github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Cloud Security] Populate Missing Vulnerability Scores in Vulnerabilities Flyout

Browse source
This commit is contained in:
Ido Cohen 2024-09-22 17:31:13 +03:00 committed by GitHub
parent 87cdc2db72
commit 2a428b4e06
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 419 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

128
oas_docs/output/kibana.serverless.staging.yaml
View file

@ -5404,7 +5404,7 @@ paths:
- APM annotations
/api/asset_criticality:
delete:
description: Delete the asset criticality record for a specific asset if it exists.
description: Delete the asset criticality record for a specific entity.
operationId: DeleteAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -5450,11 +5450,11 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Delete Criticality Record
summary: Delete an asset criticality record
tags:
- Security Solution Entity Analytics API
get:
description: Get the criticality record for a specific asset.
description: Get the asset criticality record for a specific entity.
operationId: GetAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -5483,11 +5483,17 @@ paths:
description: Invalid request
'404':
description: Criticality record not found
summary: Get Criticality Record
summary: Get an asset criticality record
tags:
- Security Solution Entity Analytics API
post:
description: Create or update a criticality record for a specific asset.
description: >
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is
overwritten with the specified value. If a record doesn't exist for the
specified entity, a new record is created.
operationId: CreateAssetCriticalityRecord
requestBody:
content:
@ -5516,14 +5522,19 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Upsert Criticality Record
summary: Upsert an asset criticality record
tags:
- Security Solution Entity Analytics API
/api/asset_criticality/bulk:
post:
description: >-
Bulk upsert up to 1000 asset criticality records, creating or updating
them as needed.
description: >
Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities,
those records are overwritten with the specified values. If asset
criticality records don't exist for the specified entities, new records
are created.
operationId: BulkUpsertAssetCriticalityRecords
requestBody:
content:
@ -5577,7 +5588,7 @@ paths:
description: Bulk upload successful
'413':
description: File too large
summary: Bulk Upsert Asset Criticality Records
summary: Bulk upsert asset criticality records
tags:
- Security Solution Entity Analytics API
/api/asset_criticality/list:
@ -5654,7 +5665,7 @@ paths:
- per_page
- total
description: Bulk upload successful
summary: List Asset Criticality Records
summary: List asset criticality records
tags:
- Security Solution Entity Analytics API
/api/data_views:
@ -15598,6 +15609,10 @@ paths:
- access:securitySolution
/api/risk_score/engine/schedule_now:
post:
description: >-
Schedule the risk scoring engine to run as soon as possible. You can use
this to recalculate entity risk scores after updating their asset
criticality.
operationId: ScheduleRiskEngineNow
requestBody:
content:
@ -15624,7 +15639,7 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse
description: Unexpected error
summary: Schedule the risk engine to run as soon as possible
summary: Run the risk scoring engine
tags:
- Security Solution Entity Analytics API
/api/saved_objects/_export:
@ -19968,6 +19983,25 @@ components:
collection will be disabled
nullable: true
type: boolean
monitoring_diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
monitoring_enabled:
items:
enum:
@ -19975,9 +20009,22 @@ components:
- logs
type: string
type: array
monitoring_http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
monitoring_output_id:
nullable: true
type: string
monitoring_pprof_enabled:
type: boolean
name:
type: string
namespace:
@ -20449,6 +20496,63 @@ components:
type: string
inputs:
type: string
monitoring:
type: object
properties:
diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
enabled:
type: boolean
http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
logs:
type: boolean
metrics:
type: boolean
namespace:
type: string
pprof:
type: object
properties:
enabled:
type: boolean
required:
- enabled
traces:
type: boolean
use_output:
type: string
required:
- enabled
- metrics
- logs
- traces
output_permissions:
additionalProperties:
type: object

89
oas_docs/output/kibana.serverless.yaml
View file

@ -12634,6 +12634,25 @@ components:
collection will be disabled
nullable: true
type: boolean
monitoring_diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
monitoring_enabled:
items:
enum:
@ -12641,9 +12660,22 @@ components:
- logs
type: string
type: array
monitoring_http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
monitoring_output_id:
nullable: true
type: string
monitoring_pprof_enabled:
type: boolean
name:
type: string
namespace:
@ -13115,6 +13147,63 @@ components:
type: string
inputs:
type: string
monitoring:
type: object
properties:
diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
enabled:
type: boolean
http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
logs:
type: boolean
metrics:
type: boolean
namespace:
type: string
pprof:
type: object
properties:
enabled:
type: boolean
required:
- enabled
traces:
type: boolean
use_output:
type: string
required:
- enabled
- metrics
- logs
- traces
output_permissions:
additionalProperties:
type: object

128
oas_docs/output/kibana.staging.yaml
View file

@ -6580,7 +6580,7 @@ paths:
- APM annotations
/api/asset_criticality:
delete:
description: Delete the asset criticality record for a specific asset if it exists.
description: Delete the asset criticality record for a specific entity.
operationId: DeleteAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -6626,11 +6626,11 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Delete Criticality Record
summary: Delete an asset criticality record
tags:
- Security Solution Entity Analytics API
get:
description: Get the criticality record for a specific asset.
description: Get the asset criticality record for a specific entity.
operationId: GetAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -6659,11 +6659,17 @@ paths:
description: Invalid request
'404':
description: Criticality record not found
summary: Get Criticality Record
summary: Get an asset criticality record
tags:
- Security Solution Entity Analytics API
post:
description: Create or update a criticality record for a specific asset.
description: >
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is
overwritten with the specified value. If a record doesn't exist for the
specified entity, a new record is created.
operationId: CreateAssetCriticalityRecord
requestBody:
content:
@ -6692,14 +6698,19 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Upsert Criticality Record
summary: Upsert an asset criticality record
tags:
- Security Solution Entity Analytics API
/api/asset_criticality/bulk:
post:
description: >-
Bulk upsert up to 1000 asset criticality records, creating or updating
them as needed.
description: >
Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities,
those records are overwritten with the specified values. If asset
criticality records don't exist for the specified entities, new records
are created.
operationId: BulkUpsertAssetCriticalityRecords
requestBody:
content:
@ -6753,7 +6764,7 @@ paths:
description: Bulk upload successful
'413':
description: File too large
summary: Bulk Upsert Asset Criticality Records
summary: Bulk upsert asset criticality records
tags:
- Security Solution Entity Analytics API
/api/asset_criticality/list:
@ -6830,7 +6841,7 @@ paths:
- per_page
- total
description: Bulk upload successful
summary: List Asset Criticality Records
summary: List asset criticality records
tags:
- Security Solution Entity Analytics API
/api/cases:
@ -19047,6 +19058,10 @@ paths:
- access:securitySolution
/api/risk_score/engine/schedule_now:
post:
description: >-
Schedule the risk scoring engine to run as soon as possible. You can use
this to recalculate entity risk scores after updating their asset
criticality.
operationId: ScheduleRiskEngineNow
requestBody:
content:
@ -19073,7 +19088,7 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse
description: Unexpected error
summary: Schedule the risk engine to run as soon as possible
summary: Run the risk scoring engine
tags:
- Security Solution Entity Analytics API
/api/saved_objects/_bulk_create:
@ -27763,6 +27778,25 @@ components:
collection will be disabled
nullable: true
type: boolean
monitoring_diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
monitoring_enabled:
items:
enum:
@ -27770,9 +27804,22 @@ components:
- logs
type: string
type: array
monitoring_http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
monitoring_output_id:
nullable: true
type: string
monitoring_pprof_enabled:
type: boolean
name:
type: string
namespace:
@ -28244,6 +28291,63 @@ components:
type: string
inputs:
type: string
monitoring:
type: object
properties:
diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
enabled:
type: boolean
http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
logs:
type: boolean
metrics:
type: boolean
namespace:
type: string
pprof:
type: object
properties:
enabled:
type: boolean
required:
- enabled
traces:
type: boolean
use_output:
type: string
required:
- enabled
- metrics
- logs
- traces
output_permissions:
additionalProperties:
type: object

89
oas_docs/output/kibana.yaml
View file

@ -19593,6 +19593,25 @@ components:
collection will be disabled
nullable: true
type: boolean
monitoring_diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
monitoring_enabled:
items:
enum:
@ -19600,9 +19619,22 @@ components:
- logs
type: string
type: array
monitoring_http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
monitoring_output_id:
nullable: true
type: string
monitoring_pprof_enabled:
type: boolean
name:
type: string
namespace:
@ -20074,6 +20106,63 @@ components:
type: string
inputs:
type: string
monitoring:
type: object
properties:
diagnostics:
type: object
properties:
limit:
type: object
properties:
burst:
type: number
interval:
type: string
uploader:
type: object
properties:
init_dur:
type: string
max_dur:
type: string
max_retries:
type: number
enabled:
type: boolean
http:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: number
required:
- enabled
logs:
type: boolean
metrics:
type: boolean
namespace:
type: string
pprof:
type: object
properties:
enabled:
type: boolean
required:
- enabled
traces:
type: boolean
use_output:
type: string
required:
- enabled
- metrics
- logs
- traces
output_permissions:
additionalProperties:
type: object

1
x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/test_subjects.ts
View file

@ -11,6 +11,7 @@ export const JSON_TAB_VULNERABILITY_FLYOUT = 'vulnerability_json_tab_flyout';
export const OVERVIEW_TAB_VULNERABILITY_FLYOUT = 'vulnerability_overview_tab_flyout';
export const DATA_SOURCE_VULNERABILITY_FLYOUT = 'vulnerability_flyout_data_source_display_box';
export const PUBLISHED_DATE_VULNERABILITY_FLYOUT = 'vulnerability_flyout_date_display_box';
export const VULNERABILITY_SCORES_FLYOUT = 'vulnerability_flyout_score';
export const TAB_ID_VULNERABILITY_FLYOUT = (tabId: string) =>
`vulnerability-finding-flyout-tab-${tabId}`;

3
x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx
View file

@ -17,6 +17,7 @@ import {
DATA_SOURCE_VULNERABILITY_FLYOUT,
FINDINGS_VULNERABILITY_FLYOUT_DESCRIPTION_LIST,
PUBLISHED_DATE_VULNERABILITY_FLYOUT,
VULNERABILITY_SCORES_FLYOUT,
} from '../test_subjects';
import { EMPTY_VALUE } from '../../configurations/findings_flyout/findings_flyout';
@ -93,8 +94,10 @@ describe('<VulnerabilityFindingFlyout/>', () => {
);
const dataSource = getByTestId(DATA_SOURCE_VULNERABILITY_FLYOUT);
const publisedDate = getByTestId(PUBLISHED_DATE_VULNERABILITY_FLYOUT);
const vulnerabilityScores = getByTestId(VULNERABILITY_SCORES_FLYOUT);
expect(dataSource.textContent).toEqual(`Data Source${EMPTY_VALUE}`);
expect(publisedDate.textContent).toEqual(`Published Date${EMPTY_VALUE}`);
expect(vulnerabilityScores.textContent).toEqual(`Vulnerability Scores${EMPTY_VALUE}`);
});
it('show empty state for no fixes', () => {

9
x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx
View file

@ -33,6 +33,7 @@ import {
DATA_SOURCE_VULNERABILITY_FLYOUT,
OVERVIEW_TAB_VULNERABILITY_FLYOUT,
PUBLISHED_DATE_VULNERABILITY_FLYOUT,
VULNERABILITY_SCORES_FLYOUT,
} from '../test_subjects';
import redhatLogo from '../../../assets/icons/redhat_logo.svg';
import { VulnerabilityDetectionRuleCounter } from './vulnerability_detection_rule_counter';
@ -309,8 +310,8 @@ export const VulnerabilityOverviewTab = ({ vulnerabilityRecord }: VulnerabilityT
<EuiHorizontalRule css={horizontalStyle} />
{cvssScores?.length > 0 && (
<EuiFlexItem>
{
<EuiFlexItem data-test-subj={VULNERABILITY_SCORES_FLYOUT}>
<h4 css={flyoutSubheadingStyle}>
<FormattedMessage
id="xpack.csp.vulnerabilities.vulnerabilityOverviewTab.vulnerabilityScores"
@ -324,10 +325,10 @@ export const VulnerabilityOverviewTab = ({ vulnerabilityRecord }: VulnerabilityT
margin-top: ${euiThemeVars.euiSizeS};
`}
>
{cvssScores}
{!!cvssScores?.length ? cvssScores : EMPTY_VALUE}
</EuiFlexGroup>
</EuiFlexItem>
)}
}
</EuiFlexGroup>
);
};