eyalkraft
eyalkraft
@kfirpeled Make sure you test with the matching integration version https://github.com/elastic/integrations/pull/3968
We'll try and have a look on it soon 👍
@moukoublen would that change mean we download the entire vuln DB for every cycle?
Some notes following a sync with @ruflin: There are some efforts for defining a schema for a general entity model in Elasticsearch, to be used as the base for asset...
Next steps for implementation (with some hints for external contributors): #### Ship the collected assets (resources) to the `logs-assets-*-*` index, (behind a configuration feature flag). 1. Index name [reference](https://github.com/elastic/o11y-topology-playground/issues/34#issuecomment-1372649634) 2....
@ruflin > A nicer way of doing it would be to duplicate all the events in `bt.resourceCh` and then let it go through both pipeline steps separately. True. Actually now...
Reopening to discuss and answer these questions: - [ ] Should include the EC2 arn? and under what field? - [ ] Should include the Snapshot arn? and under what...
Thanks @uri-weisman ! Although I agree with the direction, I think your proposal might not match the criteria defined. Specifically because `resource.machine.id` and `resource.snapshot` aren't fields that exist on CSPM...
Thanks @uri-weisman @tinnytintin10 @nick-alayil I'd love to get your input about what is/isn't a requirement
Clarification: According to @jeniawhite this will require changes in osquery (fetching the `namespace_inode`). See his detailed [comment](https://github.com/elastic/security-team/issues/3532#issuecomment-1115805066): > Some comments about the `namespace_inode`. Attempted to fill in the gaps on...