[Ingest Manager]: 'default' is displayed at data_stream.namespace on discover tab instead of non-default policy namespace

[dikshachauhan-qasource]

Kibana version:
Kibana:8.0.0 snapshot Cloud environment

Elasticsearch version:
Elasticsearch: 8.0.0 snapshot Cloud environment

Host OS and Browser version:
Windows 10, All

Original install method (e.g. download page, yum, from source, etc.):
8.0.0 snapshot Cloud environment

While exploratory testing, we have validate a scenario as per ticket summary on 8.0.0 snapshot kibana cloud build. Build details are as follows:

BUILD 38666
COMMIT 62e79eec7011cb8ffa6f1c9626f4f989656ddad1
Artifact link: https://artifacts-api.elastic.co/v1/search/8.0.0-SNAPSHOT/elastic-agent-8.0.0-SNAPSHOT-windows-x86_64.zip

Preconditions:

• Create a test policy say 'test1' with namespace : test_1 other than default
• System and endpoint integration should be added to test policy.

Steps to reproduce:

1. Installed agent using 'test1' policy.
2. Wait for agent and endpoint logs to generate successfully.
3. Go to discover tab.
4. Select Logs*- . Apply 'event.dataset : "elastic_agent.endpoint_security"'filter at KQL query.

Reference link:
https://elastic.testrail.io/index.php?/cases/view/35320

Actual result :
'default' is displayed at data_stream.namespace on discover tab instead of instead of 'test_1'

Expected result:
'test_1' should be displayed at data_stream.namespace on discover tab after applying 'event.dataset : "elastic_agent.endpoint_security"'filter at KQL query.

Screenshot:

[dikshachauhan-qasource]

@manishgupta-qasource please review

[manishgupta-qasource]

Reviewed & Assigned to @EricDavisX

[elasticmachine]

Pinging @elastic/ingest-management (Team:Ingest Management)

[EricDavisX]

@ruflin @ph this sounds like namespace isn't being carried thru the whole stack. That would feel high priority to me, until we know otherwise. Do you want to review or assign someone?