[SEI] Promote packages to GA

[taylor-swanson]

Proposed commit message

• Promote many packages to GA
• Upgraded package-spec to 3.0.0 where necessary

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

elastic-package test

Related issues

• Closes [Security Integrations] Moving integrations from Tech Preview to GA #8389

[taylor-swanson]

@elastic/obs-ds-hosted-services, aws_logs was included in the list of packages to promote to GA (see #8389). If there any objections to this and the package is not ready for GA, I'll remove it from this list.

[elasticmachine]

🚀 Benchmarks report

Package arista_ngfw 👍(0) 💚(0) 💔(1)

Expand to view

Data stream	Previous EPS	New EPS	Diff (%)	Result
log	1501.5	1272.26	-229.24 (-15.27%)	💔

Package prisma_cloud 👍(3) 💚(1) 💔(1)

Expand to view

Data stream	Previous EPS	New EPS	Diff (%)	Result
host_profile	1742.16	1449.28	-292.88 (-16.81%)	💔

Package qualys_vmdr 👍(0) 💚(1) 💔(1)

Expand to view

Data stream	Previous EPS	New EPS	Diff (%)	Result
knowledge_base	1597.44	1239.16	-358.28 (-22.43%)	💔

Package wiz 👍(2) 💚(0) 💔(1)

Expand to view

Data stream	Previous EPS	New EPS	Diff (%)	Result
audit	2564.1	1945.53	-618.57 (-24.12%)	💔

To see the full report comment with /test benchmark fullreport

[taylor-swanson]

/test

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[taylor-swanson]

As a side note, elastic-package performed a lot of formatting/whitespace changes on some of the files, so it may help to hide whitespace changes to make it quicker to review.

[kcreddy]

LGTM 👍🏼

[taylor-swanson]

@elastic/obs-ds-hosted-services, would some one be able to review this? Specifically, the aws_logs package. It was included in the list of packages to promote to GA (see #8389). If there any objections to this and the package is not ready for GA, I'll remove it from this list.

(cc @zmoog, @aspacca in case the elastic/obs-ds-hosted-services handle isn't sending notifications)

[taylor-swanson]

/test

[taylor-swanson]

/test

[taylor-swanson]

/test

[bhapas]

/test

[taylor-swanson]

/test

[taylor-swanson]

/test

[jamiehynds]

@taylor-swanson sorry for late notice. Is it possible to keep SentinelOne Cloud Funnel in Tech Preview as @w0rk3r has some mapping adjustments to make to ensure our detection rules can leverage S1 Cloud Funnel data. Easier to make those mapping adjustments while in Tech Preview.

[taylor-swanson]

@taylor-swanson sorry for late notice. Is it possible to keep SentinelOne Cloud Funnel in Tech Preview as @w0rk3r has some mapping adjustments to make to ensure our detection rules can leverage S1 Cloud Funnel data. Easier to make those mapping adjustments while in Tech Preview.

Absolutely, I'll remove it from the list now.

As a note, I don't think the numerous test failures I'm hitting are anything to do with the integrations, there's something weird going on with CI lately.

[taylor-swanson]

/test

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 7320796

History

• 💔 Build #8274 failed 7320796
• 💔 Build #8270 failed c8af735
• 💔 Build #8268 failed c8af735
• 💔 Build #8250 failed c8af735
• 💔 Build #8248 failed c8af735

cc @taylor-swanson

[elasticmachine]

Package amazon_security_lake - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=amazon_security_lake

[elasticmachine]

Package arista_ngfw - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=arista_ngfw

[elasticmachine]

Package cisco_nexus - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cisco_nexus

[elasticmachine]

Package entityanalytics_entra_id - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=entityanalytics_entra_id

[elasticmachine]

Package entityanalytics_okta - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=entityanalytics_okta

[elasticmachine]

Package google_scc - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=google_scc

[elasticmachine]

Package imperva - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=imperva

[elasticmachine]

Package microsoft_defender_cloud - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=microsoft_defender_cloud

[elasticmachine]

Package prisma_cloud - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=prisma_cloud

[elasticmachine]

Package qualys_vmdr - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=qualys_vmdr

[elasticmachine]

Package symantec_edr_cloud - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=symantec_edr_cloud

[elasticmachine]

Package ti_maltiverse - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=ti_maltiverse

[elasticmachine]

Package ti_mandiant_advantage - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=ti_mandiant_advantage

[elasticmachine]

Package ti_opencti - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=ti_opencti

[elasticmachine]

Package trellix_edr_cloud - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=trellix_edr_cloud

[elasticmachine]

Package wiz - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=wiz