Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ECS] Update SEI packages to ECS 8.10.0 (Part 1) #7905

Merged
merged 38 commits into from Sep 21, 2023
Merged

[ECS] Update SEI packages to ECS 8.10.0 (Part 1) #7905

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
646896e
kgeller Sep 21, 2023
c36bf0c
[1password] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
a5b0745
[akamai] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
c2df835
[arista_ngfw] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
3d0c85c
[atlassian_bitbucket] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
12622e6
[atlassian_confluence] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
c81f9ef
[atlassian_jira] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
42f88a8
[auditd] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
f89060e
[auditd_manager] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
6179e02
[auth0] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
36259ef
[azure_blob_storage] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
8a53ba1
[azure_frontdoor] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
f8bc349
[barracuda] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
e9e64a2
[barracuda_cloudgen_firewall] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
734eabb
[bitdefender] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
3c17104
[bitwarden] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
b4870ac
[carbon_black_cloud] - change ecs.version to 8.8.0 in ingest pipeline
kgeller Sep 21, 2023
84779d9
[carbonblack_edr] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
faf30a3
[cef] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
241bb2f
[cel] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
4bf2618
[checkpoint] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
9472adf
[cisco_aironet] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
1df64fd
[cisco_duo] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
40b0111
[cisco_ios] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
ac2def3
[cisco_ise] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
fb9898d
[cisco_meraki] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
3fa5df9
[cisco_nexus] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
3201f00
[cisco_secure_email_gateway] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
5f96163
[cisco_secure_endpoint] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
8afbed3
[cisco_umbrella] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
ae9104e
[citrix_waf] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
1146001
[cloudflare] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
eabb220
[cloudflare_logpush] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
6b60bbf
[crowdstrike] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
7fb2aa3
merge conflict resolution on versions
kgeller Sep 21, 2023
f5be13c
merge conflict resolution
kgeller Sep 21, 2023
bbf9edb
[carbon_black_cloud] - change to ECS version git@v8.10.0
kgeller Sep 21, 2023
f1f4bd4
Correcting changelog & manifest version
kgeller Sep 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
2 changes: 1 addition & 1 deletion packages/1password/_dev/build/build.yml
View file
Open in desktop
@@ -1,3 +1,3 @@
dependencies:
ecs:
reference: git@v8.9.0
reference: "git@v8.10.0"
5 changes: 5 additions & 0 deletions packages/1password/changelog.yml
View file
Open in desktop
@@ -1,4 +1,9 @@
# newer versions go on top
- version: 1.20.0
changes:
- description: ECS version updated to 8.10.0.
type: enhancement
link: https://github.com/elastic/integrations/pull/7905
- version: "1.19.0"
changes:
- description: Add tags.yml file so that integration's dashboards and saved searches are tagged with "Security Solution" and displayed in the Security Solution UI.
Expand Down
4 changes: 2 additions & 2 deletions ...1password/data_stream/audit_events/_dev/test/pipeline/test-auditevents.json-expected.json
View file
Open in desktop
Expand Up @@ -3,7 +3,7 @@
{
"@timestamp": "2022-10-24T21:16:52.827Z",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"action": "suspend",
Expand Down Expand Up @@ -72,7 +72,7 @@
{
"@timestamp": "2022-10-24T21:16:52.827Z",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"action": "suspend",
Expand Down
2 changes: 1 addition & 1 deletion packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Expand Up @@ -16,7 +16,7 @@ processors:
#######################
- set:
field: ecs.version
value: "8.9.0"
value: "8.10.0"
# Sets event.created from the @timestamp field generated by filebeat before being overwritten further down
- set:
field: event.created
Expand Down
16 changes: 8 additions & 8 deletions packages/1password/data_stream/audit_events/sample_event.json
View file
Open in desktop
Expand Up @@ -13,7 +13,7 @@
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "d7b99bc0-ce95-4664-af6f-80d525d96e77",
Expand All @@ -38,19 +38,19 @@
"type": "httpjson"
},
"onepassword": {
"actor_uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4",
"actor_details": {
"uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4",
"email": "test.actor@domain.com",
"name": "Test Actor",
"email": "test.actor@domain.com"
"uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4"
},
"object_type": "user",
"object_uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM",
"actor_uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4",
"object_details": {
"uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM",
"email": "test.object@domain.com",
"name": "Test Object",
"email": "test.object@domain.com"
"uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM"
},
"object_type": "user",
"object_uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM",
"session": {
"device_uuid": "rqtd557fn2husnstp5nc66w2xa",
"login_time": "2022-10-24T21:07:34.703106271Z",
Expand Down
4 changes: 2 additions & 2 deletions ...s/1password/data_stream/item_usages/_dev/test/pipeline/test-itemusages.json-expected.json
View file
Open in desktop
Expand Up @@ -3,7 +3,7 @@
{
"@timestamp": "2021-08-30T18:57:42.484Z",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"action": "reveal",
Expand Down Expand Up @@ -76,7 +76,7 @@
{
"@timestamp": "2021-08-30T19:10:00.123Z",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down
2 changes: 1 addition & 1 deletion packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Expand Up @@ -16,7 +16,7 @@ processors:
#######################
- set:
field: ecs.version
value: '8.9.0'
value: '8.10.0'
# Sets event.created from the @timestamp field generated by filebeat before being overwritten further down
- set:
field: event.created
Expand Down
2 changes: 1 addition & 1 deletion packages/1password/data_stream/item_usages/sample_event.json
View file
Open in desktop
Expand Up @@ -13,7 +13,7 @@
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "d7b99bc0-ce95-4664-af6f-80d525d96e77",
Expand Down
4 changes: 2 additions & 2 deletions ...ord/data_stream/signin_attempts/_dev/test/pipeline/test-signinattempts.json-expected.json
View file
Open in desktop
Expand Up @@ -3,7 +3,7 @@
{
"@timestamp": "2021-08-11T14:28:03.000Z",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"action": "success",
Expand Down Expand Up @@ -78,7 +78,7 @@
{
"@timestamp": "2021-08-11T15:04:22.000Z",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"action": "credentials_failed",
Expand Down
2 changes: 1 addition & 1 deletion packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Expand Up @@ -16,7 +16,7 @@ processors:
#######################
- set:
field: ecs.version
value: '8.9.0'
value: '8.10.0'
# Sets event.created from the @timestamp field generated by filebeat before being overwritten further down
- set:
field: event.created
Expand Down
2 changes: 1 addition & 1 deletion packages/1password/data_stream/signin_attempts/sample_event.json
View file
Open in desktop
Expand Up @@ -13,7 +13,7 @@
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "d7b99bc0-ce95-4664-af6f-80d525d96e77",
Expand Down
20 changes: 10 additions & 10 deletions packages/1password/docs/README.md
View file
Open in desktop
Expand Up @@ -91,7 +91,7 @@ An example event for `signin_attempts` looks as following:
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "d7b99bc0-ce95-4664-af6f-80d525d96e77",
Expand Down Expand Up @@ -230,7 +230,7 @@ An example event for `item_usages` looks as following:
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "d7b99bc0-ce95-4664-af6f-80d525d96e77",
Expand Down Expand Up @@ -376,7 +376,7 @@ An example event for `audit_events` looks as following:
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "d7b99bc0-ce95-4664-af6f-80d525d96e77",
Expand All @@ -401,19 +401,19 @@ An example event for `audit_events` looks as following:
"type": "httpjson"
},
"onepassword": {
"actor_uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4",
"actor_details": {
"uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4",
"email": "test.actor@domain.com",
"name": "Test Actor",
"email": "test.actor@domain.com"
"uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4"
},
"object_type": "user",
"object_uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM",
"actor_uuid": "GLF6WUEKS5CSNDJ2OG6TCZD3M4",
"object_details": {
"uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM",
"email": "test.object@domain.com",
"name": "Test Object",
"email": "test.object@domain.com"
"uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM"
},
"object_type": "user",
"object_uuid": "ZRQCUD6A65AKHFETOUFO7NL4OM",
"session": {
"device_uuid": "rqtd557fn2husnstp5nc66w2xa",
"login_time": "2022-10-24T21:07:34.703106271Z",
Expand Down
2 changes: 1 addition & 1 deletion packages/1password/manifest.yml
View file
Open in desktop
@@ -1,7 +1,7 @@
format_version: 2.11.0
name: 1password
title: "1Password"
version: "1.19.0"
version: "1.20.0"
description: Collect logs from 1Password with Elastic Agent.
type: integration
categories:
Expand Down
2 changes: 1 addition & 1 deletion packages/akamai/_dev/build/build.yml
View file
Open in desktop
@@ -1,3 +1,3 @@
dependencies:
ecs:
reference: git@v8.9.0
reference: "git@v8.10.0"
5 changes: 5 additions & 0 deletions packages/akamai/changelog.yml
View file
Open in desktop
@@ -1,4 +1,9 @@
# newer versions go on top
- version: 2.17.0
changes:
- description: ECS version updated to 8.10.0.
type: enhancement
link: https://github.com/elastic/integrations/pull/7905
- version: 2.16.0
changes:
- description: "The format_version in the package manifest changed from 2.11.0 to 3.0.0. Removed dotted YAML keys from package manifest. Added 'owner.type: elastic' to package manifest."
Expand Down
4 changes: 2 additions & 2 deletions packages/akamai/data_stream/siem/_dev/test/pipeline/test-http-json.log-expected.json
View file
Open in desktop
Expand Up @@ -107,7 +107,7 @@
"ip": "89.160.20.156"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -272,7 +272,7 @@
"ip": "89.160.20.156"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down
2 changes: 1 addition & 1 deletion packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Expand Up @@ -3,7 +3,7 @@ description: Pipeline for parsing Akamai logs
processors:
- set:
field: ecs.version
value: '8.9.0'
value: '8.10.0'
- rename:
field: message
target_field: event.original
Expand Down
2 changes: 1 addition & 1 deletion packages/akamai/data_stream/siem/sample_event.json
View file
Open in desktop
Expand Up @@ -107,7 +107,7 @@
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "cdda426a-7e47-48c4-b2f5-b9f1ad5bf08a",
Expand Down
2 changes: 1 addition & 1 deletion packages/akamai/docs/README.md
View file
Open in desktop
Expand Up @@ -257,7 +257,7 @@ An example event for `siem` looks as following:
"type": "logs"
},
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"elastic_agent": {
"id": "cdda426a-7e47-48c4-b2f5-b9f1ad5bf08a",
Expand Down
2 changes: 1 addition & 1 deletion packages/akamai/manifest.yml
View file
Open in desktop
@@ -1,6 +1,6 @@
name: akamai
title: Akamai
version: "2.16.0"
version: "2.17.0"
description: Collect logs from Akamai with Elastic Agent.
type: integration
format_version: "3.0.0"
Expand Down
2 changes: 1 addition & 1 deletion packages/arista_ngfw/_dev/build/build.yml
View file
Open in desktop
@@ -1,3 +1,3 @@
dependencies:
ecs:
reference: git@v8.9.0
reference: "git@v8.10.0"
5 changes: 5 additions & 0 deletions packages/arista_ngfw/changelog.yml
View file
Open in desktop
@@ -1,4 +1,9 @@
# newer versions go on top
- version: 0.6.0
changes:
- description: ECS version updated to 8.10.0.
type: enhancement
link: https://github.com/elastic/integrations/pull/7905
- version: 0.5.0
changes:
- description: "The format_version in the package manifest changed from 2.11.0 to 3.0.0. Removed dotted YAML keys from package manifest. Added 'owner.type: elastic' to package manifest."
Expand Down
20 changes: 10 additions & 10 deletions packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-admin-login.log-expected.json
View file
Open in desktop
Expand Up @@ -3,7 +3,7 @@
{
"@timestamp": "2023-05-24T13:09:53.477-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -60,7 +60,7 @@
{
"@timestamp": "2023-05-23T10:06:57.518-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -117,7 +117,7 @@
{
"@timestamp": "2023-05-23T13:35:42.611-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -174,7 +174,7 @@
{
"@timestamp": "2023-05-22T13:47:59.495-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -231,7 +231,7 @@
{
"@timestamp": "2023-05-21T09:58:40.250-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -288,7 +288,7 @@
{
"@timestamp": "2023-05-20T08:12:47.018-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -346,7 +346,7 @@
{
"@timestamp": "2023-05-18T15:08:14.224-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -403,7 +403,7 @@
{
"@timestamp": "2023-05-18T06:58:38.360-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -460,7 +460,7 @@
{
"@timestamp": "2023-05-17T15:04:03.772-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down Expand Up @@ -517,7 +517,7 @@
{
"@timestamp": "2023-05-12T09:09:40.787-06:00",
"ecs": {
"version": "8.9.0"
"version": "8.10.0"
},
"event": {
"category": [
Expand Down