search

elastic / elasticsearch

Free and Open Source, Distributed, RESTful Search Engine
https://www.elastic.co/products/elasticsearch
Other
69.62k stars 24.64k forks source link

LogsDB - `elastic/security` Serverless benchmark #113371

Open salvatore-campagna opened 2 hours ago

salvatore-campagna commented 2 hours ago

Description

The elastic/security Serverless benchmark cannot be executed unless Kibana provides a method to install necessary resources—such as component templates, composable templates, and index templates—immediately when the esbench benchmark starts. Currently, the elastic/security track depends on Kibana to install these component templates, which are essential for proper data indexing.

At present, these resources are only installed after the user interacts with Kibana's UI, typically during the initial startup. This is a deliberate design choice by the security solutions team to delay resource installation until the first interaction, avoiding unnecessary installations. However, this optimization is not applicable in a Serverless environment, and future changes are expected to address this behavior.

For now, the recommended approach to set up the required resources is by using the following API call:

POST internal/detection_engine/prebuilt_rules/_bootstrap

Neither rally nor esbench currently support calling APIs outside of Elasticsearch, such as Kibana's APIs, which means we are unable to trigger the installation of these necessary resources at this time.

We need esbench to support calling such API at least when creating a Serverless project.

elasticsearchmachine commented 2 hours ago

Pinging @elastic/es-storage-engine (Team:StorageEngine)