 DEBUG Running system tests for data stream
2023/09/15 15:39:24 DEBUG running test with configuration 'default'
2023/09/15 15:39:24 DEBUG setting up service...
2023/09/15 15:39:24 DEBUG setting up service using Docker Compose service deployer
2023/09/15 15:39:24 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:39:25 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:39:25 DEBUG output command: /usr/bin/docker network inspect elastic-package-stack_default
2023/09/15 15:39:25 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service up --build -d
Creating network "elastic-package-service_default" with the default driver
Pulling wiz-audit (docker.elastic.co/observability/stream:v0.10.0)...
v0.10.0: Pulling from observability/stream
2339bf019f39: Pull complete
95b0bf42c1e3: Pull complete
2e60ff250141: Pull complete
Creating elastic-package-service_wiz-audit_1         ... done
Creating elastic-package-service_wiz-vulnerability_1 ... done
Creating elastic-package-service_wiz-issue_1         ... done
2023/09/15 15:39:37 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service ps -q
2023/09/15 15:39:38 DEBUG Wait for healthy containers: 7bee07ea1b311501ff4c2e890b8cd6a3d5737087baa011dd72b310a1e401cea7,8c9f9df51cdfba5054447e63e117d4aa34795678fd8cad71a4ec598b1e234c9e,3a941901708dd333588e17022d95b040e9bae35a9eca492e417ab9b3f97d297a
2023/09/15 15:39:38 DEBUG output command: /usr/bin/docker inspect 7bee07ea1b311501ff4c2e890b8cd6a3d5737087baa011dd72b310a1e401cea7 8c9f9df51cdfba5054447e63e117d4aa34795678fd8cad71a4ec598b1e234c9e 3a941901708dd333588e17022d95b040e9bae35a9eca492e417ab9b3f97d297a
2023/09/15 15:39:38 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"9cb0519240182cec64495fe49a5051a02c46c09f6cf0eb68223ce966ddc067c0","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-audit","com.docker.compose.version":"1.23.2"}},"ID":"7bee07ea1b311501ff4c2e890b8cd6a3d5737087baa011dd72b310a1e401cea7","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:39:38 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"50d929901ea5fb3bdff12581057738ff03d748f60d264744cea1a5d386f1bce4","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-issue","com.docker.compose.version":"1.23.2"}},"ID":"8c9f9df51cdfba5054447e63e117d4aa34795678fd8cad71a4ec598b1e234c9e","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:39:38 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"b10498dabd03b7cc0ec403b52c22f8bfe5e1aae4845e963bf5c01a7fe4f571e6","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-vulnerability","com.docker.compose.version":"1.23.2"}},"ID":"3a941901708dd333588e17022d95b040e9bae35a9eca492e417ab9b3f97d297a","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:39:38 DEBUG run command: /usr/bin/docker network connect elastic-package-stack_default elastic-package-service_wiz-audit_1
2023/09/15 15:39:38 DEBUG adding service container elastic-package-service_wiz-audit_1 internal ports to context
2023/09/15 15:39:38 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service config
2023/09/15 15:39:39 DEBUG Installing package...
2023/09/15 15:39:39 DEBUG GET https://127.0.0.1:5601/api/status
2023/09/15 15:39:39 DEBUG Build directory: /root/integration/integrations/build/packages/wiz/0.1.0
2023/09/15 15:39:39 DEBUG Clear target directory (path: /root/integration/integrations/build/packages/wiz/0.1.0)
2023/09/15 15:39:39 DEBUG Copy package content (source: /root/integration/integrations/packages/wiz)
2023/09/15 15:39:39 DEBUG Copy license file if needed
2023/09/15 15:39:39  INFO License text found in "/root/integration/integrations/LICENSE.txt" will be included in package
2023/09/15 15:39:39 DEBUG Encode dashboards
2023/09/15 15:39:39 DEBUG Resolve external fields
2023/09/15 15:39:39 DEBUG Package has external dependencies defined
2023/09/15 15:39:39 DEBUG data_stream/audit/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/audit/fields/beats.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/audit/fields/fields.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/issue/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/issue/fields/beats.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/issue/fields/fields.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/vulnerability/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/vulnerability/fields/beats.yml: source file hasn't been changed
2023/09/15 15:39:39 DEBUG data_stream/vulnerability/fields/fields.yml: source file hasn't been changed
2023/09/15 15:39:39  INFO Import ECS mappings into the built package (technical preview)
2023/09/15 15:39:39 DEBUG Build zipped package
2023/09/15 15:39:39 DEBUG Compress using archiver.Zip (destination: /root/integration/integrations/build/packages/wiz-0.1.0.zip)
2023/09/15 15:39:39 DEBUG Create work directory for archiving: /tmp/elastic-package-750047086/wiz-0.1.0
2023/09/15 15:39:39 DEBUG Skip validation of the built .zip package
2023/09/15 15:39:39 DEBUG POST https://127.0.0.1:5601/api/fleet/epm/packages
2023/09/15 15:39:40 DEBUG creating test policy...
2023/09/15 15:39:40 DEBUG POST https://127.0.0.1:5601/api/fleet/agent_policies
2023/09/15 15:39:45 DEBUG adding package data stream to test policy...
2023/09/15 15:39:45 DEBUG POST https://127.0.0.1:5601/api/fleet/package_policies
2023/09/15 15:39:48 DEBUG deleting old data in data stream...
2023/09/15 15:39:48 DEBUG found 0 hits in logs-wiz.audit-ep data stream: index_not_found_exception: no such index [logs-wiz.audit-ep] Status=404
2023/09/15 15:39:48 DEBUG GET https://127.0.0.1:5601/api/fleet/agents
2023/09/15 15:39:49 DEBUG filter agents using criteria: NamePrefix=docker-fleet-agent
2023/09/15 15:39:49 DEBUG found 1 enrolled agent(s)
2023/09/15 15:39:49 DEBUG GET https://127.0.0.1:5601/api/fleet/agent_policies/fc1f0e60-53af-11ee-a280-558371a3cb72
2023/09/15 15:39:49 DEBUG assigning package data stream to agent...
2023/09/15 15:39:49 DEBUG PUT https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66/reassign
2023/09/15 15:39:51 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:39:51 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"fc1f0e60-53af-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:39:51 DEBUG Wait until the policy (ID: fc1f0e60-53af-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:39:53 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:39:53 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"fc1f0e60-53af-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:39:53 DEBUG Wait until the policy (ID: fc1f0e60-53af-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:39:55 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:39:55 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"fc1f0e60-53af-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:39:55 DEBUG Wait until the policy (ID: fc1f0e60-53af-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:39:57 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:39:58 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"fc1f0e60-53af-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:39:58 DEBUG Wait until the policy (ID: fc1f0e60-53af-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:39:59 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:39:59 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"fc1f0e60-53af-11ee-a280-558371a3cb72","policy_revision":2,"local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:39:59 DEBUG Policy revision assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:39:59 DEBUG checking for expected data in data stream...
2023/09/15 15:39:59 DEBUG found 0 hits in logs-wiz.audit-ep data stream: index_not_found_exception: no such index [logs-wiz.audit-ep] Status=404
2023/09/15 15:40:00 DEBUG found 0 hits in logs-wiz.audit-ep data stream: index_not_found_exception: no such index [logs-wiz.audit-ep] Status=404
2023/09/15 15:40:01 DEBUG found 0 hits in logs-wiz.audit-ep data stream: index_not_found_exception: no such index [logs-wiz.audit-ep] Status=404
2023/09/15 15:40:02 DEBUG found 0 hits in logs-wiz.audit-ep data stream: index_not_found_exception: no such index [logs-wiz.audit-ep] Status=404
2023/09/15 15:40:03 DEBUG found 0 hits in logs-wiz.audit-ep data stream: index_not_found_exception: no such index [logs-wiz.audit-ep] Status=404
2023/09/15 15:40:04 DEBUG found 0 hits in logs-wiz.audit-ep data stream
2023/09/15 15:40:05 DEBUG found 1 hits in logs-wiz.audit-ep data stream
2023/09/15 15:40:09 DEBUG found 1 hits in logs-wiz.audit-ep data stream
2023/09/15 15:40:09 DEBUG check whether or not synthetics is enabled (component template logs-wiz.audit@package)...
2023/09/15 15:40:10 DEBUG data stream logs-wiz.audit-ep has synthetics enabled: false
2023/09/15 15:40:10 DEBUG assert hit count expected 1, observed 1
2023/09/15 15:40:10 DEBUG reassigning original policy back to agent...
2023/09/15 15:40:10 DEBUG PUT https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66/reassign
2023/09/15 15:40:10 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:11 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:11 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:12 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:13 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:13 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:14 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:15 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:15 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:16 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:17 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:17 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:18 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:19 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","policy_revision":3,"local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:19 DEBUG Policy revision assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:19 DEBUG deleting test policy...
2023/09/15 15:40:19 DEBUG POST https://127.0.0.1:5601/api/fleet/agent_policies/delete
2023/09/15 15:40:22 DEBUG DELETE https://127.0.0.1:5601/api/fleet/epm/packages/wiz-0.1.0
2023/09/15 15:40:24 DEBUG tearing down service...
2023/09/15 15:40:24 DEBUG tearing down service using Docker Compose runner
2023/09/15 15:40:24 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:25 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:25 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service logs
2023/09/15 15:40:25  INFO Write container logs to file: /root/integration/integrations/build/container-logs/wiz-audit-1694772625988466318.log
2023/09/15 15:40:25 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service down --volumes
Stopping elastic-package-service_wiz-issue_1         ... done
Stopping elastic-package-service_wiz-audit_1         ... done
Stopping elastic-package-service_wiz-vulnerability_1 ... done
Removing elastic-package-service_wiz-issue_1         ... done
Removing elastic-package-service_wiz-audit_1         ... done
Removing elastic-package-service_wiz-vulnerability_1 ... done
Removing network elastic-package-service_default
2023/09/15 15:40:27 DEBUG deleting data in data stream...
2023/09/15 15:40:27 DEBUG Dump Elastic stack data
2023/09/15 15:40:27 DEBUG Dump stack logs (location: /tmp/test-system-4160530835)
2023/09/15 15:40:27 DEBUG Dump stack logs for elasticsearch
2023/09/15 15:40:27 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:27 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:27 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs elasticsearch
2023/09/15 15:40:28 DEBUG Dump stack logs for elastic-agent
2023/09/15 15:40:28 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:28 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:28 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs elastic-agent
2023/09/15 15:40:29 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:30 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:30 DEBUG run command: /usr/bin/docker cp elastic-package-stack_elastic-agent_1:/usr/share/elastic-agent/state/data/logs/ /tmp/test-system-4160530835/logs/elastic-agent-internal
2023/09/15 15:40:30 DEBUG Dump stack logs for fleet-server
2023/09/15 15:40:30 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:30 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:30 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs fleet-server
2023/09/15 15:40:31 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:31 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:31 DEBUG run command: /usr/bin/docker cp elastic-package-stack_fleet-server_1:/usr/share/elastic-agent/state/data/logs/ /tmp/test-system-4160530835/logs/fleet-server-internal
2023/09/15 15:40:31 DEBUG Dump stack logs for kibana
2023/09/15 15:40:31 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:32 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:32 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs kibana
2023/09/15 15:40:32 DEBUG Dump stack logs for package-registry
2023/09/15 15:40:32 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:33 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:33 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs package-registry
2023/09/15 15:40:34 DEBUG skipped malformed docker-compose log line: Attaching to elastic-package-stack_elastic-agent_1
2023/09/15 15:40:34 DEBUG Running system tests for data stream
2023/09/15 15:40:34 DEBUG running test with configuration 'default'
2023/09/15 15:40:34 DEBUG setting up service...
2023/09/15 15:40:34 DEBUG setting up service using Docker Compose service deployer
2023/09/15 15:40:34 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:40:34 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:40:34 DEBUG output command: /usr/bin/docker network inspect elastic-package-stack_default
2023/09/15 15:40:34 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service up --build -d
Creating network "elastic-package-service_default" with the default driver
Creating elastic-package-service_wiz-audit_1         ... done
Creating elastic-package-service_wiz-vulnerability_1 ... done
Creating elastic-package-service_wiz-issue_1         ... done
2023/09/15 15:40:36 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service ps -q
2023/09/15 15:40:36 DEBUG Wait for healthy containers: a436593276cc0c2ee3f10068c3e89f493b6a11c26b3165afb4380d8c623597c6,bca2d4e31def035318ffac78c0094310c31f6ccca422fbab7634dbda2c5d9fcc,daa9a796b518ca40082ec04c6e1afad628f01af99fa50dd5b4b4e7dd1a8e9230
2023/09/15 15:40:36 DEBUG output command: /usr/bin/docker inspect a436593276cc0c2ee3f10068c3e89f493b6a11c26b3165afb4380d8c623597c6 bca2d4e31def035318ffac78c0094310c31f6ccca422fbab7634dbda2c5d9fcc daa9a796b518ca40082ec04c6e1afad628f01af99fa50dd5b4b4e7dd1a8e9230
2023/09/15 15:40:36 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"9cb0519240182cec64495fe49a5051a02c46c09f6cf0eb68223ce966ddc067c0","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-audit","com.docker.compose.version":"1.23.2"}},"ID":"a436593276cc0c2ee3f10068c3e89f493b6a11c26b3165afb4380d8c623597c6","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:40:36 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"50d929901ea5fb3bdff12581057738ff03d748f60d264744cea1a5d386f1bce4","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-issue","com.docker.compose.version":"1.23.2"}},"ID":"bca2d4e31def035318ffac78c0094310c31f6ccca422fbab7634dbda2c5d9fcc","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:40:36 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"b10498dabd03b7cc0ec403b52c22f8bfe5e1aae4845e963bf5c01a7fe4f571e6","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-vulnerability","com.docker.compose.version":"1.23.2"}},"ID":"daa9a796b518ca40082ec04c6e1afad628f01af99fa50dd5b4b4e7dd1a8e9230","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:40:36 DEBUG run command: /usr/bin/docker network connect elastic-package-stack_default elastic-package-service_wiz-issue_1
2023/09/15 15:40:36 DEBUG adding service container elastic-package-service_wiz-issue_1 internal ports to context
2023/09/15 15:40:36 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service config
2023/09/15 15:40:37 DEBUG Installing package...
2023/09/15 15:40:37 DEBUG GET https://127.0.0.1:5601/api/status
2023/09/15 15:40:37 DEBUG Build directory: /root/integration/integrations/build/packages/wiz/0.1.0
2023/09/15 15:40:37 DEBUG Clear target directory (path: /root/integration/integrations/build/packages/wiz/0.1.0)
2023/09/15 15:40:37 DEBUG Copy package content (source: /root/integration/integrations/packages/wiz)
2023/09/15 15:40:37 DEBUG Copy license file if needed
2023/09/15 15:40:37  INFO License text found in "/root/integration/integrations/LICENSE.txt" will be included in package
2023/09/15 15:40:37 DEBUG Encode dashboards
2023/09/15 15:40:37 DEBUG Resolve external fields
2023/09/15 15:40:37 DEBUG Package has external dependencies defined
2023/09/15 15:40:37 DEBUG data_stream/audit/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/audit/fields/beats.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/audit/fields/fields.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/issue/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/issue/fields/beats.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/issue/fields/fields.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/vulnerability/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/vulnerability/fields/beats.yml: source file hasn't been changed
2023/09/15 15:40:37 DEBUG data_stream/vulnerability/fields/fields.yml: source file hasn't been changed
2023/09/15 15:40:37  INFO Import ECS mappings into the built package (technical preview)
2023/09/15 15:40:37 DEBUG Build zipped package
2023/09/15 15:40:37 DEBUG Compress using archiver.Zip (destination: /root/integration/integrations/build/packages/wiz-0.1.0.zip)
2023/09/15 15:40:37 DEBUG Create work directory for archiving: /tmp/elastic-package-1329267868/wiz-0.1.0
2023/09/15 15:40:37 DEBUG Skip validation of the built .zip package
2023/09/15 15:40:37 DEBUG POST https://127.0.0.1:5601/api/fleet/epm/packages
2023/09/15 15:40:39 DEBUG creating test policy...
2023/09/15 15:40:39 DEBUG POST https://127.0.0.1:5601/api/fleet/agent_policies
2023/09/15 15:40:43 DEBUG adding package data stream to test policy...
2023/09/15 15:40:43 DEBUG POST https://127.0.0.1:5601/api/fleet/package_policies
2023/09/15 15:40:46 DEBUG deleting old data in data stream...
2023/09/15 15:40:46 DEBUG found 0 hits in logs-wiz.issue-ep data stream: index_not_found_exception: no such index [logs-wiz.issue-ep] Status=404
2023/09/15 15:40:46 DEBUG GET https://127.0.0.1:5601/api/fleet/agents
2023/09/15 15:40:47 DEBUG filter agents using criteria: NamePrefix=docker-fleet-agent
2023/09/15 15:40:47 DEBUG found 1 enrolled agent(s)
2023/09/15 15:40:47 DEBUG GET https://127.0.0.1:5601/api/fleet/agent_policies/1ec52490-53b0-11ee-a280-558371a3cb72
2023/09/15 15:40:47 DEBUG assigning package data stream to agent...
2023/09/15 15:40:47 DEBUG PUT https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66/reassign
2023/09/15 15:40:48 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:49 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"1ec52490-53b0-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:49 DEBUG Wait until the policy (ID: 1ec52490-53b0-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:50 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:51 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"1ec52490-53b0-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:51 DEBUG Wait until the policy (ID: 1ec52490-53b0-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:52 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:53 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"1ec52490-53b0-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:53 DEBUG Wait until the policy (ID: 1ec52490-53b0-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:54 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:40:55 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"1ec52490-53b0-11ee-a280-558371a3cb72","policy_revision":2,"local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:40:55 DEBUG Policy revision assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:40:55 DEBUG checking for expected data in data stream...
2023/09/15 15:40:55 DEBUG found 0 hits in logs-wiz.issue-ep data stream: index_not_found_exception: no such index [logs-wiz.issue-ep] Status=404
2023/09/15 15:40:56 DEBUG found 0 hits in logs-wiz.issue-ep data stream: index_not_found_exception: no such index [logs-wiz.issue-ep] Status=404
2023/09/15 15:40:57 DEBUG found 0 hits in logs-wiz.issue-ep data stream: index_not_found_exception: no such index [logs-wiz.issue-ep] Status=404
2023/09/15 15:40:58 DEBUG found 0 hits in logs-wiz.issue-ep data stream: index_not_found_exception: no such index [logs-wiz.issue-ep] Status=404
2023/09/15 15:40:59 DEBUG found 0 hits in logs-wiz.issue-ep data stream: index_not_found_exception: no such index [logs-wiz.issue-ep] Status=404
2023/09/15 15:41:00 DEBUG found 0 hits in logs-wiz.issue-ep data stream
2023/09/15 15:41:01 DEBUG found 1 hits in logs-wiz.issue-ep data stream
2023/09/15 15:41:05 DEBUG found 1 hits in logs-wiz.issue-ep data stream
2023/09/15 15:41:05 DEBUG check whether or not synthetics is enabled (component template logs-wiz.issue@package)...
2023/09/15 15:41:05 DEBUG data stream logs-wiz.issue-ep has synthetics enabled: false
2023/09/15 15:41:05 DEBUG assert hit count expected 1, observed 1
2023/09/15 15:41:05 DEBUG reassigning original policy back to agent...
2023/09/15 15:41:05 DEBUG PUT https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66/reassign
2023/09/15 15:41:06 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:07 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:07 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:08 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:09 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:09 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:10 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:11 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:11 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:12 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:13 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","policy_revision":3,"local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:13 DEBUG Policy revision assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:13 DEBUG deleting test policy...
2023/09/15 15:41:13 DEBUG POST https://127.0.0.1:5601/api/fleet/agent_policies/delete
2023/09/15 15:41:16 DEBUG DELETE https://127.0.0.1:5601/api/fleet/epm/packages/wiz-0.1.0
2023/09/15 15:41:18 DEBUG tearing down service...
2023/09/15 15:41:18 DEBUG tearing down service using Docker Compose runner
2023/09/15 15:41:18 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:18 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:18 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service logs
2023/09/15 15:41:19  INFO Write container logs to file: /root/integration/integrations/build/container-logs/wiz-issue-1694772679248687680.log
2023/09/15 15:41:19 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service down --volumes
Stopping elastic-package-service_wiz-issue_1         ... done
Stopping elastic-package-service_wiz-audit_1         ... done
Stopping elastic-package-service_wiz-vulnerability_1 ... done
Removing elastic-package-service_wiz-issue_1         ... done
Removing elastic-package-service_wiz-audit_1         ... done
Removing elastic-package-service_wiz-vulnerability_1 ... done
Removing network elastic-package-service_default
2023/09/15 15:41:20 DEBUG deleting data in data stream...
2023/09/15 15:41:20 DEBUG Dump Elastic stack data
2023/09/15 15:41:20 DEBUG Dump stack logs (location: /tmp/test-system-1054151260)
2023/09/15 15:41:20 DEBUG Dump stack logs for elasticsearch
2023/09/15 15:41:20 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:20 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:20 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs elasticsearch
2023/09/15 15:41:21 DEBUG Dump stack logs for elastic-agent
2023/09/15 15:41:21 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:22 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:22 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs elastic-agent
2023/09/15 15:41:22 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:23 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:23 DEBUG run command: /usr/bin/docker cp elastic-package-stack_elastic-agent_1:/usr/share/elastic-agent/state/data/logs/ /tmp/test-system-1054151260/logs/elastic-agent-internal
2023/09/15 15:41:23 DEBUG Dump stack logs for fleet-server
2023/09/15 15:41:23 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:23 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:23 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs fleet-server
2023/09/15 15:41:24 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:24 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:24 DEBUG run command: /usr/bin/docker cp elastic-package-stack_fleet-server_1:/usr/share/elastic-agent/state/data/logs/ /tmp/test-system-1054151260/logs/fleet-server-internal
2023/09/15 15:41:25 DEBUG Dump stack logs for kibana
2023/09/15 15:41:25 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:25 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:25 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs kibana
2023/09/15 15:41:26 DEBUG Dump stack logs for package-registry
2023/09/15 15:41:26 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:26 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:26 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs package-registry
2023/09/15 15:41:27 DEBUG skipped malformed docker-compose log line: Attaching to elastic-package-stack_elastic-agent_1
2023/09/15 15:41:27 DEBUG Running system tests for data stream
2023/09/15 15:41:27 DEBUG running test with configuration 'default'
2023/09/15 15:41:27 DEBUG setting up service...
2023/09/15 15:41:27 DEBUG setting up service using Docker Compose service deployer
2023/09/15 15:41:27 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:41:27 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:41:27 DEBUG output command: /usr/bin/docker network inspect elastic-package-stack_default
2023/09/15 15:41:27 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service up --build -d
Creating network "elastic-package-service_default" with the default driver
Creating elastic-package-service_wiz-audit_1         ... done
Creating elastic-package-service_wiz-issue_1         ... done
Creating elastic-package-service_wiz-vulnerability_1 ... done
2023/09/15 15:41:29 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service ps -q
2023/09/15 15:41:29 DEBUG Wait for healthy containers: b509ce01061e94aa43d566a3a6061e2891a073f145e3097794af60b86fe61f80,dc9fa998d8871150705cb2a506e8676ea2e589c94001405295f9214e6ac82470,2b50396c841bb030859e8108b240b05f2ec09ae0a1796b6077308f2457db4276
2023/09/15 15:41:29 DEBUG output command: /usr/bin/docker inspect b509ce01061e94aa43d566a3a6061e2891a073f145e3097794af60b86fe61f80 dc9fa998d8871150705cb2a506e8676ea2e589c94001405295f9214e6ac82470 2b50396c841bb030859e8108b240b05f2ec09ae0a1796b6077308f2457db4276
2023/09/15 15:41:29 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"9cb0519240182cec64495fe49a5051a02c46c09f6cf0eb68223ce966ddc067c0","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-audit","com.docker.compose.version":"1.23.2"}},"ID":"b509ce01061e94aa43d566a3a6061e2891a073f145e3097794af60b86fe61f80","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:41:29 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"50d929901ea5fb3bdff12581057738ff03d748f60d264744cea1a5d386f1bce4","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-issue","com.docker.compose.version":"1.23.2"}},"ID":"dc9fa998d8871150705cb2a506e8676ea2e589c94001405295f9214e6ac82470","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:41:29 DEBUG Container status: {"Config":{"Image":"docker.elastic.co/observability/stream:v0.10.0","Labels":{"BRANCH_NAME":"v0.10.0","GIT_SHA":"2a076c9b1acdf1c35b5f5c2f8c23904c7c2c441a","GO_VERSION":"1.19.5","TIMESTAMP":"2023-01-30_11:29","com.docker.compose.config-hash":"b10498dabd03b7cc0ec403b52c22f8bfe5e1aae4845e963bf5c01a7fe4f571e6","com.docker.compose.container-number":"1","com.docker.compose.oneoff":"False","com.docker.compose.project":"elastic-package-service","com.docker.compose.service":"wiz-vulnerability","com.docker.compose.version":"1.23.2"}},"ID":"2b50396c841bb030859e8108b240b05f2ec09ae0a1796b6077308f2457db4276","State":{"Status":"running","ExitCode":0,"Health":null}}
2023/09/15 15:41:29 DEBUG run command: /usr/bin/docker network connect elastic-package-stack_default elastic-package-service_wiz-vulnerability_1
2023/09/15 15:41:29 DEBUG adding service container elastic-package-service_wiz-vulnerability_1 internal ports to context
2023/09/15 15:41:29 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service config
2023/09/15 15:41:30 DEBUG Installing package...
2023/09/15 15:41:30 DEBUG GET https://127.0.0.1:5601/api/status
2023/09/15 15:41:30 DEBUG Build directory: /root/integration/integrations/build/packages/wiz/0.1.0
2023/09/15 15:41:30 DEBUG Clear target directory (path: /root/integration/integrations/build/packages/wiz/0.1.0)
2023/09/15 15:41:30 DEBUG Copy package content (source: /root/integration/integrations/packages/wiz)
2023/09/15 15:41:30 DEBUG Copy license file if needed
2023/09/15 15:41:30  INFO License text found in "/root/integration/integrations/LICENSE.txt" will be included in package
2023/09/15 15:41:30 DEBUG Encode dashboards
2023/09/15 15:41:30 DEBUG Resolve external fields
2023/09/15 15:41:30 DEBUG Package has external dependencies defined
2023/09/15 15:41:30 DEBUG data_stream/audit/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/audit/fields/beats.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/audit/fields/fields.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/issue/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/issue/fields/beats.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/issue/fields/fields.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/vulnerability/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/vulnerability/fields/beats.yml: source file hasn't been changed
2023/09/15 15:41:30 DEBUG data_stream/vulnerability/fields/fields.yml: source file hasn't been changed
2023/09/15 15:41:30  INFO Import ECS mappings into the built package (technical preview)
2023/09/15 15:41:30 DEBUG Build zipped package
2023/09/15 15:41:30 DEBUG Compress using archiver.Zip (destination: /root/integration/integrations/build/packages/wiz-0.1.0.zip)
2023/09/15 15:41:30 DEBUG Create work directory for archiving: /tmp/elastic-package-3979473631/wiz-0.1.0
2023/09/15 15:41:30 DEBUG Skip validation of the built .zip package
2023/09/15 15:41:30 DEBUG POST https://127.0.0.1:5601/api/fleet/epm/packages
2023/09/15 15:41:32 DEBUG creating test policy...
2023/09/15 15:41:32 DEBUG POST https://127.0.0.1:5601/api/fleet/agent_policies
2023/09/15 15:41:36 DEBUG adding package data stream to test policy...
2023/09/15 15:41:36 DEBUG POST https://127.0.0.1:5601/api/fleet/package_policies
2023/09/15 15:41:38 DEBUG deleting old data in data stream...
2023/09/15 15:41:38 DEBUG found 0 hits in logs-wiz.vulnerability-ep data stream: index_not_found_exception: no such index [logs-wiz.vulnerability-ep] Status=404
2023/09/15 15:41:38 DEBUG GET https://127.0.0.1:5601/api/fleet/agents
2023/09/15 15:41:39 DEBUG filter agents using criteria: NamePrefix=docker-fleet-agent
2023/09/15 15:41:39 DEBUG found 1 enrolled agent(s)
2023/09/15 15:41:39 DEBUG GET https://127.0.0.1:5601/api/fleet/agent_policies/3e6dd940-53b0-11ee-a280-558371a3cb72
2023/09/15 15:41:39 DEBUG assigning package data stream to agent...
2023/09/15 15:41:39 DEBUG PUT https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66/reassign
2023/09/15 15:41:40 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:41 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"3e6dd940-53b0-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:41 DEBUG Wait until the policy (ID: 3e6dd940-53b0-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:42 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:43 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"3e6dd940-53b0-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:43 DEBUG Wait until the policy (ID: 3e6dd940-53b0-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:44 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:45 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"3e6dd940-53b0-11ee-a280-558371a3cb72","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:45 DEBUG Wait until the policy (ID: 3e6dd940-53b0-11ee-a280-558371a3cb72, revision: 2) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:46 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:47 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"3e6dd940-53b0-11ee-a280-558371a3cb72","policy_revision":2,"local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:47 DEBUG Policy revision assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:41:47 DEBUG checking for expected data in data stream...
2023/09/15 15:41:47 DEBUG found 0 hits in logs-wiz.vulnerability-ep data stream: index_not_found_exception: no such index [logs-wiz.vulnerability-ep] Status=404
2023/09/15 15:41:48 DEBUG found 0 hits in logs-wiz.vulnerability-ep data stream: index_not_found_exception: no such index [logs-wiz.vulnerability-ep] Status=404
2023/09/15 15:41:49 DEBUG found 0 hits in logs-wiz.vulnerability-ep data stream: index_not_found_exception: no such index [logs-wiz.vulnerability-ep] Status=404
2023/09/15 15:41:50 DEBUG found 0 hits in logs-wiz.vulnerability-ep data stream: index_not_found_exception: no such index [logs-wiz.vulnerability-ep] Status=404
2023/09/15 15:41:51 DEBUG found 0 hits in logs-wiz.vulnerability-ep data stream: index_not_found_exception: no such index [logs-wiz.vulnerability-ep] Status=404
2023/09/15 15:41:52 DEBUG found 0 hits in logs-wiz.vulnerability-ep data stream
2023/09/15 15:41:53 DEBUG found 1 hits in logs-wiz.vulnerability-ep data stream
2023/09/15 15:41:57 DEBUG found 1 hits in logs-wiz.vulnerability-ep data stream
2023/09/15 15:41:57 DEBUG check whether or not synthetics is enabled (component template logs-wiz.vulnerability@package)...
2023/09/15 15:41:57 DEBUG data stream logs-wiz.vulnerability-ep has synthetics enabled: false
2023/09/15 15:41:57 DEBUG assert hit count expected 1, observed 1
2023/09/15 15:41:57 DEBUG reassigning original policy back to agent...
2023/09/15 15:41:57 DEBUG PUT https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66/reassign
2023/09/15 15:41:59 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:41:59 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:41:59 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:42:01 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:42:01 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:42:01 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:42:03 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:42:03 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:42:03 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:42:05 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:42:05 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:42:05 DEBUG Wait until the policy (ID: elastic-agent-managed-ep, revision: 3) is assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:42:07 DEBUG GET https://127.0.0.1:5601/api/fleet/agents/a0ba1e1e-137f-48f5-81a4-2fb011d44a66
2023/09/15 15:42:07 DEBUG Agent data: {"id":"a0ba1e1e-137f-48f5-81a4-2fb011d44a66","policy_id":"elastic-agent-managed-ep","policy_revision":3,"local_metadata":{"host":{"name":"docker-fleet-agent"}}}
2023/09/15 15:42:07 DEBUG Policy revision assigned to the agent (ID: a0ba1e1e-137f-48f5-81a4-2fb011d44a66)...
2023/09/15 15:42:07 DEBUG deleting test policy...
2023/09/15 15:42:07 DEBUG POST https://127.0.0.1:5601/api/fleet/agent_policies/delete
2023/09/15 15:42:09 DEBUG DELETE https://127.0.0.1:5601/api/fleet/epm/packages/wiz-0.1.0
2023/09/15 15:42:11 DEBUG tearing down service...
2023/09/15 15:42:11 DEBUG tearing down service using Docker Compose runner
2023/09/15 15:42:11 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:11 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:11 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service logs
2023/09/15 15:42:12  INFO Write container logs to file: /root/integration/integrations/build/container-logs/wiz-vulnerability-1694772732235539712.log
2023/09/15 15:42:12 DEBUG running command: /usr/local/bin/docker-compose -f /root/integration/integrations/packages/wiz/_dev/deploy/docker/docker-compose.yml -p elastic-package-service down --volumes
Stopping elastic-package-service_wiz-vulnerability_1 ... done
Stopping elastic-package-service_wiz-issue_1         ... done
Stopping elastic-package-service_wiz-audit_1         ... done
Removing elastic-package-service_wiz-vulnerability_1 ... done
Removing elastic-package-service_wiz-issue_1         ... done
Removing elastic-package-service_wiz-audit_1         ... done
Removing network elastic-package-service_default
2023/09/15 15:42:13 DEBUG deleting data in data stream...
2023/09/15 15:42:13 DEBUG Dump Elastic stack data
2023/09/15 15:42:13 DEBUG Dump stack logs (location: /tmp/test-system-2961718966)
2023/09/15 15:42:13 DEBUG Dump stack logs for elasticsearch
2023/09/15 15:42:13 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:13 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:13 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs elasticsearch
2023/09/15 15:42:14 DEBUG Dump stack logs for elastic-agent
2023/09/15 15:42:14 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:15 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:15 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs elastic-agent
2023/09/15 15:42:15 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:16 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:16 DEBUG run command: /usr/bin/docker cp elastic-package-stack_elastic-agent_1:/usr/share/elastic-agent/state/data/logs/ /tmp/test-system-2961718966/logs/elastic-agent-internal
2023/09/15 15:42:16 DEBUG Dump stack logs for fleet-server
2023/09/15 15:42:16 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:16 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:16 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs fleet-server
2023/09/15 15:42:17 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:18 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:18 DEBUG run command: /usr/bin/docker cp elastic-package-stack_fleet-server_1:/usr/share/elastic-agent/state/data/logs/ /tmp/test-system-2961718966/logs/fleet-server-internal
2023/09/15 15:42:18 DEBUG Dump stack logs for kibana
2023/09/15 15:42:18 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:18 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:18 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs kibana
2023/09/15 15:42:19 DEBUG Dump stack logs for package-registry
2023/09/15 15:42:19 DEBUG running command: /usr/local/bin/docker-compose version --short
2023/09/15 15:42:19 DEBUG Determined Docker Compose version: 1.23.2, the tool will use Compose V1
2023/09/15 15:42:19 DEBUG running command: /usr/local/bin/docker-compose -f /root/.elastic-package/profiles/default/stack/snapshot.yml -p elastic-package-stack logs package-registry
2023/09/15 15:42:20 DEBUG skipped malformed docker-compose log line: Attaching to elastic-package-stack_elastic-agent_1
--- Test results for package: wiz - START ---
╭─────────┬───────────────┬───────────┬───────────┬────────┬───────────────╮
│ PACKAGE │ DATA STREAM   │ TEST TYPE │ TEST NAME │ RESULT │  TIME ELAPSED │
├─────────┼───────────────┼───────────┼───────────┼────────┼───────────────┤
│ wiz     │ audit         │ system    │ default   │ PASS   │ 45.507678138s │
│ wiz     │ issue         │ system    │ default   │ PASS   │  30.97361727s │
│ wiz     │ vulnerability │ system    │ default   │ PASS   │ 29.929750931s │
╰─────────┴───────────────┴───────────┴───────────┴────────┴───────────────╯
--- Test results for package: wiz - END   ---
Done
Run asset tests for the package
2023/09/15 15:42:20 DEBUG installing package...
2023/09/15 15:42:20 DEBUG GET https://127.0.0.1:5601/api/status
2023/09/15 15:42:20 DEBUG Build directory: /root/integration/integrations/build/packages/wiz/0.1.0
2023/09/15 15:42:20 DEBUG Clear target directory (path: /root/integration/integrations/build/packages/wiz/0.1.0)
2023/09/15 15:42:20 DEBUG Copy package content (source: /root/integration/integrations/packages/wiz)
2023/09/15 15:42:20 DEBUG Copy license file if needed
2023/09/15 15:42:20  INFO License text found in "/root/integration/integrations/LICENSE.txt" will be included in package
2023/09/15 15:42:20 DEBUG Encode dashboards
2023/09/15 15:42:20 DEBUG Resolve external fields
2023/09/15 15:42:20 DEBUG Package has external dependencies defined
2023/09/15 15:42:20 DEBUG data_stream/audit/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/audit/fields/beats.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/audit/fields/fields.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/issue/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/issue/fields/beats.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/issue/fields/fields.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/vulnerability/fields/base-fields.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/vulnerability/fields/beats.yml: source file hasn't been changed
2023/09/15 15:42:20 DEBUG data_stream/vulnerability/fields/fields.yml: source file hasn't been changed
2023/09/15 15:42:20  INFO Import ECS mappings into the built package (technical preview)
2023/09/15 15:42:20 DEBUG Build zipped package
2023/09/15 15:42:20 DEBUG Compress using archiver.Zip (destination: /root/integration/integrations/build/packages/wiz-0.1.0.zip)
2023/09/15 15:42:20 DEBUG Create work directory for archiving: /tmp/elastic-package-1493598552/wiz-0.1.0
2023/09/15 15:42:20 DEBUG Skip validation of the built .zip package
2023/09/15 15:42:20 DEBUG POST https://127.0.0.1:5601/api/fleet/epm/packages
2023/09/15 15:42:22 DEBUG removing package...
2023/09/15 15:42:22 DEBUG DELETE https://127.0.0.1:5601/api/fleet/epm/packages/wiz-0.1.0
--- Test results for package: wiz - START ---
╭─────────┬───────────────┬───────────┬────────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE │ DATA STREAM   │ TEST TYPE │ TEST NAME                                              │ RESULT │ TIME ELAPSED │
├─────────┼───────────────┼───────────┼────────────────────────────────────────────────────────┼────────┼──────────────┤
│ wiz     │ audit         │ asset     │ index_template logs-wiz.audit is loaded                │ PASS   │      1.201µs │
│ wiz     │ audit         │ asset     │ ingest_pipeline logs-wiz.audit-0.1.0 is loaded         │ PASS   │        158ns │
│ wiz     │ issue         │ asset     │ index_template logs-wiz.issue is loaded                │ PASS   │        167ns │
│ wiz     │ issue         │ asset     │ ingest_pipeline logs-wiz.issue-0.1.0 is loaded         │ PASS   │        123ns │
│ wiz     │ vulnerability │ asset     │ index_template logs-wiz.vulnerability is loaded        │ PASS   │        220ns │
│ wiz     │ vulnerability │ asset     │ ingest_pipeline logs-wiz.vulnerability-0.1.0 is loaded │ PASS   │        368ns │
╰─────────┴───────────────┴───────────┴────────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: wiz - END   ---
Done
Run pipeline tests for the package
--- Test results for package: wiz - START ---
╭─────────┬───────────────┬───────────┬────────────────────────┬────────┬──────────────╮
│ PACKAGE │ DATA STREAM   │ TEST TYPE │ TEST NAME              │ RESULT │ TIME ELAPSED │
├─────────┼───────────────┼───────────┼────────────────────────┼────────┼──────────────┤
│ wiz     │ audit         │ pipeline  │ test-audit.log         │ PASS   │   8.478727ms │
│ wiz     │ issue         │ pipeline  │ test-issue.log         │ PASS   │   4.440734ms │
│ wiz     │ vulnerability │ pipeline  │ test-vulnerability.log │ PASS   │   4.727321ms │
╰─────────┴───────────────┴───────────┴────────────────────────┴────────┴──────────────╯
--- Test results for package: wiz - END   ---
Done
Run static tests for the package
--- Test results for package: wiz - START ---
╭─────────┬───────────────┬───────────┬──────────────────────────┬────────┬──────────────╮
│ PACKAGE │ DATA STREAM   │ TEST TYPE │ TEST NAME                │ RESULT │ TIME ELAPSED │
├─────────┼───────────────┼───────────┼──────────────────────────┼────────┼──────────────┤
│ wiz     │ audit         │ static    │ Verify sample_event.json │ PASS   │ 124.295134ms │
│ wiz     │ issue         │ static    │ Verify sample_event.json │ PASS   │ 104.113108ms │
│ wiz     │ vulnerability │ static    │ Verify sample_event.json │ PASS   │ 129.554667ms │
╰─────────┴───────────────┴───────────┴──────────────────────────┴────────┴──────────────╯
--- Test results for package: wiz - END   ---
Done

Screenshot

elasticmachine · 2023-09-15T11:00:34Z

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

Start Time: 2023-10-03T11:56:40.860+0000
Duration: 19 min 59 sec

Test stats 🧪

Test	Results
Failed	0
Passed	15
Skipped	0
Total	15

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

/test : Re-trigger the build.

piyush-elastic · 2023-09-15T11:17:36Z

/test

elasticmachine · 2023-09-19T15:08:19Z

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

efd6 · 2023-09-20T06:16:38Z

/test

elasticmachine · 2023-09-20T06:33:42Z

🌐 Coverage report

Name	Metrics % (`covered/total`)	Diff
Packages	100.0% (`3/3`)	💚
Files	100.0% (`3/3`)	💚
Classes	100.0% (`3/3`)	💚
Methods	100.0% (`39/39`)	💚 24.242
Lines	93.987% (`1141/1214`)	👎 -6.013
Conditionals	100.0% (`0/0`)	💚

efd6 · 2023-09-20T22:44:36Z

+  initial_interval: {{initial_interval}}
+  want_more: false
+  batch_size: {{batch_size}}
+  query: "query AuditLogTable($first: Int $after: String $filterBy: AuditLogEntryFilters){     auditLogEntries(first: $first after: $after filterBy: $filterBy) {       nodes {         id         action         requestId         status         timestamp         actionParameters         userAgent         sourceIP         serviceAccount {           id           name         }         user {           id           name         }       }       pageInfo {         hasNextPage         endCursor       }     }   }"


Is it possible to make this more readable? What is the format that is expected, must it all be on one line? If so suggest

Suggested change

query: "query AuditLogTable($first: Int $after: String $filterBy: AuditLogEntryFilters){ auditLogEntries(first: $first after: $after filterBy: $filterBy) { nodes { id action requestId status timestamp actionParameters userAgent sourceIP serviceAccount { id name } user { id name } } pageInfo { hasNextPage endCursor } } }"

query: >-

query AuditLogTable($first: Int $after: String $filterBy: AuditLogEntryFilters){

auditLogEntries(first: $first after: $after filterBy: $filterBy) {

nodes {

id

action

requestId

status

timestamp

actionParameters

userAgent

sourceIP

serviceAccount {

id

name

}

user {

id

name

}

}

pageInfo {

hasNextPage

endCursor

}

}

}

Yes, it should be one line only otherwise it throws an error.

efd6 · 2023-09-20T22:45:30Z

+    state.url + "/graphql",
+    "application/json",
+    '''{
+      "query": ''' + state.query.encode_json() + ''',


Why is this being JSON encoded?

efd6 · 2023-09-20T22:52:38Z

+  post_request(
+    state.url + "/graphql",
+    "application/json",
+    '''{


I'm a little confused about why this is being done. Can you not construct an object and JSON encode it below?

Hey @efd6, we tried constructing an object and JSON encoding it below but that throws failed eval: failed to marshal value to JSON: json: unsupported type: map[ref.Val]ref.Val error so we found this workaround to use string concatenation.

Can you make a minimal reproducer for me? This should not happen.

This should be fixed in v8.9. Can you check that?

efd6 · 2023-09-20T23:35:21Z

+  initial_interval: {{initial_interval}}
+  want_more: false
+  batch_size: {{batch_size}}
+  query: "query VulnerabilityFindingsPage(   $filterBy: VulnerabilityFindingFilters   $first: Int   $after: String   $orderBy: VulnerabilityFindingOrder ) {   vulnerabilityFindings(     filterBy: $filterBy     first: $first     after: $after     orderBy: $orderBy   ) {     nodes {       id       portalUrl       name       CVEDescription       CVSSSeverity       score       exploitabilityScore       impactScore       dataSourceName       hasExploit       hasCisaKevExploit       status       vendorSeverity       firstDetectedAt       lastDetectedAt       resolvedAt       description       remediation       detailedName       version       fixedVersion       detectionMethod       link       locationPath       resolutionReason       epssSeverity       epssPercentile       epssProbability       validatedInRuntime       layerMetadata{         id         details         isBaseLayer       }       projects {         id         name         slug         businessUnit         riskProfile {           businessImpact         }       }       ignoreRules{         id         name         enabled         expiredAt       }       vulnerableAsset {         ... on VulnerableAssetBase {           id           type           name           region           providerUniqueId           cloudProviderURL           cloudPlatform           status           subscriptionName           subscriptionExternalId           subscriptionId           tags           hasLimitedInternetExposure           hasWideInternetExposure           isAccessibleFromVPN           isAccessibleFromOtherVnets           isAccessibleFromOtherSubscriptions         }         ... on VulnerableAssetVirtualMachine {           operatingSystem           ipAddresses         }         ... on VulnerableAssetServerless {           runtime         }         ... on VulnerableAssetContainerImage {           imageId         }         ... on VulnerableAssetContainer {           ImageExternalId           VmExternalId           ServerlessContainer           PodNamespace           PodName           NodeName         }       }     }     pageInfo {       hasNextPage       endCursor     }   } }"


efd6 · 2023-09-20T23:35:34Z

+  post_request(
+    state.url + "/graphql",
+    "application/json",
+    '''{


Query approach.

efd6 · 2023-09-20T23:35:47Z

+{{#if processors}}
+processors:
+{{processors}}
+{{/if}}


Final new line.

efd6 · 2023-09-20T23:36:43Z

This looks like it is leftover from the template.

efd6 · 2023-09-20T23:37:33Z

+        - append:
+            field: error.message
+            value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}'
+  - date:


…wiz-0.1.0

efd6 · 2023-09-28T07:10:13Z

/test

bhapas · 2023-09-28T08:10:03Z

            - application/json
        body: |
-          {"data": {"auditLogEntries": {"nodes": [{"id": "8f7fa6bd-ce32-4f11-91b4-a0377438561e","action": " user Login","requestId": "8f7fa6bd-ce32-4f11-91b4-a0377438561e","status": "SUCCESS","timestamp": "2023-08-24T08:54:21.44203Z","actionParameters": {"clientID": "kr7ngoiolk3d9i8ravmuutlb6","groups": null,"name": "op-us","products": ["*"],"role": "","scopes": ["read:issues","read:reports","read:vulnerabilities","read:cloud_configuration","update:reports","create:reports"],"userEmail": "","userID": "mlipebtwsndhxdmnzdwrxzmiojxkszrh6qzfufevkpmdguxfv4cxg","userpoolID": "us-east-2_GQ3gwvxsQ"},"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36","sourceIP": null,"serviceAccount": {"id": "mlipebtwsndhxdmnzdwrxzmiojxkszrh6qzfufevkpmdguxfv4cxg","name": "op-us"},"user": null}],"pageInfo": {"hasNextPage": false,"endCursor": "eyJmaWVsZHMiOlt7IkZpZWxkIjoiVGltZXN0YW1wIiwiVmFsdWUiOiIyMDIzLTA5LTA0VDExOjE5OjM3LjgwMTU0MVoifV19"}}}}
+          {"data": {"auditLogEntries": {"nodes": [{"id": "8f7fa6bd-ce32-4f11-91b4-a0377438561e","action": " user Login","requestId": "8f7fa6bd-ce32-4f11-91b4-a0377438561e","status": "SUCCESS","timestamp": "2023-08-24T08:54:21.44203Z","actionParameters": {"clientID": "kr7ngoiolk3d9i8ravmuutlb6","groups": null,"name": "op-us","products": ["*"],"role": "","scopes": ["read:issues","read:reports","read:vulnerabilities","read:cloud_configuration","update:reports","create:reports"],"userEmail": "","userID": "mlipebtwsndhxdmnzdwrxzmiojxkszrh6qzfufevkpmdguxfv4cxg","userpoolID": "us-east-2_GQ3gwvxsQ"},"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36","sourceIP": null,"serviceAccount": {"id": "mlipebtwsndhxdmnzdwrxzmiojxkszrh6qzfufevkpmdguxfv4cxg","name": "op-us"},"user": null},{"id": "823b5f36-3c20-4e91-955c-9aaa486cdeab","action": "Login","requestId": "823b5f36-3c20-4e91-955c-9aaa486cdeab","status": "SUCCESS","timestamp": "2023-09-21T07:07:27.176978Z","actionParameters": {"clientID": "kr7ngoiolk3d9i8ravmuutlb6","groups": null,"name": "aembit","products": ["*"],"role": "","scopes": ["read:resources","read:reports","update:reports","create:reports"],"userEmail": "","userID": "mlipebtwsndhxdmnzdwrxzmiokcvchjpebavkufblyt6u3qowslxg","userpoolID": "us-east-2_GQ3gwvxsQ"},"userAgent": null,"sourceIP": null,"serviceAccount": {"id": "mlipebtwsndhxdmnzdwrxzmiokcvchjpebavkufblyt6u3qowslxg","name": "aembit"},"user": null},{"id": "aad8ab9c-f1bf-4a80-a1e1-13bc8769caf4","action": "Login","requestId": "aad8ab9c-f1bf-4a80-a1e1-13bc8769caf4","status": "SUCCESS","timestamp": "2023-09-21T07:07:21.105685Z","actionParameters": {"clientID": "kr7ngoiolk3d9i8ravmuutlb6","groups": null,"name": "elastic","products": ["*"],"role": "","scopes": ["read:issues","read:reports","read:vulnerabilities","update:reports","create:reports","admin:audit"],"userEmail": "","userID": "mlipebtwsndhxdmnzdwrxzmiolvzt6topjvv4nugzctcsyarazrhg","userpoolID": "us-east-2_GQ3gwvxsQ"},"userAgent": null,"sourceIP": null,"serviceAccount": {"id": "mlipebtwsndhxdmnzdwrxzmiolvzt6topjvv4nugzctcsyarazrhg","name": "elastic"},"user": null}],"pageInfo": {"hasNextPage": false,"endCursor": "eyJmaWVsZHMiOlt7IkZpZWxkIjoiVGltZXN0YW1wIiwiVmFsdWUiOiIyMDIzLTA5LTA0VDExOjE5OjM3LjgwMTU0MVoifV19"}}}}


What I am more interested in paginated responses is to have "hasNextPage": true and a new request that uses the endCursor so that the agent config behaves as expected with cursor information and pagination.

Applies to all data_streams

efd6

LGTM when #7839 (comment) is satisfied.

bhapas

LGTM

elasticmachine · 2023-10-03T13:17:00Z

Package wiz - 0.1.0 containing this change is available at https://epr.elastic.co/search?package=wiz

mohitjha-elastic added 2 commits September 15, 2023 16:19

Initial Release for Wiz

0e36ee1

Update the changelog entry

437f6c3

jamiehynds requested a review from a team September 19, 2023 15:08

jamiehynds added the Team:Security-External Integrations label Sep 19, 2023

jamiehynds added the New Integration Issue or pull request for creating a new integration package. label Sep 19, 2023

bhapas reviewed Sep 20, 2023

View reviewed changes

efd6 reviewed Sep 20, 2023

View reviewed changes

mohitjha-elastic added 2 commits September 27, 2023 19:07

Merge branch 'main' of github.com:mohitjha-elastic/integrations into …

2c88c93

…wiz-0.1.0

Resolve review comments

a7d05dc

mohitjha-elastic requested review from bhapas and efd6 September 27, 2023 13:47

bhapas reviewed Sep 28, 2023

View reviewed changes

efd6 approved these changes Sep 28, 2023

View reviewed changes

mohitjha-elastic requested a review from bhapas October 3, 2023 10:56

Resolved review comments. Added pagination in the system test.

70e1c5f

bhapas approved these changes Oct 3, 2023

View reviewed changes

P1llus merged commit 0b9c00e into elastic:main Oct 3, 2023

andrewkroh added the Integration:wiz Wiz label Jul 22, 2024

Conversation

mohitjha-elastic commented Sep 15, 2023

What does this PR do?

Integration release checklist

All changes

New Package

Log dataset changes

How to test this PR locally

Automated Test

Screenshot

Uh oh!

elasticmachine commented Sep 15, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

💚 Build Succeeded

Build stats

Test stats 🧪

🤖 GitHub comments

Uh oh!

piyush-elastic commented Sep 15, 2023

Uh oh!

elasticmachine commented Sep 19, 2023

Uh oh!

efd6 commented Sep 20, 2023

Uh oh!

elasticmachine commented Sep 20, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🌐 Coverage report

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

efd6 commented Sep 28, 2023

Uh oh!

Choose a reason for hiding this comment

Uh oh!

efd6 left a comment

Choose a reason for hiding this comment

Uh oh!

bhapas left a comment

Choose a reason for hiding this comment

Uh oh!

elasticmachine commented Oct 3, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

elasticmachine commented Sep 15, 2023 •

edited

Loading

elasticmachine commented Sep 20, 2023 •

edited

Loading