From 369c577babec39a5207dc680c53e2f7cbae0b8c8 Mon Sep 17 00:00:00 2001 From: Dan Kortschak Date: Tue, 10 Dec 2024 11:56:00 +1030 Subject: [PATCH] ssi_all: add "preserve_original_event" tag to documents with event.kind set to "pipeline_error" [git-generate] for f in $( ( for p in $( yq 'select(.owner.github == "elastic/security-service-integrations")|.name' packages/**/manifest.yml \ | grep -v -- --- ); do rg -l -g 'default.yml' "value: pipeline_error" packages/$p done )|sort|uniq ); do (grep 'value: preserve_original_event' $f >/dev/null 2>&1) && continue perl -i -pe 'BEGIN{undef $/;} s/([a-z:"]) ( *)(- set:.*value: pipeline_error)/$1 $2$3 $2- append: $2 field: tags $2 value: preserve_original_event $2 allow_duplicates: true/smg' $f done for p in $(git diff --name-only HEAD~1|cut -d/ -f1,2|sort|uniq); do ( cd $p elastic-package changelog add \ --description 'Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".' \ --type enhancement \ --next minor \ --link https://github.com/elastic/integrations/pull/12046 )>/dev/null 2>&1 done --- packages/1password/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/1password/manifest.yml | 2 +- packages/abnormal_security/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../case/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/abnormal_security/manifest.yml | 2 +- packages/akamai/changelog.yml | 5 +++++ .../siem/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/akamai/manifest.yml | 2 +- packages/amazon_security_lake/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/amazon_security_lake/manifest.yml | 2 +- packages/atlassian_bitbucket/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/atlassian_bitbucket/manifest.yml | 2 +- packages/atlassian_confluence/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/atlassian_confluence/manifest.yml | 2 +- packages/atlassian_jira/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/atlassian_jira/manifest.yml | 2 +- packages/auth0/changelog.yml | 5 +++++ .../logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/auth0/manifest.yml | 2 +- packages/authentik/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/authentik/manifest.yml | 2 +- packages/aws_bedrock/changelog.yml | 5 +++++ .../runtime/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/aws_bedrock/manifest.yml | 2 +- packages/azure_frontdoor/changelog.yml | 5 +++++ .../access/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../waf/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/azure_frontdoor/manifest.yml | 2 +- packages/azure_network_watcher_nsg/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/azure_network_watcher_nsg/manifest.yml | 2 +- packages/azure_network_watcher_vnet/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/azure_network_watcher_vnet/manifest.yml | 2 +- packages/barracuda/changelog.yml | 5 +++++ .../waf/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/barracuda/manifest.yml | 2 +- packages/barracuda_cloudgen_firewall/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/barracuda_cloudgen_firewall/manifest.yml | 2 +- packages/bbot/changelog.yml | 5 +++++ .../asm_intel/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/bbot/manifest.yml | 2 +- packages/bitdefender/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/bitdefender/manifest.yml | 2 +- packages/bitwarden/changelog.yml | 5 +++++ .../collection/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../member/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../policy/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/bitwarden/manifest.yml | 2 +- packages/blacklens/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/blacklens/manifest.yml | 2 +- packages/box_events/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/box_events/manifest.yml | 2 +- packages/canva/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/canva/manifest.yml | 2 +- packages/carbon_black_cloud/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../alert_v7/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/carbon_black_cloud/manifest.yml | 2 +- packages/carbonblack_edr/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/carbonblack_edr/manifest.yml | 2 +- packages/checkpoint_email/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/checkpoint_email/manifest.yml | 2 +- packages/checkpoint_harmony_endpoint/changelog.yml | 5 +++++ .../antibot/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../forensics/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/checkpoint_harmony_endpoint/manifest.yml | 2 +- packages/cisa_kevs/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisa_kevs/manifest.yml | 2 +- packages/cisco_duo/changelog.yml | 5 +++++ .../activity/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../admin/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../auth/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../summary/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../telephony/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_duo/manifest.yml | 2 +- packages/cisco_meraki/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_meraki/manifest.yml | 2 +- packages/cisco_secure_endpoint/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_secure_endpoint/manifest.yml | 2 +- packages/cisco_umbrella/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_umbrella/manifest.yml | 2 +- packages/claroty_ctd/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../baseline/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/claroty_ctd/manifest.yml | 2 +- packages/cloudflare/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../logpull/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cloudflare/manifest.yml | 2 +- packages/cloudflare_logpush/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../casb/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../magic_ids/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../nel_report/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cloudflare_logpush/manifest.yml | 2 +- packages/crowdstrike/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../falcon/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../fdr/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../host/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/crowdstrike/manifest.yml | 2 +- packages/cyberark_pta/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cyberark_pta/manifest.yml | 2 +- packages/cyberarkpas/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../monitor/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cyberarkpas/manifest.yml | 2 +- packages/cybereason/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../malware/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../poll_malop/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cybereason/manifest.yml | 2 +- packages/cylance/changelog.yml | 5 +++++ .../protect/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cylance/manifest.yml | 2 +- packages/darktrace/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/darktrace/manifest.yml | 2 +- packages/digital_guardian/changelog.yml | 5 +++++ .../arc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/digital_guardian/manifest.yml | 2 +- packages/entityanalytics_ad/changelog.yml | 5 +++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/entityanalytics_ad/manifest.yml | 2 +- packages/entityanalytics_entra_id/changelog.yml | 5 +++++ .../entity/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/entityanalytics_entra_id/manifest.yml | 2 +- packages/entityanalytics_okta/changelog.yml | 5 +++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/entityanalytics_okta/manifest.yml | 2 +- packages/eset_protect/changelog.yml | 5 +++++ .../detection/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/eset_protect/manifest.yml | 2 +- packages/f5/changelog.yml | 5 +++++ .../bigipafm/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../bigipapm/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/f5/manifest.yml | 2 +- packages/f5_bigip/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/f5_bigip/manifest.yml | 2 +- packages/falco/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/falco/manifest.yml | 2 +- packages/fireeye/changelog.yml | 5 +++++ .../nx/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/fireeye/manifest.yml | 2 +- packages/first_epss/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/first_epss/manifest.yml | 2 +- packages/forcepoint_web/changelog.yml | 5 +++++ .../logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/forcepoint_web/manifest.yml | 2 +- packages/forgerock/changelog.yml | 5 +++++ .../am_access/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../am_config/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../am_core/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_access/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_config/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_core/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_sync/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/forgerock/manifest.yml | 2 +- packages/gigamon/changelog.yml | 5 +++++ .../ami/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/gigamon/manifest.yml | 2 +- packages/github/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dependabot/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../issues/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/github/manifest.yml | 2 +- packages/gitlab/changelog.yml | 5 +++++ .../api/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../auth/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../pages/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../production/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../sidekiq/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/gitlab/manifest.yml | 2 +- packages/google_scc/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../finding/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../source/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/google_scc/manifest.yml | 2 +- packages/google_workspace/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../admin/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../device/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../drive/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../gcp/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../groups/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../login/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../rules/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../saml/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../token/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/google_workspace/manifest.yml | 2 +- packages/imperva_cloud_waf/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/imperva_cloud_waf/manifest.yml | 2 +- packages/infoblox_bloxone_ddi/changelog.yml | 5 +++++ .../dhcp_lease/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns_config/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns_data/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/infoblox_bloxone_ddi/manifest.yml | 2 +- packages/infoblox_nios/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/infoblox_nios/manifest.yml | 2 +- packages/jamf_compliance_reporter/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/jamf_compliance_reporter/manifest.yml | 2 +- packages/jamf_pro/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../inventory/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/jamf_pro/manifest.yml | 2 +- packages/jamf_protect/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../telemetry/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/jamf_protect/manifest.yml | 2 +- packages/jumpcloud/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/jumpcloud/manifest.yml | 2 +- packages/keycloak/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/keycloak/manifest.yml | 2 +- packages/lastpass/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/lastpass/manifest.yml | 2 +- packages/lumos/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/lumos/manifest.yml | 2 +- packages/lyve_cloud/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/lyve_cloud/manifest.yml | 2 +- packages/m365_defender/changelog.yml | 9 +++++++-- .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/m365_defender/manifest.yml | 2 +- packages/mattermost/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/mattermost/manifest.yml | 2 +- packages/menlo/changelog.yml | 5 +++++ .../dlp/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../web/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/menlo/manifest.yml | 2 +- packages/microsoft_defender_cloud/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/microsoft_defender_cloud/manifest.yml | 2 +- packages/microsoft_defender_endpoint/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/microsoft_defender_endpoint/manifest.yml | 2 +- .../changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../microsoft_exchange_online_message_trace/manifest.yml | 2 +- packages/microsoft_sentinel/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/microsoft_sentinel/manifest.yml | 2 +- packages/mimecast/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dlp_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../siem_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/mimecast/manifest.yml | 2 +- packages/netskope/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/netskope/manifest.yml | 2 +- packages/o365/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/o365/manifest.yml | 2 +- packages/okta/changelog.yml | 5 +++++ .../system/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/okta/manifest.yml | 8 ++------ packages/opencanary/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/opencanary/manifest.yml | 2 +- packages/panw_cortex_xdr/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incidents/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/panw_cortex_xdr/manifest.yml | 2 +- packages/ping_one/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ping_one/manifest.yml | 2 +- packages/pps/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/pps/manifest.yml | 2 +- packages/prisma_access/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/prisma_access/manifest.yml | 2 +- packages/prisma_cloud/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../host/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 6 +++++- packages/prisma_cloud/manifest.yml | 2 +- packages/proofpoint_on_demand/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../mail/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../message/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/proofpoint_on_demand/manifest.yml | 2 +- packages/proofpoint_tap/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/proofpoint_tap/manifest.yml | 2 +- packages/pulse_connect_secure/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/pulse_connect_secure/manifest.yml | 2 +- packages/qualys_vmdr/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/qualys_vmdr/manifest.yml | 2 +- packages/rapid7_insightvm/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/rapid7_insightvm/manifest.yml | 2 +- packages/santa/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/santa/manifest.yml | 2 +- packages/sentinel_one/changelog.yml | 5 +++++ .../activity/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../agent/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sentinel_one/manifest.yml | 2 +- packages/sentinel_one_cloud_funnel/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sentinel_one_cloud_funnel/manifest.yml | 5 +---- packages/servicenow/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/servicenow/manifest.yml | 4 ++-- packages/slack/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/slack/manifest.yml | 2 +- packages/snyk/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../issues/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/snyk/manifest.yml | 2 +- packages/sophos_central/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sophos_central/manifest.yml | 2 +- packages/spycloud/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../compass/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/spycloud/manifest.yml | 2 +- packages/sublime_security/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sublime_security/manifest.yml | 2 +- packages/symantec_edr_cloud/changelog.yml | 5 +++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/symantec_edr_cloud/manifest.yml | 2 +- packages/symantec_endpoint/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/symantec_endpoint/manifest.yml | 2 +- packages/symantec_endpoint_security/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/symantec_endpoint_security/manifest.yml | 2 +- packages/sysdig/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 6 +++++- packages/sysdig/manifest.yml | 2 +- packages/tanium/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../discover/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../reporting/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tanium/manifest.yml | 2 +- packages/teleport/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/teleport/manifest.yml | 2 +- packages/tenable_io/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../plugin/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../scan/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tenable_io/manifest.yml | 2 +- packages/tenable_sc/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../plugin/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tenable_sc/manifest.yml | 2 +- packages/thycotic_ss/changelog.yml | 5 +++++ .../logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/thycotic_ss/manifest.yml | 2 +- packages/ti_abusech/changelog.yml | 5 +++++ .../malware/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threatfox/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../url/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_abusech/manifest.yml | 2 +- packages/ti_anomali/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_anomali/manifest.yml | 2 +- packages/ti_cif3/changelog.yml | 5 +++++ .../feed/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_cif3/manifest.yml | 2 +- packages/ti_crowdstrike/changelog.yml | 5 +++++ .../intel/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ioc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_crowdstrike/manifest.yml | 2 +- packages/ti_custom/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_custom/manifest.yml | 2 +- packages/ti_cybersixgill/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_cybersixgill/manifest.yml | 2 +- packages/ti_eclecticiq/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 6 +++++- packages/ti_eclecticiq/manifest.yml | 2 +- packages/ti_eset/changelog.yml | 5 +++++ .../apt/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../botnet/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../domains/elasticsearch/ingest_pipeline/default.yml | 6 +++++- .../files/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ip/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../url/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_eset/manifest.yml | 2 +- packages/ti_maltiverse/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_maltiverse/manifest.yml | 2 +- packages/ti_mandiant_advantage/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_mandiant_advantage/manifest.yml | 2 +- packages/ti_misp/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_misp/manifest.yml | 2 +- packages/ti_opencti/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_opencti/manifest.yml | 2 +- packages/ti_otx/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_otx/manifest.yml | 2 +- packages/ti_rapid7_threat_command/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ioc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_rapid7_threat_command/manifest.yml | 2 +- packages/ti_recordedfuture/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_recordedfuture/manifest.yml | 2 +- packages/ti_threatconnect/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_threatconnect/manifest.yml | 2 +- packages/ti_threatq/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_threatq/manifest.yml | 2 +- packages/tines/changelog.yml | 5 +++++ .../audit_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../time_saved/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tines/manifest.yml | 2 +- packages/trellix_edr_cloud/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trellix_edr_cloud/manifest.yml | 2 +- packages/trellix_epo_cloud/changelog.yml | 5 +++++ .../device/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trellix_epo_cloud/manifest.yml | 2 +- packages/trend_micro_vision_one/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../detection/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trend_micro_vision_one/manifest.yml | 9 ++------- packages/trendmicro/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trendmicro/manifest.yml | 2 +- packages/tychon/changelog.yml | 5 +++++ .../arp/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../browser/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ciphers/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cmrs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../coams/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cpu/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cve/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../epp/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../features/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../harddrive/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../hardware/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../host/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../stig/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../volume/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tychon/manifest.yml | 2 +- packages/vectra_detect/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/vectra_detect/manifest.yml | 2 +- packages/wiz/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../issue/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/wiz/manifest.yml | 2 +- packages/zerofox/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zerofox/manifest.yml | 2 +- packages/zeronetworks/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zeronetworks/manifest.yml | 2 +- packages/zoom/changelog.yml | 5 +++++ .../webhook/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zoom/manifest.yml | 2 +- packages/zscaler_zia/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../firewall/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../tunnel/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../web/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zscaler_zia/manifest.yml | 2 +- packages/zscaler_zpa/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zscaler_zpa/manifest.yml | 2 +- 626 files changed, 2239 insertions(+), 158 deletions(-) diff --git a/packages/1password/changelog.yml b/packages/1password/changelog.yml index 6a454d58425..a3f8585af3e 100644 --- a/packages/1password/changelog.yml +++ b/packages/1password/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.31.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.30.2" changes: - description: Unify the use of `user.full_name` and `user.name` in all data streams. diff --git a/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml b/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml index 08635474654..ff9f9ce765e 100644 --- a/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml @@ -138,6 +138,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml b/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml index e4eed5b408e..78018c2358c 100644 --- a/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml +++ b/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml @@ -134,6 +134,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml b/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml index 7a973887915..09c6c4971c9 100644 --- a/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml @@ -148,6 +148,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/1password/manifest.yml b/packages/1password/manifest.yml index 4d0e9b8e301..36fa3787542 100644 --- a/packages/1password/manifest.yml +++ b/packages/1password/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: 1password title: "1Password" -version: "1.30.2" +version: "1.31.0" description: Collect logs from 1Password with Elastic Agent. type: integration categories: diff --git a/packages/abnormal_security/changelog.yml b/packages/abnormal_security/changelog.yml index e5e73c70025..537069b9e02 100644 --- a/packages/abnormal_security/changelog.yml +++ b/packages/abnormal_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.1" changes: - description: Fix broken link for the Abnormal Security integration. diff --git a/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml index da2a071b160..526e96068bd 100644 --- a/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml @@ -283,3 +283,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 284e614caa2..f955cb6c851 100644 --- a/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -259,3 +259,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml index 143b1a2d21b..25b69b468e6 100644 --- a/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml @@ -222,3 +222,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index 6c8ed420791..237de900018 100644 --- a/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -543,3 +543,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/abnormal_security/manifest.yml b/packages/abnormal_security/manifest.yml index 7914dd20de9..da86e876d4c 100644 --- a/packages/abnormal_security/manifest.yml +++ b/packages/abnormal_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: abnormal_security title: Abnormal Security -version: 1.0.1 +version: 1.1.0 description: Collect logs from Abnormal Security with Elastic Agent. type: integration categories: diff --git a/packages/akamai/changelog.yml b/packages/akamai/changelog.yml index 62066f2abe4..2f87d1df3f9 100644 --- a/packages/akamai/changelog.yml +++ b/packages/akamai/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.26.0" changes: - description: Handle input leniently. diff --git a/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml b/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml index 99b90723851..07baf8ff940 100644 --- a/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml +++ b/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml @@ -545,6 +545,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: >- diff --git a/packages/akamai/manifest.yml b/packages/akamai/manifest.yml index cf245974323..58dde876014 100644 --- a/packages/akamai/manifest.yml +++ b/packages/akamai/manifest.yml @@ -1,6 +1,6 @@ name: akamai title: Akamai -version: "2.26.0" +version: "2.27.0" description: Collect logs from Akamai with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/amazon_security_lake/changelog.yml b/packages/amazon_security_lake/changelog.yml index 294689e3035..f06dab78cc0 100644 --- a/packages/amazon_security_lake/changelog.yml +++ b/packages/amazon_security_lake/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.0" changes: - description: Updated to support OCSF v1.1.0. with major pipeline rework and dynamic mapping support. diff --git a/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 8a553ded23d..f73cae6a08c 100644 --- a/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -1453,3 +1453,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/amazon_security_lake/manifest.yml b/packages/amazon_security_lake/manifest.yml index c8ab9b1cc65..a4588c779df 100644 --- a/packages/amazon_security_lake/manifest.yml +++ b/packages/amazon_security_lake/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: amazon_security_lake title: Amazon Security Lake -version: "2.0.0" +version: "2.1.0" description: Collect logs from Amazon Security Lake with Elastic Agent. type: integration categories: ["aws", "security"] diff --git a/packages/atlassian_bitbucket/changelog.yml b/packages/atlassian_bitbucket/changelog.yml index c31a2e6dab7..bf8e66d5f71 100644 --- a/packages/atlassian_bitbucket/changelog.yml +++ b/packages/atlassian_bitbucket/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.2.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 3568aa10090..0e579c14169 100644 --- a/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -443,6 +443,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/atlassian_bitbucket/manifest.yml b/packages/atlassian_bitbucket/manifest.yml index 2ff31f3e3f0..3bfe9415817 100644 --- a/packages/atlassian_bitbucket/manifest.yml +++ b/packages/atlassian_bitbucket/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: atlassian_bitbucket title: Atlassian Bitbucket -version: "2.2.2" +version: "2.3.0" description: Collect logs from Atlassian Bitbucket with Elastic Agent. type: integration categories: diff --git a/packages/atlassian_confluence/changelog.yml b/packages/atlassian_confluence/changelog.yml index 5312452317f..990f7320bc5 100644 --- a/packages/atlassian_confluence/changelog.yml +++ b/packages/atlassian_confluence/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.26.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 4a1020786e2..d017f85cf9b 100644 --- a/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -434,6 +434,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/atlassian_confluence/manifest.yml b/packages/atlassian_confluence/manifest.yml index e8c343b02b5..3b64de7a91b 100644 --- a/packages/atlassian_confluence/manifest.yml +++ b/packages/atlassian_confluence/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: atlassian_confluence title: Atlassian Confluence -version: "1.26.1" +version: "1.27.0" description: Collect logs from Atlassian Confluence with Elastic Agent. type: integration categories: diff --git a/packages/atlassian_jira/changelog.yml b/packages/atlassian_jira/changelog.yml index 1a6d8c92c39..bcc63de1b9b 100644 --- a/packages/atlassian_jira/changelog.yml +++ b/packages/atlassian_jira/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.28.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.27.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 1bee685949c..62bf5c5dba0 100644 --- a/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -413,6 +413,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/atlassian_jira/manifest.yml b/packages/atlassian_jira/manifest.yml index 67ea4bcab73..01861745b2b 100644 --- a/packages/atlassian_jira/manifest.yml +++ b/packages/atlassian_jira/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: atlassian_jira title: Atlassian Jira -version: "1.27.2" +version: "1.28.0" description: Collect logs from Atlassian Jira with Elastic Agent. type: integration categories: diff --git a/packages/auth0/changelog.yml b/packages/auth0/changelog.yml index e4bce9d96aa..f50393ee696 100644 --- a/packages/auth0/changelog.yml +++ b/packages/auth0/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.1" changes: - description: Fix dashboard visualisations containing empty data. diff --git a/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml b/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml index a9737e6e12f..086ce4d2942 100644 --- a/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml @@ -1105,6 +1105,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/auth0/manifest.yml b/packages/auth0/manifest.yml index ec5f4481253..6826922b079 100644 --- a/packages/auth0/manifest.yml +++ b/packages/auth0/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: auth0 title: "Auth0" -version: "1.18.1" +version: "1.19.0" description: Collect logs from Auth0 with Elastic Agent. type: integration categories: diff --git a/packages/authentik/changelog.yml b/packages/authentik/changelog.yml index acf2d619d8f..d65c6e28e49 100644 --- a/packages/authentik/changelog.yml +++ b/packages/authentik/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml index d2ea6dec1e2..1c86ccc5e72 100644 --- a/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -520,3 +520,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml index 6c35a9b6eb7..c90a5c15897 100644 --- a/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -160,3 +160,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml index 6241cd8a8f2..bad0f94469d 100644 --- a/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -218,3 +218,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/authentik/manifest.yml b/packages/authentik/manifest.yml index 614a0eb2196..f65d5ef74ac 100644 --- a/packages/authentik/manifest.yml +++ b/packages/authentik/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: authentik title: authentik -version: 1.0.0 +version: 1.1.0 description: Collect logs from authentik with Elastic Agent. type: integration categories: diff --git a/packages/aws_bedrock/changelog.yml b/packages/aws_bedrock/changelog.yml index e11d33a80ef..fdd4117bbaf 100644 --- a/packages/aws_bedrock/changelog.yml +++ b/packages/aws_bedrock/changelog.yml @@ -1,3 +1,8 @@ +- version: "0.16.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.15.0" changes: - description: Retain contextualGroundingPolicy check details. diff --git a/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml b/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml index 4fb918c4d22..82f4ff846a8 100644 --- a/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml +++ b/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml @@ -69,6 +69,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - set: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/aws_bedrock/manifest.yml b/packages/aws_bedrock/manifest.yml index 4b2d0293f75..f8584c2953e 100644 --- a/packages/aws_bedrock/manifest.yml +++ b/packages/aws_bedrock/manifest.yml @@ -3,7 +3,7 @@ name: aws_bedrock title: Amazon Bedrock description: Collect Amazon Bedrock model invocation logs and runtime metrics with Elastic Agent. type: integration -version: "0.15.0" +version: "0.16.0" categories: - aws conditions: diff --git a/packages/azure_frontdoor/changelog.yml b/packages/azure_frontdoor/changelog.yml index aad9d7bb50b..28de63e315a 100644 --- a/packages/azure_frontdoor/changelog.yml +++ b/packages/azure_frontdoor/changelog.yml @@ -1,3 +1,8 @@ +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml b/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml index e7f42869a0c..b02db6f5814 100644 --- a/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml @@ -342,6 +342,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml b/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml index 0f1a3a73cfb..0c865e143c3 100644 --- a/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml @@ -265,6 +265,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/azure_frontdoor/manifest.yml b/packages/azure_frontdoor/manifest.yml index b844bc6c7e0..5c3e8273dce 100644 --- a/packages/azure_frontdoor/manifest.yml +++ b/packages/azure_frontdoor/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: azure_frontdoor title: "Azure Frontdoor" -version: "2.0.1" +version: "2.1.0" description: "This Elastic integration collects logs from Azure Frontdoor." type: integration categories: diff --git a/packages/azure_network_watcher_nsg/changelog.yml b/packages/azure_network_watcher_nsg/changelog.yml index ccb6df3e72e..1914d86f0b8 100644 --- a/packages/azure_network_watcher_nsg/changelog.yml +++ b/packages/azure_network_watcher_nsg/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 1dd31c48ece..4940a71d8f3 100644 --- a/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -751,3 +751,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/azure_network_watcher_nsg/manifest.yml b/packages/azure_network_watcher_nsg/manifest.yml index 990ecb277fd..5849f43908b 100644 --- a/packages/azure_network_watcher_nsg/manifest.yml +++ b/packages/azure_network_watcher_nsg/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: azure_network_watcher_nsg title: Azure Network Watcher NSG -version: "1.0.0" +version: "1.1.0" description: Collect logs from Azure Network Watcher NSG with Elastic Agent. type: integration categories: diff --git a/packages/azure_network_watcher_vnet/changelog.yml b/packages/azure_network_watcher_vnet/changelog.yml index 0f95a0d9f5b..57cf894d451 100644 --- a/packages/azure_network_watcher_vnet/changelog.yml +++ b/packages/azure_network_watcher_vnet/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 64e7440c524..b0a76705990 100644 --- a/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -734,3 +734,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/azure_network_watcher_vnet/manifest.yml b/packages/azure_network_watcher_vnet/manifest.yml index f3a3f0d4ad7..0ff2bcf70d2 100644 --- a/packages/azure_network_watcher_vnet/manifest.yml +++ b/packages/azure_network_watcher_vnet/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: azure_network_watcher_vnet title: Azure Network Watcher VNet -version: "1.0.0" +version: "1.1.0" description: Collect logs from Azure Network Watcher VNet with Elastic Agent. type: integration categories: diff --git a/packages/barracuda/changelog.yml b/packages/barracuda/changelog.yml index 50e55cc4871..b3d6a439fd5 100644 --- a/packages/barracuda/changelog.yml +++ b/packages/barracuda/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.16.2" changes: - description: Fix broken link for the Barracuda integration. diff --git a/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml b/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml index 5b2b266142f..68cfe7f2f70 100644 --- a/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml +++ b/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml @@ -101,6 +101,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: "{{{ _ingest.on_failure_message }}}" diff --git a/packages/barracuda/manifest.yml b/packages/barracuda/manifest.yml index d0bb85ea716..5775e53201c 100644 --- a/packages/barracuda/manifest.yml +++ b/packages/barracuda/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: barracuda title: "Barracuda Web Application Firewall" -version: "1.16.2" +version: "1.17.0" description: "Collect logs from Barracuda Web Application Firewall with Elastic Agent." type: integration source: diff --git a/packages/barracuda_cloudgen_firewall/changelog.yml b/packages/barracuda_cloudgen_firewall/changelog.yml index 88e530c69ac..42c30d3e9d0 100644 --- a/packages/barracuda_cloudgen_firewall/changelog.yml +++ b/packages/barracuda_cloudgen_firewall/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.14.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.13.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 38c89684833..fab5395520e 100644 --- a/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -173,6 +173,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/barracuda_cloudgen_firewall/manifest.yml b/packages/barracuda_cloudgen_firewall/manifest.yml index ca98a418c6d..d2f7a8c3c85 100644 --- a/packages/barracuda_cloudgen_firewall/manifest.yml +++ b/packages/barracuda_cloudgen_firewall/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: barracuda_cloudgen_firewall title: Barracuda CloudGen Firewall Logs -version: "1.13.0" +version: "1.14.0" description: Collect logs from Barracuda CloudGen Firewall devices with Elastic Agent. categories: ["network", "security", "firewall_security"] type: integration diff --git a/packages/bbot/changelog.yml b/packages/bbot/changelog.yml index 495489f18f7..5f8fe5272a6 100644 --- a/packages/bbot/changelog.yml +++ b/packages/bbot/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml b/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml index 4971e4b7a93..e00c23e1af8 100644 --- a/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml @@ -165,6 +165,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} with tag {{{ _ingest.on_failure_processor_tag }}} in pipeline {{{ _ingest.on_failure_pipeline }}} failed with message: {{{ _ingest.on_failure_message }}}' diff --git a/packages/bbot/manifest.yml b/packages/bbot/manifest.yml index 076f1083353..bec50611fba 100644 --- a/packages/bbot/manifest.yml +++ b/packages/bbot/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: bbot title: "BBOT (Bighuge BLS OSINT Tool)" -version: "1.0.0" +version: "1.1.0" description: "BBOT is a recursive internet scanner inspired by Spiderfoot, but designed to be faster, more reliable, and friendlier to pentesters, bug bounty hunters, and developers. " type: integration categories: diff --git a/packages/bitdefender/changelog.yml b/packages/bitdefender/changelog.yml index f8c8da8f29b..0462b847a82 100644 --- a/packages/bitdefender/changelog.yml +++ b/packages/bitdefender/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.3" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml b/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml index 9a59f6db56e..ef0e44413fc 100644 --- a/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml @@ -33,6 +33,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml b/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml index f7fcad5c5fe..600db0e631a 100644 --- a/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml @@ -1584,6 +1584,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: "{{{ _ingest.on_failure_message }}}" diff --git a/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml b/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml index ed44ad066f9..2767c4c65b9 100644 --- a/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml @@ -33,6 +33,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/bitdefender/manifest.yml b/packages/bitdefender/manifest.yml index d4949ad1a81..13987f505f6 100644 --- a/packages/bitdefender/manifest.yml +++ b/packages/bitdefender/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: bitdefender title: "BitDefender" -version: "2.1.3" +version: "2.2.0" source: license: "Elastic-2.0" description: "Ingest BitDefender GravityZone logs and data" diff --git a/packages/bitwarden/changelog.yml b/packages/bitwarden/changelog.yml index 5aeeeef8af1..60ab3c074b7 100644 --- a/packages/bitwarden/changelog.yml +++ b/packages/bitwarden/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.14.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.13.0" changes: - description: Removed import_mappings. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml index 6cefc3d588d..c4342c9c9fb 100644 --- a/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml @@ -78,3 +78,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 20fa893bfc2..352e04c64b8 100644 --- a/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -742,3 +742,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml index a4092e544e9..775ce73bdcf 100644 --- a/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -136,3 +136,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml index dc18b4c7dad..2a6bd3c3a79 100644 --- a/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml @@ -271,3 +271,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml index c029745e987..eb63bce1dfe 100644 --- a/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml @@ -338,3 +338,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/bitwarden/manifest.yml b/packages/bitwarden/manifest.yml index c5b43233a39..68a419a32a3 100644 --- a/packages/bitwarden/manifest.yml +++ b/packages/bitwarden/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: bitwarden title: Bitwarden -version: "1.13.0" +version: "1.14.0" source: license: Elastic-2.0 description: Collect logs from Bitwarden with Elastic Agent. diff --git a/packages/blacklens/changelog.yml b/packages/blacklens/changelog.yml index 5d792755c62..0c3df960257 100644 --- a/packages/blacklens/changelog.yml +++ b/packages/blacklens/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial draft of the package diff --git a/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 3753bb7a78b..8274791e8d5 100644 --- a/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -99,6 +99,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/blacklens/manifest.yml b/packages/blacklens/manifest.yml index 0e61c6153de..e8f021d9aec 100644 --- a/packages/blacklens/manifest.yml +++ b/packages/blacklens/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.0 name: blacklens title: "blacklens.io" -version: 0.1.0 +version: 0.2.0 source: license: "Elastic-2.0" description: "Collect logs from blacklens.io with Elastic Agent" diff --git a/packages/box_events/changelog.yml b/packages/box_events/changelog.yml index 7a1a3c975e1..b6bddd25d3f 100644 --- a/packages/box_events/changelog.yml +++ b/packages/box_events/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.11.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.10.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 5491a0141aa..cd1e5d2a60c 100644 --- a/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -1248,6 +1248,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/box_events/manifest.yml b/packages/box_events/manifest.yml index 78a6630d163..19349884e3f 100644 --- a/packages/box_events/manifest.yml +++ b/packages/box_events/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: box_events title: Box Events -version: "2.10.0" +version: "2.11.0" description: "Collect logs from Box with Elastic Agent" type: integration categories: diff --git a/packages/canva/changelog.yml b/packages/canva/changelog.yml index 583efc2510c..1f8d198761e 100644 --- a/packages/canva/changelog.yml +++ b/packages/canva/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial release. diff --git a/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 77c678c2b6a..5000c8e2bbd 100644 --- a/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -1056,3 +1056,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/canva/manifest.yml b/packages/canva/manifest.yml index f05cde695e4..a2acb5e6c7e 100644 --- a/packages/canva/manifest.yml +++ b/packages/canva/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: canva title: Canva -version: 0.1.0 +version: 0.2.0 description: Collect logs from Canva with Elastic Agent. type: integration categories: diff --git a/packages/carbon_black_cloud/changelog.yml b/packages/carbon_black_cloud/changelog.yml index 631b9a500e7..9a26af3b01e 100644 --- a/packages/carbon_black_cloud/changelog.yml +++ b/packages/carbon_black_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.7.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.6.1" changes: - description: Fix handling of `source.address` to be dependent on direction. diff --git a/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index eb67dbdeca2..5a0b52c4555 100644 --- a/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -373,6 +373,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml index 79c66bb2c4c..0c0e501aa13 100644 --- a/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml @@ -902,6 +902,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml index 7ac10d700f7..e5be2f432b4 100644 --- a/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml @@ -153,6 +153,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index c27ba039f67..6d1a1a1f581 100644 --- a/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -117,6 +117,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml index d9d5b6dcc00..8c626477cdc 100644 --- a/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml @@ -923,6 +923,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml index 8ba481ea656..ee0aff6bf8a 100644 --- a/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml @@ -394,6 +394,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/manifest.yml b/packages/carbon_black_cloud/manifest.yml index ac1117e4518..a0fd0e80f1f 100644 --- a/packages/carbon_black_cloud/manifest.yml +++ b/packages/carbon_black_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: carbon_black_cloud title: VMware Carbon Black Cloud -version: "2.6.1" +version: "2.7.0" description: Collect logs from VMWare Carbon Black Cloud with Elastic Agent. type: integration categories: diff --git a/packages/carbonblack_edr/changelog.yml b/packages/carbonblack_edr/changelog.yml index 398dd0ee9bf..5ae4d9f36d8 100644 --- a/packages/carbonblack_edr/changelog.yml +++ b/packages/carbonblack_edr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 5250d1dea8b..6b08446282e 100644 --- a/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -870,6 +870,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/carbonblack_edr/manifest.yml b/packages/carbonblack_edr/manifest.yml index 6a43a3dd84f..b1b62252f83 100644 --- a/packages/carbonblack_edr/manifest.yml +++ b/packages/carbonblack_edr/manifest.yml @@ -1,6 +1,6 @@ name: carbonblack_edr title: VMware Carbon Black EDR -version: "1.18.1" +version: "1.19.0" description: Collect logs from VMware Carbon Black EDR with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/checkpoint_email/changelog.yml b/packages/checkpoint_email/changelog.yml index 482a7f613c0..2bda48b6d19 100644 --- a/packages/checkpoint_email/changelog.yml +++ b/packages/checkpoint_email/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.2.0" changes: - description: Add support for deleting request trace files. diff --git a/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml index f6b620b67b3..954a6eaab57 100644 --- a/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -354,3 +354,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/checkpoint_email/manifest.yml b/packages/checkpoint_email/manifest.yml index 723b92ef4ef..6a4a7d074cc 100644 --- a/packages/checkpoint_email/manifest.yml +++ b/packages/checkpoint_email/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.2 name: checkpoint_email title: Check Point Harmony Email & Collaboration -version: 0.2.0 +version: 0.3.0 description: Collect logs from Check Point Harmony Email & Collaboration with Elastic Agent. type: integration categories: diff --git a/packages/checkpoint_harmony_endpoint/changelog.yml b/packages/checkpoint_harmony_endpoint/changelog.yml index 91af3af9d9d..513f29a6a60 100644 --- a/packages/checkpoint_harmony_endpoint/changelog.yml +++ b/packages/checkpoint_harmony_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.1" changes: - description: Put the dashboard screenshot first, update base_url var. diff --git a/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml index cf866bfe8b1..71998a400c7 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml @@ -333,5 +333,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true ##################################################################### diff --git a/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml index 1bb54e5741b..bce66848cf2 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml @@ -345,5 +345,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true ########################################################################## diff --git a/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml index 15ebade4fca..df8c32479d4 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml @@ -307,5 +307,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true ################################################################ diff --git a/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml index 0bbd7326a01..09012345ea9 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml @@ -313,5 +313,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true ######################################################################## diff --git a/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml index 6d29f9e5a49..6888890965a 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml @@ -310,5 +310,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true ################################################################## \ No newline at end of file diff --git a/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml index 64613fa1316..6b379a13173 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml @@ -276,5 +276,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true ###################################################################### diff --git a/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml index 591058d1a2e..76859f4f0ef 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml @@ -271,5 +271,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true ############################################################################ \ No newline at end of file diff --git a/packages/checkpoint_harmony_endpoint/manifest.yml b/packages/checkpoint_harmony_endpoint/manifest.yml index 905f23d4243..e613acf62d5 100644 --- a/packages/checkpoint_harmony_endpoint/manifest.yml +++ b/packages/checkpoint_harmony_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: checkpoint_harmony_endpoint title: "Check Point Harmony Endpoint" -version: 0.1.1 +version: 0.2.0 source: license: "Elastic-2.0" description: "Collect logs from Check Point Harmony Endpoint" diff --git a/packages/cisa_kevs/changelog.yml b/packages/cisa_kevs/changelog.yml index 292faccf1eb..1de96fb25ae 100644 --- a/packages/cisa_kevs/changelog.yml +++ b/packages/cisa_kevs/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 4597ca427c5..26a0383dd46 100644 --- a/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -126,6 +126,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisa_kevs/manifest.yml b/packages/cisa_kevs/manifest.yml index 7a723242f0f..b08bc631f08 100644 --- a/packages/cisa_kevs/manifest.yml +++ b/packages/cisa_kevs/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: cisa_kevs title: "CISA Known Exploited Vulnerabilities" -version: "1.3.1" +version: "1.4.0" description: "This package allows the ingest of known exploited vulnerabilities according to the Cybersecurity and Infrastructure Security Agency of the United States of America. This information could be used to enrich or track exisiting vulnerabilities that are known to be exploited in the wild." type: integration categories: diff --git a/packages/cisco_duo/changelog.yml b/packages/cisco_duo/changelog.yml index a6505de3d36..1b1c748405c 100644 --- a/packages/cisco_duo/changelog.yml +++ b/packages/cisco_duo/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.2.6" changes: - description: Make retry options configurable in CEL-based datastreams. diff --git a/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml index 4d43f301bad..81d7b1190ce 100644 --- a/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml @@ -253,3 +253,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml index 37ee5ef77a9..7ee2a8e327a 100644 --- a/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml @@ -179,6 +179,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml index 8201c7b9d1e..503f63143da 100644 --- a/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml @@ -440,6 +440,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml index cb230150530..38c3efc7cab 100644 --- a/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml @@ -93,6 +93,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml index bb95255bc2c..6fae0852035 100644 --- a/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml @@ -41,6 +41,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml index af4fc97f011..ccf68a5ac24 100644 --- a/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml @@ -64,6 +64,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml index b5e4eedfecc..e998b68b28b 100644 --- a/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml @@ -85,3 +85,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml index d485a24f40d..e3a119e86e4 100644 --- a/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml @@ -168,3 +168,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cisco_duo/manifest.yml b/packages/cisco_duo/manifest.yml index 84076e03d21..d2b99af0052 100644 --- a/packages/cisco_duo/manifest.yml +++ b/packages/cisco_duo/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_duo title: Cisco Duo -version: "2.2.6" +version: "2.3.0" description: Collect logs from Cisco Duo with Elastic Agent. type: integration categories: diff --git a/packages/cisco_meraki/changelog.yml b/packages/cisco_meraki/changelog.yml index 8abf4011ddb..b59aad51658 100644 --- a/packages/cisco_meraki/changelog.yml +++ b/packages/cisco_meraki/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.25.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.24.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 79bf9a4ce3b..f49b4912145 100644 --- a/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -306,6 +306,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml index ea878047a6c..f9f3b8b906b 100644 --- a/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -351,6 +351,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisco_meraki/manifest.yml b/packages/cisco_meraki/manifest.yml index 7a6f514d977..cd8d0f46a29 100644 --- a/packages/cisco_meraki/manifest.yml +++ b/packages/cisco_meraki/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_meraki title: Cisco Meraki -version: "1.24.0" +version: "1.25.0" description: Collect logs from Cisco Meraki with Elastic Agent. type: integration categories: diff --git a/packages/cisco_secure_endpoint/changelog.yml b/packages/cisco_secure_endpoint/changelog.yml index e056f86d45f..228d9c649c9 100644 --- a/packages/cisco_secure_endpoint/changelog.yml +++ b/packages/cisco_secure_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.28.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.27.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 9cd6d5fe515..1b48928c2a8 100644 --- a/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -664,6 +664,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: |- diff --git a/packages/cisco_secure_endpoint/manifest.yml b/packages/cisco_secure_endpoint/manifest.yml index dc6761cc0e5..f223af94cb3 100644 --- a/packages/cisco_secure_endpoint/manifest.yml +++ b/packages/cisco_secure_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_secure_endpoint title: Cisco Secure Endpoint -version: "2.27.1" +version: "2.28.0" description: Collect logs from Cisco Secure Endpoint (AMP) with Elastic Agent. type: integration categories: diff --git a/packages/cisco_umbrella/changelog.yml b/packages/cisco_umbrella/changelog.yml index 995a9163486..b4249d45447 100644 --- a/packages/cisco_umbrella/changelog.yml +++ b/packages/cisco_umbrella/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.26.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml index a7776d0ade5..f04d265091c 100644 --- a/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -717,6 +717,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisco_umbrella/manifest.yml b/packages/cisco_umbrella/manifest.yml index cf17e8a153b..4f4a3aba393 100644 --- a/packages/cisco_umbrella/manifest.yml +++ b/packages/cisco_umbrella/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_umbrella title: Cisco Umbrella -version: "1.26.2" +version: "1.27.0" description: Collect logs from Cisco Umbrella with Elastic Agent. type: integration categories: diff --git a/packages/claroty_ctd/changelog.yml b/packages/claroty_ctd/changelog.yml index d98f376bad3..6a8a0f7da69 100644 --- a/packages/claroty_ctd/changelog.yml +++ b/packages/claroty_ctd/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: 0.2.0 changes: - description: Added double new lines between the navigation links on the dashboard. diff --git a/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 7d2bfde1e32..816da27402f 100644 --- a/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -1332,3 +1332,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml b/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml index 1009186f9c5..06624a4e129 100644 --- a/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml +++ b/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml @@ -548,3 +548,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml index b040e712181..df79bca8f88 100644 --- a/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -2203,3 +2203,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/claroty_ctd/manifest.yml b/packages/claroty_ctd/manifest.yml index 7c55d0c2fb1..2b05262bbdc 100644 --- a/packages/claroty_ctd/manifest.yml +++ b/packages/claroty_ctd/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.4 name: claroty_ctd title: Claroty CTD -version: 0.2.0 +version: 0.3.0 description: Collect logs from Claroty CTD using Elastic Agent. type: integration categories: diff --git a/packages/cloudflare/changelog.yml b/packages/cloudflare/changelog.yml index 2b6e51fdd4d..9fbd0af5aae 100644 --- a/packages/cloudflare/changelog.yml +++ b/packages/cloudflare/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.29.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.28.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index ad6cc474e74..d7cd4b6dc72 100644 --- a/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -273,6 +273,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml index b701d4417af..929f578f761 100644 --- a/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml @@ -65,3 +65,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare/manifest.yml b/packages/cloudflare/manifest.yml index 1d47ad0e7a2..51349d54e62 100644 --- a/packages/cloudflare/manifest.yml +++ b/packages/cloudflare/manifest.yml @@ -1,6 +1,6 @@ name: cloudflare title: Cloudflare -version: "2.28.0" +version: "2.29.0" description: Collect logs from Cloudflare with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/cloudflare_logpush/changelog.yml b/packages/cloudflare_logpush/changelog.yml index 4cd6fa0ac62..52783935963 100644 --- a/packages/cloudflare_logpush/changelog.yml +++ b/packages/cloudflare_logpush/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.0" changes: - description: Retain zone name for firewall events. diff --git a/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml index 935621242b2..83ab5164cc5 100644 --- a/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml @@ -232,3 +232,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 6acc7288f78..a34eddecb50 100644 --- a/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -212,3 +212,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml index a1f552339a1..6663b97d835 100644 --- a/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml @@ -163,3 +163,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml index ed34de00a6d..f4950af9e45 100644 --- a/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml @@ -228,3 +228,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml index 1fb1b8d4cb8..85739b1eb7b 100644 --- a/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml @@ -183,3 +183,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml index dde7f487b0d..3f56c2ac4cc 100644 --- a/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml @@ -285,3 +285,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml index ef7ba6371f8..b9a5a2d8643 100644 --- a/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml @@ -328,3 +328,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml index 4d7ed12e2be..1d8f457fc2d 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml @@ -364,3 +364,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml index 8583350501d..f0bf57a44ab 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml @@ -364,3 +364,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml index 642670c6b98..984f6b4b4e3 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml @@ -297,3 +297,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml index 309336c87c8..879b9c3b096 100644 --- a/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml @@ -875,3 +875,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml index ba538c49c68..19ef39062c7 100644 --- a/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml @@ -275,3 +275,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml index 724e95ee472..cee053a3f5a 100644 --- a/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml @@ -128,3 +128,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml index 6ff6266e448..754149a54ab 100644 --- a/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml @@ -803,3 +803,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml index 972153900ba..68f79d34747 100644 --- a/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml @@ -418,3 +418,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml index 48a656fb9b0..a63fd630e37 100644 --- a/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml @@ -322,3 +322,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml index 9a305a9b3f9..a00b7730957 100644 --- a/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml @@ -448,3 +448,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml index c720b33cb91..090f1434a59 100644 --- a/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml @@ -212,3 +212,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cloudflare_logpush/manifest.yml b/packages/cloudflare_logpush/manifest.yml index 806fae59ecc..0f6ea59665f 100644 --- a/packages/cloudflare_logpush/manifest.yml +++ b/packages/cloudflare_logpush/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cloudflare_logpush title: Cloudflare Logpush -version: "1.25.0" +version: "1.26.0" description: Collect and parse logs from Cloudflare API with Elastic Agent. type: integration categories: diff --git a/packages/crowdstrike/changelog.yml b/packages/crowdstrike/changelog.yml index 9a57f9d4e6e..f42e09536b4 100644 --- a/packages/crowdstrike/changelog.yml +++ b/packages/crowdstrike/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.48.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.47.0" changes: - description: Add Support of CrowdStrike Event Stream. diff --git a/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 4849e24b40c..5e3ef55fdc7 100644 --- a/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -2659,3 +2659,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml index b876b908a6d..89a1f94d093 100644 --- a/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml @@ -402,3 +402,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml index 6c116d2d510..80ce97e1081 100644 --- a/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml @@ -2586,6 +2586,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: "Processor '{{{ _ingest.on_failure_processor_type }}}' with tag '{{{ _ingest.on_failure_processor_tag }}}' failed with message {{{ _ingest.on_failure_message }}}" diff --git a/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml index 29bdb620a2a..c0ab9374ad1 100644 --- a/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml @@ -816,3 +816,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/crowdstrike/manifest.yml b/packages/crowdstrike/manifest.yml index 13c68299b6a..e933096df2a 100644 --- a/packages/crowdstrike/manifest.yml +++ b/packages/crowdstrike/manifest.yml @@ -1,6 +1,6 @@ name: crowdstrike title: CrowdStrike -version: "1.47.0" +version: "1.48.0" description: Collect logs from Crowdstrike with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/cyberark_pta/changelog.yml b/packages/cyberark_pta/changelog.yml index 3c38b94cc91..ae7a14a34f1 100644 --- a/packages/cyberark_pta/changelog.yml +++ b/packages/cyberark_pta/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.11.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.10.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 0ecec820a24..5e22c25c216 100644 --- a/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -48,3 +48,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cyberark_pta/manifest.yml b/packages/cyberark_pta/manifest.yml index 2b34d586d9e..4a8fb3b56e2 100644 --- a/packages/cyberark_pta/manifest.yml +++ b/packages/cyberark_pta/manifest.yml @@ -1,6 +1,6 @@ name: cyberark_pta title: Cyberark Privileged Threat Analytics -version: "1.10.1" +version: "1.11.0" description: Collect security logs from Cyberark PTA integration. type: integration format_version: "3.0.3" diff --git a/packages/cyberarkpas/changelog.yml b/packages/cyberarkpas/changelog.yml index 484570e1b78..77e2d9ad106 100644 --- a/packages/cyberarkpas/changelog.yml +++ b/packages/cyberarkpas/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.25.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.24.0" changes: - description: Collect monitoring data. diff --git a/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index d4dcbb9d73e..804a5cd5851 100644 --- a/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -13,6 +13,10 @@ on_failure: tag: set_event_kind_on_failure field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: tag: append_error_message field: error.message diff --git a/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml b/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml index fbae1d65041..ae2a76a0ab1 100644 --- a/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml @@ -263,6 +263,10 @@ on_failure: tag: set_event_kind_on_failure field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: tag: append_error_message field: error.message diff --git a/packages/cyberarkpas/manifest.yml b/packages/cyberarkpas/manifest.yml index be3472217de..ab68c1c1c39 100644 --- a/packages/cyberarkpas/manifest.yml +++ b/packages/cyberarkpas/manifest.yml @@ -1,6 +1,6 @@ name: cyberarkpas title: CyberArk Privileged Access Security -version: "2.24.0" +version: "2.25.0" description: Collect logs from CyberArk Privileged Access Security with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/cybereason/changelog.yml b/packages/cybereason/changelog.yml index e94e8187bcf..6447c104d7f 100644 --- a/packages/cybereason/changelog.yml +++ b/packages/cybereason/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml index f8c2e8b702d..9c249122472 100644 --- a/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml @@ -814,3 +814,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml index 9ef1880f3c5..fc763f9a367 100644 --- a/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml @@ -1213,3 +1213,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml index f5e8a415d77..f67ff5c9590 100644 --- a/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml @@ -2334,3 +2334,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml index c4e513b8dbb..57ef2df7a8c 100644 --- a/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml @@ -264,3 +264,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml index e4b96dd4d94..b2c6b3b8add 100644 --- a/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml @@ -613,3 +613,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml index 5dceacc8ad4..e25105e894f 100644 --- a/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml @@ -1349,3 +1349,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/cybereason/manifest.yml b/packages/cybereason/manifest.yml index 04605b7abaf..8ee32d1e9e1 100644 --- a/packages/cybereason/manifest.yml +++ b/packages/cybereason/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: cybereason title: Cybereason -version: "1.0.0" +version: "1.1.0" description: Collect logs from Cybereason with Elastic Agent. type: integration categories: diff --git a/packages/cylance/changelog.yml b/packages/cylance/changelog.yml index 289ebbec959..392b436016c 100644 --- a/packages/cylance/changelog.yml +++ b/packages/cylance/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.22.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.21.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml b/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml index 0a89c45a638..f821c3bbf27 100644 --- a/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml @@ -75,6 +75,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: "{{{ _ingest.on_failure_message }}}" diff --git a/packages/cylance/manifest.yml b/packages/cylance/manifest.yml index d97a76f61dc..73db3c1c1fe 100644 --- a/packages/cylance/manifest.yml +++ b/packages/cylance/manifest.yml @@ -1,7 +1,7 @@ format_version: 2.7.0 name: cylance title: CylanceProtect Logs -version: "0.21.1" +version: "0.22.0" description: Collect logs from CylanceProtect devices with Elastic Agent. categories: ["security", "edr_xdr"] type: integration diff --git a/packages/darktrace/changelog.yml b/packages/darktrace/changelog.yml index 9f9a11f244e..aa4e131b405 100644 --- a/packages/darktrace/changelog.yml +++ b/packages/darktrace/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.20.0" changes: - description: Handle versions of Darktrace model breach alert documents that hold a boolean in `acknowledged`. diff --git a/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml b/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml index 3f2b78904c4..5bbc744b910 100644 --- a/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml @@ -856,6 +856,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml b/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml index 4e7db5ee491..d6d6e83c3ae 100644 --- a/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml @@ -1503,6 +1503,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: >- diff --git a/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml b/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml index 2a8de7c668e..4577352aade 100644 --- a/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml @@ -235,6 +235,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/darktrace/manifest.yml b/packages/darktrace/manifest.yml index 27bb45dd75e..bd248d57952 100644 --- a/packages/darktrace/manifest.yml +++ b/packages/darktrace/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: darktrace title: Darktrace -version: "1.20.0" +version: "1.21.0" description: Collect logs from Darktrace with Elastic Agent. type: integration categories: diff --git a/packages/digital_guardian/changelog.yml b/packages/digital_guardian/changelog.yml index ca507c464e3..304335d66ee 100644 --- a/packages/digital_guardian/changelog.yml +++ b/packages/digital_guardian/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml b/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml index aa2d36ccbbe..521ad86e9af 100644 --- a/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml @@ -175,3 +175,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/digital_guardian/manifest.yml b/packages/digital_guardian/manifest.yml index e469202700a..836869f4531 100644 --- a/packages/digital_guardian/manifest.yml +++ b/packages/digital_guardian/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: digital_guardian title: Digital Guardian -version: "1.0.0" +version: "1.1.0" description: Collect logs from Digital Guardian with Elastic Agent. type: integration categories: diff --git a/packages/entityanalytics_ad/changelog.yml b/packages/entityanalytics_ad/changelog.yml index 3f386302a52..e9f1d98f307 100644 --- a/packages/entityanalytics_ad/changelog.yml +++ b/packages/entityanalytics_ad/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.5.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.4.0" changes: - description: Expose user and group attribute configurations to the user. diff --git a/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml index f25072e823c..6a751d78ddc 100644 --- a/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -52,3 +52,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/entityanalytics_ad/manifest.yml b/packages/entityanalytics_ad/manifest.yml index d141b8a27c9..90d91c09123 100644 --- a/packages/entityanalytics_ad/manifest.yml +++ b/packages/entityanalytics_ad/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: entityanalytics_ad title: Active Directory Entity Analytics -version: "0.4.0" +version: "0.5.0" description: "Collect User Identities from Active Directory Entity with Elastic Agent." type: integration categories: diff --git a/packages/entityanalytics_entra_id/changelog.yml b/packages/entityanalytics_entra_id/changelog.yml index d40ec015bdd..39550acb3ea 100644 --- a/packages/entityanalytics_entra_id/changelog.yml +++ b/packages/entityanalytics_entra_id/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.1" changes: - description: Don't leak collection implementation details. diff --git a/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml b/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml index 0a1dc645ba4..33cc30bf31e 100644 --- a/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml @@ -158,3 +158,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/entityanalytics_entra_id/manifest.yml b/packages/entityanalytics_entra_id/manifest.yml index 46646373d70..636e4439284 100644 --- a/packages/entityanalytics_entra_id/manifest.yml +++ b/packages/entityanalytics_entra_id/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: entityanalytics_entra_id title: "Microsoft Entra ID Entity Analytics" -version: "1.3.1" +version: "1.4.0" description: "Collect identities from Microsoft Entra ID (formerly Azure Active Directory) with Elastic Agent." type: integration categories: diff --git a/packages/entityanalytics_okta/changelog.yml b/packages/entityanalytics_okta/changelog.yml index 0f440bffeca..54d15b0f291 100644 --- a/packages/entityanalytics_okta/changelog.yml +++ b/packages/entityanalytics_okta/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.5.1" changes: - description: Don't leak collection implementation details. diff --git a/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml index d058bae358a..e3bdb7ba316 100644 --- a/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -681,3 +681,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/entityanalytics_okta/manifest.yml b/packages/entityanalytics_okta/manifest.yml index 9e24358b21b..36db5ee082b 100644 --- a/packages/entityanalytics_okta/manifest.yml +++ b/packages/entityanalytics_okta/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: entityanalytics_okta title: Okta Entity Analytics -version: "1.5.1" +version: "1.6.0" description: "Collect User Identities from Okta with Elastic Agent." type: integration categories: diff --git a/packages/eset_protect/changelog.yml b/packages/eset_protect/changelog.yml index 032b18ccb2f..4cc2ff4973e 100644 --- a/packages/eset_protect/changelog.yml +++ b/packages/eset_protect/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.0" changes: - description: Add 3rd-integration header to API calls. diff --git a/packages/eset_protect/data_stream/detection/elasticsearch/ingest_pipeline/default.yml b/packages/eset_protect/data_stream/detection/elasticsearch/ingest_pipeline/default.yml index a88bb06c12e..4dc3c3e41ac 100644 --- a/packages/eset_protect/data_stream/detection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/eset_protect/data_stream/detection/elasticsearch/ingest_pipeline/default.yml @@ -501,3 +501,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/eset_protect/data_stream/device_task/elasticsearch/ingest_pipeline/default.yml b/packages/eset_protect/data_stream/device_task/elasticsearch/ingest_pipeline/default.yml index df49ec978d4..6b2c931d7d5 100644 --- a/packages/eset_protect/data_stream/device_task/elasticsearch/ingest_pipeline/default.yml +++ b/packages/eset_protect/data_stream/device_task/elasticsearch/ingest_pipeline/default.yml @@ -237,3 +237,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/eset_protect/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/eset_protect/data_stream/event/elasticsearch/ingest_pipeline/default.yml index d8f4310126a..dbd5c89e820 100644 --- a/packages/eset_protect/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/eset_protect/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -883,3 +883,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/eset_protect/manifest.yml b/packages/eset_protect/manifest.yml index de7f1839168..5db53adcb43 100644 --- a/packages/eset_protect/manifest.yml +++ b/packages/eset_protect/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: eset_protect title: ESET PROTECT -version: "1.2.0" +version: "1.3.0" description: Collect logs from ESET PROTECT with Elastic Agent. type: integration categories: diff --git a/packages/f5/changelog.yml b/packages/f5/changelog.yml index 8d4e7ef6c49..37db9529fd1 100644 --- a/packages/f5/changelog.yml +++ b/packages/f5/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.18.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.17.3" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml b/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml index af4abdeb6b1..309c333dba3 100644 --- a/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml +++ b/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml @@ -90,6 +90,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml b/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml index a3823c79cd0..d18d3ebb9e7 100644 --- a/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml +++ b/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml @@ -90,6 +90,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/f5/manifest.yml b/packages/f5/manifest.yml index 81a12a35598..871749a41ad 100644 --- a/packages/f5/manifest.yml +++ b/packages/f5/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: f5 title: F5 Logs (Deprecated) -version: "0.17.3" +version: "0.18.0" description: Deprecated. Use the F5 BIG-IP package instead. categories: ["observability", "load_balancer"] release: experimental diff --git a/packages/f5_bigip/changelog.yml b/packages/f5_bigip/changelog.yml index 7966ffdb099..fc65ddcff41 100644 --- a/packages/f5_bigip/changelog.yml +++ b/packages/f5_bigip/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.20.0" changes: - description: URL decode user agent strings. diff --git a/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 3ea98e159c8..6c0cdaf7033 100644 --- a/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -147,3 +147,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/f5_bigip/manifest.yml b/packages/f5_bigip/manifest.yml index 8d06b67c624..7c38f7847c0 100644 --- a/packages/f5_bigip/manifest.yml +++ b/packages/f5_bigip/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: f5_bigip title: F5 BIG-IP -version: "1.20.0" +version: "1.21.0" description: Collect logs from F5 BIG-IP with Elastic Agent. type: integration categories: diff --git a/packages/falco/changelog.yml b/packages/falco/changelog.yml index d8b7395cd92..ffaafcb186a 100644 --- a/packages/falco/changelog.yml +++ b/packages/falco/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index af600b665a5..13dcce75d25 100644 --- a/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -714,3 +714,7 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/falco/manifest.yml b/packages/falco/manifest.yml index 117c186d4f0..d6b5f192934 100644 --- a/packages/falco/manifest.yml +++ b/packages/falco/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: falco title: Falco -version: 1.0.2 +version: 1.1.0 description: Collect events and alerts from Falco using Elastic Agent type: integration categories: diff --git a/packages/fireeye/changelog.yml b/packages/fireeye/changelog.yml index ad274f91640..03f8811722d 100644 --- a/packages/fireeye/changelog.yml +++ b/packages/fireeye/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml b/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml index 47f16e454cf..d85899f21cc 100644 --- a/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml +++ b/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml @@ -184,6 +184,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/fireeye/manifest.yml b/packages/fireeye/manifest.yml index ef0269add68..f5bffae19e4 100644 --- a/packages/fireeye/manifest.yml +++ b/packages/fireeye/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: fireeye title: "FireEye Network Security" -version: "1.23.1" +version: "1.24.0" description: Collect logs from FireEye NX with Elastic Agent. type: integration categories: diff --git a/packages/first_epss/changelog.yml b/packages/first_epss/changelog.yml index f284aeeb9fc..b902539ab21 100644 --- a/packages/first_epss/changelog.yml +++ b/packages/first_epss/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial release of the package diff --git a/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 473fb3cdafa..2f4e896eb33 100644 --- a/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -85,3 +85,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/first_epss/manifest.yml b/packages/first_epss/manifest.yml index 3934f55679d..82db7aae161 100644 --- a/packages/first_epss/manifest.yml +++ b/packages/first_epss/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: first_epss title: First EPSS -version: 0.1.0 +version: 0.2.0 description: Collect exploit prediction score data from the First EPSS API with Elastic Agent. type: integration categories: diff --git a/packages/forcepoint_web/changelog.yml b/packages/forcepoint_web/changelog.yml index 92b4d6fe6f5..129bb67494f 100644 --- a/packages/forcepoint_web/changelog.yml +++ b/packages/forcepoint_web/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.10.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.9.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml b/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml index 4b44ceb5ae4..dc7df8a5629 100644 --- a/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml @@ -300,6 +300,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/forcepoint_web/manifest.yml b/packages/forcepoint_web/manifest.yml index bce36e3b64e..57b0b0c328b 100644 --- a/packages/forcepoint_web/manifest.yml +++ b/packages/forcepoint_web/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: forcepoint_web title: "Forcepoint Web Security" -version: "1.9.1" +version: "1.10.0" source: license: "Elastic-2.0" description: "Forcepoint Web Security" diff --git a/packages/forgerock/changelog.yml b/packages/forgerock/changelog.yml index f047236d7d5..229838aa6ea 100644 --- a/packages/forgerock/changelog.yml +++ b/packages/forgerock/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.4" changes: - description: Fix handling of `endTime` query parameter. diff --git a/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml index b55bd2cc751..600cd7b020c 100644 --- a/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml @@ -166,3 +166,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml index a84a9e097c7..5948df149da 100644 --- a/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml @@ -107,3 +107,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml index 64a35ca0525..51c9b699869 100644 --- a/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml @@ -111,3 +111,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml index e0fb445c1bb..e6a3ff1e3b2 100644 --- a/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml @@ -100,3 +100,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml index a04628ac643..3806065e209 100644 --- a/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml @@ -103,3 +103,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml index 511dac91c1c..7ec40c7c125 100644 --- a/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml @@ -150,3 +150,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml index 15e013b93a5..b2056dfd53f 100644 --- a/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml @@ -103,3 +103,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml index 6151233316f..354a2f232ba 100644 --- a/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml @@ -113,3 +113,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml index e9a9d93e4e7..3e4fcf39fb9 100644 --- a/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml @@ -107,3 +107,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml index d1634fbd76f..c41e8222dd4 100644 --- a/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml @@ -85,3 +85,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml index 1dd073201fe..aed35563659 100644 --- a/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml @@ -130,3 +130,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/forgerock/manifest.yml b/packages/forgerock/manifest.yml index 49769e9a3eb..828d40a7e3a 100644 --- a/packages/forgerock/manifest.yml +++ b/packages/forgerock/manifest.yml @@ -1,6 +1,6 @@ name: forgerock title: "ForgeRock" -version: "1.18.4" +version: "1.19.0" description: Collect audit logs from ForgeRock with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/gigamon/changelog.yml b/packages/gigamon/changelog.yml index 639b92aba62..c8610ef87d0 100644 --- a/packages/gigamon/changelog.yml +++ b/packages/gigamon/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.1.0" changes: - description: DevOps dashboard added. diff --git a/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml b/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml index 6a633205bab..14ca429169a 100644 --- a/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml @@ -861,3 +861,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/gigamon/manifest.yml b/packages/gigamon/manifest.yml index 8f63b7c158f..d80bc4a5289 100644 --- a/packages/gigamon/manifest.yml +++ b/packages/gigamon/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.3 name: gigamon title: Gigamon -version: "1.1.0" +version: "1.2.0" description: Collect logs from Gigamon with Elastic Agent. type: integration categories: diff --git a/packages/github/changelog.yml b/packages/github/changelog.yml index d44909ada89..3d0adad596c 100644 --- a/packages/github/changelog.yml +++ b/packages/github/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.1" changes: - description: Addressed some missing documentation issues and fixed timestamp values in sample enterprise audit logs. diff --git a/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 66a69360c39..788fd2e82c0 100644 --- a/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -239,6 +239,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml index 5a4adf23d80..854d3428784 100644 --- a/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml @@ -284,6 +284,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml index 482aaa56d32..1215e20bc00 100644 --- a/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml @@ -315,6 +315,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml index ed8b360078b..c8b4baf511c 100644 --- a/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml @@ -247,6 +247,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml index c5820932f03..07148dc37d5 100644 --- a/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml @@ -297,6 +297,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/manifest.yml b/packages/github/manifest.yml index 48695c4886a..aca3628e47f 100644 --- a/packages/github/manifest.yml +++ b/packages/github/manifest.yml @@ -1,6 +1,6 @@ name: github title: GitHub -version: "2.1.1" +version: "2.2.0" description: Collect logs from GitHub with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/gitlab/changelog.yml b/packages/gitlab/changelog.yml index cfdc980cb40..8b8d78df30d 100644 --- a/packages/gitlab/changelog.yml +++ b/packages/gitlab/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: 1.1.0 changes: - description: Add sidekiq and pages datastreams diff --git a/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml index 68c65a04891..18be647b0f5 100644 --- a/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml @@ -218,3 +218,7 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml index 308fb5188c2..307a32c1029 100644 --- a/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml @@ -264,3 +264,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index df4bc584444..54bef9604af 100644 --- a/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -213,6 +213,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml index c08f19a2c39..3cf6c05edb9 100644 --- a/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml @@ -200,6 +200,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml index e60e97a6b08..93533314b78 100644 --- a/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml @@ -156,6 +156,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml index 46e64b43073..5afd4de020d 100644 --- a/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml @@ -278,3 +278,7 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml index c7e71fdc4e7..1cc0436d333 100644 --- a/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml @@ -181,6 +181,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/manifest.yml b/packages/gitlab/manifest.yml index da92c899508..a5d047b65d7 100644 --- a/packages/gitlab/manifest.yml +++ b/packages/gitlab/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.3 name: gitlab title: GitLab -version: 1.1.0 +version: 1.2.0 description: Collect logs from GitLab with Elastic Agent. type: integration categories: diff --git a/packages/google_scc/changelog.yml b/packages/google_scc/changelog.yml index 4de849a5e83..47a7cfa95fc 100644 --- a/packages/google_scc/changelog.yml +++ b/packages/google_scc/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.4.1" changes: - description: Fix field name typo. diff --git a/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 6f3f7fe93d6..ba74996ca51 100644 --- a/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -179,3 +179,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 831f42e5b5f..c6a794b36c6 100644 --- a/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -957,3 +957,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml index a86d468e39e..af7799a7510 100644 --- a/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml @@ -1892,3 +1892,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml index 051878a7bf5..d7b3f044b27 100644 --- a/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml @@ -107,3 +107,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_scc/manifest.yml b/packages/google_scc/manifest.yml index a39785f9ae9..09b23e71872 100644 --- a/packages/google_scc/manifest.yml +++ b/packages/google_scc/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: google_scc title: Google Security Command Center -version: "1.4.1" +version: "1.5.0" description: Collect logs from Google Security Command Center with Elastic Agent. type: integration categories: diff --git a/packages/google_workspace/changelog.yml b/packages/google_workspace/changelog.yml index a90728a1e99..157ffc0b4b7 100644 --- a/packages/google_workspace/changelog.yml +++ b/packages/google_workspace/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.25.4" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/google_workspace/data_stream/access_transparency/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/access_transparency/elasticsearch/ingest_pipeline/default.yml index e181850d0f6..d39c8b72119 100644 --- a/packages/google_workspace/data_stream/access_transparency/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/access_transparency/elasticsearch/ingest_pipeline/default.yml @@ -386,3 +386,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_workspace/data_stream/admin/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/admin/elasticsearch/ingest_pipeline/default.yml index a5f80d07fc6..11a3390d248 100644 --- a/packages/google_workspace/data_stream/admin/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/admin/elasticsearch/ingest_pipeline/default.yml @@ -810,6 +810,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 414dec52424..6911039f8ab 100644 --- a/packages/google_workspace/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -1061,6 +1061,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/data_stream/context_aware_access/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/context_aware_access/elasticsearch/ingest_pipeline/default.yml index 8e582f3efb7..c0dae48b90b 100644 --- a/packages/google_workspace/data_stream/context_aware_access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/context_aware_access/elasticsearch/ingest_pipeline/default.yml @@ -361,3 +361,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_workspace/data_stream/device/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/device/elasticsearch/ingest_pipeline/default.yml index 4c20e01adb4..946157caa8d 100644 --- a/packages/google_workspace/data_stream/device/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/device/elasticsearch/ingest_pipeline/default.yml @@ -558,3 +558,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_workspace/data_stream/drive/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/drive/elasticsearch/ingest_pipeline/default.yml index 8716ba0321d..16b467ba235 100644 --- a/packages/google_workspace/data_stream/drive/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/drive/elasticsearch/ingest_pipeline/default.yml @@ -281,6 +281,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/data_stream/gcp/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/gcp/elasticsearch/ingest_pipeline/default.yml index d23927a1e6d..c1bc3f7e994 100644 --- a/packages/google_workspace/data_stream/gcp/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/gcp/elasticsearch/ingest_pipeline/default.yml @@ -341,3 +341,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_workspace/data_stream/group_enterprise/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/group_enterprise/elasticsearch/ingest_pipeline/default.yml index 99dfa8f142f..439e2c1ef90 100644 --- a/packages/google_workspace/data_stream/group_enterprise/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/group_enterprise/elasticsearch/ingest_pipeline/default.yml @@ -381,3 +381,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_workspace/data_stream/groups/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/groups/elasticsearch/ingest_pipeline/default.yml index 731c89db68c..5f197ec62bd 100644 --- a/packages/google_workspace/data_stream/groups/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/groups/elasticsearch/ingest_pipeline/default.yml @@ -312,6 +312,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/data_stream/login/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/login/elasticsearch/ingest_pipeline/default.yml index c0c8f76d34d..575d2176aa5 100644 --- a/packages/google_workspace/data_stream/login/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/login/elasticsearch/ingest_pipeline/default.yml @@ -270,6 +270,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/data_stream/rules/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/rules/elasticsearch/ingest_pipeline/default.yml index 85958d397aa..df64e4572ee 100644 --- a/packages/google_workspace/data_stream/rules/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/rules/elasticsearch/ingest_pipeline/default.yml @@ -532,6 +532,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/data_stream/saml/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/saml/elasticsearch/ingest_pipeline/default.yml index adc002c5e80..1d56ae91c3f 100644 --- a/packages/google_workspace/data_stream/saml/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/saml/elasticsearch/ingest_pipeline/default.yml @@ -193,6 +193,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/data_stream/token/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/token/elasticsearch/ingest_pipeline/default.yml index 8040ee28545..18e2dc6ae66 100644 --- a/packages/google_workspace/data_stream/token/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/token/elasticsearch/ingest_pipeline/default.yml @@ -375,3 +375,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/google_workspace/data_stream/user_accounts/elasticsearch/ingest_pipeline/default.yml b/packages/google_workspace/data_stream/user_accounts/elasticsearch/ingest_pipeline/default.yml index 9f27e25d1d0..6f2a1277c44 100644 --- a/packages/google_workspace/data_stream/user_accounts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_workspace/data_stream/user_accounts/elasticsearch/ingest_pipeline/default.yml @@ -188,6 +188,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/google_workspace/manifest.yml b/packages/google_workspace/manifest.yml index bfcdb706047..116b78d226d 100644 --- a/packages/google_workspace/manifest.yml +++ b/packages/google_workspace/manifest.yml @@ -1,6 +1,6 @@ name: google_workspace title: Google Workspace -version: "2.25.4" +version: "2.26.0" source: license: Elastic-2.0 description: Collect logs from Google Workspace with Elastic Agent. diff --git a/packages/imperva_cloud_waf/changelog.yml b/packages/imperva_cloud_waf/changelog.yml index 70eca994361..14e2048fa44 100644 --- a/packages/imperva_cloud_waf/changelog.yml +++ b/packages/imperva_cloud_waf/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.1.1" changes: - description: Remove reference to a Kibana version from the README. diff --git a/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 62667194526..600fb7712e4 100644 --- a/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -641,3 +641,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/imperva_cloud_waf/manifest.yml b/packages/imperva_cloud_waf/manifest.yml index 1988b7b8bbb..bd37f5a0722 100644 --- a/packages/imperva_cloud_waf/manifest.yml +++ b/packages/imperva_cloud_waf/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: imperva_cloud_waf title: Imperva Cloud WAF -version: "1.1.1" +version: "1.2.0" description: Collect logs from Imperva Cloud WAF with Elastic Agent. type: integration categories: diff --git a/packages/infoblox_bloxone_ddi/changelog.yml b/packages/infoblox_bloxone_ddi/changelog.yml index 33bf888e70f..d87efd111d2 100644 --- a/packages/infoblox_bloxone_ddi/changelog.yml +++ b/packages/infoblox_bloxone_ddi/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml index ba7746a6e7d..856a3a0a218 100644 --- a/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml @@ -256,6 +256,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml index 8f9de57948b..88d02f3e717 100644 --- a/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml @@ -1995,6 +1995,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml index 60217ed5289..bbca4690679 100644 --- a/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml @@ -478,6 +478,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/infoblox_bloxone_ddi/manifest.yml b/packages/infoblox_bloxone_ddi/manifest.yml index a22e0b99ce5..1a7d4bbd343 100644 --- a/packages/infoblox_bloxone_ddi/manifest.yml +++ b/packages/infoblox_bloxone_ddi/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: infoblox_bloxone_ddi title: Infoblox BloxOne DDI -version: "1.18.0" +version: "1.19.0" description: Collect logs from Infoblox BloxOne DDI with Elastic Agent. type: integration categories: diff --git a/packages/infoblox_nios/changelog.yml b/packages/infoblox_nios/changelog.yml index 199ef0a153a..01ff35a982f 100644 --- a/packages/infoblox_nios/changelog.yml +++ b/packages/infoblox_nios/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 40a43b06bb3..22cad718bf1 100644 --- a/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -187,3 +187,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/infoblox_nios/manifest.yml b/packages/infoblox_nios/manifest.yml index 629a7deb034..17ba0b25ef7 100644 --- a/packages/infoblox_nios/manifest.yml +++ b/packages/infoblox_nios/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: infoblox_nios title: Infoblox NIOS -version: "1.23.2" +version: "1.24.0" description: Collect logs from Infoblox NIOS with Elastic Agent. type: integration categories: diff --git a/packages/jamf_compliance_reporter/changelog.yml b/packages/jamf_compliance_reporter/changelog.yml index 7c1f82e2750..9b6336e6427 100644 --- a/packages/jamf_compliance_reporter/changelog.yml +++ b/packages/jamf_compliance_reporter/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.14.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.13.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml index ea31c9199c3..d1fa66049d4 100644 --- a/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -51,6 +51,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/jamf_compliance_reporter/manifest.yml b/packages/jamf_compliance_reporter/manifest.yml index 5a56b3ebb28..c3cdc856624 100644 --- a/packages/jamf_compliance_reporter/manifest.yml +++ b/packages/jamf_compliance_reporter/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: jamf_compliance_reporter title: Jamf Compliance Reporter -version: "1.13.0" +version: "1.14.0" description: Collect logs from Jamf Compliance Reporter with Elastic Agent. type: integration categories: diff --git a/packages/jamf_pro/changelog.yml b/packages/jamf_pro/changelog.yml index 21d51a41b33..5795982a0b9 100644 --- a/packages/jamf_pro/changelog.yml +++ b/packages/jamf_pro/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.3" changes: - description: Fix type mapping for `jamf_pro.inventory.general.mdm_capable.capable_users`. diff --git a/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 7482a8b411d..e50a438e574 100644 --- a/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -170,6 +170,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml index 5e3631f56aa..57bc73c1d37 100644 --- a/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml @@ -151,6 +151,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/jamf_pro/manifest.yml b/packages/jamf_pro/manifest.yml index 3a0a91be696..914c2829fd2 100644 --- a/packages/jamf_pro/manifest.yml +++ b/packages/jamf_pro/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.5 name: jamf_pro title: "Jamf Pro" -version: 0.1.3 +version: 0.2.0 source: license: "Elastic-2.0" description: "Collect logs and inventory data from Jamf Pro with Elastic Agent" diff --git a/packages/jamf_protect/changelog.yml b/packages/jamf_protect/changelog.yml index eeb86e6ad3c..5b0ab41d392 100644 --- a/packages/jamf_protect/changelog.yml +++ b/packages/jamf_protect/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.7.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.6.3" changes: - description: Fixed itemMap for pipeline_event_authentication in Telemetry. Wrong integer values were mapped. diff --git a/packages/jamf_protect/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_protect/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 9e7f287d27e..ba151f0dc37 100644 --- a/packages/jamf_protect/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_protect/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -490,6 +490,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' \ No newline at end of file diff --git a/packages/jamf_protect/data_stream/telemetry/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_protect/data_stream/telemetry/elasticsearch/ingest_pipeline/default.yml index c1278cb7d36..8bdb79774aa 100644 --- a/packages/jamf_protect/data_stream/telemetry/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_protect/data_stream/telemetry/elasticsearch/ingest_pipeline/default.yml @@ -357,6 +357,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: >- diff --git a/packages/jamf_protect/data_stream/web_threat_events/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_protect/data_stream/web_threat_events/elasticsearch/ingest_pipeline/default.yml index db76448a484..2dc937695ad 100644 --- a/packages/jamf_protect/data_stream/web_threat_events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_protect/data_stream/web_threat_events/elasticsearch/ingest_pipeline/default.yml @@ -245,6 +245,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' \ No newline at end of file diff --git a/packages/jamf_protect/data_stream/web_traffic_events/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_protect/data_stream/web_traffic_events/elasticsearch/ingest_pipeline/default.yml index 659b1b19797..6ef1aab9325 100644 --- a/packages/jamf_protect/data_stream/web_traffic_events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_protect/data_stream/web_traffic_events/elasticsearch/ingest_pipeline/default.yml @@ -269,6 +269,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' \ No newline at end of file diff --git a/packages/jamf_protect/manifest.yml b/packages/jamf_protect/manifest.yml index b613721d330..7b307f93817 100644 --- a/packages/jamf_protect/manifest.yml +++ b/packages/jamf_protect/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: jamf_protect title: Jamf Protect -version: "2.6.3" +version: "2.7.0" description: Receives events from Jamf Protect with Elastic Agent. type: integration categories: diff --git a/packages/jumpcloud/changelog.yml b/packages/jumpcloud/changelog.yml index 513500f064a..bb976dc6dc4 100644 --- a/packages/jumpcloud/changelog.yml +++ b/packages/jumpcloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.13.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.12.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 45cb8e7ed06..f6a7fbdaa94 100644 --- a/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -304,6 +304,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/jumpcloud/manifest.yml b/packages/jumpcloud/manifest.yml index 3ca96349170..19f97e4b9e0 100644 --- a/packages/jumpcloud/manifest.yml +++ b/packages/jumpcloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: jumpcloud title: "JumpCloud" -version: "1.12.1" +version: "1.13.0" description: "Collect logs from JumpCloud Directory as a Service" type: integration categories: diff --git a/packages/keycloak/changelog.yml b/packages/keycloak/changelog.yml index dc6376e3834..e6aaa373eb0 100644 --- a/packages/keycloak/changelog.yml +++ b/packages/keycloak/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml index fdf037363fb..a685bf8341e 100644 --- a/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -87,3 +87,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/keycloak/manifest.yml b/packages/keycloak/manifest.yml index a19bafc5c08..547ceb647e1 100644 --- a/packages/keycloak/manifest.yml +++ b/packages/keycloak/manifest.yml @@ -1,6 +1,6 @@ name: keycloak title: Keycloak -version: "1.23.2" +version: "1.24.0" description: Collect logs from Keycloak with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/lastpass/changelog.yml b/packages/lastpass/changelog.yml index 6966b838cf4..b67cb79b8cb 100644 --- a/packages/lastpass/changelog.yml +++ b/packages/lastpass/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.18.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.17.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml b/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml index 65814c44fa8..cf06f867f64 100644 --- a/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml @@ -140,6 +140,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml b/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml index 0f058a88ec5..eb8af404225 100644 --- a/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml @@ -517,6 +517,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml index fce883cdaba..bfb2e7f5eed 100644 --- a/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -240,6 +240,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lastpass/manifest.yml b/packages/lastpass/manifest.yml index f9a9de1d5d4..d7dab80e231 100644 --- a/packages/lastpass/manifest.yml +++ b/packages/lastpass/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: lastpass title: LastPass -version: "1.17.0" +version: "1.18.0" description: Collect logs from LastPass with Elastic Agent. type: integration categories: diff --git a/packages/lumos/changelog.yml b/packages/lumos/changelog.yml index b88153ed648..d915a9f83c2 100644 --- a/packages/lumos/changelog.yml +++ b/packages/lumos/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml b/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml index 4dafa0c0aae..0b8b02e588b 100644 --- a/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml @@ -66,3 +66,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/lumos/manifest.yml b/packages/lumos/manifest.yml index 3984bed287c..3b7fb6f1f2e 100644 --- a/packages/lumos/manifest.yml +++ b/packages/lumos/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: lumos title: "Lumos" -version: "1.3.0" +version: "1.4.0" description: "An integration with Lumos to ship your Activity logs to your Elastic instance." type: integration categories: diff --git a/packages/lyve_cloud/changelog.yml b/packages/lyve_cloud/changelog.yml index 20838dc8630..f43ea77a3bd 100644 --- a/packages/lyve_cloud/changelog.yml +++ b/packages/lyve_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.15.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.14.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 57e6723ea7b..52fc2f84a43 100644 --- a/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -34,6 +34,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lyve_cloud/manifest.yml b/packages/lyve_cloud/manifest.yml index f47149a6e29..e960f4b7269 100644 --- a/packages/lyve_cloud/manifest.yml +++ b/packages/lyve_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: lyve_cloud title: Lyve Cloud -version: "1.14.1" +version: "1.15.0" description: Collect S3 API audit log from Lyve Cloud with Elastic Agent. type: integration categories: diff --git a/packages/m365_defender/changelog.yml b/packages/m365_defender/changelog.yml index 22bf328b1b7..729a239c10c 100644 --- a/packages/m365_defender/changelog.yml +++ b/packages/m365_defender/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.16.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.15.1" changes: - description: Add caseless fields to process events. @@ -19,7 +24,7 @@ link: https://github.com/elastic/integrations/pull/10947 - version: "2.14.6" changes: - - description: Fix dashboard filters to look for correct event.severity values. + - description: Fix dashboard filters to look for correct event.severity values. type: bugfix link: https://github.com/elastic/integrations/pull/10810 - version: "2.14.5" @@ -29,7 +34,7 @@ link: https://github.com/elastic/integrations/pull/10772 - version: "2.14.4" changes: - - description: Fix `host.mac` gsub processor to handle MAC addresses with `-` already present. + - description: Fix `host.mac` gsub processor to handle MAC addresses with `-` already present. type: bugfix link: https://github.com/elastic/integrations/pull/10798 - version: "2.14.3" diff --git a/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 4ffb4815965..69ce2f09d96 100644 --- a/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -2552,3 +2552,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml index f94cadb0af8..65a5dddf916 100644 --- a/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -144,3 +144,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index 8218b8d721f..42f54d1f4f2 100644 --- a/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -2360,6 +2360,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml index a771b124284..61d41d0620f 100644 --- a/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -390,6 +390,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: "{{{_ingest.on_failure_message}}}" diff --git a/packages/m365_defender/manifest.yml b/packages/m365_defender/manifest.yml index ee40b624254..e443b6bdd7b 100644 --- a/packages/m365_defender/manifest.yml +++ b/packages/m365_defender/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: m365_defender title: Microsoft M365 Defender -version: "2.15.1" +version: "2.16.0" description: Collect logs from Microsoft M365 Defender with Elastic Agent. categories: - "security" diff --git a/packages/mattermost/changelog.yml b/packages/mattermost/changelog.yml index 152a15f5df9..3b00702d9e1 100644 --- a/packages/mattermost/changelog.yml +++ b/packages/mattermost/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index fa017badcfb..431a89eeef7 100644 --- a/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -446,6 +446,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mattermost/manifest.yml b/packages/mattermost/manifest.yml index d92c96df3ac..20c3d91033f 100644 --- a/packages/mattermost/manifest.yml +++ b/packages/mattermost/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: mattermost title: "Mattermost" -version: "2.1.1" +version: "2.2.0" description: Collect logs from Mattermost with Elastic Agent. type: integration categories: diff --git a/packages/menlo/changelog.yml b/packages/menlo/changelog.yml index 0f460331f37..36b36713ca0 100644 --- a/packages/menlo/changelog.yml +++ b/packages/menlo/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.1.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml b/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml index 387ac2a62f3..a2db3491984 100644 --- a/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml +++ b/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml @@ -195,6 +195,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml b/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml index 7f51562ec19..55608b1af67 100644 --- a/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml +++ b/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml @@ -341,6 +341,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/menlo/manifest.yml b/packages/menlo/manifest.yml index 9cb73d27ce6..e65ace87e53 100644 --- a/packages/menlo/manifest.yml +++ b/packages/menlo/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: menlo title: "Menlo Security" -version: "1.1.1" +version: "1.2.0" source: license: "Elastic-2.0" description: "Collect logs from Menlo Security products with Elastic Agent" diff --git a/packages/microsoft_defender_cloud/changelog.yml b/packages/microsoft_defender_cloud/changelog.yml index bfd7b128d26..4a63e5a71bf 100644 --- a/packages/microsoft_defender_cloud/changelog.yml +++ b/packages/microsoft_defender_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.0" changes: - description: Store eventhub metadata inside azure-eventhub field. diff --git a/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml index a39d3de3bb6..2f4ab7708eb 100644 --- a/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -1713,3 +1713,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/microsoft_defender_cloud/manifest.yml b/packages/microsoft_defender_cloud/manifest.yml index d5d3ba1c691..e2ac391c050 100644 --- a/packages/microsoft_defender_cloud/manifest.yml +++ b/packages/microsoft_defender_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: microsoft_defender_cloud title: Microsoft Defender for Cloud -version: "2.0.0" +version: "2.1.0" description: Collect logs from Microsoft Defender for Cloud with Elastic Agent. type: integration categories: diff --git a/packages/microsoft_defender_endpoint/changelog.yml b/packages/microsoft_defender_endpoint/changelog.yml index e2dd4380cd7..9545bae2245 100644 --- a/packages/microsoft_defender_endpoint/changelog.yml +++ b/packages/microsoft_defender_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.25.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 8b6755c4f16..11f2ae3735e 100644 --- a/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -345,6 +345,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/microsoft_defender_endpoint/manifest.yml b/packages/microsoft_defender_endpoint/manifest.yml index 8b457f57c32..9048f1de3aa 100644 --- a/packages/microsoft_defender_endpoint/manifest.yml +++ b/packages/microsoft_defender_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: microsoft_defender_endpoint title: Microsoft Defender for Endpoint -version: "2.25.1" +version: "2.26.0" description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent. categories: - "security" diff --git a/packages/microsoft_exchange_online_message_trace/changelog.yml b/packages/microsoft_exchange_online_message_trace/changelog.yml index 4deb8a8edff..2c3f52c4be1 100644 --- a/packages/microsoft_exchange_online_message_trace/changelog.yml +++ b/packages/microsoft_exchange_online_message_trace/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.1" changes: - description: Improve document fingerprinting resolution. diff --git a/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 584589667f7..06925b4178f 100644 --- a/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -334,6 +334,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/microsoft_exchange_online_message_trace/manifest.yml b/packages/microsoft_exchange_online_message_trace/manifest.yml index 311b29de2a3..bf6804faea4 100644 --- a/packages/microsoft_exchange_online_message_trace/manifest.yml +++ b/packages/microsoft_exchange_online_message_trace/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: microsoft_exchange_online_message_trace title: "Microsoft Exchange Online Message Trace" -version: "1.23.1" +version: "1.24.0" description: "Microsoft Exchange Online Message Trace Integration" type: integration categories: diff --git a/packages/microsoft_sentinel/changelog.yml b/packages/microsoft_sentinel/changelog.yml index 39909152884..c9f042aceed 100644 --- a/packages/microsoft_sentinel/changelog.yml +++ b/packages/microsoft_sentinel/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial release. diff --git a/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 3da7fac5c69..71282324cb4 100644 --- a/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -447,3 +447,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml index ac6bda2fc23..01ffd406706 100644 --- a/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -453,3 +453,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index 8986cfb2b3e..63f2f8ade30 100644 --- a/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -457,3 +457,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/microsoft_sentinel/manifest.yml b/packages/microsoft_sentinel/manifest.yml index c226fc01317..e875d35499d 100644 --- a/packages/microsoft_sentinel/manifest.yml +++ b/packages/microsoft_sentinel/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: microsoft_sentinel title: Microsoft Sentinel -version: 0.1.0 +version: 0.2.0 description: Collect logs from Microsoft Sentinel with Elastic Agent. type: integration categories: diff --git a/packages/mimecast/changelog.yml b/packages/mimecast/changelog.yml index 7f2352d1d97..7396c678b05 100644 --- a/packages/mimecast/changelog.yml +++ b/packages/mimecast/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.0" changes: - description: Add v2 API client for `siem_logs`. diff --git a/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml index b1978e7e596..3edba692be2 100644 --- a/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml @@ -152,6 +152,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml index bc54c50f8ab..1b9b294a7d2 100644 --- a/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml @@ -363,6 +363,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: >- diff --git a/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml index d2aef3876fa..b794e77c6a6 100644 --- a/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml @@ -102,6 +102,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml index 138ba74db25..10783c0c45a 100644 --- a/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml @@ -234,6 +234,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: >- diff --git a/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml index 88c54c771e1..77641bbad2b 100644 --- a/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml @@ -36,6 +36,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: >- diff --git a/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml index 8a865ef86fc..2bd6b625aca 100644 --- a/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml @@ -221,6 +221,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml index ffafb2c8005..e27853da735 100644 --- a/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml @@ -219,6 +219,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml index e06769dcaa8..8cc27724f68 100644 --- a/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml @@ -144,6 +144,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml index 63b61e3c13a..a86ef832d72 100644 --- a/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml @@ -111,6 +111,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml index cd508d76009..342c5882330 100644 --- a/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml @@ -143,6 +143,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/manifest.yml b/packages/mimecast/manifest.yml index 96ce8fc790e..0a382444e5f 100644 --- a/packages/mimecast/manifest.yml +++ b/packages/mimecast/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: mimecast title: "Mimecast" -version: "2.1.0" +version: "2.2.0" description: Collect logs from Mimecast with Elastic Agent. type: integration categories: ["security", "email_security"] diff --git a/packages/netskope/changelog.yml b/packages/netskope/changelog.yml index 278fffaa396..39317bd62a9 100644 --- a/packages/netskope/changelog.yml +++ b/packages/netskope/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.20.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 4b649dfd596..bc8bd1ce8f5 100644 --- a/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -1385,6 +1385,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml index c4b45fac455..e25e5fa3691 100644 --- a/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -1128,6 +1128,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/netskope/manifest.yml b/packages/netskope/manifest.yml index 27845b70e26..3ee2c11d509 100644 --- a/packages/netskope/manifest.yml +++ b/packages/netskope/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: netskope title: "Netskope" -version: "1.20.2" +version: "1.21.0" description: Collect logs from Netskope with Elastic Agent. type: integration categories: diff --git a/packages/o365/changelog.yml b/packages/o365/changelog.yml index aa73ed210a0..ab6eeac6d35 100644 --- a/packages/o365/changelog.yml +++ b/packages/o365/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.7.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.6.5" changes: - description: Fix the processing of duplicated QueryTime in Data field. diff --git a/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index e46409def1b..8cb1c16a323 100644 --- a/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -1285,6 +1285,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/o365/manifest.yml b/packages/o365/manifest.yml index 088db0be9f7..97c2921ee96 100644 --- a/packages/o365/manifest.yml +++ b/packages/o365/manifest.yml @@ -1,6 +1,6 @@ name: o365 title: Microsoft Office 365 -version: "2.6.5" +version: "2.7.0" description: Collect logs from Microsoft Office 365 with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/okta/changelog.yml b/packages/okta/changelog.yml index 681a0058039..ded0c2f632c 100644 --- a/packages/okta/changelog.yml +++ b/packages/okta/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "3.2.0" changes: - description: Parse JSON string in `okta.debug_context.debug_data.tunnels`. diff --git a/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml b/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml index 8df30d1fcc4..8f70af45165 100644 --- a/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml +++ b/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml @@ -619,6 +619,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: >- diff --git a/packages/okta/manifest.yml b/packages/okta/manifest.yml index f4b82db1693..9449ecdc08c 100644 --- a/packages/okta/manifest.yml +++ b/packages/okta/manifest.yml @@ -1,6 +1,6 @@ name: okta title: Okta -version: "3.2.0" +version: "3.3.0" description: Collect and parse event logs from Okta API with Elastic Agent. type: integration format_version: "3.1.0" @@ -140,11 +140,7 @@ policy_templates: required: false show_user: false description: >- - The request tracer logs requests and responses to the agent's local file-system for debugging configurations. - Enabling this request tracing compromises security and should only be used for debugging. Disabling the request - tracer will delete any stored traces. - See [documentation](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-httpjson.html#_request_tracer_enable) - for details. + The request tracer logs requests and responses to the agent's local file-system for debugging configurations. Enabling this request tracing compromises security and should only be used for debugging. Disabling the request tracer will delete any stored traces. See [documentation](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-httpjson.html#_request_tracer_enable) for details. - name: ssl type: yaml title: SSL diff --git a/packages/opencanary/changelog.yml b/packages/opencanary/changelog.yml index 5e983572a67..dfadd4dc32c 100644 --- a/packages/opencanary/changelog.yml +++ b/packages/opencanary/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.3" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 93aa808e346..6a0c9a46885 100755 --- a/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -786,6 +786,10 @@ on_failure: - append: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} with tag {{{ _ingest.on_failure_processor_tag }}} in pipeline {{{ _ingest.on_failure_pipeline }}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/opencanary/manifest.yml b/packages/opencanary/manifest.yml index 640b5b5f805..058d5f270d8 100644 --- a/packages/opencanary/manifest.yml +++ b/packages/opencanary/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.3 name: opencanary title: "OpenCanary" -version: "0.1.3" +version: "0.2.0" description: "This integration collects and parses logs from OpenCanary honeypots." type: integration categories: diff --git a/packages/panw_cortex_xdr/changelog.yml b/packages/panw_cortex_xdr/changelog.yml index 0e8a14d85d4..22938870249 100644 --- a/packages/panw_cortex_xdr/changelog.yml +++ b/packages/panw_cortex_xdr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.30.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.29.0" changes: - description: Use Cortex XDR SIEM ingestion time for cursor progression. diff --git a/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 669d88bcc9c..ee767c689d8 100644 --- a/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -565,6 +565,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml b/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml index 07329eef5e8..c448a1a3304 100644 --- a/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml +++ b/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml @@ -217,6 +217,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/panw_cortex_xdr/manifest.yml b/packages/panw_cortex_xdr/manifest.yml index 42d13813109..0e3901dedff 100644 --- a/packages/panw_cortex_xdr/manifest.yml +++ b/packages/panw_cortex_xdr/manifest.yml @@ -1,6 +1,6 @@ name: panw_cortex_xdr title: Palo Alto Cortex XDR -version: "1.29.0" +version: "1.30.0" description: Collect logs from Palo Alto Cortex XDR with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ping_one/changelog.yml b/packages/ping_one/changelog.yml index 8c26ebe7d79..feec57878dd 100644 --- a/packages/ping_one/changelog.yml +++ b/packages/ping_one/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.16.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index c10a35aa0c6..b111a5ae032 100644 --- a/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -324,6 +324,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ping_one/manifest.yml b/packages/ping_one/manifest.yml index be84b0c68a0..2b7c021d60d 100644 --- a/packages/ping_one/manifest.yml +++ b/packages/ping_one/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: ping_one title: PingOne -version: "1.16.0" +version: "1.17.0" description: Collect logs from PingOne with Elastic-Agent. type: integration categories: diff --git a/packages/pps/changelog.yml b/packages/pps/changelog.yml index 1c55793d871..d186a0b9a86 100644 --- a/packages/pps/changelog.yml +++ b/packages/pps/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.2" changes: - description: Update docs. diff --git a/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml index f4ca54eb395..737f53cf9e0 100644 --- a/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -93,3 +93,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/pps/manifest.yml b/packages/pps/manifest.yml index 07dae056b3a..6275d31f033 100644 --- a/packages/pps/manifest.yml +++ b/packages/pps/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: pps title: "Pleasant Password Server" -version: "0.1.2" +version: "0.2.0" source: license: "Apache-2.0" description: "Integration for Pleasant Password Server Syslog Messages" diff --git a/packages/prisma_access/changelog.yml b/packages/prisma_access/changelog.yml index a7b25df8289..c983e12e9b5 100644 --- a/packages/prisma_access/changelog.yml +++ b/packages/prisma_access/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml index b2e9c5ae45d..5786dd1122d 100644 --- a/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -5311,3 +5311,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/prisma_access/manifest.yml b/packages/prisma_access/manifest.yml index 29d276beed3..20548cec315 100644 --- a/packages/prisma_access/manifest.yml +++ b/packages/prisma_access/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.4 name: prisma_access title: Palo Alto Prisma Access -version: 1.0.0 +version: 1.1.0 description: Collect logs from Palo Alto Prisma Access with Elastic Agent. type: integration categories: diff --git a/packages/prisma_cloud/changelog.yml b/packages/prisma_cloud/changelog.yml index 38bf8d00833..234e76b5678 100644 --- a/packages/prisma_cloud/changelog.yml +++ b/packages/prisma_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.4.2" changes: - description: 'Revert: Fix path to API login for host data sources.' diff --git a/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 6bdc8d6625c..eed39b8aa99 100644 --- a/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -1508,3 +1508,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 6e9639ecc77..a8ddb9125a3 100644 --- a/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -233,3 +233,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml index 66fa48b29c0..79bd1b1a4f5 100644 --- a/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml @@ -4259,3 +4259,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml index 719a9e699f7..10f3888e824 100644 --- a/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml @@ -755,5 +755,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml index 19ebeadaed4..d6bbfe3749b 100644 --- a/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml @@ -813,4 +813,8 @@ on_failure: value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag fail-{{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' - set: field: event.kind - value: pipeline_error \ No newline at end of file + value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true \ No newline at end of file diff --git a/packages/prisma_cloud/manifest.yml b/packages/prisma_cloud/manifest.yml index edcb3ef056b..37052933df7 100644 --- a/packages/prisma_cloud/manifest.yml +++ b/packages/prisma_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: prisma_cloud title: "Palo Alto Prisma Cloud" -version: "1.4.2" +version: "1.5.0" description: "Collect logs from Prisma Cloud with Elastic Agent." type: integration categories: diff --git a/packages/proofpoint_on_demand/changelog.yml b/packages/proofpoint_on_demand/changelog.yml index ec86abf264c..d50c16ecd70 100644 --- a/packages/proofpoint_on_demand/changelog.yml +++ b/packages/proofpoint_on_demand/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.2" changes: - description: Fix script processor in mail data-stream. diff --git a/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index f71af370b82..3fa21c598cc 100644 --- a/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -470,3 +470,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml index 56945966e5f..2a01d286ec5 100644 --- a/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml @@ -462,3 +462,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml index 776638e6f63..be6067f3871 100644 --- a/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml @@ -1388,3 +1388,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/proofpoint_on_demand/manifest.yml b/packages/proofpoint_on_demand/manifest.yml index 1b4e0664e1a..9ebbc643364 100644 --- a/packages/proofpoint_on_demand/manifest.yml +++ b/packages/proofpoint_on_demand/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.4 name: proofpoint_on_demand title: Proofpoint On Demand -version: 1.0.2 +version: 1.1.0 description: Collect logs from Proofpoint On Demand with Elastic Agent. type: integration categories: diff --git a/packages/proofpoint_tap/changelog.yml b/packages/proofpoint_tap/changelog.yml index 9f7b350e970..a44737e8689 100644 --- a/packages/proofpoint_tap/changelog.yml +++ b/packages/proofpoint_tap/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.25.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.24.3" changes: - description: Fix time interval clamp logic. diff --git a/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml index ec916265c71..4d124dac79c 100644 --- a/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml @@ -227,6 +227,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml index c48310f0320..b7b2ecd2531 100644 --- a/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml @@ -227,6 +227,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml index fd080fb4bd2..b51edb6ce48 100644 --- a/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml @@ -533,6 +533,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml index e2a343c94ad..83dcc1c541b 100644 --- a/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml @@ -512,6 +512,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/manifest.yml b/packages/proofpoint_tap/manifest.yml index 54d141daba9..c586340c78f 100644 --- a/packages/proofpoint_tap/manifest.yml +++ b/packages/proofpoint_tap/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: proofpoint_tap title: Proofpoint TAP -version: "1.24.3" +version: "1.25.0" description: Collect logs from Proofpoint TAP with Elastic Agent. type: integration categories: diff --git a/packages/pulse_connect_secure/changelog.yml b/packages/pulse_connect_secure/changelog.yml index ae7aa4b4e7d..9a5b5b2989e 100644 --- a/packages/pulse_connect_secure/changelog.yml +++ b/packages/pulse_connect_secure/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.2.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml index e4d4aee4bd0..0d7bfbd3ac9 100644 --- a/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -133,6 +133,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/pulse_connect_secure/manifest.yml b/packages/pulse_connect_secure/manifest.yml index 1fa6a118a81..54110d3ceaf 100644 --- a/packages/pulse_connect_secure/manifest.yml +++ b/packages/pulse_connect_secure/manifest.yml @@ -1,6 +1,6 @@ name: pulse_connect_secure title: Pulse Connect Secure -version: "2.2.1" +version: "2.3.0" description: Collect logs from Pulse Connect Secure with Elastic Agent. type: integration icons: diff --git a/packages/qualys_vmdr/changelog.yml b/packages/qualys_vmdr/changelog.yml index c59a1ebc5bc..955c30e5fc4 100644 --- a/packages/qualys_vmdr/changelog.yml +++ b/packages/qualys_vmdr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "5.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "5.5.0" changes: - description: Capture error with decode_xml. diff --git a/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml b/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml index 5571c945f89..311adf6cf28 100644 --- a/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml @@ -1485,3 +1485,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml b/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml index a26039c6270..7a18a9a9127 100644 --- a/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml +++ b/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml @@ -851,3 +851,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml b/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml index 41e6c863bfb..3a6d0fe93e8 100644 --- a/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml @@ -177,3 +177,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/qualys_vmdr/manifest.yml b/packages/qualys_vmdr/manifest.yml index 6cb30c09cfd..995e3d7d3e3 100644 --- a/packages/qualys_vmdr/manifest.yml +++ b/packages/qualys_vmdr/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: qualys_vmdr title: Qualys VMDR -version: "5.5.0" +version: "5.6.0" description: Collect data from Qualys VMDR platform with Elastic Agent. type: integration categories: diff --git a/packages/rapid7_insightvm/changelog.yml b/packages/rapid7_insightvm/changelog.yml index 3d0595bf035..04acf07bf2e 100644 --- a/packages/rapid7_insightvm/changelog.yml +++ b/packages/rapid7_insightvm/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.13.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.12.0" changes: - description: Removed import_mappings. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 3b0295cc967..ecf006af9a8 100644 --- a/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -730,3 +730,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 96dfc210210..04a1630f860 100644 --- a/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -457,3 +457,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/rapid7_insightvm/manifest.yml b/packages/rapid7_insightvm/manifest.yml index 7a9a58b0160..0068af4eeba 100644 --- a/packages/rapid7_insightvm/manifest.yml +++ b/packages/rapid7_insightvm/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: rapid7_insightvm title: Rapid7 InsightVM -version: "1.12.0" +version: "1.13.0" source: license: "Elastic-2.0" description: Collect logs from Rapid7 InsightVM with Elastic Agent. diff --git a/packages/santa/changelog.yml b/packages/santa/changelog.yml index 4940483cb05..b92267ff1ad 100644 --- a/packages/santa/changelog.yml +++ b/packages/santa/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "3.20.0" changes: - description: Update ingest pipeline to avoid failures with unexpected log formats. diff --git a/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 3d59f02b011..7707b63021a 100644 --- a/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -271,6 +271,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/santa/manifest.yml b/packages/santa/manifest.yml index ed910760bcf..1c775b240b1 100644 --- a/packages/santa/manifest.yml +++ b/packages/santa/manifest.yml @@ -1,6 +1,6 @@ name: santa title: Google Santa -version: "3.20.0" +version: "3.21.0" description: Collect logs from Google Santa with Elastic Agent. type: integration icons: diff --git a/packages/sentinel_one/changelog.yml b/packages/sentinel_one/changelog.yml index b47cff9adb9..8ad677815fa 100644 --- a/packages/sentinel_one/changelog.yml +++ b/packages/sentinel_one/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.1" changes: - description: Document limitation for using the alert data stream in on-premises environments. diff --git a/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml index 0882977e7b3..8a314f031de 100644 --- a/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml @@ -534,6 +534,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml index 576ec6c4836..04f29a9e3ab 100644 --- a/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml @@ -826,6 +826,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index d2b50ae2cff..77542f40dea 100644 --- a/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -775,6 +775,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml index 125df8f260b..0345f1fcef3 100644 --- a/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -167,6 +167,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index cce132a5da6..fd136fc4135 100644 --- a/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -1175,6 +1175,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/manifest.yml b/packages/sentinel_one/manifest.yml index ec39c246e6b..bce5cf573e2 100644 --- a/packages/sentinel_one/manifest.yml +++ b/packages/sentinel_one/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: sentinel_one title: SentinelOne -version: "1.25.1" +version: "1.26.0" description: Collect logs from SentinelOne with Elastic Agent. type: integration categories: diff --git a/packages/sentinel_one_cloud_funnel/changelog.yml b/packages/sentinel_one_cloud_funnel/changelog.yml index a5d05382841..96dc2d91103 100644 --- a/packages/sentinel_one_cloud_funnel/changelog.yml +++ b/packages/sentinel_one_cloud_funnel/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.5.0" changes: - description: Tighten IPv4 extraction from IPv4-mapped IPv6 addresses. diff --git a/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 561b17b0325..e031ec76642 100644 --- a/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -2962,3 +2962,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/sentinel_one_cloud_funnel/manifest.yml b/packages/sentinel_one_cloud_funnel/manifest.yml index 824ad631f02..77f4b803758 100644 --- a/packages/sentinel_one_cloud_funnel/manifest.yml +++ b/packages/sentinel_one_cloud_funnel/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: sentinel_one_cloud_funnel title: SentinelOne Cloud Funnel -version: "1.5.0" +version: "1.6.0" description: Collect logs from SentinelOne Cloud Funnel with Elastic Agent. type: integration categories: ["security", "edr_xdr"] @@ -160,7 +160,6 @@ policy_templates: # yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk # sxSmbIUfc2SGJGCJD4I= # -----END CERTIFICATE----- - # Rerouting options - name: reroute_command_script type: bool @@ -266,7 +265,6 @@ policy_templates: required: false show_user: false description: Enabling this option reroutes url events to `sentinel_one_cloud_funnel.url` from `sentinel_one_cloud_funnel.event`. - - type: gcs title: Collect SentinelOne Cloud Funnel logs via Google Cloud Storage. description: Collecting logs from SentinelOne Cloud Funnel via Google Cloud Storage. @@ -294,7 +292,6 @@ policy_templates: multi: false required: false show_user: false - # Rerouting options - name: reroute_command_script type: bool diff --git a/packages/servicenow/changelog.yml b/packages/servicenow/changelog.yml index 82684d3c4ed..baa5e131697 100644 --- a/packages/servicenow/changelog.yml +++ b/packages/servicenow/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.5.1" changes: - description: Tolerate divers input shapes. diff --git a/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 2bcefda1f50..a9ea93793d8 100644 --- a/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -3341,3 +3341,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/servicenow/manifest.yml b/packages/servicenow/manifest.yml index b19dd23a8cc..545eaabe98d 100644 --- a/packages/servicenow/manifest.yml +++ b/packages/servicenow/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: servicenow title: "ServiceNow" -version: 0.5.1 +version: 0.6.0 description: "Collect logs from ServiceNow with Elastic Agent." type: integration categories: @@ -24,7 +24,7 @@ screenshots: title: CMDB CI Servers Dashboard size: 600x600 type: image/png - - src: /img/servicenow-incident-dashboard.png + - src: /img/servicenow-incident-dashboard.png title: Incident Dashboard size: 600x600 type: image/png diff --git a/packages/slack/changelog.yml b/packages/slack/changelog.yml index ae490c286fc..e00a60c3fe5 100644 --- a/packages/slack/changelog.yml +++ b/packages/slack/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.23.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.22.0" changes: - description: Map `details.url_private` and `actor` fields. diff --git a/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index f8d0bd6e811..6c4dbc74d63 100644 --- a/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -476,3 +476,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/slack/manifest.yml b/packages/slack/manifest.yml index abd74bc5670..f1761f0a074 100644 --- a/packages/slack/manifest.yml +++ b/packages/slack/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: slack title: "Slack Logs" -version: "1.22.0" +version: "1.23.0" description: "Slack Logs Integration" type: integration categories: diff --git a/packages/snyk/changelog.yml b/packages/snyk/changelog.yml index 773162e4c61..60789ca8c14 100644 --- a/packages/snyk/changelog.yml +++ b/packages/snyk/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.3" changes: - description: Fix query parameters definition for issues data stream. diff --git a/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index b63fc74efce..a360256b89f 100644 --- a/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -87,6 +87,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml index f9598f82a36..60a97253eb5 100644 --- a/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml @@ -165,6 +165,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml index 833c1ef2579..a6bc3b0b910 100644 --- a/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml @@ -119,6 +119,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml index ff238755f6d..9a29881754d 100644 --- a/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml @@ -200,6 +200,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/manifest.yml b/packages/snyk/manifest.yml index 0954a8e0c69..4b3096e18f9 100644 --- a/packages/snyk/manifest.yml +++ b/packages/snyk/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: snyk title: "Snyk" -version: "1.25.3" +version: "1.26.0" description: Collect logs from Snyk with Elastic Agent. type: integration categories: diff --git a/packages/sophos_central/changelog.yml b/packages/sophos_central/changelog.yml index cc4109e2e76..cdcedfb8118 100644 --- a/packages/sophos_central/changelog.yml +++ b/packages/sophos_central/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.16.0" changes: - description: Update docs for token_url configuration. diff --git a/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index e2aad6956d6..cd9095fd265 100644 --- a/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -656,3 +656,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 7d7dfeed36b..f0f7fed78b2 100644 --- a/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -448,3 +448,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/sophos_central/manifest.yml b/packages/sophos_central/manifest.yml index a20a1f48483..63b5076254b 100644 --- a/packages/sophos_central/manifest.yml +++ b/packages/sophos_central/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: sophos_central title: Sophos Central -version: "1.16.0" +version: "1.17.0" description: This Elastic integration collects logs from Sophos Central with Elastic Agent. type: integration categories: diff --git a/packages/spycloud/changelog.yml b/packages/spycloud/changelog.yml index 506bb84e449..4aa39475aaa 100644 --- a/packages/spycloud/changelog.yml +++ b/packages/spycloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml b/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml index 55246aacb75..556dc353f59 100644 --- a/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml @@ -2415,3 +2415,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml b/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml index fc8a1af6789..4ca3a3d5271 100644 --- a/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml @@ -630,3 +630,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml b/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml index 5c7203d8a91..56c9dcd3c1e 100644 --- a/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml @@ -614,3 +614,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/spycloud/manifest.yml b/packages/spycloud/manifest.yml index cfb6412fab2..ca49153a2d6 100644 --- a/packages/spycloud/manifest.yml +++ b/packages/spycloud/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: spycloud title: SpyCloud Enterprise Protection -version: 1.0.0 +version: 1.1.0 description: Collect data from SpyCloud Enterprise Protection with Elastic Agent. type: integration categories: diff --git a/packages/sublime_security/changelog.yml b/packages/sublime_security/changelog.yml index 1cb347867f9..ff85c2566f4 100644 --- a/packages/sublime_security/changelog.yml +++ b/packages/sublime_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: 1.1.1 changes: - description: Fix water mark use. diff --git a/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 1be49745477..78991b3c8de 100644 --- a/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -412,3 +412,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml b/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml index 83f3a843934..db5ae7e52dd 100644 --- a/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml @@ -2163,3 +2163,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml b/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml index 78c906df39f..0b1f21228c0 100644 --- a/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml @@ -360,3 +360,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/sublime_security/manifest.yml b/packages/sublime_security/manifest.yml index 87a7ce2a7e6..cac26fbd2c3 100644 --- a/packages/sublime_security/manifest.yml +++ b/packages/sublime_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: sublime_security title: Sublime Security -version: 1.1.1 +version: 1.2.0 description: Collect logs from Sublime Security with Elastic Agent. type: integration categories: diff --git a/packages/symantec_edr_cloud/changelog.yml b/packages/symantec_edr_cloud/changelog.yml index 5a43d51d623..cd10dc32108 100644 --- a/packages/symantec_edr_cloud/changelog.yml +++ b/packages/symantec_edr_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.5.0" changes: - description: Deprecate package. diff --git a/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index ac5b36482f9..b6729de60f5 100644 --- a/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -468,3 +468,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/symantec_edr_cloud/manifest.yml b/packages/symantec_edr_cloud/manifest.yml index 1a73b5bf47e..af55a25997b 100644 --- a/packages/symantec_edr_cloud/manifest.yml +++ b/packages/symantec_edr_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.2 name: symantec_edr_cloud title: Symantec EDR Cloud (Deprecated) -version: "1.5.0" +version: "1.6.0" source: license: Elastic-2.0 description: Deprecated. Use the Symantec Endpoint Security package instead. diff --git a/packages/symantec_endpoint/changelog.yml b/packages/symantec_endpoint/changelog.yml index baaffb54439..16dd6ea2aaa 100644 --- a/packages/symantec_endpoint/changelog.yml +++ b/packages/symantec_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.16.2" changes: - description: Ensure that `event.duration` is mapped as a `long`. diff --git a/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 6bf2f805dac..5525268c56f 100644 --- a/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -1124,6 +1124,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'processor {{{ _ingest.on_failure_processor_type }}}: {{{ _ingest.on_failure_message }}}' diff --git a/packages/symantec_endpoint/manifest.yml b/packages/symantec_endpoint/manifest.yml index 918ee5f1795..d9f474fe312 100644 --- a/packages/symantec_endpoint/manifest.yml +++ b/packages/symantec_endpoint/manifest.yml @@ -1,6 +1,6 @@ name: symantec_endpoint title: Symantec Endpoint Protection -version: "2.16.2" +version: "2.17.0" description: Collect logs from Symantec Endpoint Protection with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/symantec_endpoint_security/changelog.yml b/packages/symantec_endpoint_security/changelog.yml index 2bb5f383fde..d7f87dd0c47 100644 --- a/packages/symantec_endpoint_security/changelog.yml +++ b/packages/symantec_endpoint_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.1" changes: - description: Fix mapping of `ses.device_name` to ECS fields. diff --git a/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml index de075d49bbd..3b8d2f80ff9 100644 --- a/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -1233,3 +1233,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index ee7a3b6bb7b..cc5c78195f4 100644 --- a/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -462,3 +462,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/symantec_endpoint_security/manifest.yml b/packages/symantec_endpoint_security/manifest.yml index 33b890d7426..8e5ee416702 100644 --- a/packages/symantec_endpoint_security/manifest.yml +++ b/packages/symantec_endpoint_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: symantec_endpoint_security title: Symantec Endpoint Security -version: "1.2.1" +version: "1.3.0" description: Collect logs from Symantec Endpoint Security with Elastic Agent. type: integration categories: diff --git a/packages/sysdig/changelog.yml b/packages/sysdig/changelog.yml index 7ac788bc973..3ef954084e6 100644 --- a/packages/sysdig/changelog.yml +++ b/packages/sysdig/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 90e437831e8..c6d2bb8e59a 100644 --- a/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -290,4 +290,8 @@ on_failure: value: 'Processor "{{{ _ingest.on_failure_processor_type }}}" with tag "{{{ _ingest.on_failure_processor_tag }}}" in pipeline "{{{ _ingest.on_failure_pipeline }}}" failed with message "{{{ _ingest.on_failure_message }}}"' - set: field: event.kind - value: pipeline_error \ No newline at end of file + value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true \ No newline at end of file diff --git a/packages/sysdig/manifest.yml b/packages/sysdig/manifest.yml index 8930abe0f56..d4a4490c265 100644 --- a/packages/sysdig/manifest.yml +++ b/packages/sysdig/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: sysdig title: "Sysdig" -version: 0.1.1 +version: 0.2.0 description: "Collect alerts from Sysdig using Elastic Agent." type: integration categories: diff --git a/packages/tanium/changelog.yml b/packages/tanium/changelog.yml index bd9e86d7db5..50004443541 100644 --- a/packages/tanium/changelog.yml +++ b/packages/tanium/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.11.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.10.3" changes: - description: Extra field presence checks, truncation of excessive depth. diff --git a/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml index 07933a49211..5384f1e3061 100644 --- a/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml @@ -203,6 +203,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: > diff --git a/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml index 331bb62bc40..3f57921df60 100644 --- a/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml @@ -216,6 +216,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: > diff --git a/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml index e6a3512d41f..f834d80b965 100644 --- a/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml @@ -435,6 +435,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: > diff --git a/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml index 0f81539f676..8aa29a1ec9b 100644 --- a/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml @@ -241,6 +241,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: > diff --git a/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml index 93961d8056a..b247431b51c 100644 --- a/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml @@ -141,6 +141,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: > diff --git a/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml index 26a7ef99843..633b4c87527 100644 --- a/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml @@ -454,6 +454,10 @@ on_failure: tag: set_event_kind field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: tag: append_error_message field: error.message diff --git a/packages/tanium/manifest.yml b/packages/tanium/manifest.yml index 8197272d94f..d69eb7c532e 100644 --- a/packages/tanium/manifest.yml +++ b/packages/tanium/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: tanium title: Tanium -version: "1.10.3" +version: "1.11.0" description: This Elastic integration collects logs from Tanium with Elastic Agent. type: integration categories: diff --git a/packages/teleport/changelog.yml b/packages/teleport/changelog.yml index e4beaf568e4..92b9f2a025c 100644 --- a/packages/teleport/changelog.yml +++ b/packages/teleport/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 5fb1bad4fbe..e473bedc74b 100644 --- a/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -145,3 +145,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/teleport/manifest.yml b/packages/teleport/manifest.yml index 5c687bfe519..02243a5d39d 100644 --- a/packages/teleport/manifest.yml +++ b/packages/teleport/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: teleport title: "Teleport" -version: 1.0.0 +version: 1.1.0 source: license: "Elastic-2.0" description: "Collect logs from Teleport with Elastic Agent." diff --git a/packages/tenable_io/changelog.yml b/packages/tenable_io/changelog.yml index a73d11cafef..fdd06b1a082 100644 --- a/packages/tenable_io/changelog.yml +++ b/packages/tenable_io/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "3.2.1" changes: - description: Fix pagination progression logic. diff --git a/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 6c206b76296..f8d72ff27d5 100644 --- a/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -738,3 +738,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml index dddf802cfda..80dc359e6c6 100644 --- a/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml @@ -591,3 +591,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml index 849ef13fe18..d3cb1d23ac6 100644 --- a/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml @@ -71,3 +71,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 67e5a596820..ccd26af340c 100644 --- a/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -1035,3 +1035,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/tenable_io/manifest.yml b/packages/tenable_io/manifest.yml index 7e1762077f7..2023cf756c0 100644 --- a/packages/tenable_io/manifest.yml +++ b/packages/tenable_io/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: tenable_io title: Tenable Vulnerability Management -version: "3.2.1" +version: "3.3.0" description: Collect logs from Tenable Vulnerability Management with Elastic Agent. type: integration categories: diff --git a/packages/tenable_sc/changelog.yml b/packages/tenable_sc/changelog.yml index 9814380ded2..7a41b1c66ad 100644 --- a/packages/tenable_sc/changelog.yml +++ b/packages/tenable_sc/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.0" changes: - description: Rename connector to Tenable Security Center. diff --git a/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 345b3e1992d..3d2402b61a5 100644 --- a/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -290,6 +290,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml index f8b8eb8e0c8..7a7b5977e73 100644 --- a/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml @@ -412,6 +412,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 113b67b065d..3b47db038d1 100644 --- a/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -590,6 +590,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tenable_sc/manifest.yml b/packages/tenable_sc/manifest.yml index b17fff98ba6..2bb5af35f69 100644 --- a/packages/tenable_sc/manifest.yml +++ b/packages/tenable_sc/manifest.yml @@ -2,7 +2,7 @@ format_version: "3.0.2" name: tenable_sc title: Tenable Security Center # The version must be updated in the input configuration templates as well, in order to set the correct User-Agent header. Until elastic/kibana#121310 is implemented we will have to manually sync these. -version: "1.25.0" +version: "1.26.0" description: | Collect data from Tenable Security Center with Elastic Agent. type: integration diff --git a/packages/thycotic_ss/changelog.yml b/packages/thycotic_ss/changelog.yml index 967a163718f..7c0fbe52e23 100644 --- a/packages/thycotic_ss/changelog.yml +++ b/packages/thycotic_ss/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.9.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.8.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml b/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml index d372737bca2..b159a9378aa 100644 --- a/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml @@ -496,6 +496,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/thycotic_ss/manifest.yml b/packages/thycotic_ss/manifest.yml index 2d61a943ef8..0a73a832585 100644 --- a/packages/thycotic_ss/manifest.yml +++ b/packages/thycotic_ss/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: thycotic_ss title: "Thycotic Secret Server" -version: "1.8.1" +version: "1.9.0" source: license: "Elastic-2.0" description: "Thycotic Secret Server logs" diff --git a/packages/ti_abusech/changelog.yml b/packages/ti_abusech/changelog.yml index f770862c99c..97448afd460 100644 --- a/packages/ti_abusech/changelog.yml +++ b/packages/ti_abusech/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.3.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml index e088b8298da..03207788f3d 100644 --- a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml @@ -232,6 +232,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml index 45f6b5e80d9..4b41b1c2e7b 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml @@ -349,6 +349,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml index 6baeb868dc8..bc6fa68daa3 100644 --- a/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml @@ -282,6 +282,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml index e907b644c82..fd7feeaada1 100644 --- a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml @@ -228,6 +228,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/manifest.yml b/packages/ti_abusech/manifest.yml index 0d1b0cfe4b3..a0009c88412 100644 --- a/packages/ti_abusech/manifest.yml +++ b/packages/ti_abusech/manifest.yml @@ -1,6 +1,6 @@ name: ti_abusech title: AbuseCH -version: "2.3.5" +version: "2.4.0" description: Ingest threat intelligence indicators from URL Haus, Malware Bazaar, and Threat Fox feeds with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/ti_anomali/changelog.yml b/packages/ti_anomali/changelog.yml index a0c8c3163f4..fe72b762bc2 100644 --- a/packages/ti_anomali/changelog.yml +++ b/packages/ti_anomali/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.0" changes: - description: Support the ThreatStream API diff --git a/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml b/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml index c762729499c..639c09de60b 100644 --- a/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml @@ -604,3 +604,7 @@ on_failure: tag: set_event_kind_on_failure field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml b/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml index baad31861f0..77544b23cc4 100644 --- a/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml @@ -507,6 +507,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_anomali/manifest.yml b/packages/ti_anomali/manifest.yml index de4dd001347..2ad8a9db3a0 100644 --- a/packages/ti_anomali/manifest.yml +++ b/packages/ti_anomali/manifest.yml @@ -1,6 +1,6 @@ name: ti_anomali title: Anomali -version: "1.23.0" +version: "1.24.0" description: Ingest threat intelligence indicators from Anomali with Elastic Agent. type: integration format_version: 3.0.2 diff --git a/packages/ti_cif3/changelog.yml b/packages/ti_cif3/changelog.yml index a06aaa1f2fa..12d1502ba28 100644 --- a/packages/ti_cif3/changelog.yml +++ b/packages/ti_cif3/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.15.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.14.4" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml b/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml index 12364c5d9bd..add838065ac 100644 --- a/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml @@ -436,6 +436,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_cif3/manifest.yml b/packages/ti_cif3/manifest.yml index 624d233f0cb..d2e863830c5 100644 --- a/packages/ti_cif3/manifest.yml +++ b/packages/ti_cif3/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: ti_cif3 title: "Collective Intelligence Framework v3" -version: "1.14.4" +version: "1.15.0" description: "Ingest threat indicators from a Collective Intelligence Framework v3 instance with Elastic Agent." type: integration categories: diff --git a/packages/ti_crowdstrike/changelog.yml b/packages/ti_crowdstrike/changelog.yml index 686a9c99d6f..cc1af09c37a 100644 --- a/packages/ti_crowdstrike/changelog.yml +++ b/packages/ti_crowdstrike/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.0" changes: - description: Fix mapping type for `ioc.value` field. diff --git a/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml b/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml index e4e60c73b9e..2baf4c68700 100644 --- a/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml @@ -455,3 +455,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml b/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml index c00240cc797..9fc18091380 100644 --- a/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml @@ -377,3 +377,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_crowdstrike/manifest.yml b/packages/ti_crowdstrike/manifest.yml index c240cf7ed8a..18b8d19bfa8 100644 --- a/packages/ti_crowdstrike/manifest.yml +++ b/packages/ti_crowdstrike/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: ti_crowdstrike title: CrowdStrike Falcon Intelligence -version: "2.0.0" +version: "2.1.0" description: Collect logs from CrowdStrike Falcon Intelligence with Elastic Agent. type: integration categories: diff --git a/packages/ti_custom/changelog.yml b/packages/ti_custom/changelog.yml index 551ae28814d..2ebe541f8d1 100644 --- a/packages/ti_custom/changelog.yml +++ b/packages/ti_custom/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.3.0" changes: - description: Support for SSL and Proxy settings. diff --git a/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 2e1ba1346ff..74dbe924d51 100644 --- a/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -409,3 +409,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_custom/manifest.yml b/packages/ti_custom/manifest.yml index 787e497aefd..23a2d527b09 100644 --- a/packages/ti_custom/manifest.yml +++ b/packages/ti_custom/manifest.yml @@ -3,7 +3,7 @@ name: ti_custom title: Custom Threat Intelligence description: Ingest threat intelligence data in STIX 2.1 format with Elastic Agent type: integration -version: 0.3.0 +version: 0.4.0 categories: - custom - security diff --git a/packages/ti_cybersixgill/changelog.yml b/packages/ti_cybersixgill/changelog.yml index d44868411a3..0d3a7beedd2 100644 --- a/packages/ti_cybersixgill/changelog.yml +++ b/packages/ti_cybersixgill/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.31.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.30.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index e2e3ba06417..2b4c707a2d6 100644 --- a/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -357,6 +357,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_cybersixgill/manifest.yml b/packages/ti_cybersixgill/manifest.yml index 2ebfa536911..f8e97d215ad 100644 --- a/packages/ti_cybersixgill/manifest.yml +++ b/packages/ti_cybersixgill/manifest.yml @@ -1,6 +1,6 @@ name: ti_cybersixgill title: Cybersixgill -version: "1.30.5" +version: "1.31.0" description: Ingest threat intelligence indicators from Cybersixgill with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ti_eclecticiq/changelog.yml b/packages/ti_eclecticiq/changelog.yml index b4e054246b0..2184897234a 100644 --- a/packages/ti_eclecticiq/changelog.yml +++ b/packages/ti_eclecticiq/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.4" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index 15da7f3eb3c..7db5dfb2834 100644 --- a/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -428,4 +428,8 @@ on_failure: value: '{{{_ingest.on_failure_message}}}' - set: field: event.kind - value: pipeline_error \ No newline at end of file + value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true \ No newline at end of file diff --git a/packages/ti_eclecticiq/manifest.yml b/packages/ti_eclecticiq/manifest.yml index 81b792dad10..16727ab7e36 100644 --- a/packages/ti_eclecticiq/manifest.yml +++ b/packages/ti_eclecticiq/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: ti_eclecticiq title: EclecticIQ -version: "1.2.4" +version: "1.3.0" description: Ingest threat intelligence from EclecticIQ with Elastic Agent type: integration categories: diff --git a/packages/ti_eset/changelog.yml b/packages/ti_eset/changelog.yml index d4d4d641d89..2fd524d82d6 100644 --- a/packages/ti_eset/changelog.yml +++ b/packages/ti_eset/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml index 507622ce4e2..c5c3fa1dbc5 100644 --- a/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml @@ -164,3 +164,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml index aacf065fd66..306c7f6cceb 100644 --- a/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml @@ -154,3 +154,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml index afc52530395..f6fbc2d9c59 100644 --- a/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml @@ -146,3 +146,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml index 6b05027ff09..83ceefb6808 100644 --- a/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml @@ -149,4 +149,8 @@ on_failure: - set: field: event.kind tag: set_pipeline_error_to_event_kind - value: pipeline_error \ No newline at end of file + value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true \ No newline at end of file diff --git a/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml index eda74e0ec81..79678c3a570 100644 --- a/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml @@ -147,3 +147,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml index 26bbc667178..4b8e852c7c4 100644 --- a/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml @@ -147,3 +147,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml index 58c70ead77a..67518cb1ae7 100644 --- a/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml @@ -145,3 +145,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_eset/manifest.yml b/packages/ti_eset/manifest.yml index 2237507c7bf..4f91fce91c4 100644 --- a/packages/ti_eset/manifest.yml +++ b/packages/ti_eset/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: ti_eset title: "ESET Threat Intelligence" -version: "1.2.5" +version: "1.3.0" description: "Ingest threat intelligence indicators from ESET Threat Intelligence with Elastic Agent." type: integration categories: diff --git a/packages/ti_maltiverse/changelog.yml b/packages/ti_maltiverse/changelog.yml index b859c96241e..2b6425f63ad 100644 --- a/packages/ti_maltiverse/changelog.yml +++ b/packages/ti_maltiverse/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 945533a0d94..3145d2285f1 100644 --- a/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -306,3 +306,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_maltiverse/manifest.yml b/packages/ti_maltiverse/manifest.yml index b640e8de1de..83fa191e3fc 100644 --- a/packages/ti_maltiverse/manifest.yml +++ b/packages/ti_maltiverse/manifest.yml @@ -1,6 +1,6 @@ name: ti_maltiverse title: Maltiverse -version: "1.2.5" +version: "1.3.0" description: Ingest threat intelligence indicators from Maltiverse feeds with Elastic Agent type: integration format_version: 3.0.2 diff --git a/packages/ti_mandiant_advantage/changelog.yml b/packages/ti_mandiant_advantage/changelog.yml index fdca51f9810..5d0598fedc3 100644 --- a/packages/ti_mandiant_advantage/changelog.yml +++ b/packages/ti_mandiant_advantage/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.6.0" changes: - description: Add support for proxy configuration. diff --git a/packages/ti_mandiant_advantage/data_stream/threat_intelligence/elasticsearch/ingest_pipeline/default.yml b/packages/ti_mandiant_advantage/data_stream/threat_intelligence/elasticsearch/ingest_pipeline/default.yml index b5994b671cc..f40548a4716 100644 --- a/packages/ti_mandiant_advantage/data_stream/threat_intelligence/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_mandiant_advantage/data_stream/threat_intelligence/elasticsearch/ingest_pipeline/default.yml @@ -414,4 +414,8 @@ on_failure: - append: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: true allow_duplicates: false diff --git a/packages/ti_mandiant_advantage/manifest.yml b/packages/ti_mandiant_advantage/manifest.yml index d542ffd4595..8dfd9488fdd 100644 --- a/packages/ti_mandiant_advantage/manifest.yml +++ b/packages/ti_mandiant_advantage/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.2 name: ti_mandiant_advantage title: "Mandiant Advantage" -version: "1.6.0" +version: "1.7.0" source: license: "Elastic-2.0" description: "Collect Threat Intelligence from products within the Mandiant Advantage platform." diff --git a/packages/ti_misp/changelog.yml b/packages/ti_misp/changelog.yml index 8771515ff53..1e81366e316 100644 --- a/packages/ti_misp/changelog.yml +++ b/packages/ti_misp/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.36.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.35.8" changes: - description: Fix the handling of duplicated events with fingerprint processors. diff --git a/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index a7e5544d8b5..c2c6f820f98 100644 --- a/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -463,6 +463,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml b/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml index 320130ef1a5..1a77393b73b 100644 --- a/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml @@ -558,6 +558,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_misp/manifest.yml b/packages/ti_misp/manifest.yml index 60429c5c34a..689f4428e88 100644 --- a/packages/ti_misp/manifest.yml +++ b/packages/ti_misp/manifest.yml @@ -1,6 +1,6 @@ name: ti_misp title: MISP -version: "1.35.8" +version: "1.36.0" description: Ingest threat intelligence indicators from MISP platform with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ti_opencti/changelog.yml b/packages/ti_opencti/changelog.yml index 24e7d7c3cfa..5b04fc61f20 100644 --- a/packages/ti_opencti/changelog.yml +++ b/packages/ti_opencti/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.3.4" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 4fe6da87a91..72827e3ff3c 100644 --- a/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -901,3 +901,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_opencti/manifest.yml b/packages/ti_opencti/manifest.yml index 8c96144c853..7635cec3fe1 100644 --- a/packages/ti_opencti/manifest.yml +++ b/packages/ti_opencti/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: ti_opencti title: OpenCTI -version: "2.3.4" +version: "2.4.0" description: "Ingest threat intelligence indicators from OpenCTI with Elastic Agent." type: integration source: diff --git a/packages/ti_otx/changelog.yml b/packages/ti_otx/changelog.yml index 7cacdad41d5..4b2e973e96e 100644 --- a/packages/ti_otx/changelog.yml +++ b/packages/ti_otx/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml b/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml index 2c10fabe8fe..8f181a296f8 100644 --- a/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml @@ -339,6 +339,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index ff55927d0c4..b22de1d6785 100644 --- a/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -216,6 +216,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_otx/manifest.yml b/packages/ti_otx/manifest.yml index 7391f9ec45a..67dd3472cca 100644 --- a/packages/ti_otx/manifest.yml +++ b/packages/ti_otx/manifest.yml @@ -1,6 +1,6 @@ name: ti_otx title: AlienVault OTX -version: "1.25.3" +version: "1.26.0" description: Ingest threat intelligence indicators from AlienVault Open Threat Exchange (OTX) with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ti_rapid7_threat_command/changelog.yml b/packages/ti_rapid7_threat_command/changelog.yml index 3621e4c9922..5f66e2dde7d 100644 --- a/packages/ti_rapid7_threat_command/changelog.yml +++ b/packages/ti_rapid7_threat_command/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 79c492dc098..a5896a40a80 100644 --- a/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -245,6 +245,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml b/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml index 660a7bcedfc..25bd74b58f8 100644 --- a/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml @@ -446,6 +446,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 835b8c7e456..268628d8e7a 100644 --- a/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -342,6 +342,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_rapid7_threat_command/manifest.yml b/packages/ti_rapid7_threat_command/manifest.yml index 15d1c4ddbc4..ade186723f8 100644 --- a/packages/ti_rapid7_threat_command/manifest.yml +++ b/packages/ti_rapid7_threat_command/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.2 name: ti_rapid7_threat_command title: Rapid7 Threat Command -version: "2.0.3" +version: "2.1.0" description: Collect threat intelligence from Threat Command API with Elastic Agent. type: integration categories: ["security", "threat_intel"] diff --git a/packages/ti_recordedfuture/changelog.yml b/packages/ti_recordedfuture/changelog.yml index c43275ebc30..723e36ed1f7 100644 --- a/packages/ti_recordedfuture/changelog.yml +++ b/packages/ti_recordedfuture/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.26.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index 30b7cb1cc76..116ba4a1186 100644 --- a/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -361,6 +361,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_recordedfuture/manifest.yml b/packages/ti_recordedfuture/manifest.yml index 126347f3d68..df7817d8289 100644 --- a/packages/ti_recordedfuture/manifest.yml +++ b/packages/ti_recordedfuture/manifest.yml @@ -1,6 +1,6 @@ name: ti_recordedfuture title: Recorded Future -version: "1.26.3" +version: "1.27.0" description: Ingest threat intelligence indicators from Recorded Future risk lists with Elastic Agent. type: integration format_version: 3.0.2 diff --git a/packages/ti_threatconnect/changelog.yml b/packages/ti_threatconnect/changelog.yml index 6ece2cca1a1..e1b67a2a161 100644 --- a/packages/ti_threatconnect/changelog.yml +++ b/packages/ti_threatconnect/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.0" changes: - description: Add in technique.name field to the transform. Remove milliseconds from TQL query. diff --git a/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 8cb6aa46f78..fff2716fe7e 100644 --- a/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -2234,3 +2234,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/ti_threatconnect/manifest.yml b/packages/ti_threatconnect/manifest.yml index fd99819f5fe..2fbf8c7df80 100644 --- a/packages/ti_threatconnect/manifest.yml +++ b/packages/ti_threatconnect/manifest.yml @@ -2,7 +2,7 @@ format_version: 3.0.3 name: ti_threatconnect title: ThreatConnect -version: "1.3.0" +version: "1.4.0" description: Collects Indicators from ThreatConnect using the Elastic Agent and saves them as logs inside Elastic type: integration categories: diff --git a/packages/ti_threatq/changelog.yml b/packages/ti_threatq/changelog.yml index ba571d452fe..f16b96b1580 100644 --- a/packages/ti_threatq/changelog.yml +++ b/packages/ti_threatq/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.29.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.28.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index b122c24c9bc..06e0ffd6ae5 100644 --- a/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -442,6 +442,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_threatq/manifest.yml b/packages/ti_threatq/manifest.yml index f2e0d96b2ed..410e9ffb1ec 100644 --- a/packages/ti_threatq/manifest.yml +++ b/packages/ti_threatq/manifest.yml @@ -1,6 +1,6 @@ name: ti_threatq title: ThreatQuotient -version: "1.28.3" +version: "1.29.0" description: Ingest threat intelligence indicators from ThreatQuotient with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/tines/changelog.yml b/packages/tines/changelog.yml index cc885b29983..c051959f022 100644 --- a/packages/tines/changelog.yml +++ b/packages/tines/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.13.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.12.2" changes: - description: Fix handling of multimorphic `tines.audit_log.inputs.inputs.options` fields. diff --git a/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml b/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml index b4cea1903d5..9d9080f9901 100644 --- a/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml @@ -205,6 +205,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml b/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml index e2b7efca05e..7aa150f922e 100644 --- a/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml @@ -63,6 +63,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tines/manifest.yml b/packages/tines/manifest.yml index 4896dd633f2..16f4250756c 100644 --- a/packages/tines/manifest.yml +++ b/packages/tines/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.1.0" name: tines title: "Tines" -version: "1.12.2" +version: "1.13.0" description: "Tines Logs & Time Saved Reports" type: integration categories: diff --git a/packages/trellix_edr_cloud/changelog.yml b/packages/trellix_edr_cloud/changelog.yml index 6627cfbd5f3..5a54219ba26 100644 --- a/packages/trellix_edr_cloud/changelog.yml +++ b/packages/trellix_edr_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.1" changes: - description: Fix definition of subfields of nested objects diff --git a/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 7fb5d8a1ced..84676b001fd 100644 --- a/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -940,3 +940,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/trellix_edr_cloud/manifest.yml b/packages/trellix_edr_cloud/manifest.yml index 9f3d446f8a6..41c85ec0741 100644 --- a/packages/trellix_edr_cloud/manifest.yml +++ b/packages/trellix_edr_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: trellix_edr_cloud title: Trellix EDR Cloud -version: "1.2.1" +version: "1.3.0" description: Collect logs from Trellix EDR Cloud with Elastic Agent. type: integration categories: diff --git a/packages/trellix_epo_cloud/changelog.yml b/packages/trellix_epo_cloud/changelog.yml index e7276684d5f..dea19cde645 100644 --- a/packages/trellix_epo_cloud/changelog.yml +++ b/packages/trellix_epo_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.12.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.11.0" changes: - description: Removed import_mappings. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml index c94482f5a01..2686e6616bf 100644 --- a/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml @@ -487,3 +487,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 74975faa94e..b5989474412 100644 --- a/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -664,3 +664,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml index 0f740190299..3b5201ac353 100644 --- a/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -184,3 +184,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true diff --git a/packages/trellix_epo_cloud/manifest.yml b/packages/trellix_epo_cloud/manifest.yml index 301b76ad472..978790a58f7 100644 --- a/packages/trellix_epo_cloud/manifest.yml +++ b/packages/trellix_epo_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: trellix_epo_cloud title: Trellix ePO Cloud -version: "1.11.0" +version: "1.12.0" source: license: Elastic-2.0 description: Collect logs from Trellix ePO Cloud with Elastic Agent. diff --git a/packages/trend_micro_vision_one/changelog.yml b/packages/trend_micro_vision_one/changelog.yml index ec7e7bc3b2b..9cafb74577c 100644 --- a/packages/trend_micro_vision_one/changelog.yml +++ b/packages/trend_micro_vision_one/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.22.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.21.1" changes: - description: Add missing regional URL documentation. diff --git a/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index fc26c97a8bf..4453277850a 100644 --- a/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -601,6 +601,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 93168f2cdc5..9bb10cafbb8 100644 --- a/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -172,6 +172,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml b/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml index 1ad788e9ad1..e4c81ccb911 100644 --- a/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml @@ -995,6 +995,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: true - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/trend_micro_vision_one/manifest.yml b/packages/trend_micro_vision_one/manifest.yml index cde76f91bb5..7237bfc1dd1 100644 --- a/packages/trend_micro_vision_one/manifest.yml +++ b/packages/trend_micro_vision_one/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: trend_micro_vision_one title: Trend Micro Vision One -version: "1.21.1" +version: "1.22.0" description: Collect logs from Trend Micro Vision One with Elastic Agent. type: integration categories: @@ -32,12 +32,7 @@ policy_templates: - name: hostname type: text title: Regional Domain URL - description: >- - Trend Micro Vision One URL to connect to the API. The URL domain used for this - configuration is the domain for the region where your service endpoint is hosted. - See the [Trend Vision One documentation](https://automation.trendmicro.com/xdr/Guides/Regional-domains) - for the domain for your region. Enter the the HTTPS URL for your domain, `https://