[Cloud Security] increase transfom retention_policy to 90 days for Wiz #11393
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
maxcold
added
enhancement
🚀 Benchmarks reportTo see the full report comment with |
💚 Build Succeeded
|
|
maxcold
added a commit
to elastic/kibana
that referenced
this pull request
Oct 11, 2024
…party data loading (#195636) ## Summary Increase retention on Cloud Security queries to accommodate a longer retention period on third-party CDR integrations, such as Wiz and AWS SecurityHub. This introduces regression for #142198 This is meant is a temporary workaround until we find a robust way to get full posture for third-party CDR integrations This change goes together with increasing retention period on Wiz: - elastic/integrations#11393 fixes: - elastic/security-team#10683 ## How to test The CI deployed a serverless project where I installed Wiz and CSP integrations and ingested some data.
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 11, 2024
…party data loading (elastic#195636) ## Summary Increase retention on Cloud Security queries to accommodate a longer retention period on third-party CDR integrations, such as Wiz and AWS SecurityHub. This introduces regression for elastic#142198 This is meant is a temporary workaround until we find a robust way to get full posture for third-party CDR integrations This change goes together with increasing retention period on Wiz: - elastic/integrations#11393 fixes: - elastic/security-team#10683 ## How to test The CI deployed a serverless project where I installed Wiz and CSP integrations and ingested some data. (cherry picked from commit e18c52e)
andrewkroh
added
the
Team:Security-Service Integrations
|
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
CohenIdo
approved these changes
Oct 13, 2024
chrisberkhout
approved these changes
Oct 14, 2024
|
@chrisberkhout we still need the retention, it's more of temporary workaround of the issue described in this work item |
|
Package wiz - 1.9.0-preview05 containing this change is available at https://epr.elastic.co/search?package=wiz |
|
Package wiz - 2.0.0 containing this change is available at https://epr.elastic.co/search?package=wiz |
harnish-crest-data
pushed a commit
to chavdaharnish/integrations
that referenced
this pull request
Feb 4, 2025
elastic#11393) * increase transfom retention_policy to 90 days for Wiz * update changelog
harnish-crest-data
pushed a commit
to chavdaharnish/integrations
that referenced
this pull request
Feb 5, 2025
elastic#11393) * increase transfom retention_policy to 90 days for Wiz * update changelog
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed commit message
Increase retention policy to 90 days on Wiz transforms to cater for how Wiz evaluates environments for posture. In contrast to native CSP integration Wiz doesn't do regular full re-evaluation of customer environments, that's why short retention period mean customers having only a small slice of their posture. The change will go together with documentation on how to get more complete view for the posture using longer initial interval setting value
Checklist
changelog.ymlfile.Author's Checklist
How to test this PR locally
Build and install integration, ingest some data from Wiz, check that latest index contains documents without 90d period
Related issues
Screenshots