Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Cloud Posture] Update latest findings index mapping #131504

Merged
merged 16 commits into from
May 18, 2022
Merged

[Cloud Posture] Update latest findings index mapping #131504

merged 16 commits into from
May 18, 2022

Conversation

uri-weisman
Copy link
Contributor

@uri-weisman uri-weisman commented May 4, 2022
edited
Loading

Summary

Due to a change in the cloudbeat events shifted to ES, index mapping should be updated.

Checklist

Delete any items that are not applicable to this PR.

Risk Matrix

Delete this section if it is not applicable to this PR.

Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release.

When forming the risk matrix, consider some of the following examples and how they may potentially impact the change:

Risk Probability Severity Mitigation/Notes
Multiple Spaces—unexpected behavior in non-default Kibana Space. Low High Integration tests will verify that all features are still supported in non-default Kibana Space and when user switches between spaces.
Multiple nodes—Elasticsearch polling might have race conditions when multiple Kibana nodes are polling for the same tasks. High Low Tasks are idempotent, so executing them multiple times will not result in logical error, but will degrade performance. To test for this case we add plenty of unit tests around this logic and document manual testing procedure.
Code should gracefully handle cases when feature X or plugin Y are disabled. Medium High Unit tests will verify that any feature flag or plugin combination still results in our service operational.
See more potential risk examples

For maintainers

@uri-weisman uri-weisman changed the title update latest findings mapping [CSP] Update latest findings index mapping May 4, 2022
@uri-weisman uri-weisman marked this pull request as ready for review May 8, 2022 06:45
@uri-weisman uri-weisman requested a review from a team as a code owner May 8, 2022 06:45
@uri-weisman
Copy link
Contributor Author

related: elastic/cloudbeat#69

kfirpeled
kfirpeled reviewed May 8, 2022
View reviewed changes
x-pack/plugins/cloud_security_posture/server/create_indices/latest_findings_mapping.ts Outdated
@@ -49,7 +48,25 @@ export const latestFindingsMapping: MappingTypeMapping = {
},
resource: {
properties: {
filename: {
type: {
type: 'text',
Copy link
Contributor

@kfirpeled kfirpeled May 8, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey, just a thought. If we are introducing new fields worth discussing if it is a good point to shift to ECS convention for text fields https://www.elastic.co/guide/en/ecs/8.2/ecs-conventions.html#_ecs_convention_for_indexing_text_fields

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good, I'll update the mapping according to the ECS convention.

@orouz
Copy link
Contributor

orouz commented May 10, 2022

maybe update CspFinding in x-pack/plugins/cloud_security_posture/public/pages/findings/types.ts too?

@uri-weisman
Copy link
Contributor Author

@elasticmachine merge upstream

@uri-weisman
Copy link
Contributor Author

@elasticmachine merge upstream

@uri-weisman uri-weisman requested a review from kfirpeled May 15, 2022 11:50
@kfirpeled kfirpeled added the Team:Cloud Security Cloud Security team related label May 15, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security Posture)

@kfirpeled kfirpeled changed the title [CSP] Update latest findings index mapping [Cloud Posture] Update latest findings index mapping May 15, 2022
kfirpeled
kfirpeled requested changes May 15, 2022
View reviewed changes
Copy link
Contributor

@kfirpeled kfirpeled left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this requires updating our queries, otherwise it will break our UI

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@uri-weisman uri-weisman requested a review from kfirpeled May 18, 2022 06:47
@uri-weisman uri-weisman merged commit 59c55a4 into elastic:main May 18, 2022
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label May 18, 2022
@uri-weisman uri-weisman deleted the update_findings_mapping branch May 18, 2022 09:18
@ari-aviran ari-aviran mentioned this pull request May 19, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eyalkraft eyalkraft eyalkraft approved these changes

@kfirpeled kfirpeled kfirpeled approved these changes

Assignees
No one assigned
Labels
8.3 candidate backport:skip This commit does not require backporting release_note:fix Team:Cloud Security Cloud Security team related v8.3.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@uri-weisman @orouz @elasticmachine @kibana-ci @kfirpeled @eyalkraft @kibanamachine