Open JordanSh opened 2 weeks ago
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)
moving to blocked for now, no point to start working on data pulling until Investigate options to query findings to combine native and 3rd party data is done
Summary
Currently, our dashboard page pulls data exclusively from the
latest findings
index. With the introduction of third-party (3P) integrations, starting with Wiz, we need to enhance our data query capabilities to include a generic index pattern that fetches data from all 3P integrations, specificallylogs-*_latest_misconfigurations_cdr*
.Please refer to the detailed guide in the RFC Combining 3rd party data with native Cloud Security Posture data for comprehensive instructions.
Additionally, the dashboard retrieves data from the
scores
index to create trend lines. We need to modify this index to incorporate data from 3P latest findings indices as well.Lastly, all modifications should support a filter parameter passed from the API. This parameter should allow us to selectively fetch data from all latest findings indices (when no filter is passed) or from a specific one based on the passed value.
Definition of Done
Related Links