2024-05-02 19:30:44 +00:00
// for legacy legacy query stats interface
import PropTypes from "prop-types" ;
2023-07-12 20:22:56 +00:00
import { IFormField } from "./form_field" ;
import { IPack } from "./pack" ;
2024-12-11 18:50:28 +00:00
import {
2025-01-14 00:45:16 +00:00
CommaSeparatedPlatformString ,
2024-12-11 18:50:28 +00:00
QueryablePlatform ,
SelectedPlatform ,
} from "./platform" ;
2025-03-12 18:54:29 +00:00
import { ILabelQuery } from "./label" ;
2023-07-12 20:22:56 +00:00
// Query itself
export interface ISchedulableQuery {
created_at : string ;
updated_at : string ;
id : number ;
name : string ;
description : string ;
query : string ;
team_id : number | null ;
interval : number ;
2025-01-14 00:45:16 +00:00
platform : CommaSeparatedPlatformString ; // Might more accurately be called `platforms_to_query` or `targeted_platforms` –
2023-07-12 20:22:56 +00:00
min_osquery_version : string ;
automations_enabled : boolean ;
logging : QueryLoggingOption ;
saved : boolean ;
author_id : number ;
author_name : string ;
author_email : string ;
observer_can_run : boolean ;
2023-10-04 22:19:26 +00:00
discard_data : boolean ;
2023-07-12 20:22:56 +00:00
packs : IPack [ ] ;
stats : ISchedulableQueryStats ;
2024-05-02 19:30:44 +00:00
editingExistingQuery? : boolean ;
2025-03-12 18:54:29 +00:00
labels_include_any? : ILabelQuery [ ] ;
2023-07-12 20:22:56 +00:00
}
2023-07-27 19:10:22 +00:00
export interface IEnhancedQuery extends ISchedulableQuery {
2026-01-02 13:06:12 +00:00
performance : PerformanceImpactIndicator ;
2024-12-11 18:50:28 +00:00
targetedPlatforms : QueryablePlatform [ ] ;
2023-07-27 19:10:22 +00:00
}
2023-07-12 20:22:56 +00:00
export interface ISchedulableQueryStats {
2024-05-02 19:30:44 +00:00
user_time_p50? : number | null ;
user_time_p95? : number | null ;
system_time_p50? : number | null ;
system_time_p95? : number | null ;
2023-07-12 20:22:56 +00:00
total_executions? : number ;
}
2026-01-02 13:06:12 +00:00
export const PerformanceImpactIndicatorValue = {
MINIMAL : "Minimal" ,
CONSIDERABLE : "Considerable" ,
EXCESSIVE : "Excessive" ,
UNDETERMINED : "Undetermined" ,
DENYLISTED : "Denylisted" ,
} as const ;
export type PerformanceImpactIndicator = typeof PerformanceImpactIndicatorValue [ keyof typeof PerformanceImpactIndicatorValue ] ;
export const isPerformanceImpactIndicator = (
value : unknown
) : value is PerformanceImpactIndicator = > {
return Object . values ( PerformanceImpactIndicatorValue ) . includes (
value as PerformanceImpactIndicator
) ;
} ;
2024-05-02 19:30:44 +00:00
// legacy
export default PropTypes . shape ( {
user_time_p50 : PropTypes.number ,
user_time_p95 : PropTypes.number ,
system_time_p50 : PropTypes.number ,
system_time_p95 : PropTypes.number ,
total_executions : PropTypes.number ,
} ) ;
2023-07-12 20:22:56 +00:00
// API shapes
// Get a query by id
/** GET /api/v1/fleet/queries/{id}` */
export interface IGetQueryResponse {
query : ISchedulableQuery ;
}
// List global or team queries
/** GET /api/v1/fleet/queries?order_key={column_from_queries_table}&order_direction={asc|desc}&team_id={team_id} */
export interface IListQueriesResponse {
queries : ISchedulableQuery [ ] ;
}
2023-07-19 18:02:53 +00:00
export interface IQueryKeyQueriesLoadAll {
scope : "queries" ;
2024-12-11 18:50:28 +00:00
teamId? : number ;
page? : number ;
perPage? : number ;
query? : string ;
orderDirection ? : "asc" | "desc" ;
orderKey? : string ;
mergeInherited? : boolean ;
targetedPlatform? : SelectedPlatform ;
2023-07-19 18:02:53 +00:00
}
2023-07-12 20:22:56 +00:00
// Create a new query
/** POST /api/v1/fleet/queries */
export interface ICreateQueryRequestBody {
name : string ;
query : string ;
description? : string ;
observer_can_run? : boolean ;
2023-10-04 22:19:26 +00:00
discard_data? : boolean ;
Update API calls in front-end to use new, non-deprecated URLs and params (#41515)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41391
# Details
This PR updates front-end API calls to use new URLs and API params, so
that the front end doesn't cause deprecation warnings to appear on the
server.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a, should not be user-visible
## Testing
- [X] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
The biggest risk here is not that we missed a spot that still causes a
deprecation warning, but that we might inadvertently make a change that
breaks the front end, for instance by sending `fleet_id` to a function
that drops it silently and thus sends no ID to the server. Fortunately
we use TypeScript in virtually every place affected by these changes, so
the code would not compile if there were mismatches between the API
expectation and what we're sending. Still, spot checking as many places
as possible both for deprecation-warning leaks and loss of functionality
is important.
## Summary by CodeRabbit
* **Refactor**
* Updated API nomenclature across the application to use "fleets"
instead of "teams" and "reports" instead of "queries" in endpoint paths
and request/response payloads.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-13 03:26:48 +00:00
fleet_id? : number ; // global query if undefined
2023-07-12 20:22:56 +00:00
interval? : number ; // default 0 means never run
2025-01-14 00:45:16 +00:00
platform? : CommaSeparatedPlatformString ; // Might more accurately be called `platforms_to_query` –
2023-07-12 20:22:56 +00:00
min_osquery_version? : string ; // default all versions if ommitted
automations_enabled? : boolean ; // whether to send data to the configured log destination according to the query's `interval`. Default false if ommitted.
logging? : QueryLoggingOption ;
2025-03-12 18:54:29 +00:00
labels_include_any? : string [ ] ;
2023-07-12 20:22:56 +00:00
}
// response is ISchedulableQuery
// Modify a query by id
/** PATCH /api/v1/fleet/queries/{id} */
export interface IModifyQueryRequestBody
Update API calls in front-end to use new, non-deprecated URLs and params (#41515)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41391
# Details
This PR updates front-end API calls to use new URLs and API params, so
that the front end doesn't cause deprecation warnings to appear on the
server.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a, should not be user-visible
## Testing
- [X] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
The biggest risk here is not that we missed a spot that still causes a
deprecation warning, but that we might inadvertently make a change that
breaks the front end, for instance by sending `fleet_id` to a function
that drops it silently and thus sends no ID to the server. Fortunately
we use TypeScript in virtually every place affected by these changes, so
the code would not compile if there were mismatches between the API
expectation and what we're sending. Still, spot checking as many places
as possible both for deprecation-warning leaks and loss of functionality
is important.
## Summary by CodeRabbit
* **Refactor**
* Updated API nomenclature across the application to use "fleets"
instead of "teams" and "reports" instead of "queries" in endpoint paths
and request/response payloads.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-13 03:26:48 +00:00
extends Omit < ICreateQueryRequestBody , " name " | " query " | " fleet_id " > {
2023-07-18 20:58:52 +00:00
id? : number ;
2023-07-12 20:22:56 +00:00
name? : string ;
query? : string ;
2023-07-18 20:58:52 +00:00
description? : string ;
observer_can_run? : boolean ;
2023-10-04 22:19:26 +00:00
discard_data? : boolean ;
2023-07-18 20:58:52 +00:00
frequency? : number ;
2025-01-14 00:45:16 +00:00
platform? : CommaSeparatedPlatformString ;
2023-07-18 20:58:52 +00:00
min_osquery_version? : string ;
2024-11-13 14:32:59 +00:00
automations_enabled? : boolean ;
2023-07-12 20:22:56 +00:00
}
// response is ISchedulableQuery // better way to indicate this?
// Delete a query by name
/** DELETE /api/v1/fleet/queries/{name} */
export interface IDeleteQueryRequestBody {
Update API calls in front-end to use new, non-deprecated URLs and params (#41515)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41391
# Details
This PR updates front-end API calls to use new URLs and API params, so
that the front end doesn't cause deprecation warnings to appear on the
server.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a, should not be user-visible
## Testing
- [X] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
The biggest risk here is not that we missed a spot that still causes a
deprecation warning, but that we might inadvertently make a change that
breaks the front end, for instance by sending `fleet_id` to a function
that drops it silently and thus sends no ID to the server. Fortunately
we use TypeScript in virtually every place affected by these changes, so
the code would not compile if there were mismatches between the API
expectation and what we're sending. Still, spot checking as many places
as possible both for deprecation-warning leaks and loss of functionality
is important.
## Summary by CodeRabbit
* **Refactor**
* Updated API nomenclature across the application to use "fleets"
instead of "teams" and "reports" instead of "queries" in endpoint paths
and request/response payloads.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-13 03:26:48 +00:00
fleet_id? : number ; // searches for a global query if omitted
2023-07-12 20:22:56 +00:00
}
// Delete a query by id
// DELETE /api/v1/fleet/queries/id/{id}
// (no body)
// Delete queries by id
/** POST /api/v1/fleet/queries/delete */
export interface IDeleteQueriesRequestBody {
ids : number [ ] ;
}
export interface IDeleteQueriesResponse {
deleted : number ; // number of queries deleted
}
2023-10-09 18:31:31 +00:00
export interface IEditQueryFormFields {
2023-07-12 20:22:56 +00:00
name : IFormField < string > ;
description : IFormField < string > ;
query : IFormField < string > ;
observer_can_run : IFormField < boolean > ;
2023-10-04 22:19:26 +00:00
discard_data : IFormField < boolean > ;
2023-07-12 20:22:56 +00:00
frequency : IFormField < number > ;
2024-11-13 14:32:59 +00:00
automations_enabled : IFormField < boolean > ;
2025-01-14 00:45:16 +00:00
platforms : IFormField < CommaSeparatedPlatformString > ;
2023-07-12 20:22:56 +00:00
min_osquery_version : IFormField < string > ;
logging : IFormField < QueryLoggingOption > ;
}
export type QueryLoggingOption =
| "snapshot"
| "differential"
| "differential_ignore_removals" ;
