mirror of https://github.com/elastic/kibana.git synced 2025-04-21 16:29:04 -04:00

History

Kibana Machine 026a8e43c8 [8.x] [licensing] Remove unnecessary refresh calls (#194499 ) (#194855 ) # Backport This will backport the following commits from `main` to `8.x`: - [[licensing] Remove unnecessary refresh calls (#194499)](https://github.com/elastic/kibana/pull/194499) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2024-10-03T15:42:39Z","message":"[licensing] Remove unnecessary refresh calls (#194499)","sha":"f3f53e054237087aab8590084cb7c8c10972427c","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","Team:Presentation","release_note:skip","v9.0.0","Team:Cloud Security","backport:prev-minor"],"title":"[licensing] Remove unnecessary refresh calls","number":194499,"url":"https://github.com/elastic/kibana/pull/194499","mergeCommit":{"message":"[licensing] Remove unnecessary refresh calls (#194499)","sha":"f3f53e054237087aab8590084cb7c8c10972427c"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194499","number":194499,"mergeCommit":{"message":"[licensing] Remove unnecessary refresh calls (#194499)","sha":"f3f53e054237087aab8590084cb7c8c10972427c"}}]}] BACKPORT--> Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co>		2024-10-03 12:30:09 -05:00
..
common	Changing load/dump in source files (#190641 )	2024-08-21 07:29:36 -04:00
public	[8.x] [licensing] Remove unnecessary refresh calls (#194499 ) (#194855 )	2024-10-03 12:30:09 -05:00
server	[8.x] [licensing] Remove unnecessary refresh calls (#194499 ) (#194855 )	2024-10-03 12:30:09 -05:00
.i18nrc.json	[packages] migrate all plugins to packages (#148130 )	2023-02-08 21:06:50 -06:00
jest.config.js
kibana.jsonc	[Cloud Security] CODEOWNERS update (#164522 )	2023-08-23 09:57:45 -07:00
README.md	[Defend for containers] cloud_defend plugin UI boilerplate (#151533 )	2023-02-28 16:46:30 -08:00
tsconfig.json	[8.x] [Security Solution][Endpoint] changes to Endpoint metadata API in support of space awareness (#193490 ) (#194309 )	2024-09-27 18:19:34 +02:00

README.md

Cloud Defend (for containers)

This plugin currently only exists to provide custom fleet policy UX for a set of new BPF LSM features. The first feature being container "drift prevention".

Drift prevention is a way to block when executables are created or modified. Our agent service detects these events, and applies a set of selectors and responses configured to either block, alert or both.

Example configuration

selectors:
  # default selector (user can modify or remove if they want)
  - name: default
    operation: [createExecutable, modifyExecutable, execMemFd]

  # example custom selector
  - name: nginxOnly
    containerImageName:
      - nginx

  # example selector used for exclude
  - name: excludeCustomNginxBuild
    containerImageTag:
      - staging

# responses are evaluated from top to bottom
# only the first response with a match will run its actions
responses:
  - match: [nginxOnly]
    exclude: [excludeCustomNginxBuild]
    actions: [alert, block]

  # default response
  # delete this if no default response needed
  - match: [default]
    actions: [alert]

Development

pre commit checks

node scripts/type_check.js --project x-pack/plugins/cloud_defend/tsconfig.json
node scripts/eslint.js x-pack/plugins/cloud_defend
yarn test:jest x-pack/plugins/cloud_defend

See the kibana contributing guide for instructions setting up your development environment.