Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate from legacy to modern ecs@mappings #9192

Open
zmoog opened this issue Feb 19, 2024 · 1 comment
Open

Migrate from legacy to modern ecs@mappings #9192

zmoog opened this issue Feb 19, 2024 · 1 comment
Assignees
@zmoog
Labels
enhancement New feature or request

Comments

@zmoog
Copy link
Contributor

zmoog commented Feb 19, 2024
edited

Update all integrations using dependencies.ecs.import_mappings: true to switch from legacy to modern ecs@mappings:

  • Remove dependencies.ecs.import_mappings: true
  • Set 8.13 as min stack version

Current list of packages using the legacy ecs@mappings.

Stats

Stack version Packages
8.3 6
8.6 2
8.7 8
8.8 4
8.9 3
8.10 8
8.11 6
8.12 4

Package list

Stack Version Name Owner
8.3 tanium elastic/security-service-integrations
8.3 fortinet_fortimail elastic/sec-deployment-and-devices
8.3 vectra_detect elastic/security-service-integrations
8.3 fortinet_fortimanager elastic/sec-deployment-and-devices
8.3 zscaler_zia elastic/security-service-integrations
8.3 microsoft_defender_cloud elastic/security-service-integrations
8.6 network_traffic elastic/sec-linux-platform
8.6 cef elastic/sec-deployment-and-devices
8.7 netflow elastic/sec-deployment-and-devices
8.7 trellix_epo_cloud elastic/security-service-integrations
8.7 suricata elastic/sec-deployment-and-devices
8.7 m365_defender elastic/security-service-integrations
8.7 cisco_nexus elastic/sec-deployment-and-devices
8.7 rapid7_insightvm elastic/security-service-integrations
8.7 zscaler_zpa elastic/security-service-integrations
8.7 google_workspace elastic/security-service-integrations
8.8 apache_tomcat elastic/obs-infraobs-integrations
8.8 cribl elastic/security-service-integrations
8.8 google_scc elastic/security-service-integrations
8.8 log elastic/elastic-agent-data-plane
8.9 trellix_edr_cloud elastic/security-service-integrations
8.9 entityanalytics_okta elastic/security-service-integrations
8.9 qualys_vmdr elastic/security-service-integrations
8.10 ti_opencti elastic/security-service-integrations
8.10 prisma_cloud elastic/security-service-integrations
8.10 symantec_edr_cloud elastic/security-service-integrations
8.10 sophos_central elastic/security-service-integrations
8.10 imperva_cloud_waf elastic/security-service-integrations
8.10 wiz elastic/security-service-integrations
8.10 winlog elastic/sec-windows-platform
8.10 imperva elastic/sec-deployment-and-devices
8.11 cloud_defend elastic/sec-linux-platform
8.11 ti_threatconnect elastic/security-service-integrations
8.11 google_cloud_storage elastic/security-service-integrations
8.11 sentinel_one_cloud_funnel elastic/security-service-integrations
8.11 entityanalytics_entra_id elastic/security-service-integrations
8.11 ti_crowdstrike elastic/security-service-integrations
8.12 eset_protect elastic/security-service-integrations
8.12 amazon_security_lake elastic/security-service-integrations
8.12 azure_blob_storage elastic/security-service-integrations
8.12 bitwarden elastic/security-service-integrations
@zmoog zmoog added the enhancement New feature or request label Feb 19, 2024
@zmoog zmoog self-assigned this Feb 19, 2024
@zmoog zmoog mentioned this issue Feb 19, 2024
Closed
This was referenced May 3, 2024
Merged
Merged
@terrancedejesus terrancedejesus mentioned this issue May 17, 2024
Merged
@efd6
Copy link
Contributor

efd6 commented Jun 6, 2024

An automation for this now exists here. Executable help will show the options that do the work, but briefly an example,

ecs-update -owner elastic/security-service-integrations -fields-yml-drop-ecs -kibana-version ^8.13.0 -drop-import-mappings packages/zoom

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zmoog zmoog

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zmoog @efd6