Amir Ben Nun
Amir Ben Nun
### Describe the bug As part of the "Create Environment" workflow, when running with serverless checkbox selected, it installs agentless CSPM on the agentless agent. Next if the "run tests"...
**Describe the bug** When deploying serverless environment with the "Create Environment" workflow, the user have to specify that the stack version is 8.12 or otherwise the following error appears. ...
### Motivation The Create-Environment Github workflow creates an EC2 instance with Terraform. Later on, after the creation of agent policy, it ssh into the instance and installs the agent with...
### Background: Besides of the serverless tests we have today that assert for regular agents findings we want to also verify that agentless also produces findings as expected. ### Definition...
### Background An [alert](https://elastic.slack.com/archives/C056S4ZJW3W/p1709243707032229) was triggered for matching 400 findings instead of 411 for KSPM on EKS. ### Research 1. As you can see in the [findings index](https://live-environment-do-not-delete-stack.kb.us-west2.gcp.elastic-cloud.com:9243/app/discover#/?_g=(filters:!(),refreshInterval:(pause:!t,value:60000),time:(from:'2024-02-28T22:00:00.000Z',to:'2024-03-01T22:00:00.000Z'))&_a=(columns:!(rule.benchmark.rule_number,resource.name,resource.id,host.name),filters:!(('$state':(store:appState),meta:(alias:!n,disabled:!f,index:cloud_security_posture-9129a080-7f48-11ec-8249-431333f83c5f,key:resource.name,negate:!f,params:(query:kubelet),type:phrase),query:(match_phrase:(resource.name:kubelet))),('$state':(store:appState),meta:(alias:!n,disabled:!f,index:cloud_security_posture-9129a080-7f48-11ec-8249-431333f83c5f,key:host.name,negate:!f,params:(query:ip-10-0-3-115.eu-west-1.compute.internal),type:phrase),query:(match_phrase:(host.name:ip-10-0-3-115.eu-west-1.compute.internal)))),index:cloud_security_posture-9129a080-7f48-11ec-8249-431333f83c5f,interval:auto,query:(language:kuery,query:'%22rule.benchmark.id%22:%20%22cis_eks%22%20'),sort:!(!('@timestamp',asc)))), the 11...
### Motivation Every log Cloudbeat outputs is a JSON object in a `.ndjson` file. On managed elastic stacks, filebeat reads these log files and indexes them into elasticsearch, this data...
### Motivation Today cloudbeat fails to clean snapshots when context is done, instead we should create a termination context and have the cleanup anyway as part of a graceful shutdown....
### Motivation On our QA cycles we would like to have a full coverage matrix of all the regions, testing multiple AMI with different file system implementations. ### Components -...
## Motivation As we know, sending on a close channel causes a panic. Therefore the best practices in golang is that the sender always the one to close the channel....