Merge branch 'package_mongodb_atlas_hardware' of github.com:niraj-ela…

…stic/integrations into package_mongodb_atlas_hardware
elastic · May 8, 2024 · ad9d9f2 · ad9d9f2
2 parents a08dbc1 + 32fb750
commit ad9d9f2
Show file tree

Hide file tree

Showing 21 changed files with 161 additions and 145 deletions.
diff --git a/packages/azure/_dev/build/docs/README.md b/packages/azure/_dev/build/docs/README.md
diff --git a/packages/azure/_dev/build/docs/adlogs.md b/packages/azure/_dev/build/docs/adlogs.md
@@ -1,10 +1,10 @@
-# Active Directory Logs
+# Microsoft Entra ID Logs
 
-Azure Active Directory (AAD) logs are records of events and activities that occur within an organization's AAD environment.
+Microsoft Entra ID logs are records of events and activities that occur within a Microsoft Entra ID environment of an organization.
 
 These logs capture important information such as user sign-ins, changes to user accounts, and more. They can be used to monitor and track user activity, identify security threats, troubleshoot issues, and generate reports for compliance purposes.
 
-The Azure Active Directory logs integration contain several data streams:
+The Microsoft Entra ID logs integration contain several data streams:
 
 * **Sign-in logs** – Information about sign-ins and how your users use your resources.
 * **Identity Protection logs** - Information about user risk status and the events that change it.
@@ -82,28 +82,28 @@ https://management.usgovcloudapi.net/
 
 ### Sign-in logs
 
-Retrieves Azure Active Directory sign-in logs. The sign-ins report provides information about the usage of managed applications and user sign-in activities.
+Retrieves Microsoft Entra ID sign-in logs. The sign-ins report provides information about the usage of managed applications and user sign-in activities.
 
 {{event "signinlogs"}}
 
 {{fields "signinlogs"}}
 
 ### Identity Protection logs
 
-Retrieves Azure AD Identity Protection logs. The [Azure AD Identity Protection](https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection) service analyzes events from AD users' behavior, detects risk situations, and can respond by reporting only or even blocking users at risk, according to policy configurations.
+Retrieves Microsoft Entra ID Protection logs. The [Microsoft Entra ID Protection](https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection) service analyzes events from Microsoft Entra ID users' behavior, detects risk situations, and can respond by reporting only or even blocking users at risk, according to policy configurations.
 
 {{event "identity_protection"}}
 
 {{fields "identity_protection"}}
 
 ### Provisioning logs
 
-Retrieves Azure Active Directory Provisioning logs. The [Azure AD Provisioning](https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/how-provisioning-works) service syncs AD users and groups to and from external enterprise applications. For example, you can configure the provisioning service to replicate all existing AD users and groups to an external Dropbox Business account or vice-versa.
+Retrieves Microsoft Entra ID Provisioning logs. The [Microsoft Entra ID Provisioning](https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/how-provisioning-works) service syncs Microsoft Entra ID users and groups to and from external enterprise applications. For example, you can configure the provisioning service to replicate all existing Microsoft Entra ID users and groups to an external Dropbox Business account or vice versa.
 
 The Provisioning Logs contain a lot of details about a inbound/outbound sync activity, like:
 
 * User or group details.
-* Source and target systems (e.g., from Azure AD to Dropbox).
+* Source and target systems (for ex., from Microsoft Entra ID to Dropbox).
 * Provisioning status.
 * Provisioning steps (with details for each step).
 
@@ -113,7 +113,7 @@ The Provisioning Logs contain a lot of details about a inbound/outbound sync act
 
 ### Audit logs
 
-Retrieves Azure Active Directory audit logs. The audit logs provide traceability through logs for all changes done by various features within Azure AD. Examples of audit logs include changes made to any resources within Azure AD like adding or removing users, apps, groups, roles and policies.
+Retrieves Microsoft Entra ID audit logs. The audit logs provide traceability through logs for all changes done by various features within Microsoft Entra ID. Examples of audit logs include changes made to any resources within Microsoft Entra ID like adding or removing users, apps, groups, roles and policies.
 
 {{event "auditlogs"}}
 

diff --git a/packages/azure/changelog.yml b/packages/azure/changelog.yml
@@ -1,3 +1,8 @@
+- version: "1.11.4"
+  changes:
+    - description: Replace Azure AD with Microsoft Entra ID.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/9774
 - version: "1.11.3"
   changes:
     - description: Update Azure Audit Logs pipeline with support for initiated_by user fields.

diff --git a/packages/azure/data_stream/identity_protection/elasticsearch/ingest_pipeline/default.yml b/packages/azure/data_stream/identity_protection/elasticsearch/ingest_pipeline/default.yml
@@ -1,5 +1,5 @@
 ---
-description: Pipeline for parsing Azure Active Directory Identity Protection logs.
+description: Pipeline for parsing Microsoft Entra ID Identity Protection logs.
 processors:
   - set:
       field: ecs.version

diff --git a/packages/azure/data_stream/identity_protection/manifest.yml b/packages/azure/data_stream/identity_protection/manifest.yml
@@ -1,12 +1,12 @@
 type: logs
-title: Azure AD Identity Protection Logs
+title: Microsoft Entra ID Identity Protection Logs
 release: beta
 streams:
   - input: "azure-eventhub"
     enabled: false
     template_path: "azure-eventhub.yml.hbs"
     title: "Azure Identity Protection Logs"
-    description: "Collect Azure AD Identity Protection Logs using azure-eventhub input"
+    description: "Collect Microsoft Entra ID Identity Protection Logs using azure-eventhub input"
     vars:
       - name: preserve_original_event
         required: true

diff --git a/packages/azure/data_stream/provisioning/fields/fields.yml b/packages/azure/data_stream/provisioning/fields/fields.yml
@@ -4,7 +4,7 @@
     - name: tenant_id
       type: keyword
       description: |
-        Unique Azure AD tenant ID
+        Unique Microsoft Entra ID tenant ID
     - name: level
       type: long
       description: |
@@ -39,15 +39,15 @@
         - name: tenant_id
           type: keyword
           description: |
-            Unique Azure AD tenant ID
+            Unique Microsoft Entra ID tenant ID
         - name: action
           type: keyword
           description: |
             Indicates the activity name or the operation name.
         - name: provisioning_action
           type: keyword
           description: |
-            Indicates the activity name or the operation name. Possible values are: create, update, delete, stageddelete, disable, other and unknownFutureValue. For a list of activities logged, refer to Azure AD activity list.
+            Indicates the activity name or the operation name. Possible values are: create, update, delete, stageddelete, disable, other and unknownFutureValue. For a list of activities logged, refer to Microsoft Entra ID activity list.
         - name: activity_datetime
           type: date
           description: |
@@ -181,7 +181,7 @@
         - name: source_system
           type: group
           description: |
-            Represents the system that a user was provisioned to or from. For example, when provisioning a user from Azure Active Directory (Azure AD) to ServiceNow, the source system is Azure AD, and the target system is ServiceNow. See https://docs.microsoft.com/en-us/graph/api/resources/provisioningsystem?view=graph-rest-1.0 for more details.
+            Represents the system that a user was provisioned to or from. For example, when provisioning a user from Microsoft Entra ID to ServiceNow, the source system is Microsoft Entra ID, and the target system is ServiceNow. See https://docs.microsoft.com/en-us/graph/api/resources/provisioningsystem?view=graph-rest-1.0 for more details.
           fields:
             - name: id
               type: keyword

diff --git a/packages/azure/data_stream/provisioning/manifest.yml b/packages/azure/data_stream/provisioning/manifest.yml
@@ -1,12 +1,12 @@
 type: logs
-title: Azure AD Provisioning Logs
+title: Microsoft Entra ID Provisioning Logs
 release: beta
 streams:
   - input: "azure-eventhub"
     enabled: false
     template_path: "azure-eventhub.yml.hbs"
     title: "Azure Provisioning Logs"
-    description: "Collect Azure AD Provisioning Logs using azure-eventhub input"
+    description: "Collect Microsoft Entra ID Provisioning Logs using azure-eventhub input"
     vars:
       - name: preserve_original_event
         required: true