[Cloud Security][Tech Debt] Use DataView instead of latest index for querying misconfigurations

[maxcold]

Motivation

While we use DataViews to get data for our Findings page, we still use logs-cloud_security_posture.findings_latest-* index pattern directly in some places. We need to use DataView to get findings data consistently, this will support our plans to bring 3rd party data into our flows.

Technical details
look for the usages of CSP_LATEST_FINDINGS_DATA_VIEW, which disregard of the name, used to query data by the index pattern, not via a Data View. In contrast look for LATEST_FINDINGS_INDEX_PATTERN to see the examples of the DataView usage. getGroupedFindingsQuery and getFindingsQuery will need to be changed to leverage DataView search

Definition of done

• logs-cloud_security_posture.findings_latest-* is not used as an index pattern to get findings data, all the data should be queried through a DataView

Out of scope

• the use of logs-cloud_security_posture.findings_latest-default to get data from a specific index for telemetry, score calculation and status checks for indexes.
• the use of logs-cloud_security_posture.findings_latest-* to search for a DataView instead of the use of dataView id

Related tasks/epics

Team tag

@elastic/kibana-cloud-security-posture

[maxcold]

@opauloh as you worked with the data grid quite a lot lately, can you check if this ticket misses smth.

[kfirpeled]

I remember one use case we don't use the data view and use the index pattern instead.
/status API can be called before our integration is installed. Since the data view is part of our integration assets, it is not available and we use the index pattern instead.

I guess telemetry can be another similar use case so we won't have failures.