[Cloud Security] Update transform indices naming (#128781)

elastic · Mar 30, 2022 · 3a65e8b · 3a65e8b
1 parent 84bd77c
commit 3a65e8b
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 12 deletions.
diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts
@@ -10,13 +10,15 @@ export const FINDINGS_ROUTE_PATH = '/api/csp/findings';
 export const BENCHMARKS_ROUTE_PATH = '/api/csp/benchmarks';
 export const UPDATE_RULES_CONFIG_ROUTE_PATH = '/api/csp/update_rules_config';
 
-export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings*';
-export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*';
-export const LATEST_FINDINGS_INDEX_PATTERN = 'cloud_security_posture-findings_latest';
-export const BENCHMARK_SCORE_INDEX_PATTERN = 'cloud_security_posture-benchmark_scores';
-
 export const CSP_FINDINGS_INDEX_NAME = 'findings';
 export const CIS_KUBERNETES_PACKAGE_NAME = 'cis_kubernetes_benchmark';
+export const LATEST_FINDINGS_INDEX_NAME = 'cloud_security_posture.findings_latest';
+export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores';
+
+export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*';
+export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings*';
+export const LATEST_FINDINGS_INDEX_PATTERN = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default';
+export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default';
 
 export const RULE_PASSED = `passed`;
 export const RULE_FAILED = `failed`;

diff --git a/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts b/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts
@@ -11,33 +11,54 @@ import { benchmarkScoreMapping } from './benchmark_score_mapping';
 import { latestFindingsMapping } from './latest_findings_mapping';
 import {
   LATEST_FINDINGS_INDEX_PATTERN,
+  LATEST_FINDINGS_INDEX_NAME,
   BENCHMARK_SCORE_INDEX_PATTERN,
+  BENCHMARK_SCORE_INDEX_NAME,
 } from '../../common/constants';
 
 // TODO: Add integration tests
 export const initializeCspTransformsIndices = async (
   esClient: ElasticsearchClient,
   logger: Logger
 ) => {
-  createIndexIfNotExists(esClient, LATEST_FINDINGS_INDEX_PATTERN, latestFindingsMapping, logger);
-  createIndexIfNotExists(esClient, BENCHMARK_SCORE_INDEX_PATTERN, benchmarkScoreMapping, logger);
+  createIndexIfNotExists(
+    esClient,
+    LATEST_FINDINGS_INDEX_NAME,
+    LATEST_FINDINGS_INDEX_PATTERN,
+    latestFindingsMapping,
+    logger
+  );
+  createIndexIfNotExists(
+    esClient,
+    BENCHMARK_SCORE_INDEX_NAME,
+    BENCHMARK_SCORE_INDEX_PATTERN,
+    benchmarkScoreMapping,
+    logger
+  );
 };
 
 export const createIndexIfNotExists = async (
   esClient: ElasticsearchClient,
-  index: string,
-  mapping: MappingTypeMapping,
+  indexName: string,
+  indexPattern: string,
+  mappings: MappingTypeMapping,
   logger: Logger
 ) => {
   try {
     const isLatestIndexExists = await esClient.indices.exists({
-      index,
+      index: indexPattern,
     });
 
     if (!isLatestIndexExists) {
+      await esClient.indices.putIndexTemplate({
+        name: indexName,
+        index_patterns: indexPattern,
+        template: { mappings },
+        priority: 500,
+      });
       await esClient.indices.create({
-        index,
-        mappings: mapping,
+        index: indexPattern,
+        mappings,
       });
     }
   } catch (err) {