From 7850b61546d5721bb3320f3000179b7d9d21b5ab Mon Sep 17 00:00:00 2001 From: Pablo Machado Date: Fri, 24 Jan 2025 14:09:12 +0100 Subject: [PATCH 1/4] [SecuritySolution] Add enrichPolicyExecutionInterval to entity enablement and init APIs (#207374) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Summary Add `enrichPolicyExecutionInterval`param to entity enablement and init APIs ### How to test? * Start kibana * Call the entity store enablement API with a short value for `enrichPolicyExecutionInterval` param * Check in the logs if the enrichment process is running frequently * Clear the entity store * Call the entity store enablement API without `enrichPolicyExecutionInterval` param * Check in the logs if the enrichment process is running less frequently **Enable Entity store API call:** ``` POST kbn:/api/entity_store/enable { "enrichPolicyExecutionInterval": "10s" } ``` **Init Entity store API call:** ``` POST kbn:/api/entity_store/engines/user/init { "enrichPolicyExecutionInterval": "10s" } ``` **Enrich policy log message:** ``` │ info [o.e.x.e.EnrichPolicyRunner] [...] Policy [entity_store_field_retention_user_default_v1.0.0]: Running enrich policy ``` ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [ ] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 1ca4d967d926a3e6295cb08dcd55dcf1adbd351c) # Conflicts: # oas_docs/output/kibana.serverless.yaml # oas_docs/output/kibana.yaml # x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.gen.ts # x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.schema.yaml # x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml # x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml # x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/entity_store_data_client.ts --- oas_docs/output/kibana.serverless.yaml | 7 ++++++ oas_docs/output/kibana.yaml | 7 ++++++ .../entity_store/common.gen.ts | 6 +++++ .../entity_store/common.schema.yaml | 5 ++++ .../entity_store/enable.schema.yaml | 6 +++++ .../entity_store/engine/init.gen.ts | 3 ++- .../entity_store/engine/init.schema.yaml | 2 ++ ...alytics_api_2023_10_31.bundled.schema.yaml | 9 +++++++ ...alytics_api_2023_10_31.bundled.schema.yaml | 18 +++++++++++++ .../entity_store/entity_store_data_client.ts | 25 ++++++++++++++++--- .../entity_store/task/constants.ts | 2 +- .../task/field_retention_enrichment_task.ts | 8 +++--- 12 files changed, 90 insertions(+), 8 deletions(-) diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index d1dd40f4b6eb8..7bbcbc30e0085 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -7567,6 +7567,8 @@ paths: schema: type: object properties: + enrichPolicyExecutionInterval: + $ref: '#/components/schemas/Security_Entity_Analytics_API_Interval' fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. @@ -46875,6 +46877,11 @@ components: required: - dsl - response + Security_Entity_Analytics_API_Interval: + description: Interval in which enrich policy runs. For example, `"1h"` means the rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: type: object properties: diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index 3f687bb2f9164..dafc87a30c215 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -13144,6 +13144,8 @@ paths: schema: type: object properties: + enrichPolicyExecutionInterval: + $ref: '#/components/schemas/Security_Entity_Analytics_API_Interval' fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. @@ -35275,6 +35277,11 @@ components: required: - dsl - response + Security_Entity_Analytics_API_Interval: + description: Interval in which enrich policy runs. For example, `"1h"` means the rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: type: object properties: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.gen.ts index 8fd0b17161154..8fa1a680a2396 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.gen.ts @@ -80,3 +80,9 @@ export const InspectQuery = z.object({ response: z.array(z.string()), dsl: z.array(z.string()), }); + +/** + * Interval in which enrich policy runs. For example, `"1h"` means the rule runs every hour. + */ +export type Interval = z.infer; +export const Interval = z.string().regex(/^[1-9]\d*[smh]$/); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.schema.yaml index 68b6e6612735c..f4c174e1213bb 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.schema.yaml @@ -113,3 +113,8 @@ components: required: - dsl - response + Interval: + type: string + description: Interval in which enrich policy runs. For example, `"1h"` means the rule runs every hour. + pattern: '^[1-9]\d*[smh]$' # any number except zero followed by one of the suffixes 's', 'm', 'h' + example: '1h' diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.schema.yaml index 81eec22d9ade9..7074f938fb839 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.schema.yaml @@ -27,6 +27,12 @@ paths: $ref: './common.schema.yaml#/components/schemas/IndexPattern' filter: type: string + entityTypes: + type: array + items: + $ref: './common.schema.yaml#/components/schemas/EntityType' + enrichPolicyExecutionInterval: + $ref: './common.schema.yaml#/components/schemas/Interval' responses: '200': description: Successful response diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.gen.ts index e3dcd55e0acc1..c5d0f438be63d 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.gen.ts @@ -16,7 +16,7 @@ import { z } from '@kbn/zod'; -import { EntityType, IndexPattern, EngineDescriptor } from '../common.gen'; +import { EntityType, IndexPattern, Interval, EngineDescriptor } from '../common.gen'; export type InitEntityEngineRequestParams = z.infer; export const InitEntityEngineRequestParams = z.object({ @@ -35,6 +35,7 @@ export const InitEntityEngineRequestBody = z.object({ fieldHistoryLength: z.number().int().optional().default(10), indexPattern: IndexPattern.optional(), filter: z.string().optional(), + enrichPolicyExecutionInterval: Interval.optional(), }); export type InitEntityEngineRequestBodyInput = z.input; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.schema.yaml index 94a0d84e8cad0..155b8bb1e2185 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.schema.yaml @@ -33,6 +33,8 @@ paths: $ref: '../common.schema.yaml#/components/schemas/IndexPattern' filter: type: string + enrichPolicyExecutionInterval: + $ref: '../common.schema.yaml#/components/schemas/Interval' responses: '200': description: Successful response diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index 365ff741b790e..d2240e8dac112 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -418,6 +418,8 @@ paths: schema: type: object properties: + enrichPolicyExecutionInterval: + $ref: '#/components/schemas/Interval' fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. @@ -1134,6 +1136,13 @@ components: required: - dsl - response + Interval: + description: >- + Interval in which enrich policy runs. For example, `"1h"` means the rule + runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string RiskEngineScheduleNowErrorResponse: type: object properties: diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index e0e6127795059..7b49d23d6024a 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -307,6 +307,15 @@ paths: schema: type: object properties: +<<<<<<< HEAD +======= + enrichPolicyExecutionInterval: + $ref: '#/components/schemas/Interval' + entityTypes: + items: + $ref: '#/components/schemas/EntityType' + type: array +>>>>>>> 1ca4d967d92 ([SecuritySolution] Add enrichPolicyExecutionInterval to entity enablement and init APIs (#207374)) fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. @@ -418,6 +427,8 @@ paths: schema: type: object properties: + enrichPolicyExecutionInterval: + $ref: '#/components/schemas/Interval' fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. @@ -1134,6 +1145,13 @@ components: required: - dsl - response + Interval: + description: >- + Interval in which enrich policy runs. For example, `"1h"` means the rule + runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string RiskEngineScheduleNowErrorResponse: type: object properties: diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/entity_store_data_client.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/entity_store_data_client.ts index a706e0a35335d..87bf1d78548c0 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/entity_store_data_client.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/entity_store_data_client.ts @@ -88,6 +88,7 @@ import { import { CRITICALITY_VALUES } from '../asset_criticality/constants'; import { createEngineDescription } from './installation/engine_description'; import { convertToEntityManagerDefinition } from './entity_definitions/entity_manager_conversion'; +import { DEFAULT_INTERVAL } from './task/constants'; // Workaround. TransformState type is wrong. The health type should be: TransformHealth from '@kbn/transform-plugin/common/types/transform_stats' export interface TransformHealth extends estypes.TransformGetTransformStatsTransformStatsHealth { @@ -200,7 +201,13 @@ export class EntityStoreDataClient { } public async enable( - { indexPattern = '', filter = '', fieldHistoryLength = 10 }: InitEntityStoreRequestBody, + { + indexPattern = '', + filter = '', + fieldHistoryLength = 10, + entityTypes, + enrichPolicyExecutionInterval, + }: InitEntityStoreRequestBody, { pipelineDebugMode = false }: { pipelineDebugMode?: boolean } = {} ): Promise { if (!this.options.taskManager) { @@ -216,7 +223,11 @@ export class EntityStoreDataClient { const promises = enginesTypes.map((entity) => run(() => - this.init(entity, { indexPattern, filter, fieldHistoryLength }, { pipelineDebugMode }) + this.init( + entity, + { indexPattern, filter, fieldHistoryLength, enrichPolicyExecutionInterval }, + { pipelineDebugMode } + ) ) ); @@ -274,7 +285,12 @@ export class EntityStoreDataClient { public async init( entityType: EntityType, - { indexPattern = '', filter = '', fieldHistoryLength = 10 }: InitEntityEngineRequestBody, + { + indexPattern = '', + filter = '', + fieldHistoryLength = 10, + enrichPolicyExecutionInterval = DEFAULT_INTERVAL, + }: InitEntityEngineRequestBody, { pipelineDebugMode = false }: { pipelineDebugMode?: boolean } = {} ): Promise { const { experimentalFeatures } = this.options; @@ -330,6 +346,7 @@ export class EntityStoreDataClient { this.asyncSetup( entityType, fieldHistoryLength, + enrichPolicyExecutionInterval, this.options.taskManager, indexPattern, filter, @@ -345,6 +362,7 @@ export class EntityStoreDataClient { private async asyncSetup( entityType: EntityType, fieldHistoryLength: number, + enrichPolicyExecutionInterval: string, taskManager: TaskManagerStartContract, indexPattern: string, filter: string, @@ -425,6 +443,7 @@ export class EntityStoreDataClient { namespace, logger, taskManager, + interval: enrichPolicyExecutionInterval, }); this.log(`debug`, entityType, `Started entity store field retention enrich task`); this.log(`info`, entityType, `Entity store initialized`); diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/constants.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/constants.ts index 45d4bcb90fbb3..7eeb28e173048 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/constants.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/constants.ts @@ -8,5 +8,5 @@ export const SCOPE = ['securitySolution']; export const TYPE = 'entity_store:field_retention:enrichment'; export const VERSION = '1.0.0'; -export const INTERVAL = '1h'; +export const DEFAULT_INTERVAL = '1h'; export const TIMEOUT = '10m'; diff --git a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/field_retention_enrichment_task.ts b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/field_retention_enrichment_task.ts index c8725fe864213..3d12d16c3d7ae 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/field_retention_enrichment_task.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_store/task/field_retention_enrichment_task.ts @@ -24,7 +24,7 @@ import { stateSchemaByVersion, type LatestTaskStateSchema as EntityStoreFieldRetentionTaskState, } from './state'; -import { INTERVAL, SCOPE, TIMEOUT, TYPE, VERSION } from './constants'; +import { SCOPE, TIMEOUT, TYPE, VERSION } from './constants'; import type { EntityAnalyticsRoutesDeps } from '../../types'; import { executeFieldRetentionEnrichPolicy } from '../elasticsearch_assets'; @@ -120,10 +120,12 @@ export const startEntityStoreFieldRetentionEnrichTask = async ({ logger, namespace, taskManager, + interval, }: { logger: Logger; namespace: string; taskManager: TaskManagerStartContract; + interval: string; }) => { const taskId = getTaskId(namespace); const log = logFactory(logger, taskId); @@ -136,7 +138,7 @@ export const startEntityStoreFieldRetentionEnrichTask = async ({ taskType: getTaskName(), scope: SCOPE, schedule: { - interval: INTERVAL, + interval, }, state: { ...defaultState, namespace }, params: { version: VERSION }, @@ -234,7 +236,7 @@ export const runTask = async ({ telemetry.reportEvent(FIELD_RETENTION_ENRICH_POLICY_EXECUTION_EVENT.eventType, { duration: taskDurationInSeconds, - interval: INTERVAL, + interval: taskInstance.schedule?.interval, }); // Track entity store usage From dec6fff30bd955f43128b0ceff2c98cf191741d5 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 24 Jan 2025 16:06:23 +0000 Subject: [PATCH 2/4] [CI] Auto-commit changed files from 'yarn openapi:bundle' --- ...on_entity_analytics_api_2023_10_31.bundled.schema.yaml | 8 +++++++- ...on_entity_analytics_api_2023_10_31.bundled.schema.yaml | 5 +---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index d2240e8dac112..ad9d4088c5a65 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -307,6 +307,12 @@ paths: schema: type: object properties: + enrichPolicyExecutionInterval: + $ref: '#/components/schemas/Interval' + entityTypes: + items: + $ref: '#/components/schemas/EntityType' + type: array fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. @@ -1141,7 +1147,7 @@ components: Interval in which enrich policy runs. For example, `"1h"` means the rule runs every hour. example: 1h - pattern: ^[1-9]\d*[smh]$ + pattern: '^[1-9]\d*[smh]$' type: string RiskEngineScheduleNowErrorResponse: type: object diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index 7b49d23d6024a..17b156b8b1b5d 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -307,15 +307,12 @@ paths: schema: type: object properties: -<<<<<<< HEAD -======= enrichPolicyExecutionInterval: $ref: '#/components/schemas/Interval' entityTypes: items: $ref: '#/components/schemas/EntityType' type: array ->>>>>>> 1ca4d967d92 ([SecuritySolution] Add enrichPolicyExecutionInterval to entity enablement and init APIs (#207374)) fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. @@ -1150,7 +1147,7 @@ components: Interval in which enrich policy runs. For example, `"1h"` means the rule runs every hour. example: 1h - pattern: ^[1-9]\d*[smh]$ + pattern: '^[1-9]\d*[smh]$' type: string RiskEngineScheduleNowErrorResponse: type: object From 791cba16bb62beb5cf2a88a2444b92f3f129b6db Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 24 Jan 2025 16:22:00 +0000 Subject: [PATCH 3/4] [CI] Auto-commit changed files from 'make api-docs' --- oas_docs/output/kibana.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index dafc87a30c215..60634d77d3953 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -13033,6 +13033,12 @@ paths: schema: type: object properties: + enrichPolicyExecutionInterval: + $ref: '#/components/schemas/Security_Entity_Analytics_API_Interval' + entityTypes: + items: + $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' + type: array fieldHistoryLength: default: 10 description: The number of historical values to keep for each field. From 404ce3ee8facdf812999fac2a968643625099a97 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 24 Jan 2025 16:45:12 +0000 Subject: [PATCH 4/4] [CI] Auto-commit changed files from 'yarn openapi:generate' --- .../common/api/entity_analytics/entity_store/enable.gen.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.gen.ts index 70a58bf02be68..2ef7e2e76cd4d 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/enable.gen.ts @@ -16,7 +16,7 @@ import { z } from '@kbn/zod'; -import { IndexPattern, EngineDescriptor } from './common.gen'; +import { IndexPattern, EntityType, Interval, EngineDescriptor } from './common.gen'; export type InitEntityStoreRequestBody = z.infer; export const InitEntityStoreRequestBody = z.object({ @@ -26,6 +26,8 @@ export const InitEntityStoreRequestBody = z.object({ fieldHistoryLength: z.number().int().optional().default(10), indexPattern: IndexPattern.optional(), filter: z.string().optional(), + entityTypes: z.array(EntityType).optional(), + enrichPolicyExecutionInterval: Interval.optional(), }); export type InitEntityStoreRequestBodyInput = z.input;