-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Cloud Security] [Vulnerabilities] Custom renderers for Group by Resource, Cloud account and CVE #174950
[Cloud Security] [Vulnerabilities] Custom renderers for Group by Resource, Cloud account and CVE #174950
Conversation
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security) |
…s://github.com/opauloh/kibana into findings-enhancements/vulnerabilities-grouping
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
History
To update your PR or re-run it, just comment with: |
case GROUPING_OPTIONS.CLOUD_ACCOUNT_NAME: | ||
return [ | ||
...aggMetrics, | ||
getTermAggregation('cloudProvider', VULNERABILITY_FIELDS.CLOUD_PROVIDER), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shouldn't we filter by cloud account name here? Correct me if I am wrong.
…urce, Cloud account and CVE (elastic#174950) ## Summary It closes elastic#169052, elastic#169048 and [elastic#172197](elastic#172197) This PR adds the following changes to the Findings -> Vulnerabilities page: - Added Severity mapping component to all Vulnerabilities grouping - Added Cloud account grouping to the Vulnerabilities default groups (groups by `cloud.account.name`) - Added CVE grouping to the Vulnerabilities default groups (groups by `vulnerability.id`) It also introduced the following changes: - Added utility to retrieve cloud providers names from a cloud provider abbreviation (aws, azure, gcp) - Added component to retrieve cloud provider icons from a cloud provider abbreviation (aws, azure, gcp) - Fixed Benchmarks page was displaying `Google Cloud Provider` for GCP instead of `Google Cloud Platform`. - Added / Updated FTR tests for vulnerability grouping ## Screenshots ![image](https://github.com/elastic/kibana/assets/19270322/cb79fc81-1b0d-4ce2-a456-af270390b1c9) <img width="1498" alt="image" src="https://github.com/elastic/kibana/assets/19270322/245d6c06-67bd-429b-963f-ddc67cca5af4"> <img width="1509" alt="image" src="https://github.com/elastic/kibana/assets/19270322/028be6e4-3543-4fd8-8bee-f23535aec7b8"> <img width="1501" alt="image" src="https://github.com/elastic/kibana/assets/19270322/c691f8b8-fca5-4d65-a182-ca26448a7ede"> <img width="1502" alt="image" src="https://github.com/elastic/kibana/assets/19270322/caa4fe29-a542-4e33-b609-be50d29f6e37"> ## Recording https://github.com/elastic/kibana/assets/19270322/2e8d2c9d-2e3c-459c-a9e5-29f046b9ed9e
Summary
It closes #169052, #169048 and #172197
This PR adds the following changes to the Findings -> Vulnerabilities page:
cloud.account.name
)vulnerability.id
)It also introduced the following changes:
Google Cloud Provider
for GCP instead ofGoogle Cloud Platform
.Screenshots
Recording
Screen.Recording.2024-01-16.at.9.43.28.AM.mov