Skip to content

checkpoint_harmony_endpoint: fix typo when calculating next start time #13642

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 23, 2025
Merged

checkpoint_harmony_endpoint: fix typo when calculating next start time #13642

merged 3 commits into from
Apr 23, 2025

Conversation

chemamartinez
Copy link
Contributor

@chemamartinez chemamartinez commented Apr 22, 2025
edited
Loading

Proposed commit message

Fix a typo that avoids reading properly the last timestamp from received data, as the incoming JSON body contains an array called records instead of results.

Note

All data streams have identical cel.yml.hbs files.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

@chemamartinez chemamartinez added bugfix Pull request that fixes a bug issue Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Integration:checkpoint_harmony_endpoint Check Point Harmony Endpoint labels Apr 22, 2025
@chemamartinez chemamartinez self-assigned this Apr 22, 2025
@chemamartinez chemamartinez marked this pull request as ready for review April 22, 2025 16:20
@chemamartinez chemamartinez requested a review from a team as a code owner April 22, 2025 16:20
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

chrisberkhout
chrisberkhout reviewed Apr 23, 2025
View reviewed changes
Copy link
Contributor

@chrisberkhout chrisberkhout left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This fix avoids assuming we've seen everything from the requested range. The end of the requested range may have some data that wasn't ready this time but will be visible next time.

I think it would be good to also adjust the other place this is relevant: the Done case.

diff --git a/packages/checkpoint_harmony_endpoint/data_stream/antibot/agent/stream/cel.yml.hbs b/packages/checkpoint_harmony_endpoint/data_stream/antibot/agent/stream/cel.yml.hbs
index 86b1c631a0..71ce9bfa4e 100644
--- a/packages/checkpoint_harmony_endpoint/data_stream/antibot/agent/stream/cel.yml.hbs
+++ b/packages/checkpoint_harmony_endpoint/data_stream/antibot/agent/stream/cel.yml.hbs
@@ -169,20 +169,21 @@ program: |
   					: (body.data.state == "Done") ?
   						// 'Done' (Results empty) - Clear the task ID and end the sequence.
   						state.with(
   							{
   								"events": [],
   								"want_more": false,
   								"cursor": state.cursor.with(
   									{
   										"auth_data": auth_data,
   										"task_id": null,
+  										"next_startTime": state.cursor.current_startTime,
   									}
   								),
   							}
   						)
   					: (body.data.state == "Canceled") ?
   						// 'Canceled' (Error or timeout) - Clear the task ID and reset the sequence for the same timeframe.
   						state.with(
   							{
   								"events": [],
   								"want_more": false,

What do you think?

@chemamartinez
Copy link
Contributor Author

What do you think?

Yeah, that makes sense and it is harmless for other cases when receiving Done. I've added it at 3be6421.

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @chemamartinez

@chemamartinez chemamartinez merged commit 382e548 into elastic:main Apr 23, 2025
7 checks passed
@chemamartinez chemamartinez deleted the checkpoint_harmony_endpoint-fix-next_start_time branch April 23, 2025 11:30
@elastic-vault-github-plugin-prod
Copy link

Package checkpoint_harmony_endpoint - 0.7.1 containing this change is available at https://epr.elastic.co/package/checkpoint_harmony_endpoint/0.7.1/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisberkhout chrisberkhout chrisberkhout approved these changes

Assignees

@chemamartinez chemamartinez

Labels
bugfix Pull request that fixes a bug issue Integration:checkpoint_harmony_endpoint Check Point Harmony Endpoint Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chemamartinez @elasticmachine @chrisberkhout