Deprecate universal entity

.buildkite/ftr_security_stateful_configs.yml

@@ -106,7 +106,6 @@ enabled:
   - x-pack/test/cloud_security_posture_functional/data_views/config.ts
   - x-pack/test/automatic_import_api_integration/apis/config_basic.ts
   - x-pack/test/automatic_import_api_integration/apis/config_graphs.ts
-  - x-pack/test/security_solution_api_integration/test_suites/asset_inventory/entity_store/trial_license_complete_tier/configs/ess.config.ts
   - x-pack/test/spaces_api_integration/deployment_agnostic/spaces_only/config.ts
   - x-pack/test/spaces_api_integration/deployment_agnostic/security_and_spaces/stateful.config_basic.ts
   - x-pack/test/spaces_api_integration/deployment_agnostic/security_and_spaces/stateful.config_trial.ts

.github/CODEOWNERS

@@ -2540,7 +2540,6 @@ x-pack/solutions/security/plugins/security_solution/public/common/components/ses
 x-pack/solutions/security/plugins/security_solution/public/cloud_defend @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/plugins/security_solution/public/cloud_security_posture @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/plugins/security_solution/public/kubernetes @elastic/kibana-cloud-security-posture
-x-pack/test/security_solution_api_integration/test_suites/asset_inventory @elastic/kibana-cloud-security-posture
 x-pack/solutions/security/plugins/security_solution/server/lib/asset_inventory @elastic/kibana-cloud-security-posture
 
 ## Fleet plugin (co-owned with Fleet team)

oas_docs/output/kibana.serverless.yaml

@@ -52265,7 +52265,6 @@ components:
         - user
         - host
         - service
-        - universal
       type: string
     Security_Entity_Analytics_API_HostEntity:
       type: object
@@ -52341,7 +52340,6 @@ components:
         - host.name
         - user.name
         - service.name
-        - related.entity
       type: string
     Security_Entity_Analytics_API_IndexPattern:
       type: string

oas_docs/output/kibana.yaml

@@ -59032,7 +59032,6 @@ components:
         - user
         - host
         - service
-        - universal
       type: string
     Security_Entity_Analytics_API_HostEntity:
       type: object
@@ -59108,7 +59107,6 @@ components:
         - host.name
         - user.name
         - service.name
-        - related.entity
       type: string
     Security_Entity_Analytics_API_IndexPattern:
       type: string

x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/common.gen.ts

@@ -17,7 +17,7 @@
 import { z } from '@kbn/zod';
 
 export type IdField = z.infer<typeof IdField>;
-export const IdField = z.enum(['host.name', 'user.name', 'service.name', 'related.entity']);
+export const IdField = z.enum(['host.name', 'user.name', 'service.name']);
 export type IdFieldEnum = typeof IdField.enum;
 export const IdFieldEnum = IdField.enum;
 

x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/asset_criticality/common.schema.yaml

@@ -29,7 +29,6 @@ components:
         - 'host.name'
         - 'user.name'
         - 'service.name'
-        - 'related.entity'
     AssetCriticalityRecordIdParts:
       type: object
       properties:

x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.gen.ts

@@ -17,7 +17,7 @@
 import { z } from '@kbn/zod';
 
 export type EntityType = z.infer<typeof EntityType>;
-export const EntityType = z.enum(['user', 'host', 'service', 'universal']);
+export const EntityType = z.enum(['user', 'host', 'service']);
 export type EntityTypeEnum = typeof EntityType.enum;
 export const EntityTypeEnum = EntityType.enum;
 

x-pack/solutions/security/plugins/security_solution/common/api/entity_analytics/entity_store/common.schema.yaml

@@ -12,7 +12,6 @@ components:
         - user
         - host
         - service
-        - universal
 
     EngineDescriptor:
       type: object

x-pack/solutions/security/plugins/security_solution/common/entity_analytics/asset_criticality/utils.ts

@@ -7,17 +7,11 @@
 
 import type { ExperimentalFeatures } from '../../experimental_features';
 import { getAllEntityTypes, getDisabledEntityTypes } from '../utils';
-import { EntityType } from '../types';
-
-const ASSET_CRITICALITY_UNAVAILABLE_TYPES = [EntityType.universal];
 
 // TODO delete this function when the universal entity support is added
 export const getAssetCriticalityEntityTypes = (experimentalFeatures: ExperimentalFeatures) => {
   const allEntityTypes = getAllEntityTypes();
   const disabledEntityTypes = getDisabledEntityTypes(experimentalFeatures);
 
-  return allEntityTypes.filter(
-    (value) =>
-      !disabledEntityTypes.includes(value) && !ASSET_CRITICALITY_UNAVAILABLE_TYPES.includes(value)
-  );
+  return allEntityTypes.filter((value) => !disabledEntityTypes.includes(value));
 };

x-pack/solutions/security/plugins/security_solution/common/entity_analytics/risk_engine/utils.ts

@@ -6,7 +6,6 @@
  */
 
 import * as t from 'io-ts';
-import { EntityType } from '../types';
 import { getAllEntityTypes, getDisabledEntityTypes } from '../utils';
 import type { ExperimentalFeatures } from '../../experimental_features';
 
@@ -28,15 +27,10 @@ export function fromEnum<EnumType extends string>(
   );
 }
 
-const RISK_ENGINE_UNAVAILABLE_TYPES = [EntityType.universal];
-
 // TODO delete this function when the universal entity support is added
 export const getRiskEngineEntityTypes = (experimentalFeatures: ExperimentalFeatures) => {
   const allEntityTypes = getAllEntityTypes();
   const disabledEntityTypes = getDisabledEntityTypes(experimentalFeatures);
 
-  return allEntityTypes.filter(
-    (value) =>
-      !disabledEntityTypes.includes(value) && !RISK_ENGINE_UNAVAILABLE_TYPES.includes(value)
-  );
+  return allEntityTypes.filter((value) => !disabledEntityTypes.includes(value));
 };

x-pack/solutions/security/plugins/security_solution/common/entity_analytics/types.ts

@@ -15,19 +15,16 @@ export enum EntityType {
   user = 'user',
   host = 'host',
   service = 'service',
-  universal = 'universal',
 }
 
 export enum EntityIdentifierFields {
   hostName = 'host.name',
   userName = 'user.name',
   serviceName = 'service.name',
-  universal = 'related.entity',
 }
 
 export const EntityTypeToIdentifierField: Record<EntityType, EntityIdentifierFields> = {
   [EntityType.host]: EntityIdentifierFields.hostName,
   [EntityType.user]: EntityIdentifierFields.userName,
   [EntityType.service]: EntityIdentifierFields.serviceName,
-  [EntityType.universal]: EntityIdentifierFields.universal,
 };

x-pack/solutions/security/plugins/security_solution/common/entity_analytics/utils.test.ts

@@ -4,13 +4,8 @@
  * 2.0; you may not use this file except in compliance with the Elastic License
  * 2.0.
  */
-
-import { getAllEntityTypes, getDisabledEntityTypes } from './utils';
+import { getAllEntityTypes } from './utils';
 import { EntityType } from './types';
-import type { ExperimentalFeatures } from '../experimental_features';
-import { mockGlobalState } from '../../public/common/mock';
-
-const mockedExperimentalFeatures = mockGlobalState.app.enableExperimental;
 
 describe('utils', () => {
   describe('getAllEntityTypes', () => {
@@ -19,24 +14,4 @@ describe('utils', () => {
       expect(entityTypes).toEqual(Object.values(EntityType));
     });
   });
-
-  describe('getDisabledEntityTypes', () => {
-    it('should return disabled entity types when assetInventoryStoreEnabled is false', () => {
-      const experimentalFeatures: ExperimentalFeatures = {
-        ...mockedExperimentalFeatures,
-        assetInventoryStoreEnabled: false,
-      };
-      const disabledEntityTypes = getDisabledEntityTypes(experimentalFeatures);
-      expect(disabledEntityTypes).toEqual([EntityType.universal]);
-    });
-
-    it('should return no disabled entity types when both features are true', () => {
-      const experimentalFeatures: ExperimentalFeatures = {
-        ...mockedExperimentalFeatures,
-        assetInventoryStoreEnabled: true,
-      };
-      const disabledEntityTypes = getDisabledEntityTypes(experimentalFeatures);
-      expect(disabledEntityTypes).toEqual([]);
-    });
-  });
 });

x-pack/solutions/security/plugins/security_solution/common/entity_analytics/utils.ts

@@ -13,11 +13,6 @@ export const getDisabledEntityTypes = (
   experimentalFeatures: ExperimentalFeatures
 ): EntityType[] => {
   const disabledEntityTypes: EntityType[] = [];
-  const isUniversalEntityStoreEnabled = experimentalFeatures.assetInventoryStoreEnabled;
-
-  if (!isUniversalEntityStoreEnabled) {
-    disabledEntityTypes.push(EntityType.universal);
-  }
 
   return disabledEntityTypes;
 };

x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts

@@ -262,12 +262,6 @@ export const allowedExperimentalValues = Object.freeze({
    */
   crowdstrikeRunScriptEnabled: true,
 
-  /**
-   * Enables the Asset Inventory Entity Store feature.
-   * Allows initializing the Universal Entity Store via the API.
-   */
-  assetInventoryStoreEnabled: false,
-
   /**
    * Enables the Asset Inventory feature
    */

x-pack/solutions/security/plugins/security_solution/common/search_strategy/security_solution/risk_score/all/index.ts

@@ -93,12 +93,10 @@ export const EntityTypeToLevelField: Record<EntityType, RiskScoreFields> = {
   [EntityType.host]: RiskScoreFields.hostRisk,
   [EntityType.user]: RiskScoreFields.userRisk,
   [EntityType.service]: RiskScoreFields.serviceRisk,
-  [EntityType.universal]: RiskScoreFields.unsupported, // We don't calculate risk for the universal entity
 };
 
 export const EntityTypeToScoreField: Record<EntityType, RiskScoreFields> = {
   [EntityType.host]: RiskScoreFields.hostRiskScore,
   [EntityType.user]: RiskScoreFields.userRiskScore,
   [EntityType.service]: RiskScoreFields.serviceRiskScore,
-  [EntityType.universal]: RiskScoreFields.unsupported, // We don't calculate risk for the universal entity
 };

x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml

@@ -1224,7 +1224,6 @@ components:
         - user
         - host
         - service
-        - universal
       type: string
     HostEntity:
       type: object
@@ -1300,7 +1299,6 @@ components:
         - host.name
         - user.name
         - service.name
-        - related.entity
       type: string
     IndexPattern:
       type: string

x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml

@@ -1224,7 +1224,6 @@ components:
         - user
         - host
         - service
-        - universal
       type: string
     HostEntity:
       type: object
@@ -1300,7 +1299,6 @@ components:
         - host.name
         - user.name
         - service.name
-        - related.entity
       type: string
     IndexPattern:
       type: string

x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.tsx

@@ -35,7 +35,6 @@ export const EntityIconByType: Record<EntityType, IconType> = {
   [EntityType.user]: 'user',
   [EntityType.host]: 'storage',
   [EntityType.service]: 'node',
-  [EntityType.universal]: 'globe', // random value since we don't support universal entity type
 };
 
 export const sourceFieldToText = (source: string) => {

x-pack/solutions/security/plugins/security_solution/public/flyout/entity_details/shared/constants.ts

@@ -35,13 +35,11 @@ export const EntityPanelKeyByType: Record<EntityType, string | undefined> = {
   [EntityType.host]: HostPanelKey,
   [EntityType.user]: UserPanelKey,
   [EntityType.service]: ServicePanelKey,
-  [EntityType.universal]: undefined, // TODO create universal flyout?
 };
 
 // TODO rename all params and merged them as 'entityName'
 export const EntityPanelParamByType: Record<EntityType, string | undefined> = {
   [EntityType.host]: 'hostName',
   [EntityType.user]: 'userName',
   [EntityType.service]: 'serviceName',
-  [EntityType.universal]: undefined, // TODO create universal flyout?
 };

x-pack/solutions/security/plugins/security_solution/public/flyout/entity_details/universal_right/header.tsx

@@ -29,6 +29,7 @@ export const UniversalEntityFlyoutHeader = ({ entity }: UniversalEntityFlyoutHea
           </EuiText>
         </EuiFlexItem>
         <EuiFlexItem grow={false}>
+          {/* @ts-ignore Fix it once genetric entity is introduce*/}
           <FlyoutTitle title={entity?.id} iconType={EntityIconByType[entity?.type]} />
         </EuiFlexItem>
       </EuiFlexGroup>

x-pack/solutions/security/plugins/security_solution/server/lib/asset_inventory/asset_inventory_data_client.ts

@@ -34,11 +34,7 @@ export class AssetInventoryDataClient {
 
   // Initializes the asset inventory by validating experimental feature flags and triggering asynchronous setup.
   public async init() {
-    const { experimentalFeatures, logger } = this.options;
-
-    if (!experimentalFeatures.assetInventoryStoreEnabled) {
-      throw new Error('Universal entity store is not enabled');
-    }
+    const { logger } = this.options;
 
     logger.debug(`Initializing asset inventory`);