Add cdr label to all cloud security integrations #9213
Conversation
CohenIdo
changed the title
| @@ -726,6 +728,8 @@ policy_templates: | |||
| description: Collect Amazon GuardDuty logs with Elastic Agent. | |||
| data_streams: | |||
| - guardduty | |||
| categories: | |||
| - cloudsecurity_cdr | |||
There was a problem hiding this comment.
Do you know if security category is missing here? I do see it in the demo but it would mean it will be missing from the Security filter. which I'm not sure it makes sense
| @@ -67,6 +67,7 @@ policy_templates: | |||
| - containers | |||
| - kubernetes | |||
| - security | |||
| - cloudsecurity_cdr | |||
There was a problem hiding this comment.
nit: you can add the tag to the root categories section (line 12)
| @@ -93,6 +94,7 @@ policy_templates: | |||
| multiple: true | |||
| categories: | |||
| - security | |||
| - cloudsecurity_cdr | |||
There was a problem hiding this comment.
nit: you can add the tag to the root categories section (line 12)
same goes with security - it shouldn't be repeated
There was a problem hiding this comment.
and if you are there, can you please fix the root categories?
categories:
- aws
- kubernetes
- security
it should be only security and cloudsecurity_cdr
aws and kubernetes categories should be only in the relevant supported integrations
🚀 Benchmarks reportPackage
|
| Data stream | Previous EPS | New EPS | Diff (%) | Result |
|---|---|---|---|---|
asset |
1012.15 | 834.72 | -177.43 (-17.53%) | 💔 |
audit |
1890.36 | 1420.45 | -469.91 (-24.86%) | 💔 |
Package prisma_cloud 👍(2) 💚(0) 💔(3)
Expand to view
| Data stream | Previous EPS | New EPS | Diff (%) | Result |
|---|---|---|---|---|
alert |
1579.78 | 1340.48 | -239.3 (-15.15%) | 💔 |
audit |
4926.11 | 3597.12 | -1328.99 (-26.98%) | 💔 |
host_profile |
1231.53 | 1031.99 | -199.54 (-16.2%) | 💔 |
Package snyk 👍(1) 💚(0) 💔(1)
Expand to view
| Data stream | Previous EPS | New EPS | Diff (%) | Result |
|---|---|---|---|---|
vulnerabilities |
2724.8 | 1798.56 | -926.24 (-33.99%) | 💔 |
Package wiz 👍(1) 💚(1) 💔(1)
Expand to view
| Data stream | Previous EPS | New EPS | Diff (%) | Result |
|---|---|---|---|---|
vulnerability |
1964.64 | 1364.26 | -600.38 (-30.56%) | 💔 |
To see the full report comment with /test benchmark fullreport
💚 Build Succeeded
History
|
|
|
Package aws - 2.12.1 containing this change is available at https://epr.elastic.co/search?package=aws |
|
Package cloud_security_posture - 1.8.0-preview08 containing this change is available at https://epr.elastic.co/search?package=cloud_security_posture |
|
Package google_scc - 1.1.1 containing this change is available at https://epr.elastic.co/search?package=google_scc |
|
Package microsoft_defender_cloud - 1.1.1 containing this change is available at https://epr.elastic.co/search?package=microsoft_defender_cloud |
|
Package prisma_cloud - 1.1.1 containing this change is available at https://epr.elastic.co/search?package=prisma_cloud |
|
Package snyk - 1.20.1 containing this change is available at https://epr.elastic.co/search?package=snyk |
|
Package wiz - 1.1.1 containing this change is available at https://epr.elastic.co/search?package=wiz |
|
Package cloud_security_posture - 1.8.0 containing this change is available at https://epr.elastic.co/search?package=cloud_security_posture |
andrewkroh
added
Integration:aws
andrewkroh
added
Integration:microsoft_defender_cloud
Summary
Adding a new subcategory label,
cloudsecurity_cdrto all cloud security-related integrations.solves:
Demo
Screen.Recording.2024-02-21.at.14.33.02.mov