How can we help?
Category Data update for 2.0.2
We have updated the Policy Categories in version 2.0.0.
There is already trend data being collected for old categories in elastic search. To update the existing data, users need to run the below queries to update the data pertaining to old categories.
Please follow the below steps to execute the queries:
- Navigate to OpenSearch service
- Select the PaladinCloud OpenSearch domain.
- Copy th URL for Kibana.
- Please note that domain is accessible only inside of VPC.
- Open the Kibana URL
- Navigate to Dev Tools and execute the following queries:
POST assetgroup_stats/compliance/_update_by_query { "query": { "bool": { "must_not": { "exists": { "field": "cost" } } } }, "script" : { "inline": "ctx._source.cost = ctx._source.costOptimization; ctx._source.remove(\"costOptimization\");" } }POST assetgroup_stats/compliance/_update_by_query { "query": { "bool": { "must_not": { "exists": { "field": "operations" } } } }, "script": { "inline": "ctx._source.operations = ctx._source.governance; ctx._source.remove(\"governance\");" } } - This will update the existing trend data pertaining to old policy categories.
-
Below Query to update the violations data:
POST aws,gcp,azure/_update_by_query { "script": { "inline": "if(ctx._source.policyCategory!=null){ if(ctx._source.policyCategory=='costOptimization') {ctx._source['policyCategory'] = 'cost'} else if(ctx._source.policyCategory=='governance') {ctx._source['policyCategory'] = 'operations'}} ", "lang": "painless" }, "query": { "bool":{ "must":[ { "terms":{ "policyCategory.keyword": ["costOptimization","governance"] } }, { "match":{ "type": { "query":"issue" } } }]} }}
Please update the above indices with the clouds you are monitoring. For e.g., remove azure and gcp from the post request if you are monitoring only AWS.