in compliance/kibana.go [273:323]
func (k *Kibana) createPackagePolicy(agentPolicyID, name, version, templateName, inputName, inputType, dataset string) error {
var packagePolicyRequest createPackagePolicyRequest
packagePolicyRequest.Name = name + "-test-1"
packagePolicyRequest.PolicyID = agentPolicyID
packagePolicyRequest.Package.Name = name
packagePolicyRequest.Package.Version = version
if templateName != "" && inputName != "" && inputType != "" {
policyInputName := templateName + "-" + inputType
policyStreamName := name + "." + inputName
vars := make(map[string]any)
if dataset != "" {
vars["data_stream.dataset"] = dataset
}
packagePolicyRequest.Inputs = map[string]packagePolicyInput{
policyInputName: packagePolicyInput{
Streams: map[string]packagePolicyStream{
policyStreamName: packagePolicyStream{
Vars: vars,
},
},
},
}
}
body, err := json.Marshal(packagePolicyRequest)
if err != nil {
return err
}
req, err := k.newRequest(http.MethodPost, apiPackagePolicyPath, bytes.NewReader(body))
if err != nil {
return err
}
resp, err := k.client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode >= 400 {
respBody, err := io.ReadAll(resp.Body)
if err != nil {
return fmt.Errorf("failed to read response body (status: %d)", resp.StatusCode)
}
return fmt.Errorf("request failed with status %d, body: %s", resp.StatusCode, string(respBody))
}
return nil
}