honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add data streams wildcard pattern yml test (#61269) (#61280) 

(cherry picked from commit e13a365eeb6d8c6a7c9a91f94f0e8e78e3fe4773)
This commit is contained in:
Andrei Stefan 2020-08-18 19:38:07 +03:00 committed by GitHub
parent 5de0f19cc3
commit 93abbb9057
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
x-pack/plugin/eql/qa/rest/src/test/resources/rest-api-spec/test/eql/20_data_streams.yml
View File

@ -1,5 +1,5 @@
---
"Verify data stream resolvability in EQL search API":
setup:
- skip:
version: " - 7.99.99"
reason: "change to 7.8.99 after backport"
@ -22,7 +22,6 @@
- do:
indices.create_data_stream:
name: simple-data-stream1
- is_true: acknowledged
- do:
bulk:
@ -36,6 +35,8 @@
"@timestamp": 2020-02-03T12:34:56Z
user: SYSTEM
---
"Verify data stream resolvability in EQL search API":
- do:
eql.search:
index: simple-data-stream1
@ -51,3 +52,21 @@
indices.delete_data_stream:
name: simple-data-stream1
- is_true: acknowledged
---
"Data stream EQL search with wildcard pattern":
- do:
eql.search:
index: simple-data-s*
body:
query: "process where user = 'SYSTEM'"
- match: {timed_out: false}
- match: {hits.total.value: 1}
- match: {hits.total.relation: "eq"}
- match: {hits.events.0._source.user: "SYSTEM"}
- do:
indices.delete_data_stream:
name: simple-data-stream1
- is_true: acknowledged