github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Cloud Security] [Alerts] Fix Misconfigurations Flyout navigation to detection rule (#164654)

Browse source
This commit is contained in:
Paulo Henrique 2023-08-25 13:45:08 -07:00 committed by GitHub
parent 16f7189bb1
commit edca162329
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
x-pack/plugins/cloud_security_posture/public/pages/configurations/findings_flyout/findings_detection_rule_counter.tsx
View file

@ -9,13 +9,19 @@ import type { HttpSetup } from '@kbn/core/public';
import React from 'react';
import { CspFinding } from '../../../../common/schemas/csp_finding';
import { DetectionRuleCounter } from '../../../components/detection_rule_counter';
import { createDetectionRuleFromFinding } from '../utils/create_detection_rule_from_finding';
import {
createDetectionRuleFromFinding,
getFindingsDetectionRuleSearchTags,
} from '../utils/create_detection_rule_from_finding';
export const FindingsDetectionRuleCounter = ({ finding }: { finding: CspFinding }) => {
const createMisconfigurationRuleFn = async (http: HttpSetup) =>
await createDetectionRuleFromFinding(http, finding);
return (
<DetectionRuleCounter tags={finding.rule.tags} createRuleFn={createMisconfigurationRuleFn} />
<DetectionRuleCounter
tags={getFindingsDetectionRuleSearchTags(finding)}
createRuleFn={createMisconfigurationRuleFn}
/>
);
};

16
x-pack/plugins/cloud_security_posture/public/pages/configurations/utils/create_detection_rule_from_finding.ts
View file

@ -50,9 +50,23 @@ const CSP_RULE_TAG_DATA_SOURCE_PREFIX = 'Data Source: ';
const STATIC_RULE_TAGS = [CSP_RULE_TAG, CSP_RULE_TAG_USE_CASE];
/*
* Returns an array of CspFinding tags that can be used to search and filter a detection rule
*/
export const getFindingsDetectionRuleSearchTags = ({ rule }: CspFinding) => {
// ex: cis_gcp to ['CIS', 'GCP']
const benchmarkIdTags = rule.benchmark.id.split('_').map((tag) => tag.toUpperCase());
// ex: 'CIS GCP 1.1'
const benchmarkRuleNumberTag = `${rule.benchmark.id.replace('_', ' ').toUpperCase()} ${
rule.benchmark.rule_number
}`;
return benchmarkIdTags.concat([benchmarkRuleNumberTag]);
};
const generateFindingsTags = (finding: CspFinding) => {
return [STATIC_RULE_TAGS]
.concat(finding.rule.tags)
.concat(getFindingsDetectionRuleSearchTags(finding))
.concat(
finding.rule.benchmark.posture_type
? [