From 7dba2f0080d4f5d5fa049c486815492efecf7fa4 Mon Sep 17 00:00:00 2001
From: Tiago Vila Verde <tiago.vilaverde@elastic.co>
Date: Fri, 18 Oct 2024 10:07:32 +0200
Subject: [PATCH] [Entity Analytics] Bug: update timestamp on criticality soft
 delete (#196722)

## Summary

This fixes a bug with asset criticality where "soft delete" does not
update the `@timestamp` field

(cherry picked from commit 07fc8753604a27b9cc2c7c396e85f9bd9dc40674)
---
 .../asset_criticality/asset_criticality_data_client.ts           | 1 +
 1 file changed, 1 insertion(+)

diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/asset_criticality_data_client.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/asset_criticality_data_client.ts
index 4f051c48dcd6c..b957030f2c8e5 100644
--- a/x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/asset_criticality_data_client.ts
+++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/asset_criticality_data_client.ts
@@ -342,6 +342,7 @@ export class AssetCriticalityDataClient {
           asset: {
             criticality: CRITICALITY_VALUES.DELETED,
           },
+          '@timestamp': new Date().toISOString(),
           ...getImplicitEntityFields({
             ...idParts,
             criticalityLevel: CRITICALITY_VALUES.DELETED,