Open JordanSh opened 2 weeks ago
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)
moving to blocked for now, no point to start working on data pulling until Investigate options to query findings to combine native and 3rd party data is done
Summary
Currently, our findings page pulls data exclusively from the
latest findings
DataView. With the introduction of third-party (3P) integrations, starting with Wiz, we need to replace our data view query to include a generic index pattern that fetches data from all 3P integrations, specificallylogs-*_latest_misconfigurations_cdr*
.Please refer to the detailed guide in the RFC Combining 3rd party data with native Cloud Security Posture data for comprehensive instructions.
Definition of Done
source
filter parameter and retrieves data based on the passed value (should be support out of the box)Out of Scope
Related Links