From 3a65e8b98496ed66d5775556e6159b0e5665ce26 Mon Sep 17 00:00:00 2001 From: CohenIdo <90558359+CohenIdo@users.noreply.github.com> Date: Wed, 30 Mar 2022 14:00:37 +0300 Subject: [PATCH] [Cloud Security] Update transform indices naming (#128781) --- .../common/constants.ts | 12 ++++--- .../create_transforms_indices.ts | 35 +++++++++++++++---- 2 files changed, 35 insertions(+), 12 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index ca8148bacb623..be4ba273c5408 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -10,13 +10,15 @@ export const FINDINGS_ROUTE_PATH = '/api/csp/findings'; export const BENCHMARKS_ROUTE_PATH = '/api/csp/benchmarks'; export const UPDATE_RULES_CONFIG_ROUTE_PATH = '/api/csp/update_rules_config'; -export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings*'; -export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*'; -export const LATEST_FINDINGS_INDEX_PATTERN = 'cloud_security_posture-findings_latest'; -export const BENCHMARK_SCORE_INDEX_PATTERN = 'cloud_security_posture-benchmark_scores'; - export const CSP_FINDINGS_INDEX_NAME = 'findings'; export const CIS_KUBERNETES_PACKAGE_NAME = 'cis_kubernetes_benchmark'; +export const LATEST_FINDINGS_INDEX_NAME = 'cloud_security_posture.findings_latest'; +export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores'; + +export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*'; +export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings*'; +export const LATEST_FINDINGS_INDEX_PATTERN = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default'; +export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default'; export const RULE_PASSED = `passed`; export const RULE_FAILED = `failed`; diff --git a/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts b/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts index 892cb78145c61..f98122bf28bc7 100644 --- a/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts +++ b/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts @@ -11,7 +11,9 @@ import { benchmarkScoreMapping } from './benchmark_score_mapping'; import { latestFindingsMapping } from './latest_findings_mapping'; import { LATEST_FINDINGS_INDEX_PATTERN, + LATEST_FINDINGS_INDEX_NAME, BENCHMARK_SCORE_INDEX_PATTERN, + BENCHMARK_SCORE_INDEX_NAME, } from '../../common/constants'; // TODO: Add integration tests @@ -19,25 +21,44 @@ export const initializeCspTransformsIndices = async ( esClient: ElasticsearchClient, logger: Logger ) => { - createIndexIfNotExists(esClient, LATEST_FINDINGS_INDEX_PATTERN, latestFindingsMapping, logger); - createIndexIfNotExists(esClient, BENCHMARK_SCORE_INDEX_PATTERN, benchmarkScoreMapping, logger); + createIndexIfNotExists( + esClient, + LATEST_FINDINGS_INDEX_NAME, + LATEST_FINDINGS_INDEX_PATTERN, + latestFindingsMapping, + logger + ); + createIndexIfNotExists( + esClient, + BENCHMARK_SCORE_INDEX_NAME, + BENCHMARK_SCORE_INDEX_PATTERN, + benchmarkScoreMapping, + logger + ); }; export const createIndexIfNotExists = async ( esClient: ElasticsearchClient, - index: string, - mapping: MappingTypeMapping, + indexName: string, + indexPattern: string, + mappings: MappingTypeMapping, logger: Logger ) => { try { const isLatestIndexExists = await esClient.indices.exists({ - index, + index: indexPattern, }); if (!isLatestIndexExists) { + await esClient.indices.putIndexTemplate({ + name: indexName, + index_patterns: indexPattern, + template: { mappings }, + priority: 500, + }); await esClient.indices.create({ - index, - mappings: mapping, + index: indexPattern, + mappings, }); } } catch (err) {