sentinel_one: add rally benchmark (part 2) #15250

navnit-elastic · 2025-09-09T11:28:02Z

Proposed commit message

sentinel_one: add rally benchmark (part 2)

Add rally benchmark for application, group and threat data streams.

Note

No changelog entry required as no user-facing changes.

Checklist

I have reviewed tips for building integrations and this pull request is aligned with them.
I have verified that all data streams collect metrics or logs.
I have added an entry to my package's changelog.yml file.
I have verified that Kibana version constraints are current according to guidelines.
I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

[ ]

How to test this PR locally

Benchmarks

Run: cd packages/sentinel_one && elastic-package benchmark rally --benchmark <data_stream>-benchmark -v
Output:

Rally benchmark for threat data stream

--- Benchmark results for package: sentinel_one - START ---
╭────────────────────────────────────────────────────────────────────────────────────────────╮
│ info                                                                                       │
├────────────────────────┬───────────────────────────────────────────────────────────────────┤
│ benchmark              │                                                  threat-benchmark │
│ description            │              Benchmark 100000 sentinel_one.threat events ingested │
│ run ID                 │                              34000a58-141f-4beb-a3f4-68445715df14 │
│ package                │                                                      sentinel_one │
│ start ts (s)           │                                                        1757416021 │
│ end ts (s)             │                                                        1757416167 │
│ duration               │                                                             2m26s │
│ generated corpora file │ /home/devuser/.elastic-package/tmp/rally_corpus/corpus-2190460214 │
╰────────────────────────┴───────────────────────────────────────────────────────────────────╯
╭──────────────────────────────────────────────────────────────────────╮
│ parameters                                                           │
├─────────────────────────────────┬────────────────────────────────────┤
│ package version                 │                             1.37.0 │
│ data_stream.name                │                             threat │
│ corpora.generator.total_events  │                             100000 │
│ corpora.generator.template.path │ ./threat-benchmark/template.ndjson │
│ corpora.generator.template.raw  │                                    │
│ corpora.generator.template.type │                             gotext │
│ corpora.generator.config.path   │      ./threat-benchmark/config.yml │
│ corpora.generator.config.raw    │                              map[] │
│ corpora.generator.fields.path   │      ./threat-benchmark/fields.yml │
│ corpora.generator.fields.raw    │                              map[] │
╰─────────────────────────────────┴────────────────────────────────────╯
╭───────────────────────╮
│ cluster info          │
├───────┬───────────────┤
│ name  │ elasticsearch │
│ nodes │             1 │
╰───────┴───────────────╯
╭──────────────────────────────────────────────────────────╮
│ data stream stats                                        │
├────────────────────────────┬─────────────────────────────┤
│ data stream                │ logs-sentinel_one.threat-ep │
│ approx total docs ingested │                      100000 │
│ backing indices            │                           1 │
│ store size bytes           │                   332258244 │
│ maximum ts (ms)            │               1757435813480 │
╰────────────────────────────┴─────────────────────────────╯
╭───────────────────────────────────────╮
│ disk usage for index .ds-logs-sentine │
│ l_one.threat-ep-2025.09.09-000001 (fo │
│ r all fields)                         │
├──────────────────────────────┬────────┤
│ total                        │ 333 MB │
│ inverted_index.total         │  91 MB │
│ inverted_index.stored_fields │ 165 MB │
│ inverted_index.doc_values    │  72 MB │
│ inverted_index.points        │ 4.9 MB │
│ inverted_index.norms         │    0 B │
│ inverted_index.term_vectors  │    0 B │
│ inverted_index.knn_vectors   │    0 B │
╰──────────────────────────────┴────────╯
╭────────────────────────────────────────────────────────────────────────────────────────────────╮
│ pipeline logs-sentinel_one.threat-1.37.0 stats in node ylZmm4jrQgSC7LzRG7DocQ                  │
├─────────────────────────────────────────────────┬──────────────────────────────────────────────┤
│ Totals                                          │    Count: 100000 | Failed: 0 | Time: 25.069s │
│ remove (remove_agentless_tags)                  │              Count: 0 | Failed: 0 | Time: 0s │
│ set ()                                          │       Count: 100000 | Failed: 0 | Time: 25ms │
│ set ()                                          │       Count: 100000 | Failed: 0 | Time: 17ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 53ms │
│ remove ()                                       │       Count: 100000 | Failed: 0 | Time: 17ms │
│ json ()                                         │     Count: 100000 | Failed: 0 | Time: 4.617s │
│ script ()                                       │      Count: 100000 | Failed: 0 | Time: 748ms │
│ fingerprint ()                                  │      Count: 100000 | Failed: 0 | Time: 170ms │
│ set ()                                          │              Count: 0 | Failed: 0 | Time: 0s │
│ set ()                                          │              Count: 0 | Failed: 0 | Time: 0s │
│ set ()                                          │              Count: 0 | Failed: 0 | Time: 0s │
│ set ()                                          │              Count: 0 | Failed: 0 | Time: 0s │
│ date ()                                         │      Count: 100000 | Failed: 0 | Time: 138ms │
│ join ()                                         │      Count: 100000 | Failed: 0 | Time: 131ms │
│ set ()                                          │       Count: 100000 | Failed: 0 | Time: 33ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 73ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 62ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 56ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 74ms │
│ split (split_agentIpV4)                         │       Count: 100000 | Failed: 0 | Time: 43ms │
│ convert (convert_agentIpV4_to_ip)               │       Count: 100000 | Failed: 0 | Time: 55ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 201ms │
│ split (split_agentIpV6)                         │       Count: 100000 | Failed: 0 | Time: 35ms │
│ convert (convert_agentIpV6_to_ip)               │      Count: 100000 | Failed: 0 | Time: 150ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 139ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 72ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 74ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 49ms │
│ set ()                                          │              Count: 0 | Failed: 0 | Time: 0s │
│ append ()                                       │      Count: 100000 | Failed: 0 | Time: 124ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 61ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 61ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 62ms │
│ date ()                                         │       Count: 100000 | Failed: 0 | Time: 90ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 48ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 53ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 12ms │
│ convert (convert_externalIp_to_ip)              │       Count: 100000 | Failed: 0 | Time: 55ms │
│ geoip ()                                        │      Count: 100000 | Failed: 0 | Time: 359ms │
│ append ()                                       │      Count: 100000 | Failed: 0 | Time: 124ms │
│ append ()                                       │      Count: 100000 | Failed: 0 | Time: 110ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 66ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 52ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 54ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 49ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 57ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 57ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 46ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 46ms │
│ append ()                                       │       Count: 100000 | Failed: 0 | Time: 85ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 35ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 48ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 52ms │
│ set ()                                          │       Count: 100000 | Failed: 0 | Time: 31ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 29ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 27ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 45ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 50ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 51ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 46ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 43ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 54ms │
│ script (script_map_host_os_type)                │       Count: 100000 | Failed: 0 | Time: 95ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 57ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 45ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 77ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 48ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 129ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 168ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 192ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 163ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 159ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 47ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 59ms │
│ gsub ()                                         │      Count: 100000 | Failed: 0 | Time: 115ms │
│ uppercase ()                                    │       Count: 100000 | Failed: 0 | Time: 29ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 54ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 27ms │
│ date ()                                         │      Count: 100000 | Failed: 0 | Time: 101ms │
│ date ()                                         │       Count: 100000 | Failed: 0 | Time: 76ms │
│ date ()                                         │       Count: 100000 | Failed: 0 | Time: 79ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 55ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 60ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 49ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 12ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 15ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 11ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 12ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 11ms │
│ set ()                                          │       Count: 100000 | Failed: 0 | Time: 25ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 47ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 75ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 67ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 178ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 193ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 178ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 227ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 213ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 57ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 51ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 14ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 10ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 12ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 11ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 59ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 54ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 61ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 44ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 43ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 59ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 59ms │
│ foreach ()                                      │     Count: 100000 | Failed: 0 | Time: 1.082s │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 80ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 66ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 143ms │
│ foreach ()                                      │      Count: 100000 | Failed: 0 | Time: 103ms │
│ foreach ()                                      │       Count: 100000 | Failed: 0 | Time: 94ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 53ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 63ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 63ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 26ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 53ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 51ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 56ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 45ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 49ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 71ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 44ms │
│ date ()                                         │ Count: 100000 | Failed: 100000 | Time: 649ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 75ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 52ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 59ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 36ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 57ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 25ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 50ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 53ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 49ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 37ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 49ms │
│ date ()                                         │       Count: 100000 | Failed: 0 | Time: 81ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 54ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 52ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 45ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 52ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 47ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 52ms │
│ append ()                                       │      Count: 100000 | Failed: 0 | Time: 156ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 25ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 24ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 51ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 56ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 76ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 53ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 60ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 51ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 29ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 48ms │
│ append ()                                       │      Count: 100000 | Failed: 0 | Time: 115ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 51ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 30ms │
│ convert ()                                      │       Count: 100000 | Failed: 0 | Time: 22ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 55ms │
│ append ()                                       │      Count: 100000 | Failed: 0 | Time: 185ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 54ms │
│ append ()                                       │      Count: 100000 | Failed: 0 | Time: 162ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 48ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 45ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 47ms │
│ set ()                                          │      Count: 100000 | Failed: 0 | Time: 250ms │
│ rename ()                                       │       Count: 100000 | Failed: 0 | Time: 12ms │
│ remove ()                                       │       Count: 100000 | Failed: 0 | Time: 19ms │
│ script ()                                       │     Count: 100000 | Failed: 0 | Time: 1.412s │
│ pipeline (global@custom)                        │       Count: 100000 | Failed: 0 | Time: 20ms │
│ pipeline (logs@custom)                          │       Count: 100000 | Failed: 0 | Time: 10ms │
│ pipeline (logs-sentinel_one.integration@custom) │        Count: 100000 | Failed: 0 | Time: 9ms │
│ pipeline (logs-sentinel_one.threat@custom)      │       Count: 100000 | Failed: 0 | Time: 13ms │
╰─────────────────────────────────────────────────┴──────────────────────────────────────────────╯
╭─────────────────────────────────────────────────────────────────────────────────────────────╮
│ rally stats                                                                                 │
├────────────────────────────────────────────────────────────────┬────────────────────────────┤
│ Cumulative indexing time of primary shards                     │      63.45548333333333 min │
│ Min cumulative indexing time across primary shards             │                      0 min │
│ Median cumulative indexing time across primary shards          │  6.666666666666667e-05 min │
│ Max cumulative indexing time across primary shards             │      54.65646666666667 min │
│ Cumulative indexing throttle time of primary shards            │                      0 min │
│ Min cumulative indexing throttle time across primary shards    │                      0 min │
│ Median cumulative indexing throttle time across primary shards │                      0 min │
│ Max cumulative indexing throttle time across primary shards    │                      0 min │
│ Cumulative merge time of primary shards                        │     114.42548333333335 min │
│ Cumulative merge count of primary shards                       │                       3534 │
│ Min cumulative merge time across primary shards                │                      0 min │
│ Median cumulative merge time across primary shards             │                      0 min │
│ Max cumulative merge time across primary shards                │               108.9982 min │
│ Cumulative merge throttle time of primary shards               │      85.53223333333334 min │
│ Min cumulative merge throttle time across primary shards       │                      0 min │
│ Median cumulative merge throttle time across primary shards    │                      0 min │
│ Max cumulative merge throttle time across primary shards       │               83.72515 min │
│ Cumulative refresh time of primary shards                      │                  9.408 min │
│ Cumulative refresh count of primary shards                     │                     129864 │
│ Min cumulative refresh time across primary shards              │                      0 min │
│ Median cumulative refresh time across primary shards           │                0.00025 min │
│ Max cumulative refresh time across primary shards              │     2.6980333333333335 min │
│ Cumulative flush time of primary shards                        │      73.38008333333333 min │
│ Cumulative flush count of primary shards                       │                      91456 │
│ Min cumulative flush time across primary shards                │                      0 min │
│ Median cumulative flush time across primary shards             │ 0.00021666666666666666 min │
│ Max cumulative flush time across primary shards                │     15.156683333333332 min │
│ Total Young Gen GC time                                        │                    0.676 s │
│ Total Young Gen GC count                                       │                         67 │
│ Total Old Gen GC time                                          │                        0 s │
│ Total Old Gen GC count                                         │                          0 │
│ Dataset size                                                   │      15.982303876429796 GB │
│ Store size                                                     │      15.982303876429796 GB │
│ Translog size                                                  │     0.22693745605647564 GB │
│ Heap used for segments                                         │                       0 MB │
│ Heap used for doc values                                       │                       0 MB │
│ Heap used for terms                                            │                       0 MB │
│ Heap used for norms                                            │                       0 MB │
│ Heap used for points                                           │                       0 MB │
│ Heap used for stored fields                                    │                       0 MB │
│ Segment count                                                  │                        389 │
│ Total Ingest Pipeline count                                    │                     102598 │
│ Total Ingest Pipeline time                                     │                   38.638 s │
│ Total Ingest Pipeline failed                                   │                          0 │
│ Min Throughput                                                 │              972.54 docs/s │
│ Mean Throughput                                                │             1091.10 docs/s │
│ Median Throughput                                              │             1072.45 docs/s │
│ Max Throughput                                                 │             1169.96 docs/s │
│ 50th percentile latency                                        │       403.0781649053097 ms │
│ 90th percentile latency                                        │       490.5530077405274 ms │
│ 99th percentile latency                                        │       2951.632579499855 ms │
│ 100th percentile latency                                       │       3014.668680727482 ms │
│ 50th percentile service time                                   │       403.0781649053097 ms │
│ 90th percentile service time                                   │       490.5530077405274 ms │
│ 99th percentile service time                                   │       2951.632579499855 ms │
│ 100th percentile service time                                  │       3014.668680727482 ms │
│ error rate                                                     │                     0.00 % │
╰────────────────────────────────────────────────────────────────┴────────────────────────────╯

--- Benchmark results for package: sentinel_one - END   ---
Done

Rally benchmark for application data stream

--- Benchmark results for package: sentinel_one - START ---
╭────────────────────────────────────────────────────────────────────────────────────────────╮
│ info                                                                                       │
├────────────────────────┬───────────────────────────────────────────────────────────────────┤
│ benchmark              │                                             application-benchmark │
│ description            │         Benchmark 100000 sentinel_one.application events ingested │
│ run ID                 │                              f470128d-69d9-49fc-991c-b6fff3355509 │
│ package                │                                                      sentinel_one │
│ start ts (s)           │                                                        1757424867 │
│ end ts (s)             │                                                        1757424918 │
│ duration               │                                                               51s │
│ generated corpora file │ /home/devuser/.elastic-package/tmp/rally_corpus/corpus-1743895400 │
╰────────────────────────┴───────────────────────────────────────────────────────────────────╯
╭───────────────────────────────────────────────────────────────────────────╮
│ parameters                                                                │
├─────────────────────────────────┬─────────────────────────────────────────┤
│ package version                 │                                  1.37.0 │
│ data_stream.name                │                             application │
│ corpora.generator.total_events  │                                  100000 │
│ corpora.generator.template.path │ ./application-benchmark/template.ndjson │
│ corpora.generator.template.raw  │                                         │
│ corpora.generator.template.type │                                  gotext │
│ corpora.generator.config.path   │      ./application-benchmark/config.yml │
│ corpora.generator.config.raw    │                                   map[] │
│ corpora.generator.fields.path   │      ./application-benchmark/fields.yml │
│ corpora.generator.fields.raw    │                                   map[] │
╰─────────────────────────────────┴─────────────────────────────────────────╯
╭───────────────────────╮
│ cluster info          │
├───────┬───────────────┤
│ name  │ elasticsearch │
│ nodes │             1 │
╰───────┴───────────────╯
╭───────────────────────────────────────────────────────────────╮
│ data stream stats                                             │
├────────────────────────────┬──────────────────────────────────┤
│ data stream                │ logs-sentinel_one.application-ep │
│ approx total docs ingested │                           100000 │
│ backing indices            │                                1 │
│ store size bytes           │                         42769591 │
│ maximum ts (ms)            │                    1757424866654 │
╰────────────────────────────┴──────────────────────────────────╯
╭───────────────────────────────────────╮
│ disk usage for index .ds-logs-sentine │
│ l_one.application-ep-2025.09.09-00000 │
│ 1 (for all fields)                    │
├──────────────────────────────┬────────┤
│ total                        │  42 MB │
│ inverted_index.total         │  12 MB │
│ inverted_index.stored_fields │  21 MB │
│ inverted_index.doc_values    │ 8.1 MB │
│ inverted_index.points        │ 1.3 MB │
│ inverted_index.norms         │    0 B │
│ inverted_index.term_vectors  │    0 B │
│ inverted_index.knn_vectors   │    0 B │
╰──────────────────────────────┴────────╯
╭───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ pipeline logs-sentinel_one.application-1.37.0 stats in node ylZmm4jrQgSC7LzRG7DocQ                                    │
├────────────────────────────────────────────────────────────────────────────┬──────────────────────────────────────────┤
│ Totals                                                                     │ Count: 100000 | Failed: 0 | Time: 3.139s │
│ drop ()                                                                    │          Count: 0 | Failed: 0 | Time: 0s │
│ set (set_ecs_version)                                                      │   Count: 100000 | Failed: 0 | Time: 16ms │
│ terminate (data_collection_error)                                          │          Count: 0 | Failed: 0 | Time: 0s │
│ set (set_event_kind)                                                       │   Count: 100000 | Failed: 0 | Time: 12ms │
│ append (append_event_category)                                             │   Count: 100000 | Failed: 0 | Time: 14ms │
│ append (append_event_type)                                                 │   Count: 100000 | Failed: 0 | Time: 14ms │
│ rename (rename_message_to_event_original)                                  │   Count: 100000 | Failed: 0 | Time: 33ms │
│ remove (remove_message)                                                    │   Count: 100000 | Failed: 0 | Time: 11ms │
│ remove (remove_agentless_tags)                                             │          Count: 0 | Failed: 0 | Time: 0s │
│ json (json_event_original)                                                 │  Count: 100000 | Failed: 0 | Time: 600ms │
│ rename (rename_accountName)                                                │   Count: 100000 | Failed: 0 | Time: 43ms │
│ date (date_applicationInstallationDate)                                    │   Count: 100000 | Failed: 0 | Time: 88ms │
│ set (set_package_installed_from_application_application_installation_date) │   Count: 100000 | Failed: 0 | Time: 25ms │
│ rename (rename_applicationInstallationPath)                                │   Count: 100000 | Failed: 0 | Time: 38ms │
│ rename (rename_applicationName)                                            │   Count: 100000 | Failed: 0 | Time: 38ms │
│ set (set_package_name_from_application_application_name)                   │   Count: 100000 | Failed: 0 | Time: 19ms │
│ rename (rename_applicationVendor)                                          │   Count: 100000 | Failed: 0 | Time: 11ms │
│ convert (convert_applicationVersionsCount_to_long)                         │   Count: 100000 | Failed: 0 | Time: 13ms │
│ convert (convert_coreCount_to_long)                                        │   Count: 100000 | Failed: 0 | Time: 25ms │
│ rename (rename_cpe)                                                        │   Count: 100000 | Failed: 0 | Time: 36ms │
│ convert (convert_cpuCount_to_long)                                         │   Count: 100000 | Failed: 0 | Time: 22ms │
│ date (date_detectionDate)                                                  │   Count: 100000 | Failed: 0 | Time: 66ms │
│ rename (rename_endpointId)                                                 │   Count: 100000 | Failed: 0 | Time: 41ms │
│ rename (rename_endpointName)                                               │   Count: 100000 | Failed: 0 | Time: 36ms │
│ set (set_host_name_from_application_endpoint_name)                         │   Count: 100000 | Failed: 0 | Time: 20ms │
│ append (append_related_hosts)                                              │  Count: 100000 | Failed: 0 | Time: 110ms │
│ rename (rename_endpointType)                                               │   Count: 100000 | Failed: 0 | Time: 37ms │
│ set (set_host_type_from_application_endpoint_type)                         │   Count: 100000 | Failed: 0 | Time: 19ms │
│ rename (rename_endpointUuid)                                               │   Count: 100000 | Failed: 0 | Time: 37ms │
│ convert (convert_endpointsCount_to_long)                                   │   Count: 100000 | Failed: 0 | Time: 12ms │
│ convert (convert_estimate_to_boolean)                                      │   Count: 100000 | Failed: 0 | Time: 12ms │
│ convert (convert_fileSize_to_long)                                         │   Count: 100000 | Failed: 0 | Time: 39ms │
│ set (set_package_size_from_application_file_size)                          │   Count: 100000 | Failed: 0 | Time: 20ms │
│ rename (rename_groupName)                                                  │   Count: 100000 | Failed: 0 | Time: 36ms │
│ rename (rename_id)                                                         │   Count: 100000 | Failed: 0 | Time: 33ms │
│ rename (rename_osArch)                                                     │   Count: 100000 | Failed: 0 | Time: 34ms │
│ rename (rename_osName)                                                     │   Count: 100000 | Failed: 0 | Time: 32ms │
│ set (set_host_os_name_from_application_os_name)                            │   Count: 100000 | Failed: 0 | Time: 25ms │
│ rename (rename_osType)                                                     │   Count: 100000 | Failed: 0 | Time: 32ms │
│ set (set_host_os_type_from_application_os_type)                            │   Count: 100000 | Failed: 0 | Time: 20ms │
│ rename (rename_osVersion)                                                  │   Count: 100000 | Failed: 0 | Time: 32ms │
│ set (set_host_os_full_from_application_os_version)                         │   Count: 100000 | Failed: 0 | Time: 18ms │
│ rename (rename_siteName)                                                   │   Count: 100000 | Failed: 0 | Time: 33ms │
│ rename (rename_version)                                                    │   Count: 100000 | Failed: 0 | Time: 36ms │
│ set (set_package_version_from_application_version)                         │   Count: 100000 | Failed: 0 | Time: 17ms │
│ remove (remove_custom_duplicate_fields)                                    │   Count: 100000 | Failed: 0 | Time: 85ms │
│ remove (remove_json)                                                       │   Count: 100000 | Failed: 0 | Time: 11ms │
│ script (script_to_drop_null_values)                                        │  Count: 100000 | Failed: 0 | Time: 278ms │
│ set (set_pipeline_error_into_event_kind)                                   │          Count: 0 | Failed: 0 | Time: 0s │
│ append ()                                                                  │          Count: 0 | Failed: 0 | Time: 0s │
│ pipeline (global@custom)                                                   │   Count: 100000 | Failed: 0 | Time: 10ms │
│ pipeline (logs@custom)                                                     │   Count: 100000 | Failed: 0 | Time: 12ms │
│ pipeline (logs-sentinel_one.integration@custom)                            │    Count: 100000 | Failed: 0 | Time: 8ms │
│ pipeline (logs-sentinel_one.application@custom)                            │   Count: 100000 | Failed: 0 | Time: 10ms │
╰────────────────────────────────────────────────────────────────────────────┴──────────────────────────────────────────╯
╭────────────────────────────────────────────────────────────────────────────────────────────╮
│ rally stats                                                                                │
├────────────────────────────────────────────────────────────────┬───────────────────────────┤
│ Cumulative indexing time of primary shards                     │     65.56696666666667 min │
│ Min cumulative indexing time across primary shards             │                     0 min │
│ Median cumulative indexing time across primary shards          │                0.0001 min │
│ Max cumulative indexing time across primary shards             │              55.53765 min │
│ Cumulative indexing throttle time of primary shards            │                     0 min │
│ Min cumulative indexing throttle time across primary shards    │                     0 min │
│ Median cumulative indexing throttle time across primary shards │                     0 min │
│ Max cumulative indexing throttle time across primary shards    │                     0 min │
│ Cumulative merge time of primary shards                        │    116.00111666666666 min │
│ Cumulative merge count of primary shards                       │                      3576 │
│ Min cumulative merge time across primary shards                │                     0 min │
│ Median cumulative merge time across primary shards             │                     0 min │
│ Max cumulative merge time across primary shards                │              110.5325 min │
│ Cumulative merge throttle time of primary shards               │     86.70051666666667 min │
│ Min cumulative merge throttle time across primary shards       │                     0 min │
│ Median cumulative merge throttle time across primary shards    │                     0 min │
│ Max cumulative merge throttle time across primary shards       │               84.8819 min │
│ Cumulative refresh time of primary shards                      │     9.696766666666667 min │
│ Cumulative refresh count of primary shards                     │                    131502 │
│ Min cumulative refresh time across primary shards              │                     0 min │
│ Median cumulative refresh time across primary shards           │               0.00025 min │
│ Max cumulative refresh time across primary shards              │    2.7234666666666665 min │
│ Cumulative flush time of primary shards                        │               74.2603 min │
│ Cumulative flush count of primary shards                       │                     92418 │
│ Min cumulative flush time across primary shards                │                     0 min │
│ Median cumulative flush time across primary shards             │ 0.0007666666666666667 min │
│ Max cumulative flush time across primary shards                │    15.395766666666667 min │
│ Total Young Gen GC time                                        │                   0.154 s │
│ Total Young Gen GC count                                       │                        12 │
│ Total Old Gen GC time                                          │                       0 s │
│ Total Old Gen GC count                                         │                         0 │
│ Dataset size                                                   │     16.291946864686906 GB │
│ Store size                                                     │     16.291946864686906 GB │
│ Translog size                                                  │    0.21272805333137512 GB │
│ Heap used for segments                                         │                      0 MB │
│ Heap used for doc values                                       │                      0 MB │
│ Heap used for terms                                            │                      0 MB │
│ Heap used for norms                                            │                      0 MB │
│ Heap used for points                                           │                      0 MB │
│ Heap used for stored fields                                    │                      0 MB │
│ Segment count                                                  │                       459 │
│ Total Ingest Pipeline count                                    │                    103618 │
│ Total Ingest Pipeline time                                     │                   6.757 s │
│ Total Ingest Pipeline failed                                   │                         0 │
│ Min Throughput                                                 │            5252.88 docs/s │
│ Mean Throughput                                                │            5516.99 docs/s │
│ Median Throughput                                              │            5509.59 docs/s │
│ Max Throughput                                                 │            5781.65 docs/s │
│ 50th percentile latency                                        │      80.80008532851934 ms │
│ 90th percentile latency                                        │      98.34380336105824 ms │
│ 99th percentile latency                                        │     170.52617611363436 ms │
│ 100th percentile latency                                       │      305.3266070783138 ms │
│ 50th percentile service time                                   │      80.80008532851934 ms │
│ 90th percentile service time                                   │      98.34380336105824 ms │
│ 99th percentile service time                                   │     170.52617611363436 ms │
│ 100th percentile service time                                  │      305.3266070783138 ms │
│ error rate                                                     │                    0.00 % │
╰────────────────────────────────────────────────────────────────┴───────────────────────────╯

--- Benchmark results for package: sentinel_one - END   ---
Done

Rally benchmark for group data stream

--- Benchmark results for package: sentinel_one - START ---
╭───────────────────────────────────────────────────────────────────────────────────────────╮
│ info                                                                                      │
├────────────────────────┬──────────────────────────────────────────────────────────────────┤
│ benchmark              │                                                  group-benchmark │
│ description            │              Benchmark 100000 sentinel_one.group events ingested │
│ run ID                 │                             a997e76f-487a-426c-a7b6-07e4c2bb3505 │
│ package                │                                                     sentinel_one │
│ start ts (s)           │                                                       1757419821 │
│ end ts (s)             │                                                       1757419872 │
│ duration               │                                                              51s │
│ generated corpora file │ /home/devuser/.elastic-package/tmp/rally_corpus/corpus-764503075 │
╰────────────────────────┴──────────────────────────────────────────────────────────────────╯
╭─────────────────────────────────────────────────────────────────────╮
│ parameters                                                          │
├─────────────────────────────────┬───────────────────────────────────┤
│ package version                 │                            1.37.0 │
│ data_stream.name                │                             group │
│ corpora.generator.total_events  │                            100000 │
│ corpora.generator.template.path │ ./group-benchmark/template.ndjson │
│ corpora.generator.template.raw  │                                   │
│ corpora.generator.template.type │                            gotext │
│ corpora.generator.config.path   │      ./group-benchmark/config.yml │
│ corpora.generator.config.raw    │                             map[] │
│ corpora.generator.fields.path   │      ./group-benchmark/fields.yml │
│ corpora.generator.fields.raw    │                             map[] │
╰─────────────────────────────────┴───────────────────────────────────╯
╭───────────────────────╮
│ cluster info          │
├───────┬───────────────┤
│ name  │ elasticsearch │
│ nodes │             1 │
╰───────┴───────────────╯
╭─────────────────────────────────────────────────────────╮
│ data stream stats                                       │
├────────────────────────────┬────────────────────────────┤
│ data stream                │ logs-sentinel_one.group-ep │
│ approx total docs ingested │                     100000 │
│ backing indices            │                          1 │
│ store size bytes           │                   34935107 │
│ maximum ts (ms)            │              1757439622406 │
╰────────────────────────────┴────────────────────────────╯
╭───────────────────────────────────────╮
│ disk usage for index .ds-logs-sentine │
│ l_one.group-ep-2025.09.09-000001 (for │
│ all fields)                           │
├──────────────────────────────┬────────┤
│ total                        │  40 MB │
│ inverted_index.total         │  11 MB │
│ inverted_index.stored_fields │  22 MB │
│ inverted_index.doc_values    │ 5.9 MB │
│ inverted_index.points        │ 896 kB │
│ inverted_index.norms         │    0 B │
│ inverted_index.term_vectors  │    0 B │
│ inverted_index.knn_vectors   │    0 B │
╰──────────────────────────────┴────────╯
╭────────────────────────────────────────────────────────────────────────────────────────────╮
│ pipeline logs-sentinel_one.group-1.37.0 stats in node ylZmm4jrQgSC7LzRG7DocQ               │
├─────────────────────────────────────────────────┬──────────────────────────────────────────┤
│ Totals                                          │ Count: 100000 | Failed: 0 | Time: 2.198s │
│ remove (remove_agentless_tags)                  │          Count: 0 | Failed: 0 | Time: 0s │
│ set ()                                          │   Count: 100000 | Failed: 0 | Time: 16ms │
│ set ()                                          │   Count: 100000 | Failed: 0 | Time: 12ms │
│ set ()                                          │   Count: 100000 | Failed: 0 | Time: 14ms │
│ set ()                                          │   Count: 100000 | Failed: 0 | Time: 13ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 28ms │
│ remove ()                                       │   Count: 100000 | Failed: 0 | Time: 11ms │
│ json ()                                         │  Count: 100000 | Failed: 0 | Time: 446ms │
│ fingerprint ()                                  │   Count: 100000 | Failed: 0 | Time: 81ms │
│ date ()                                         │   Count: 100000 | Failed: 0 | Time: 82ms │
│ date ()                                         │   Count: 100000 | Failed: 0 | Time: 69ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 29ms │
│ append ()                                       │   Count: 100000 | Failed: 0 | Time: 92ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 36ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 34ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 34ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 43ms │
│ convert ()                                      │   Count: 100000 | Failed: 0 | Time: 21ms │
│ convert ()                                      │   Count: 100000 | Failed: 0 | Time: 19ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 26ms │
│ convert ()                                      │   Count: 100000 | Failed: 0 | Time: 20ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 30ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 33ms │
│ convert ()                                      │   Count: 100000 | Failed: 0 | Time: 26ms │
│ rename ()                                       │   Count: 100000 | Failed: 0 | Time: 30ms │
│ remove ()                                       │   Count: 100000 | Failed: 0 | Time: 10ms │
│ script ()                                       │  Count: 100000 | Failed: 0 | Time: 307ms │
│ pipeline (global@custom)                        │   Count: 100000 | Failed: 0 | Time: 11ms │
│ pipeline (logs@custom)                          │    Count: 100000 | Failed: 0 | Time: 8ms │
│ pipeline (logs-sentinel_one.integration@custom) │    Count: 100000 | Failed: 0 | Time: 8ms │
│ pipeline (logs-sentinel_one.group@custom)       │    Count: 100000 | Failed: 0 | Time: 8ms │
╰─────────────────────────────────────────────────┴──────────────────────────────────────────╯
╭─────────────────────────────────────────────────────────────────────────────────────────╮
│ rally stats                                                                             │
├────────────────────────────────────────────────────────────────┬────────────────────────┤
│ Cumulative indexing time of primary shards                     │           64.67695 min │
│ Min cumulative indexing time across primary shards             │                  0 min │
│ Median cumulative indexing time across primary shards          │            7.5e-05 min │
│ Max cumulative indexing time across primary shards             │           55.01845 min │
│ Cumulative indexing throttle time of primary shards            │                  0 min │
│ Min cumulative indexing throttle time across primary shards    │                  0 min │
│ Median cumulative indexing throttle time across primary shards │                0.0 min │
│ Max cumulative indexing throttle time across primary shards    │                  0 min │
│ Cumulative merge time of primary shards                        │ 114.77701666666667 min │
│ Cumulative merge count of primary shards                       │                   3551 │
│ Min cumulative merge time across primary shards                │                  0 min │
│ Median cumulative merge time across primary shards             │                0.0 min │
│ Max cumulative merge time across primary shards                │            109.333 min │
│ Cumulative merge throttle time of primary shards               │  85.79858333333333 min │
│ Min cumulative merge throttle time across primary shards       │                  0 min │
│ Median cumulative merge throttle time across primary shards    │                0.0 min │
│ Max cumulative merge throttle time across primary shards       │  83.98610000000001 min │
│ Cumulative refresh time of primary shards                      │  9.512400000000001 min │
│ Cumulative refresh count of primary shards                     │                 130491 │
│ Min cumulative refresh time across primary shards              │                  0 min │
│ Median cumulative refresh time across primary shards           │            0.00025 min │
│ Max cumulative refresh time across primary shards              │  2.709083333333333 min │
│ Cumulative flush time of primary shards                        │  73.81581666666666 min │
│ Cumulative flush count of primary shards                       │                  91865 │
│ Min cumulative flush time across primary shards                │                  0 min │
│ Median cumulative flush time across primary shards             │           0.000225 min │
│ Max cumulative flush time across primary shards                │            15.2654 min │
│ Total Young Gen GC time                                        │                0.146 s │
│ Total Young Gen GC count                                       │                     10 │
│ Total Old Gen GC time                                          │                    0 s │
│ Total Old Gen GC count                                         │                      0 │
│ Dataset size                                                   │   16.11712953262031 GB │
│ Store size                                                     │   16.11712953262031 GB │
│ Translog size                                                  │ 0.05889941565692425 GB │
│ Heap used for segments                                         │                   0 MB │
│ Heap used for doc values                                       │                   0 MB │
│ Heap used for terms                                            │                   0 MB │
│ Heap used for norms                                            │                   0 MB │
│ Heap used for points                                           │                   0 MB │
│ Heap used for stored fields                                    │                   0 MB │
│ Segment count                                                  │                    490 │
│ Total Ingest Pipeline count                                    │                 100004 │
│ Total Ingest Pipeline time                                     │                4.886 s │
│ Total Ingest Pipeline failed                                   │                      0 │
│ Min Throughput                                                 │         5930.36 docs/s │
│ Mean Throughput                                                │         6198.16 docs/s │
│ Median Throughput                                              │         6246.79 docs/s │
│ Max Throughput                                                 │         6363.67 docs/s │
│ 50th percentile latency                                        │   71.07478333637118 ms │
│ 90th percentile latency                                        │   87.11531916633247 ms │
│ 99th percentile latency                                        │  127.92995110154142 ms │
│ 100th percentile latency                                       │   352.2912934422493 ms │
│ 50th percentile service time                                   │   71.07478333637118 ms │
│ 90th percentile service time                                   │   87.11531916633247 ms │
│ 99th percentile service time                                   │  127.92995110154142 ms │
│ 100th percentile service time                                  │   352.2912934422493 ms │
│ error rate                                                     │                 0.00 % │
╰────────────────────────────────────────────────────────────────┴────────────────────────╯

--- Benchmark results for package: sentinel_one - END   ---
Done

Related issues

For sentinel_one: Add benchmarks for integration quality checks #14741

Screenshots

Increase cardinality for file*, username and computerName

elastic-vault-github-plugin-prod · 2025-09-09T11:58:29Z

🚀 Benchmarks report

Package `sentinel_one` 👍(12) 💚(0) 💔(0)

Expand to view

Data stream	New EPS	Diff (%)	Result
`application`	27027.03	27027.03 ( - %)	👍
`group`	37037.04	37037.04 ( - %)	👍
`threat`	2298.85	2298.85 ( - %)	👍
`activity`	5010.02	5010.02 ( - %)	👍
`agent`	4073.32	4073.32 ( - %)	👍
`alert`	3292.72	3292.72 ( - %)	👍
`application`	20790.02	20790.02 ( - %)	👍
`group`	30581.04	30581.04 ( - %)	👍
`threat`	1681.8	1681.8 ( - %)	👍
`activity`	6024.1	6024.1 ( - %)	👍
`agent`	5025.13	5025.13 ( - %)	👍
`alert`	3610.11	3610.11 ( - %)	👍

elasticmachine · 2025-09-10T05:30:34Z

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

efd6 · 2025-09-10T05:53:45Z

/test benchmark fullreport

kcreddy

Need to uncheck I have added an entry to my package's changelog.yml file. from Checklist as it doesn't have a changelog.

navnit-elastic · 2025-09-10T06:17:02Z

Need to uncheck I have added an entry to my package's changelog.yml file. from Checklist as it doesn't have a changelog.

Done, Thanks!

elastic-sonarqube · 2025-09-10T06:22:15Z

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

elasticmachine · 2025-09-10T06:22:22Z

💚 Build Succeeded

Buildkite Build
Commit: 7cb6e41

History

💚 Build #31025 succeeded 7cb6e41
💚 Build #31016 succeeded 8cd06e6

cc @navnit-elastic

navnit-elastic · 2025-09-10T07:33:50Z

@efd6, May I consider this PR approved from your side?

navnit-elastic added 6 commits August 25, 2025 12:55

sentinel_one: add pipeline benchmark

afd89cc

Add rally benchmark for activity data stream

e600c1c

Add rally benchmakr for agent data stream

752221e

Add rally benchmark for alert data stream

b8c1aa8

Use yml lists format

91df88a

Increase cardinality for file*, username and computerName

sentinel_one: add rally benchmark for threat

be7616f

navnit-elastic self-assigned this Sep 9, 2025

Merge branch 'main' into sentinel_one-benchmark

8cd06e6

navnit-elastic added 2 commits September 9, 2025 19:08

Add rally benchmark for application

e7e4609

Add rally benchmark for group

7cb6e41

navnit-elastic marked this pull request as ready for review September 10, 2025 05:30

navnit-elastic requested a review from a team as a code owner September 10, 2025 05:30

kcreddy approved these changes Sep 10, 2025

View reviewed changes

efd6 approved these changes Sep 10, 2025

View reviewed changes

navnit-elastic merged commit 4f82f05 into elastic:main Sep 10, 2025
9 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

sentinel_one: add rally benchmark (part 2) #15250

sentinel_one: add rally benchmark (part 2) #15250

Uh oh!

navnit-elastic commented Sep 9, 2025 •

edited

Loading

Uh oh!

elastic-vault-github-plugin-prod bot commented Sep 9, 2025 •

edited

Loading

Uh oh!

elasticmachine commented Sep 10, 2025

Uh oh!

efd6 commented Sep 10, 2025

Uh oh!

kcreddy left a comment

Uh oh!

navnit-elastic commented Sep 10, 2025

Uh oh!

elastic-sonarqube bot commented Sep 10, 2025

Uh oh!

elasticmachine commented Sep 10, 2025

Uh oh!

navnit-elastic commented Sep 10, 2025

Uh oh!

Uh oh!

Uh oh!

sentinel_one: add rally benchmark (part 2) #15250

sentinel_one: add rally benchmark (part 2) #15250

Uh oh!

Conversation

navnit-elastic commented Sep 9, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Proposed commit message

Checklist

Author's Checklist

How to test this PR locally

Benchmarks

Related issues

Screenshots

Uh oh!

elastic-vault-github-plugin-prod bot commented Sep 9, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🚀 Benchmarks report

Package sentinel_one 👍(12) 💚(0) 💔(0)

Uh oh!

elasticmachine commented Sep 10, 2025

Uh oh!

efd6 commented Sep 10, 2025

Uh oh!

kcreddy left a comment

Choose a reason for hiding this comment

Uh oh!

navnit-elastic commented Sep 10, 2025

Uh oh!

elastic-sonarqube bot commented Sep 10, 2025

Quality Gate passed

Uh oh!

elasticmachine commented Sep 10, 2025

💚 Build Succeeded

History

Uh oh!

navnit-elastic commented Sep 10, 2025

Uh oh!

Uh oh!

Uh oh!

navnit-elastic commented Sep 9, 2025 •

edited

Loading

elastic-vault-github-plugin-prod bot commented Sep 9, 2025 •

edited

Loading

Package `sentinel_one` 👍(12) 💚(0) 💔(0)