diff --git a/x-pack/plugins/fleet/server/services/files/mocks.ts b/x-pack/plugins/fleet/server/services/files/mocks.ts index 23c0482b7e111..2000f8eefc02b 100644 --- a/x-pack/plugins/fleet/server/services/files/mocks.ts +++ b/x-pack/plugins/fleet/server/services/files/mocks.ts @@ -10,12 +10,12 @@ import { Readable } from 'stream'; import type { estypes } from '@elastic/elasticsearch'; import type { + FleetFile, FleetFromHostFileClientInterface, FleetToHostFileClientInterface, HapiReadableStream, + HostUploadedFileMetadata, } from './types'; -import type { FleetFile } from './types'; -import type { HostUploadedFileMetadata } from './types'; export const createFleetFromHostFilesClientMock = (): jest.Mocked => { diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts index b2f99a51087be..dbe75b576ac9c 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts @@ -22,8 +22,6 @@ describe( const [endpointAgentId, endpointHostname] = generateRandomStringName(2); before(() => { - login(ROLE.endpoint_response_actions_access); - indexEndpointHosts({ numResponseActions: 2 }).then((indexEndpoints) => { endpointData = indexEndpoints; }); @@ -59,6 +57,10 @@ describe( } }); + beforeEach(() => { + login(ROLE.endpoint_response_actions_access); + }); + it('enable filtering by type', () => { cy.visit(`/app/security/administration/response_actions_history`); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts new file mode 100644 index 0000000000000..a736e05c33145 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts @@ -0,0 +1,115 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { closeAllToasts } from '../../tasks/toasts'; +import { + getAlertsTableRows, + openAlertDetailsView, + openInvestigateInTimelineView, + openResponderFromEndpointAlertDetails, +} from '../../screens/alerts'; +import { ensureOnResponder } from '../../screens/responder'; +import { cleanupRule, loadRule } from '../../tasks/api_fixtures'; +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; +import { toggleRuleOffAndOn, visitRuleAlerts } from '../../tasks/isolate'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let createdHost: CreateAndEnrollEndpointHostResponse; + + beforeEach(() => { + login(); + }); + + before(() => { + getEndpointIntegrationVersion().then((version) => + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + + return enableAllPolicyProtections(policy.id).then(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + }) + ); + }); + + after(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + describe('From Alerts', () => { + let ruleId: string; + let ruleName: string; + + before(() => { + loadRule( + { query: `agent.name: ${createdHost.hostname} and agent.type: endpoint` }, + false + ).then((data) => { + ruleId = data.id; + ruleName = data.name; + }); + }); + + after(() => { + if (ruleId) { + cleanupRule(ruleId); + } + }); + + it('should open responder from alert details flyout', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + toggleRuleOffAndOn(ruleName); + visitRuleAlerts(ruleName); + closeAllToasts(); + getAlertsTableRows().should('have.length.greaterThan', 0); + openAlertDetailsView(); + + openResponderFromEndpointAlertDetails(); + ensureOnResponder(); + }); + + it('should open responder from timeline view alert details flyout', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + toggleRuleOffAndOn(ruleName); + visitRuleAlerts(ruleName); + closeAllToasts(); + + getAlertsTableRows().should('have.length.greaterThan', 0); + openInvestigateInTimelineView(); + cy.getByTestSubj('timeline-flyout').within(() => { + openAlertDetailsView(); + }); + openResponderFromEndpointAlertDetails(); + ensureOnResponder(); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/cases_response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/cases_response_console.cy.ts new file mode 100644 index 0000000000000..a33d325d5443a --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/cases_response_console.cy.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { loadPage } from '../../tasks/common'; +import { closeAllToasts } from '../../tasks/toasts'; +import { + addAlertToCase, + getAlertsTableRows, + openAlertDetailsView, + openResponderFromEndpointAlertDetails, +} from '../../screens/alerts'; +import { ensureOnResponder } from '../../screens/responder'; +import { cleanupCase, cleanupRule, loadCase, loadRule } from '../../tasks/api_fixtures'; +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; +import { openCaseAlertDetails, toggleRuleOffAndOn, visitRuleAlerts } from '../../tasks/isolate'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; +import { APP_CASES_PATH } from '../../../../../common/constants'; + +describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let createdHost: CreateAndEnrollEndpointHostResponse; + + before(() => { + getEndpointIntegrationVersion().then((version) => + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + + return enableAllPolicyProtections(policy.id).then(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + }) + ); + }); + + beforeEach(() => { + login(); + }); + + after(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + describe('From Cases', () => { + let ruleId: string; + let ruleName: string; + let caseId: string; + const caseOwner = 'securitySolution'; + + beforeEach(() => { + loadRule( + { query: `agent.name: ${createdHost.hostname} and agent.type: endpoint` }, + false + ).then((data) => { + ruleId = data.id; + ruleName = data.name; + }); + loadCase(caseOwner).then((data) => { + caseId = data.id; + }); + }); + + afterEach(() => { + if (ruleId) { + cleanupRule(ruleId); + } + if (caseId) { + cleanupCase(caseId); + } + }); + + it('should open responder', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + toggleRuleOffAndOn(ruleName); + visitRuleAlerts(ruleName); + closeAllToasts(); + + getAlertsTableRows().should('have.length.greaterThan', 0); + openAlertDetailsView(); + addAlertToCase(caseId, caseOwner); + + // visit case details page + cy.intercept('GET', `/api/cases/${caseId}/user_actions/_find*`).as('case'); + loadPage(`${APP_CASES_PATH}/${caseId}`); + + cy.wait('@case', { timeout: 30000 }).then(({ response: res }) => { + const caseAlertId = res?.body.userActions[1].id; + closeAllToasts(); + openCaseAlertDetails(caseAlertId); + }); + + openResponderFromEndpointAlertDetails(); + ensureOnResponder(); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/endpoints_list_response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/endpoints_list_response_console.cy.ts new file mode 100644 index 0000000000000..75074b0d3f94a --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/endpoints_list_response_console.cy.ts @@ -0,0 +1,69 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ensureOnResponder } from '../../screens/responder'; +import type { PolicyData } from '../../../../../common/endpoint/types'; +import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services'; +import { + openResponseConsoleFromEndpointList, + waitForEndpointListPageToBeLoaded, +} from '../../tasks/response_console'; +import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; + +import { login } from '../../tasks/login'; +import { enableAllPolicyProtections } from '../../tasks/endpoint_policy'; +import { createEndpointHost } from '../../tasks/create_endpoint_host'; +import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data'; + +describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => { + beforeEach(() => { + login(); + }); + + describe('From endpoint list', () => { + let indexedPolicy: IndexedFleetEndpointPolicyResponse; + let policy: PolicyData; + let createdHost: CreateAndEnrollEndpointHostResponse; + + before(() => { + getEndpointIntegrationVersion().then((version) => + createAgentPolicyTask(version).then((data) => { + indexedPolicy = data; + policy = indexedPolicy.integrationPolicies[0]; + + return enableAllPolicyProtections(policy.id).then(() => { + // Create and enroll a new Endpoint host + return createEndpointHost(policy.policy_id).then((host) => { + createdHost = host as CreateAndEnrollEndpointHostResponse; + }); + }); + }) + ); + }); + + after(() => { + if (createdHost) { + cy.task('destroyEndpointHost', createdHost); + } + + if (indexedPolicy) { + cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy); + } + + if (createdHost) { + deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] }); + } + }); + + it('should open responder', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + openResponseConsoleFromEndpointList(); + ensureOnResponder(); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts index f09e0b462a75d..ada452213b74d 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate.cy.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { openAlertDetailsView } from '../../screens/alerts'; import type { PolicyData } from '../../../../../common/endpoint/types'; import { APP_CASES_PATH, APP_ENDPOINTS_PATH } from '../../../../../common/constants'; import { closeAllToasts } from '../../tasks/toasts'; @@ -14,7 +15,6 @@ import { checkFlyoutEndpointIsolation, filterOutIsolatedHosts, isolateHostWithComment, - openAlertDetails, openCaseAlertDetails, releaseHostWithComment, toggleRuleOffAndOn, @@ -139,7 +139,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe visitRuleAlerts(ruleName); closeAllToasts(); - openAlertDetails(); + openAlertDetailsView(); isolateHostWithComment(isolateComment, createdHost.hostname); @@ -147,7 +147,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe cy.contains(`Isolation on host ${createdHost.hostname} successfully submitted`); cy.getByTestSubj('euiFlyoutCloseButton').click(); - openAlertDetails(); + openAlertDetailsView(); checkFlyoutEndpointIsolation(); @@ -156,7 +156,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe cy.contains(`Release on host ${createdHost.hostname} successfully submitted`); cy.getByTestSubj('euiFlyoutCloseButton').click(); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('event-field-agent.status').within(() => { cy.get('[title="Isolated"]').should('not.exist'); }); @@ -205,7 +205,7 @@ describe.skip('Isolate command', { tags: ['@ess', '@serverless', '@brokenInServe visitRuleAlerts(ruleName); closeAllToasts(); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('add-to-existing-case-action').click(); cy.getByTestSubj(`cases-table-row-select-${caseId}`).click(); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts index 00bca7e3864af..a630d8fc4ec01 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/isolate_mocked_data.cy.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { openAlertDetailsView } from '../../screens/alerts'; import { getEndpointListPath } from '../../../common/routing'; import { checkEndpointIsIsolated, @@ -12,7 +13,6 @@ import { filterOutIsolatedHosts, interceptActionRequests, isolateHostWithComment, - openAlertDetails, openCaseAlertDetails, releaseHostWithComment, sendActionResponse, @@ -148,7 +148,7 @@ describe('Isolate command', { tags: ['@ess', '@serverless'] }, () => { }); }); - openAlertDetails(); + openAlertDetailsView(); isolateHostWithComment(isolateComment, hostname); @@ -167,7 +167,7 @@ describe('Isolate command', { tags: ['@ess', '@serverless'] }, () => { cy.getByTestSubj('euiFlyoutCloseButton').click(); // eslint-disable-next-line cypress/no-unnecessary-waiting cy.wait(1000); - openAlertDetails(); + openAlertDetailsView(); checkFlyoutEndpointIsolation(); @@ -185,7 +185,7 @@ describe('Isolate command', { tags: ['@ess', '@serverless'] }, () => { cy.contains(`Release on host ${hostname} successfully submitted`); cy.getByTestSubj('euiFlyoutCloseButton').click(); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('event-field-agent.status').within(() => { cy.get('[title="Isolated"]').should('not.exist'); }); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console_actions.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console.cy.ts rename to x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console_actions.cy.ts index 9690107c2d218..b727697da17be 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/response_actions/response_console_actions.cy.ts @@ -16,7 +16,7 @@ import { waitForEndpointListPageToBeLoaded, } from '../../tasks/response_console'; import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy'; -import { getEndpointIntegrationVersion, createAgentPolicyTask } from '../../tasks/fleet'; +import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet'; import { checkEndpointListForOnlyIsolatedHosts, checkEndpointListForOnlyUnIsolatedHosts, @@ -188,7 +188,7 @@ describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerles }); }); - describe('File operations: get-file and execute', () => { + describe('File operations: get-file, upload and execute', () => { const homeFilePath = process.env.CI || true ? '/home/vagrant' : `/home/ubuntu`; const fileContent = 'This is a test file for the get-file command.'; @@ -271,6 +271,22 @@ describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerles submitCommand(); waitForCommandToBeExecuted('execute'); }); + + it('"upload --file" - should upload a file', () => { + waitForEndpointListPageToBeLoaded(createdHost.hostname); + openResponseConsoleFromEndpointList(); + inputConsoleCommand(`upload --file`); + cy.getByTestSubj('console-arg-file-picker').selectFile( + { + contents: Cypress.Buffer.from('upload file content here!'), + fileName: 'upload_file.txt', + lastModified: Date.now(), + }, + { force: true } + ); + submitCommand(); + waitForCommandToBeExecuted('upload'); + }); }); // FLAKY: https://github.com/elastic/kibana/issues/168296 diff --git a/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts b/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts index a1e53cee9b09a..b434458c4dc1d 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/screens/alerts.ts @@ -13,7 +13,7 @@ export const navigateToAlertsList = (urlQueryParams: string = '') => { }; export const clickAlertListRefreshButton = (): Cypress.Chainable => { - cy.getByTestSubj('querySubmitButton').click(); + cy.getByTestSubj('querySubmitButton').first().click(); return cy.getByTestSubj('querySubmitButton').should('be.enabled'); }; @@ -41,3 +41,22 @@ export const getAlertsTableRows = (timeout?: number): Cypress.Chainable $rows); }; + +export const openAlertDetailsView = (rowIndex: number = 0): void => { + cy.getByTestSubj('expand-event').eq(rowIndex).click(); + cy.getByTestSubj('take-action-dropdown-btn').click(); +}; + +export const openInvestigateInTimelineView = (): void => { + cy.getByTestSubj('send-alert-to-timeline-button').first().click(); +}; + +export const openResponderFromEndpointAlertDetails = (): void => { + cy.getByTestSubj('endpointResponseActions-action-item').click(); +}; + +export const addAlertToCase = (caseId: string, caseOwner: string): void => { + cy.getByTestSubj('add-to-existing-case-action').click(); + cy.getByTestSubj(`cases-table-row-select-${caseId}`).click(); + cy.contains(`An alert was added to \"Test ${caseOwner} case`); +}; diff --git a/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts b/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts index c9e320728ee23..c612c99db17b3 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/screens/responder.ts @@ -30,7 +30,7 @@ export const getConsoleHelpPanelResponseActionTestSubj = (): Record< }; }; -const ensureOnResponder = (): Cypress.Chainable> => { +export const ensureOnResponder = (): Cypress.Chainable> => { return cy.getByTestSubj(TEST_SUBJ.responderPage).should('exist'); }; diff --git a/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts b/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts index 7c8bf5104524b..67c2a3ef0375e 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/support/e2e.ts @@ -23,12 +23,13 @@ // *********************************************************** import { subj as testSubjSelector } from '@kbn/test-subj-selector'; - import 'cypress-react-selector'; - // @ts-ignore import registerCypressGrep from '@cypress/grep'; +import { login, ROLE } from '../tasks/login'; +import { loadPage } from '../tasks/common'; + registerCypressGrep(); Cypress.Commands.addQuery<'getByTestSubj'>( @@ -100,3 +101,10 @@ Cypress.Commands.add( ); Cypress.on('uncaught:exception', () => false); + +// Login as a Platform Engineer to properly initialize Security Solution App +before(() => { + login(ROLE.soc_manager); + loadPage('/app/security/alerts'); + cy.getByTestSubj('manage-alert-detection-rules').should('exist'); +}); diff --git a/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts b/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts index a15a71f1362eb..e13bb832adce5 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/tasks/isolate.ts @@ -7,6 +7,7 @@ /* eslint-disable cypress/no-unnecessary-waiting */ +import { openAlertDetailsView } from '../screens/alerts'; import type { ActionDetails } from '../../../../common/endpoint/types'; import { loadPage } from './common'; @@ -46,11 +47,6 @@ export const releaseHostWithComment = (comment: string, hostname: string): void cy.getByTestSubj('host_isolation_comment').type(comment); }; -export const openAlertDetails = (): void => { - cy.getByTestSubj('expand-event').first().click(); - cy.getByTestSubj('take-action-dropdown-btn').click(); -}; - export const openCaseAlertDetails = (alertId: string): void => { cy.getByTestSubj(`comment-action-show-alert-${alertId}`).click(); cy.getByTestSubj('take-action-dropdown-btn').click(); @@ -84,7 +80,7 @@ export const checkFlyoutEndpointIsolation = (): void => { } else { cy.getByTestSubj('euiFlyoutCloseButton').click(); cy.wait(5000); - openAlertDetails(); + openAlertDetailsView(); cy.getByTestSubj('event-field-agent.status').within(() => { cy.contains('Isolated'); });