Add back custom.yml files to LotL, DGA packages (#10823)

* Add back custom.yml files to LotL, DGA packages * add to changelog, bump package manifest version * add `base-fields.yml` to pass tests
elastic · Aug 20, 2024 · 5589950 · 5589950
1 parent d30749f
commit 5589950
Show file tree

Hide file tree

Showing 8 changed files with 46 additions and 2 deletions.
diff --git a/packages/dga/changelog.yml b/packages/dga/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.0.4"
+  changes:
+    - description: Add fields for integration package testing
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/10823
 - version: "2.0.3"
   changes:
     - description: Add mapping instructions

diff --git a/packages/dga/fields/base-fields.yml b/packages/dga/fields/base-fields.yml
@@ -0,0 +1,12 @@
+- name: data_stream.type
+  type: constant_keyword
+  description: Data stream type.
+- name: data_stream.dataset
+  type: constant_keyword
+  description: Data stream dataset.
+- name: data_stream.namespace
+  type: constant_keyword
+  description: Data stream namespace.
+- name: '@timestamp'
+  type: date
+  description: Event timestamp.
diff --git a/packages/dga/fields/custom.yml b/packages/dga/fields/custom.yml
@@ -0,0 +1,4 @@
+- name: ml_is_dga.malicious_prediction
+  type: long
+- name: ml_is_dga.malicious_probability
+  type: float
diff --git a/packages/dga/manifest.yml b/packages/dga/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 2.2.0
 name: dga
 title: "Domain Generation Algorithm Detection"
-version: 2.0.3
+version: 2.0.4
 source:
   license: "Elastic-2.0"
 description: "ML solution package to detect domain generation algorithm (DGA) activity in your network data."

diff --git a/packages/problemchild/changelog.yml b/packages/problemchild/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.1.5"
+  changes:
+    - description: Add fields for integration package testing
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/10823
 - version: "2.1.4"
   changes:
     - description: Add mapping instructions

diff --git a/packages/problemchild/fields/base-fields.yml b/packages/problemchild/fields/base-fields.yml
@@ -0,0 +1,12 @@
+- name: data_stream.type
+  type: constant_keyword
+  description: Data stream type.
+- name: data_stream.dataset
+  type: constant_keyword
+  description: Data stream dataset.
+- name: data_stream.namespace
+  type: constant_keyword
+  description: Data stream namespace.
+- name: '@timestamp'
+  type: date
+  description: Event timestamp.
diff --git a/packages/problemchild/fields/custom.yml b/packages/problemchild/fields/custom.yml
@@ -0,0 +1,6 @@
+- name: problemchild.prediction
+  type: long
+- name: problemchild.prediction_probability
+  type: float
+- name: blocklist_label
+  type: long
diff --git a/packages/problemchild/manifest.yml b/packages/problemchild/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 3.0.0
 name: problemchild
 title: "Living off the Land Attack Detection"
-version: 2.1.4
+version: 2.1.5
 source:
   license: "Elastic-2.0"
 description: "ML solution package to detect Living off the Land (LotL) attacks in your environment. Requires a Platinum subscription."