⭐ wire data queries to controls #841
Conversation
This creates the internal wiring to collect data queries for controls. It connects each datapoint that a query produces to all the reporting job of the control that it is mapped to. Follow-up: I noticed that we don't do a decent job on printing just yet, e.g. we only print if a control passes or fails bound to its score. That's why there isn't a good place to add datapoints yet, considering we already print all data that is executed for a policy. Definitely looking to improve the CLI experience. Signed-off-by: Dominik Richter <[email protected]>
arlimus
force-pushed
the
dom/control-query-map
branch
from
945498d to
fd68be6
Compare
| @@ -19,6 +19,10 @@ policies: | |||
| title: SSH config editing should be limited to admins | |||
| mql: sshd.config.file.permissions.mode == 0644 | |||
| impact: 100 | |||
| queries: | |||
There was a problem hiding this comment.
do we need do add query pack dependencies to support this in the maps?
similar to policy_dependencies but for query packs instead
There was a problem hiding this comment.
oh good point! I'm not sure on the wiring we are using internally, but essentially we just want to point people to the MRN of the policy or querypack they want to activate at the end of the day
There was a problem hiding this comment.
I added a query_pack_dependencies field to the proto. We use the policy/pack deps when compiling the framework maps to ensure that the policies/packs are in the bundle.
Note that packs come back as policies in the bundle but we only reference them by uid so that should be fine
|
Looks great, thank you for the updates! |
This creates the internal wiring to collect data queries for controls. It connects each datapoint that a query produces to all the reporting job of the control that it is mapped to.
Follow-up: I noticed that we don't do a decent job on printing just yet, e.g. we only print if a control passes or fails bound to its score. That's why there isn't a good place to add datapoints yet, considering we already print all data that is executed for a policy. Definitely looking to improve the CLI experience.
@tas50 @jaym @preslavgerchev