Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(NA): bump version to 7.17.27 #202808

Merged
merged 2 commits into from
Dec 4, 2024

Merge branch '7.17' into bump-7.17.27

4d3d23b
Select commit
Loading
Failed to load commit list.
Merged

chore(NA): bump version to 7.17.27 #202808

Merge branch '7.17' into bump-7.17.27
4d3d23b
Select commit
Loading
Failed to load commit list.
checks-reporter / X-Pack Chrome Functional tests / Group 11 succeeded Dec 4, 2024 in 47m 27s

node scripts/functional_tests --bail --kibana-install-dir /opt/local-ssd/buildkite/builds/bk-agent-prod-gcp-1733335547436981722/elastic/kibana-pull-request/kibana-build-xpack --include-tag ciGroup11

Details

[truncated]
14bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (7.9s)
                 └-> "after each" hook for "should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                 └-> should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                   └-> "before each" hook for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:52:39.433+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:52:44.424+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (5.9s)
                 └-> "after each" hook for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                 └-> should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                   └-> "before each" hook for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:52:49.511+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:52:52.360+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 163.0B\nPOST /*/_search?allow_no_indices=true&size=10000&ignore_unavailable=true\n{\"query\":{\"bool\":{\"filter\":[{\"bool\":{\"must\":[{\"term\":{\"signal.rule.rule_id\":\"threshold-rule\"}},{\"range\":{\"signal.original_time\":{\"gte\":\"1900-01-01T00:00:00.000Z\"}}},{\"term\":{\"signal.rule.threshold.field\":\"keyword\"}}]}},{\"bool\":{\"filter\":[{\"bool\":{\"should\":[{\"range\":{\"@timestamp\":{\"lte\":\"2024-12-04T18:52:52.354Z\",\"gte\":\"1900-01-01T00:00:00.000Z\",\"format\":\"strict_date_optional_time\"}}}],\"minimum_should_match\":1}}]}},{\"match_all\":{}}]}},\"fields\":[{\"field\":\"*\",\"include_unmapped\":true},{\"field\":\"@timestamp\",\"format\":\"strict_date_optional_time\"}],\"sort\":[{\"@timestamp\":{\"order\":\"asc\",\"unmapped_type\":\"date\"}}]}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:52:56.031+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (6.9s)
                 └-> "after each" hook for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                 └-> "after all" hook: afterTestSuite.trigger for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
               └-: "ml" rule type
                 └-> "before all" hook: beforeTestSuite.trigger for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                 └-> should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions
                   └-> "before each" hook: global before each for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                   └-> "before each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:03.633+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:04.503+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (1.8s)
                 └-> "after each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                 └-> should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions
                   └-> "before each" hook: global before each for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions"
                   └-> "before each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions"
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:06.654+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:08.574+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (2.8s)
                 └-> "after each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions"
                 └-> should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active"
                   └-> "before each" hook: global before each for "should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                   └-> "before each" hook for "should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:12.711+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:14.658+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (2.8s)
                 └-> "after each" hook for "should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                 └-> should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active"
                   └-> "before each" hook: global before each for "should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                   └-> "before each" hook for "should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:16.738+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:19.693+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (3.8s)
                 └-> "after each" hook for "should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                 └-> should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                   └-> "before each" hook for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:22.784+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:27.765+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (5.9s)
                 └-> "after each" hook for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                 └-> should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                   └-> "before each" hook for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:32.870+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:39.802+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (7.9s)
                 └-> "after each" hook for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                 └-> "after all" hook: afterTestSuite.trigger for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
               └-: "indicator_match/threat_match" rule type
                 └-> "before all" hook: beforeTestSuite.trigger for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                 └-> should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions
                   └-> "before each" hook: global before each for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                   └-> "before each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:47.998+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:48.925+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (1.8s)
                 └-> "after each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "disabled"/"in-active" rule that does not have any actions"
                 └-> should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions
                   └-> "before each" hook: global before each for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions"
                   └-> "before each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions"
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:51.027+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 0 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 1 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 2 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 3 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:53.916Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 4 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:53.916Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 5 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:53.916Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 6 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:53.916Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 7 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:54.845Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 8 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:54.845Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 9 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:54.845Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 10 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 1a1a6240-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"1a1a6240-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:53:54.845Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 11 out of 3200 for function waitForRuleSuccessOrStatus
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:53:57.721+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (6.9s)
                 └-> "after each" hook for "should show "notifications_enabled", "notifications_disabled" "legacy_notifications_enabled", "legacy_notifications_disabled", all to be "0" for "enabled"/"active" rule that does not have any actions"
                 └-> should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active"
                   └-> "before each" hook: global before each for "should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                   └-> "before each" hook for "should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:01.091+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:02.997+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (2.8s)
                 └-> "after each" hook for "should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                 └-> should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active"
                   └-> "before each" hook: global before each for "should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                   └-> "before each" hook for "should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:05.131+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 0 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 1 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 2 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 3 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 4 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 5 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 6 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 7 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 8 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 9 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 10 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {}, status: 200
Try number 11 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"22fded50-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:54:11.919Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 12 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"22fded50-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:54:11.919Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 13 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"22fded50-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:54:11.919Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 14 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"22fded50-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:54:11.967Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 15 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"22fded50-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:54:11.967Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 16 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"22fded50-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:54:11.967Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 17 out of 3200 for function waitForRuleSuccessOrStatus
Did not get an expected status of succeeded while waiting for a rule success or status for rule id 22fded50-b271-11ef-aafb-1927b0a3c6d0 (waitForRuleSuccessOrStatus). Will continue retrying until status is found. body: {"22fded50-b271-11ef-aafb-1927b0a3c6d0":{"current_status":{"status_date":"2024-12-04T18:54:11.967Z","status":"going to run","last_failure_at":null,"last_success_at":null,"last_failure_message":null,"last_success_message":null,"gap":null,"bulk_create_time_durations":[],"search_after_time_durations":[],"last_look_back_date":null},"failures":[]}}, status: 200
Try number 18 out of 3200 for function waitForRuleSuccessOrStatus
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:14.757+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (9.9s)
                 └-> "after each" hook for "should show "notifications_enabled" to be "1" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                 └-> should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                   └-> "before each" hook for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:18.211+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:24.140+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (6.9s)
                 └-> "after each" hook for "should show "legacy_notifications_disabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "disabled"/"in-active""
                 └-> should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                   └-> "before each" hook for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:29.295+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:35.769+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (6.9s)
                 └-> "after each" hook for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
                 └-> "after all" hook: afterTestSuite.trigger for "should show "legacy_notifications_enabled" to be "1" for rule that has at least "1" legacy action(s) and the alert is "enabled"/"active""
               └-: "pre-packaged"/"immutable" rules
                 └-> "before all" hook: beforeTestSuite.trigger for "should show stats for totals for in-active pre-packaged rules"
                 └-> should show stats for totals for in-active pre-packaged rules
                   └-> "before each" hook: global before each for "should show stats for totals for in-active pre-packaged rules"
                   └-> "before each" hook for "should show stats for totals for in-active pre-packaged rules"
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:43.422+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:54:48.711+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (6.2s)
                 └-> "after each" hook for "should show stats for totals for in-active pre-packaged rules"
                 └-> should show stats for the detection_rule_details for a specific pre-packaged rule
                   └-> "before each" hook: global before each for "should show stats for the detection_rule_details for a specific pre-packaged rule"
                   └-> "before each" hook for "should show stats for the detection_rule_details for a specific pre-packaged rule"
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:55:12.143+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:55:17.113+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (5.8s)
                 └-> "after each" hook for "should show stats for the detection_rule_details for a specific pre-packaged rule"
                 └-> should show "notifications_disabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active"
                   └-> "before each" hook: global before each for "should show "notifications_disabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                   └-> "before each" hook for "should show "notifications_disabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:55:39.490+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:55:49.478+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (10.8s)
                 └-> "after each" hook for "should show "notifications_disabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                 └-> should show "notifications_enabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "enabled"/"active"
                   └-> "before each" hook: global before each for "should show "notifications_enabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                   └-> "before each" hook for "should show "notifications_enabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:56:11.090+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:56:18.866+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (8.6s)
                 └-> "after each" hook for "should show "notifications_enabled" to be "1", "has_notification" to be "true, "has_legacy_notification" to be "false" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                 └-> should show "legacy_notifications_disabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_disabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                   └-> "before each" hook for "should show "legacy_notifications_disabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:56:42.261+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:56:57.229+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (15.9s)
                 └-> "after each" hook for "should show "legacy_notifications_disabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active""
                 └-> should show "legacy_notifications_enabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "enabled"/"active"
                   └-> "before each" hook: global before each for "should show "legacy_notifications_enabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                   └-> "before each" hook for "should show "legacy_notifications_enabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                     │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:57:20.718+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"index name [.siem-signals-default-000001] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices\"\nOrigin:kibana\nQuery:\n200 - 87.0B\nPUT /.siem-signals-default-000001\n{\"aliases\":{\".siem-signals-default\":{\"is_write_index\":true}}}","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   │ proc [kibana] {"ecs":{"version":"1.12.0"},"@timestamp":"2024-12-04T18:57:31.626+00:00","message":"Elasticsearch deprecation: 299 Elasticsearch-7.17.27-SNAPSHOT-2dc764dee61bf435614bcb4d6825752187f10d99 \"this request accesses system indices: [.security-7, .tasks], but in a future major version, direct access to system indices will be prevented by default\"\nOrigin:kibana\nQuery:\n200 - 230.0B\nGET /*/_mapping?filter_path=*.mappings._meta.beat%2C*.mappings._meta.package.name%2C*.mappings._meta.managed_by%2C*.mappings.properties.ecs.properties.version.type%2C*.mappings.properties.data_stream.properties.type.value%2C*.mappings.properties.data_stream.properties.dataset.value","log":{"level":"DEBUG","logger":"elasticsearch.deprecation"},"process":{"pid":5727}}
                   └- ✓ pass  (11.9s)
                 └-> "after each" hook for "should show "legacy_notifications_enabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
                 └-> "after all" hook: afterTestSuite.trigger for "should show "legacy_notifications_enabled" to be "1", "has_notification" to be "false, "has_legacy_notification" to be "true" for rule that has at least "1" action(s) and the alert is "enabled"/"active""
               └-> "after all" hook for "should have initialized empty/zero values when no rules are running"
               └-> "after all" hook: afterTestSuite.trigger for "should have initialized empty/zero values when no rules are running"
             └-> "after all" hook: afterTestSuite.trigger in ""
           └-> "after all" hook: afterTestSuite.trigger in "Detection rule type telemetry"
         └-> "after all" hook: afterTestSuite.trigger in ""
       └-> "after all" hook: afterTestSuite.trigger in "detection engine api security and spaces enabled"
   │
   │421 passing (42.0m)
   │40 pending
   │
   │ proc [kibana]   log   [18:58:23.130] [info][plugins-system][standard] Stopping all plugins.
   │ proc [kibana]   log   [18:58:23.131] [info][kibana-monitoring][monitoring][monitoring][plugins] Monitoring stats collection is stopped
   │ proc [kibana]   log   [18:58:23.133] [info][eventLog][plugins] event logged: {"@timestamp":"2024-12-04T18:58:23.133Z","event":{"provider":"eventLog","action":"stopping"},"message":"eventLog stopping","ecs":{"version":"1.8.0"},"kibana":{"server_uuid":"5b2de169-2785-441b-ae8c-186a1936b17d","version":"7.17.27"}}
   │ info [kibana] exited with null after 2588.9 seconds
   │ info [es] stopping node ftr
   │ info [o.e.x.m.p.NativeController] [ftr] Native controller process has stopped - no new native processes can be started
   │ info [o.e.n.Node] [ftr] stopping ...
   │ info [o.e.x.w.WatcherService] [ftr] stopping watch service, reason [shutdown initiated]
   │ info [o.e.x.w.WatcherLifeCycleService] [ftr] watcher has stopped and shutdown
   │ info [o.e.n.Node] [ftr] stopped
   │ info [o.e.n.Node] [ftr] closing ...
   │ info [o.e.n.Node] [ftr] closed
   │ info [es] stopped
   │ info [es] no debug files found, assuming es did not write any
   │ info [es] cleanup complete