diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index 363adc568ba9b..eff4c1e385a41 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -11,19 +11,17 @@ export const BENCHMARKS_ROUTE_PATH = '/internal/cloud_security_posture/benchmark export const UPDATE_RULES_CONFIG_ROUTE_PATH = '/internal/cloud_security_posture/update_rules_config'; -export const CSP_FINDINGS_INDEX_NAME = 'findings'; -export const CIS_KUBERNETES_PACKAGE_NAME = 'cis_kubernetes_benchmark'; -export const FINDINGS_DATA_STREAM_NAME = - // Currently 'cis_kubernetes_benchmark.findings', To be refactored to 'cloud_security_posture.findings' - CIS_KUBERNETES_PACKAGE_NAME + '.' + CSP_FINDINGS_INDEX_NAME; +export const CLOUD_SECURITY_POSTURE_PACKAGE_NAME = 'cloud_security_posture'; + +export const AGENT_LOGS_INDEX_PATTERN = '.logs-cloud_security_posture.metadata*'; +export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cloud_security_posture.findings*'; +export const FINDINGS_INDEX_PATTERN = 'logs-cloud_security_posture.findings-default*'; + export const LATEST_FINDINGS_INDEX_NAME = 'cloud_security_posture.findings_latest'; -export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores'; +export const LATEST_FINDINGS_INDEX_DEFAULT_NS = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default'; -export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*'; -export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings-*'; -export const FINDINGS_INDEX_PATTERN = 'logs-' + FINDINGS_DATA_STREAM_NAME + '-default*'; -export const LATEST_FINDINGS_INDEX_PATTERN = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default'; -export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default'; +export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores'; +export const BENCHMARK_SCORE_INDEX_DEFAULT_NS = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default'; export const RULE_PASSED = `passed`; export const RULE_FAILED = `failed`; diff --git a/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx b/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx index 0a9f2c2134a6e..cc39897845b29 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx +++ b/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx @@ -11,7 +11,7 @@ import { type GetInfoResponse, type DefaultPackagesInstallationError, } from '@kbn/fleet-plugin/common'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants'; +import { CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants'; import { useKibana } from '../hooks/use_kibana'; /** @@ -21,7 +21,7 @@ export const useCisKubernetesIntegration = () => { const { http } = useKibana().services; return useQuery<GetInfoResponse, DefaultPackagesInstallationError>(['integrations'], () => - http.get<GetInfoResponse>(epmRouteService.getInfoPath(CIS_KUBERNETES_PACKAGE_NAME), { + http.get<GetInfoResponse>(epmRouteService.getInfoPath(CLOUD_SECURITY_PACKAGE_NAME), { query: { experimental: true }, }) ); diff --git a/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts b/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts index c30bf09a60e0f..32d53b0a89695 100644 --- a/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts +++ b/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts @@ -10,9 +10,9 @@ import type { ElasticsearchClient, Logger } from '@kbn/core/server'; import { benchmarkScoreMapping } from './benchmark_score_mapping'; import { latestFindingsMapping } from './latest_findings_mapping'; import { - LATEST_FINDINGS_INDEX_PATTERN, + LATEST_FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_NAME, - BENCHMARK_SCORE_INDEX_PATTERN, + BENCHMARK_SCORE_INDEX_DEFAULT_NS, BENCHMARK_SCORE_INDEX_NAME, } from '../../common/constants'; @@ -25,14 +25,14 @@ export const initializeCspTransformsIndices = async ( createIndexIfNotExists( esClient, LATEST_FINDINGS_INDEX_NAME, - LATEST_FINDINGS_INDEX_PATTERN, + LATEST_FINDINGS_INDEX_DEFAULT_NS, latestFindingsMapping, logger ), createIndexIfNotExists( esClient, BENCHMARK_SCORE_INDEX_NAME, - BENCHMARK_SCORE_INDEX_PATTERN, + BENCHMARK_SCORE_INDEX_DEFAULT_NS, benchmarkScoreMapping, logger ), @@ -65,7 +65,7 @@ export const createIndexIfNotExists = async ( } } catch (err) { const error = transformError(err); - logger.error(`Failed to create ${LATEST_FINDINGS_INDEX_PATTERN}`); + logger.error(`Failed to create ${LATEST_FINDINGS_INDEX_DEFAULT_NS}`); logger.error(error.message); } }; diff --git a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts index 8872c359fc770..69e13ab8c5065 100644 --- a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts +++ b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts @@ -8,7 +8,7 @@ import { loggingSystemMock, savedObjectsClientMock } from '@kbn/core/server/mocks'; import { SavedObjectsClientContract, SavedObjectsFindResponse } from '@kbn/core/server'; import { createPackagePolicyMock } from '@kbn/fleet-plugin/common/mocks'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../common/constants'; +import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../../common/constants'; import { onPackagePolicyPostCreateCallback } from './fleet_integration'; describe('create CSP rules with post package create callback', () => { @@ -40,7 +40,7 @@ describe('create CSP rules with post package create callback', () => { }); it('should create stateful rules based on rule template', async () => { const mockPackagePolicy = createPackagePolicyMock(); - mockPackagePolicy.package!.name = CIS_KUBERNETES_PACKAGE_NAME; + mockPackagePolicy.package!.name = CLOUD_SECURITY_POSTURE_PACKAGE_NAME; mockSoClient.find.mockResolvedValueOnce({ saved_objects: [ { diff --git a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts index 521252f1558e4..cbf45ab0cc47e 100644 --- a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts +++ b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts @@ -17,7 +17,7 @@ import { cloudSecurityPostureRuleTemplateSavedObjectType, CloudSecurityPostureRuleTemplateSchema, } from '../../common/schemas/csp_rule_template'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../common/constants'; +import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../../common/constants'; import { CspRuleSchema, cspRuleAssetSavedObjectType } from '../../common/schemas/csp_rule'; type ArrayElement<ArrayType extends readonly unknown[]> = ArrayType extends ReadonlyArray< @@ -29,7 +29,7 @@ type ArrayElement<ArrayType extends readonly unknown[]> = ArrayType extends Read const isCspPackagePolicy = <T extends { package?: { name: string } }>( packagePolicy: T ): boolean => { - return packagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME; + return packagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME; }; /** diff --git a/x-pack/plugins/cloud_security_posture/server/plugin.ts b/x-pack/plugins/cloud_security_posture/server/plugin.ts index 99900d4aed0d4..33571857db685 100755 --- a/x-pack/plugins/cloud_security_posture/server/plugin.ts +++ b/x-pack/plugins/cloud_security_posture/server/plugin.ts @@ -31,7 +31,7 @@ import { onPackagePolicyPostCreateCallback, onPackagePolicyDeleteCallback, } from './fleet_integration/fleet_integration'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../common/constants'; +import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../common/constants'; export interface CspAppContext { logger: Logger; @@ -87,7 +87,7 @@ export class CspPlugin context: RequestHandlerContext, request: KibanaRequest ): Promise<PackagePolicy> => { - if (packagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME) { + if (packagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME) { await onPackagePolicyPostCreateCallback( this.logger, packagePolicy, @@ -103,7 +103,7 @@ export class CspPlugin 'postPackagePolicyDelete', async (deletedPackagePolicies: DeepReadonly<DeletePackagePoliciesResponse>) => { for (const deletedPackagePolicy of deletedPackagePolicies) { - if (deletedPackagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME) { + if (deletedPackagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME) { await onPackagePolicyDeleteCallback( this.logger, deletedPackagePolicy, diff --git a/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts b/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts index f0c1dc6e1bf96..3ae4243bd2a63 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts @@ -19,7 +19,7 @@ import type { AgentPolicy, ListResult, } from '@kbn/fleet-plugin/common'; -import { BENCHMARKS_ROUTE_PATH, CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants'; +import { BENCHMARKS_ROUTE_PATH, CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants'; import { BENCHMARK_PACKAGE_POLICY_PREFIX, benchmarksInputSchema, @@ -165,7 +165,7 @@ export const defineGetBenchmarksRoute = (router: CspRouter, cspContext: CspAppCo const packagePolicies = await getPackagePolicies( soClient, packagePolicyService, - CIS_KUBERNETES_PACKAGE_NAME, + CLOUD_SECURITY_PACKAGE_NAME, query ); diff --git a/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts b/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts index eba14cb8215c2..08d8cd3553fe2 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts @@ -6,7 +6,7 @@ */ import { ElasticsearchClient } from '@kbn/core/server'; -import { BENCHMARK_SCORE_INDEX_PATTERN } from '../../../common/constants'; +import { BENCHMARK_SCORE_INDEX_DEFAULT_NS } from '../../../common/constants'; import { Stats } from '../../../common/types'; import { calculatePostureScore } from './get_stats'; @@ -26,7 +26,7 @@ export interface ScoreTrendDoc { } export const getTrendsQuery = () => ({ - index: BENCHMARK_SCORE_INDEX_PATTERN, + index: BENCHMARK_SCORE_INDEX_DEFAULT_NS, size: 5, sort: '@timestamp:desc', }); diff --git a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts index 91bc47a19dad9..da11beee92440 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts @@ -22,7 +22,7 @@ import { CspAppContext } from '../../plugin'; import { CspRulesConfigSchema } from '../../../common/schemas/csp_configuration'; import { CspRuleSchema, cspRuleAssetSavedObjectType } from '../../../common/schemas/csp_rule'; import { UPDATE_RULES_CONFIG_ROUTE_PATH } from '../../../common/constants'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants'; +import { CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants'; import { CspRouter } from '../../types'; export const getPackagePolicy = async ( @@ -36,9 +36,10 @@ export const getPackagePolicy = async ( if (!packagePolicies || !packagePolicies[0].version) { throw new Error(`package policy Id '${packagePolicyId}' is not exist`); } - if (packagePolicies[0].package?.name !== CIS_KUBERNETES_PACKAGE_NAME) { - // TODO: improve this validator to support any future CSP package - throw new Error(`Package Policy Id '${packagePolicyId}' is not CSP package`); + if (packagePolicies[0].package?.name !== CLOUD_SECURITY_PACKAGE_NAME) { + throw new Error( + `Package Policy Id '${packagePolicyId}' is not of type cloud security posture package` + ); } return packagePolicies![0];