[Osquery] Add tagging support for osquery assets (#143417)

2025-04-23 09:19:04 -04:00 · 2022-10-20 14:18:43 +02:00 · 2022-10-20 14:18:43 +02:00 · 323244ef2b
commit 323244ef2b
parent c3db6614f6
8 changed files with 69 additions and 9 deletions
--- a/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
+++ b/x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
@ -51,7 +51,7 @@ export type ArchiveAsset = Pick<

 // KibanaSavedObjectTypes are used to ensure saved objects being created for a given
 // KibanaAssetType have the correct type
-const KibanaSavedObjectTypeMapping: Record<KibanaAssetType, KibanaSavedObjectType> = {
+export const KibanaSavedObjectTypeMapping: Record<KibanaAssetType, KibanaSavedObjectType> = {
  [KibanaAssetType.dashboard]: KibanaSavedObjectType.dashboard,
  [KibanaAssetType.indexPattern]: KibanaSavedObjectType.indexPattern,
  [KibanaAssetType.map]: KibanaSavedObjectType.map,
--- a/x-pack/plugins/fleet/server/services/epm/kibana/assets/tag_assets.test.ts
+++ b/x-pack/plugins/fleet/server/services/epm/kibana/assets/tag_assets.test.ts
@ -94,6 +94,8 @@ describe('tagKibanaAssets', () => {
      search: [{ id: 's1', type: 'search' }],
      config: [{ id: 'c1', type: 'config' }],
      visualization: [{ id: 'v1', type: 'visualization' }],
+      osquery_pack_asset: [{ id: 'osquery-pack-asset1', type: 'osquery-pack-asset' }],
+      osquery_saved_query: [{ id: 'osquery_saved_query1', type: 'osquery_saved_query' }],
    } as any;

    await tagKibanaAssets({
@ -106,7 +108,13 @@ describe('tagKibanaAssets', () => {

    expect(savedObjectTagAssignmentService.updateTagAssignments).toHaveBeenCalledWith({
      tags: ['managed', 'system'],
-      assign: [...kibanaAssets.dashboard, ...kibanaAssets.search, ...kibanaAssets.visualization],
+      assign: [
+        ...kibanaAssets.dashboard,
+        ...kibanaAssets.search,
+        ...kibanaAssets.visualization,
+        ...kibanaAssets.osquery_pack_asset,
+        ...kibanaAssets.osquery_saved_query,
+      ],
      unassign: [],
      refresh: false,
    });
--- a/x-pack/plugins/fleet/server/services/epm/kibana/assets/tag_assets.ts
+++ b/x-pack/plugins/fleet/server/services/epm/kibana/assets/tag_assets.ts
@ -11,6 +11,7 @@ import type { IAssignmentService, ITagsClient } from '@kbn/saved-objects-tagging
 import type { KibanaAssetType } from '../../../../../common';

 import type { ArchiveAsset } from './install';
+import { KibanaSavedObjectTypeMapping } from './install';

 const TAG_COLOR = '#FFFFFF';
 const MANAGED_TAG_NAME = 'Managed';
@ -30,7 +31,7 @@ export async function tagKibanaAssets({
  pkgName: string;
 }) {
  const taggableAssets = Object.entries(kibanaAssets).flatMap(([assetType, assets]) => {
-    if (!taggableTypes.includes(assetType as KibanaAssetType)) {
+    if (!taggableTypes.includes(KibanaSavedObjectTypeMapping[assetType as KibanaAssetType])) {
      return [];
    }

--- a/x-pack/plugins/osquery/server/utils/register_features.ts
+++ b/x-pack/plugins/osquery/server/utils/register_features.ts
@ -115,7 +115,7 @@ export const registerFeatures = (features: SetupPlugins['features']) => {
                name: 'All',
                savedObject: {
                  all: [savedQuerySavedObjectType],
-                  read: [],
+                  read: ['tag'],
                },
                ui: ['writeSavedQueries', 'readSavedQueries'],
              },
@ -126,7 +126,7 @@ export const registerFeatures = (features: SetupPlugins['features']) => {
                name: 'Read',
                savedObject: {
                  all: [],
-                  read: [savedQuerySavedObjectType],
+                  read: [savedQuerySavedObjectType, 'tag'],
                },
                ui: ['readSavedQueries'],
              },
@ -149,7 +149,7 @@ export const registerFeatures = (features: SetupPlugins['features']) => {
                name: 'All',
                savedObject: {
                  all: [packSavedObjectType, packAssetSavedObjectType],
-                  read: [],
+                  read: ['tag'],
                },
                ui: ['writePacks', 'readPacks'],
              },
@ -160,7 +160,7 @@ export const registerFeatures = (features: SetupPlugins['features']) => {
                name: 'Read',
                savedObject: {
                  all: [],
-                  read: [packSavedObjectType],
+                  read: [packSavedObjectType, 'tag'],
                },
                ui: ['readPacks'],
              },
--- a/x-pack/plugins/saved_objects_tagging/common/constants.ts
+++ b/x-pack/plugins/saved_objects_tagging/common/constants.ts
@ -20,4 +20,13 @@ export const tagManagementSectionId = 'tags';
 /**
 * The list of saved object types that are currently supporting tagging.
 */
-export const taggableTypes = ['dashboard', 'visualization', 'map', 'lens', 'search'];
+export const taggableTypes = [
+  'dashboard',
+  'visualization',
+  'map',
+  'lens',
+  'search',
+  'osquery-pack',
+  'osquery-pack-asset',
+  'osquery-saved-query',
+];
--- a/x-pack/plugins/saved_objects_tagging/server/usage/schema.ts
+++ b/x-pack/plugins/saved_objects_tagging/server/usage/schema.ts
@ -23,5 +23,8 @@ export const tagUsageCollectorSchema: MakeSchemaFrom<TaggingUsageData> = {
    visualization: perTypeSchema,
    map: perTypeSchema,
    search: perTypeSchema,
+    'osquery-pack': perTypeSchema,
+    'osquery-pack-asset': perTypeSchema,
+    'osquery-saved-query': perTypeSchema,
  },
 };
--- a/x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json
+++ b/x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json
@ -9355,6 +9355,36 @@
                  "type": "integer"
                }
              }
+            },
+            "osquery-pack": {
+              "properties": {
+                "usedTags": {
+                  "type": "integer"
+                },
+                "taggedObjects": {
+                  "type": "integer"
+                }
+              }
+            },
+            "osquery-pack-asset": {
+              "properties": {
+                "usedTags": {
+                  "type": "integer"
+                },
+                "taggedObjects": {
+                  "type": "integer"
+                }
+              }
+            },
+            "osquery-saved-query": {
+              "properties": {
+                "usedTags": {
+                  "type": "integer"
+                },
+                "taggedObjects": {
+                  "type": "integer"
+                }
+              }
            }
          }
        }
--- a/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/_get_assignable_types.ts
+++ b/x-pack/test/saved_object_tagging/api_integration/security_and_spaces/apis/_get_assignable_types.ts
@ -32,7 +32,16 @@ export default function (ftrContext: FtrProviderContext) {
    });

    const assignablePerUser = {
-      [USERS.SUPERUSER.username]: ['dashboard', 'visualization', 'map', 'lens', 'search'],
+      [USERS.SUPERUSER.username]: [
+        'dashboard',
+        'visualization',
+        'map',
+        'lens',
+        'search',
+        'osquery-pack',
+        'osquery-pack-asset',
+        'osquery-saved-query',
+      ],
      [USERS.DEFAULT_SPACE_SO_TAGGING_READ_USER.username]: [],
      [USERS.DEFAULT_SPACE_READ_USER.username]: [],
      [USERS.DEFAULT_SPACE_ADVANCED_SETTINGS_READ_USER.username]: [],