Skip to content

[8.x] [Cloud Security] [CDR] Handle grouping fields with missing mapping (#195702)#195792

Merged
kibanamachine merged 1 commit intoelastic:8.xfrom
kibanamachine:backport/8.x/pr-195702
Oct 10, 2024
Merged

[8.x] [Cloud Security] [CDR] Handle grouping fields with missing mapping (#195702)#195792
kibanamachine merged 1 commit intoelastic:8.xfrom
kibanamachine:backport/8.x/pr-195702

Conversation

@kibanamachine
Copy link
Copy Markdown
Contributor

@kibanamachine kibanamachine commented Oct 10, 2024

Backport

This will backport the following commits from main to 8.x:

Questions ?

Please refer to the Backport tool documentation

@opauloh
[Cloud Security] [CDR] Handle grouping fields with missing mapping (e…
de3cec4 
…lastic#195702)

## Summary

This PR fixes elastic/security-team#10632 by
adding runtime mapping support for fields that are missing in mapping,
this is useful when querying a DataView that points to multiple indices
where the mapping is not guaranteed to exist as it's the case with CDR
that adds supports to Third Party data.

Also added runtime mapping to sorted fields, as it's not guaranteed that
all fields shown on the table have mapped fields.

(cherry picked from commit e53e545)
@kibanamachine kibanamachine added the backport This PR is a backport of another PR label Oct 10, 2024
@kibanamachine kibanamachine enabled auto-merge (squash) October 10, 2024 14:58
@kibanamachine kibanamachine mentioned this pull request Oct 10, 2024
Merged
@kibanamachine kibanamachine merged commit e2bed0f into elastic:8.x Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@opauloh opauloh

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kibanamachine @opauloh