elastic
[Fleet] Add minimal test for input conditions for existing Linux policy conditions for data_streams we can validate
this is a side/sub-issue to https://github.com/elastic/e2e-testing/issues/424
- I think we can do some minimal work in the Fleet mode agent, using what is existing in the policy and turned on / off for Linux and Windows as is.
check out the attached agent policy,
- it has system.load that should only exist for linux. so we check if it exists, and verify
- it has system.security that exists only for windows, so we check if it exists, and verify
If we ever support Windows we'll have a test diverging here we'd need to sort out.
api to call in fleet: GET to /api/fleet/data_streams which returns a structure as below copy/paste response:
so we should validate this exists: 14: {index: ".ds-metrics-system.load-default-2021.01.27-000001", dataset: "system.load",…} dashboards: [{id: "windows-01c54730-fee6-11e9-8405-516218e3d268",…},…] dataset: "system.load" index: ".ds-metrics-system.load-default-2021.01.27-000001" last_activity: "2021-01-27T20:41:34.786Z" namespace: "default" package: "system" package_version: "0.10.8" size_in_bytes: 3207835 type: "metrics"
and this does not: {index: ".ds-logs-system.security-default-2021.01.27-000001", dataset: "system.security",…} dashboards: [{id: "windows-01c54730-fee6-11e9-8405-516218e3d268",…},…] dataset: "system.security" index: ".ds-logs-system.security-default-2021.01.27-000001" last_activity: "2021-01-27T20:00:52.875Z" namespace: "default" package: "system" package_version: "0.10.8" size_in_bytes: 12957616 type: "logs"
