From 829bdb607768f696f955abb729f893b523eac673 Mon Sep 17 00:00:00 2001 From: Dan Kortschak Date: Tue, 10 Dec 2024 11:56:00 +1030 Subject: [PATCH] ssi_all: add "preserve_original_event" tag to documents with event.kind set to "pipeline_error" Omit problematic package: eset_protect, jamf_protect and ti_mandiant_advantage. [git-generate] for f in $( ( for p in $( yq 'select(.owner.github == "elastic/security-service-integrations")|.name' packages/**/manifest.yml \ | grep -v -- --- ); do rg -l -g 'default.yml' "value: pipeline_error" packages/$p done )|sort|uniq|egrep -v 'eset_protect|google_workspace|jamf_protect|ti_mandiant_advantage' ); do (grep 'value: preserve_original_event' $f >/dev/null 2>&1) && continue perl -i -pe 'BEGIN{undef $/;} s/([a-z:"]) ( *)(- set:.*value: pipeline_error)/$1 $2$3 $2- append: $2 field: tags $2 value: preserve_original_event $2 allow_duplicates: false/smg' $f done for p in $(git diff --name-only HEAD~1|cut -d/ -f1,2|sort|uniq); do ( cd $p elastic-package changelog add \ --description 'Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".' \ --type enhancement \ --next minor \ --link https://github.com/elastic/integrations/pull/12046 )>/dev/null 2>&1 done --- packages/1password/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/1password/manifest.yml | 2 +- packages/abnormal_security/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../case/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/abnormal_security/manifest.yml | 2 +- packages/akamai/changelog.yml | 5 +++++ .../siem/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/akamai/manifest.yml | 2 +- packages/amazon_security_lake/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/amazon_security_lake/manifest.yml | 2 +- packages/atlassian_bitbucket/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/atlassian_bitbucket/manifest.yml | 2 +- packages/atlassian_confluence/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/atlassian_confluence/manifest.yml | 2 +- packages/atlassian_jira/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/atlassian_jira/manifest.yml | 2 +- packages/auth0/changelog.yml | 5 +++++ .../logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/auth0/manifest.yml | 2 +- packages/authentik/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/authentik/manifest.yml | 2 +- packages/aws_bedrock/changelog.yml | 5 +++++ .../runtime/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/aws_bedrock/manifest.yml | 2 +- packages/azure_frontdoor/changelog.yml | 5 +++++ .../access/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../waf/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/azure_frontdoor/manifest.yml | 2 +- packages/azure_network_watcher_nsg/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/azure_network_watcher_nsg/manifest.yml | 2 +- packages/azure_network_watcher_vnet/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/azure_network_watcher_vnet/manifest.yml | 2 +- packages/barracuda/changelog.yml | 5 +++++ .../waf/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/barracuda/manifest.yml | 2 +- packages/barracuda_cloudgen_firewall/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/barracuda_cloudgen_firewall/manifest.yml | 2 +- packages/bbot/changelog.yml | 5 +++++ .../asm_intel/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/bbot/manifest.yml | 2 +- packages/bitdefender/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/bitdefender/manifest.yml | 2 +- packages/bitwarden/changelog.yml | 5 +++++ .../collection/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../member/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../policy/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/bitwarden/manifest.yml | 2 +- packages/blacklens/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/blacklens/manifest.yml | 2 +- packages/box_events/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/box_events/manifest.yml | 2 +- packages/canva/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/canva/manifest.yml | 2 +- packages/carbon_black_cloud/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../alert_v7/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/carbon_black_cloud/manifest.yml | 2 +- packages/carbonblack_edr/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/carbonblack_edr/manifest.yml | 2 +- packages/checkpoint_email/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/checkpoint_email/manifest.yml | 2 +- packages/checkpoint_harmony_endpoint/changelog.yml | 5 +++++ .../antibot/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../forensics/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/checkpoint_harmony_endpoint/manifest.yml | 2 +- packages/cisa_kevs/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisa_kevs/manifest.yml | 2 +- packages/cisco_duo/changelog.yml | 5 +++++ .../activity/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../admin/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../auth/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../summary/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../telephony/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_duo/manifest.yml | 2 +- packages/cisco_meraki/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_meraki/manifest.yml | 2 +- packages/cisco_secure_endpoint/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_secure_endpoint/manifest.yml | 2 +- packages/cisco_umbrella/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cisco_umbrella/manifest.yml | 2 +- packages/claroty_ctd/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../baseline/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/claroty_ctd/manifest.yml | 2 +- packages/cloudflare/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../logpull/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cloudflare/manifest.yml | 2 +- packages/cloudflare_logpush/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../casb/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../magic_ids/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../nel_report/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cloudflare_logpush/manifest.yml | 2 +- packages/crowdstrike/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../falcon/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../fdr/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../host/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/crowdstrike/manifest.yml | 2 +- packages/cyberark_pta/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cyberark_pta/manifest.yml | 2 +- packages/cyberarkpas/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../monitor/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cyberarkpas/manifest.yml | 2 +- packages/cybereason/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../malware/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../poll_malop/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cybereason/manifest.yml | 2 +- packages/cylance/changelog.yml | 5 +++++ .../protect/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/cylance/manifest.yml | 2 +- packages/darktrace/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/darktrace/manifest.yml | 2 +- packages/digital_guardian/changelog.yml | 5 +++++ .../arc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/digital_guardian/manifest.yml | 2 +- packages/entityanalytics_ad/changelog.yml | 5 +++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/entityanalytics_ad/manifest.yml | 2 +- packages/entityanalytics_entra_id/changelog.yml | 5 +++++ .../entity/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/entityanalytics_entra_id/manifest.yml | 2 +- packages/entityanalytics_okta/changelog.yml | 5 +++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/entityanalytics_okta/manifest.yml | 2 +- packages/f5/changelog.yml | 5 +++++ .../bigipafm/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../bigipapm/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/f5/manifest.yml | 2 +- packages/f5_bigip/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/f5_bigip/manifest.yml | 2 +- packages/falco/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/falco/manifest.yml | 2 +- packages/fireeye/changelog.yml | 5 +++++ .../nx/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/fireeye/manifest.yml | 2 +- packages/first_epss/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/first_epss/manifest.yml | 2 +- packages/forcepoint_web/changelog.yml | 5 +++++ .../logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/forcepoint_web/manifest.yml | 2 +- packages/forgerock/changelog.yml | 5 +++++ .../am_access/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../am_config/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../am_core/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_access/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_config/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_core/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../idm_sync/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/forgerock/manifest.yml | 2 +- packages/gigamon/changelog.yml | 5 +++++ .../ami/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/gigamon/manifest.yml | 2 +- packages/github/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dependabot/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../issues/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/github/manifest.yml | 2 +- packages/gitlab/changelog.yml | 5 +++++ .../api/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../auth/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../pages/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../production/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../sidekiq/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/gitlab/manifest.yml | 2 +- packages/google_scc/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../finding/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../source/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/google_scc/manifest.yml | 2 +- packages/imperva_cloud_waf/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/imperva_cloud_waf/manifest.yml | 2 +- packages/infoblox_bloxone_ddi/changelog.yml | 5 +++++ .../dhcp_lease/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns_config/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns_data/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/infoblox_bloxone_ddi/manifest.yml | 2 +- packages/infoblox_nios/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/infoblox_nios/manifest.yml | 2 +- packages/jamf_compliance_reporter/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/jamf_compliance_reporter/manifest.yml | 2 +- packages/jamf_pro/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../inventory/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/jamf_pro/manifest.yml | 2 +- packages/jumpcloud/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/jumpcloud/manifest.yml | 2 +- packages/keycloak/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/keycloak/manifest.yml | 2 +- packages/lastpass/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../user/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/lastpass/manifest.yml | 2 +- packages/lumos/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/lumos/manifest.yml | 2 +- packages/lyve_cloud/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/lyve_cloud/manifest.yml | 2 +- packages/m365_defender/changelog.yml | 9 +++++++-- .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/m365_defender/manifest.yml | 2 +- packages/mattermost/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/mattermost/manifest.yml | 2 +- packages/menlo/changelog.yml | 5 +++++ .../dlp/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../web/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/menlo/manifest.yml | 2 +- packages/microsoft_defender_cloud/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/microsoft_defender_cloud/manifest.yml | 2 +- packages/microsoft_defender_endpoint/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/microsoft_defender_endpoint/manifest.yml | 2 +- .../changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../microsoft_exchange_online_message_trace/manifest.yml | 2 +- packages/microsoft_sentinel/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/microsoft_sentinel/manifest.yml | 2 +- packages/mimecast/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dlp_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../siem_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/mimecast/manifest.yml | 2 +- packages/netskope/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/netskope/manifest.yml | 2 +- packages/o365/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/o365/manifest.yml | 2 +- packages/okta/changelog.yml | 5 +++++ .../system/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/okta/manifest.yml | 8 ++------ packages/opencanary/changelog.yml | 5 +++++ .../events/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/opencanary/manifest.yml | 2 +- packages/panw_cortex_xdr/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incidents/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/panw_cortex_xdr/manifest.yml | 2 +- packages/ping_one/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ping_one/manifest.yml | 2 +- packages/pps/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/pps/manifest.yml | 2 +- packages/prisma_access/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/prisma_access/manifest.yml | 2 +- packages/prisma_cloud/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../host/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 6 +++++- packages/prisma_cloud/manifest.yml | 2 +- packages/proofpoint_on_demand/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../mail/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../message/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/proofpoint_on_demand/manifest.yml | 2 +- packages/proofpoint_tap/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/proofpoint_tap/manifest.yml | 2 +- packages/pulse_connect_secure/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/pulse_connect_secure/manifest.yml | 2 +- packages/qualys_vmdr/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/qualys_vmdr/manifest.yml | 2 +- packages/rapid7_insightvm/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/rapid7_insightvm/manifest.yml | 2 +- packages/santa/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/santa/manifest.yml | 2 +- packages/sentinel_one/changelog.yml | 5 +++++ .../activity/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../agent/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sentinel_one/manifest.yml | 2 +- packages/sentinel_one_cloud_funnel/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sentinel_one_cloud_funnel/manifest.yml | 5 +---- packages/servicenow/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/servicenow/manifest.yml | 4 ++-- packages/slack/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/slack/manifest.yml | 2 +- packages/snyk/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../issues/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/snyk/manifest.yml | 2 +- packages/sophos_central/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sophos_central/manifest.yml | 2 +- packages/spycloud/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../compass/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/spycloud/manifest.yml | 2 +- packages/sublime_security/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/sublime_security/manifest.yml | 2 +- packages/symantec_edr_cloud/changelog.yml | 5 +++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/symantec_edr_cloud/manifest.yml | 2 +- packages/symantec_endpoint/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/symantec_endpoint/manifest.yml | 2 +- packages/symantec_endpoint_security/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../incident/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/symantec_endpoint_security/manifest.yml | 2 +- packages/sysdig/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 6 +++++- packages/sysdig/manifest.yml | 2 +- packages/tanium/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../discover/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../reporting/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tanium/manifest.yml | 2 +- packages/teleport/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/teleport/manifest.yml | 2 +- packages/tenable_io/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../plugin/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../scan/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tenable_io/manifest.yml | 2 +- packages/tenable_sc/changelog.yml | 5 +++++ .../asset/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../plugin/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tenable_sc/manifest.yml | 2 +- packages/thycotic_ss/changelog.yml | 5 +++++ .../logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/thycotic_ss/manifest.yml | 2 +- packages/ti_abusech/changelog.yml | 5 +++++ .../malware/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threatfox/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../url/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_abusech/manifest.yml | 2 +- packages/ti_anomali/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_anomali/manifest.yml | 2 +- packages/ti_cif3/changelog.yml | 5 +++++ .../feed/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_cif3/manifest.yml | 2 +- packages/ti_crowdstrike/changelog.yml | 5 +++++ .../intel/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ioc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_crowdstrike/manifest.yml | 2 +- packages/ti_custom/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_custom/manifest.yml | 2 +- packages/ti_cybersixgill/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_cybersixgill/manifest.yml | 2 +- packages/ti_eclecticiq/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 6 +++++- packages/ti_eclecticiq/manifest.yml | 2 +- packages/ti_eset/changelog.yml | 5 +++++ .../apt/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../botnet/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../domains/elasticsearch/ingest_pipeline/default.yml | 6 +++++- .../files/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ip/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../url/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_eset/manifest.yml | 2 +- packages/ti_maltiverse/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_maltiverse/manifest.yml | 2 +- packages/ti_misp/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_misp/manifest.yml | 2 +- packages/ti_opencti/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_opencti/manifest.yml | 2 +- packages/ti_otx/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_otx/manifest.yml | 2 +- packages/ti_rapid7_threat_command/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ioc/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_rapid7_threat_command/manifest.yml | 2 +- packages/ti_recordedfuture/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_recordedfuture/manifest.yml | 2 +- packages/ti_threatconnect/changelog.yml | 5 +++++ .../indicator/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_threatconnect/manifest.yml | 2 +- packages/ti_threatq/changelog.yml | 5 +++++ .../threat/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/ti_threatq/manifest.yml | 2 +- packages/tines/changelog.yml | 5 +++++ .../audit_logs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../time_saved/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tines/manifest.yml | 2 +- packages/trellix_edr_cloud/changelog.yml | 5 +++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trellix_edr_cloud/manifest.yml | 2 +- packages/trellix_epo_cloud/changelog.yml | 5 +++++ .../device/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../event/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../group/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trellix_epo_cloud/manifest.yml | 2 +- packages/trend_micro_vision_one/changelog.yml | 5 +++++ .../alert/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../detection/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trend_micro_vision_one/manifest.yml | 9 ++------- packages/trendmicro/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/trendmicro/manifest.yml | 2 +- packages/tychon/changelog.yml | 5 +++++ .../arp/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../browser/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../ciphers/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cmrs/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../coams/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cpu/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../cve/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../epp/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../features/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../harddrive/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../hardware/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../host/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../stig/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../volume/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/tychon/manifest.yml | 2 +- packages/vectra_detect/changelog.yml | 5 +++++ .../log/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/vectra_detect/manifest.yml | 2 +- packages/wiz/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../issue/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/wiz/manifest.yml | 2 +- packages/zerofox/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zerofox/manifest.yml | 2 +- packages/zeronetworks/changelog.yml | 5 +++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zeronetworks/manifest.yml | 2 +- packages/zoom/changelog.yml | 5 +++++ .../webhook/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zoom/manifest.yml | 2 +- packages/zscaler_zia/changelog.yml | 5 +++++ .../alerts/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../dns/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../firewall/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../tunnel/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../web/elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zscaler_zia/manifest.yml | 2 +- packages/zscaler_zpa/changelog.yml | 5 +++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../audit/elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ .../elasticsearch/ingest_pipeline/default.yml | 4 ++++ packages/zscaler_zpa/manifest.yml | 2 +- 596 files changed, 2127 insertions(+), 154 deletions(-) diff --git a/packages/1password/changelog.yml b/packages/1password/changelog.yml index 6a454d58425..a3f8585af3e 100644 --- a/packages/1password/changelog.yml +++ b/packages/1password/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.31.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.30.2" changes: - description: Unify the use of `user.full_name` and `user.name` in all data streams. diff --git a/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml b/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml index 08635474654..9aae30daa3d 100644 --- a/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml @@ -138,6 +138,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml b/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml index e4eed5b408e..d0025485384 100644 --- a/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml +++ b/packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml @@ -134,6 +134,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml b/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml index 7a973887915..cf0563ca2f9 100644 --- a/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml @@ -148,6 +148,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/1password/manifest.yml b/packages/1password/manifest.yml index 4d0e9b8e301..36fa3787542 100644 --- a/packages/1password/manifest.yml +++ b/packages/1password/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: 1password title: "1Password" -version: "1.30.2" +version: "1.31.0" description: Collect logs from 1Password with Elastic Agent. type: integration categories: diff --git a/packages/abnormal_security/changelog.yml b/packages/abnormal_security/changelog.yml index e5e73c70025..537069b9e02 100644 --- a/packages/abnormal_security/changelog.yml +++ b/packages/abnormal_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.1" changes: - description: Fix broken link for the Abnormal Security integration. diff --git a/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml index da2a071b160..08666a07db7 100644 --- a/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml @@ -283,3 +283,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 284e614caa2..4842ed12a84 100644 --- a/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -259,3 +259,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml index 143b1a2d21b..a91947c09a8 100644 --- a/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml @@ -222,3 +222,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index 6c8ed420791..e2489abcf28 100644 --- a/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -543,3 +543,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/abnormal_security/manifest.yml b/packages/abnormal_security/manifest.yml index 7914dd20de9..da86e876d4c 100644 --- a/packages/abnormal_security/manifest.yml +++ b/packages/abnormal_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: abnormal_security title: Abnormal Security -version: 1.0.1 +version: 1.1.0 description: Collect logs from Abnormal Security with Elastic Agent. type: integration categories: diff --git a/packages/akamai/changelog.yml b/packages/akamai/changelog.yml index 62066f2abe4..2f87d1df3f9 100644 --- a/packages/akamai/changelog.yml +++ b/packages/akamai/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.26.0" changes: - description: Handle input leniently. diff --git a/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml b/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml index 99b90723851..3e8ca8509e3 100644 --- a/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml +++ b/packages/akamai/data_stream/siem/elasticsearch/ingest_pipeline/default.yml @@ -545,6 +545,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: >- diff --git a/packages/akamai/manifest.yml b/packages/akamai/manifest.yml index cf245974323..58dde876014 100644 --- a/packages/akamai/manifest.yml +++ b/packages/akamai/manifest.yml @@ -1,6 +1,6 @@ name: akamai title: Akamai -version: "2.26.0" +version: "2.27.0" description: Collect logs from Akamai with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/amazon_security_lake/changelog.yml b/packages/amazon_security_lake/changelog.yml index 294689e3035..f06dab78cc0 100644 --- a/packages/amazon_security_lake/changelog.yml +++ b/packages/amazon_security_lake/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.0" changes: - description: Updated to support OCSF v1.1.0. with major pipeline rework and dynamic mapping support. diff --git a/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 8a553ded23d..2ae2c7bf157 100644 --- a/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -1453,3 +1453,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/amazon_security_lake/manifest.yml b/packages/amazon_security_lake/manifest.yml index c8ab9b1cc65..a4588c779df 100644 --- a/packages/amazon_security_lake/manifest.yml +++ b/packages/amazon_security_lake/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: amazon_security_lake title: Amazon Security Lake -version: "2.0.0" +version: "2.1.0" description: Collect logs from Amazon Security Lake with Elastic Agent. type: integration categories: ["aws", "security"] diff --git a/packages/atlassian_bitbucket/changelog.yml b/packages/atlassian_bitbucket/changelog.yml index c31a2e6dab7..bf8e66d5f71 100644 --- a/packages/atlassian_bitbucket/changelog.yml +++ b/packages/atlassian_bitbucket/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.2.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 3568aa10090..7cad4d0abd2 100644 --- a/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/atlassian_bitbucket/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -443,6 +443,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/atlassian_bitbucket/manifest.yml b/packages/atlassian_bitbucket/manifest.yml index 2ff31f3e3f0..3bfe9415817 100644 --- a/packages/atlassian_bitbucket/manifest.yml +++ b/packages/atlassian_bitbucket/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: atlassian_bitbucket title: Atlassian Bitbucket -version: "2.2.2" +version: "2.3.0" description: Collect logs from Atlassian Bitbucket with Elastic Agent. type: integration categories: diff --git a/packages/atlassian_confluence/changelog.yml b/packages/atlassian_confluence/changelog.yml index 5312452317f..990f7320bc5 100644 --- a/packages/atlassian_confluence/changelog.yml +++ b/packages/atlassian_confluence/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.26.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 4a1020786e2..d557cde61cf 100644 --- a/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/atlassian_confluence/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -434,6 +434,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/atlassian_confluence/manifest.yml b/packages/atlassian_confluence/manifest.yml index e8c343b02b5..3b64de7a91b 100644 --- a/packages/atlassian_confluence/manifest.yml +++ b/packages/atlassian_confluence/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: atlassian_confluence title: Atlassian Confluence -version: "1.26.1" +version: "1.27.0" description: Collect logs from Atlassian Confluence with Elastic Agent. type: integration categories: diff --git a/packages/atlassian_jira/changelog.yml b/packages/atlassian_jira/changelog.yml index 1a6d8c92c39..bcc63de1b9b 100644 --- a/packages/atlassian_jira/changelog.yml +++ b/packages/atlassian_jira/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.28.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.27.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 1bee685949c..1d746c20310 100644 --- a/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/atlassian_jira/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -413,6 +413,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/atlassian_jira/manifest.yml b/packages/atlassian_jira/manifest.yml index 67ea4bcab73..01861745b2b 100644 --- a/packages/atlassian_jira/manifest.yml +++ b/packages/atlassian_jira/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: atlassian_jira title: Atlassian Jira -version: "1.27.2" +version: "1.28.0" description: Collect logs from Atlassian Jira with Elastic Agent. type: integration categories: diff --git a/packages/auth0/changelog.yml b/packages/auth0/changelog.yml index e4bce9d96aa..f50393ee696 100644 --- a/packages/auth0/changelog.yml +++ b/packages/auth0/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.1" changes: - description: Fix dashboard visualisations containing empty data. diff --git a/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml b/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml index a9737e6e12f..aef1fee143a 100644 --- a/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/auth0/data_stream/logs/elasticsearch/ingest_pipeline/default.yml @@ -1105,6 +1105,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/auth0/manifest.yml b/packages/auth0/manifest.yml index ec5f4481253..6826922b079 100644 --- a/packages/auth0/manifest.yml +++ b/packages/auth0/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: auth0 title: "Auth0" -version: "1.18.1" +version: "1.19.0" description: Collect logs from Auth0 with Elastic Agent. type: integration categories: diff --git a/packages/authentik/changelog.yml b/packages/authentik/changelog.yml index acf2d619d8f..d65c6e28e49 100644 --- a/packages/authentik/changelog.yml +++ b/packages/authentik/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml index d2ea6dec1e2..080d4fd5df9 100644 --- a/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -520,3 +520,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml index 6c35a9b6eb7..73104735930 100644 --- a/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -160,3 +160,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml index 6241cd8a8f2..975bde1f01d 100644 --- a/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -218,3 +218,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/authentik/manifest.yml b/packages/authentik/manifest.yml index 614a0eb2196..f65d5ef74ac 100644 --- a/packages/authentik/manifest.yml +++ b/packages/authentik/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: authentik title: authentik -version: 1.0.0 +version: 1.1.0 description: Collect logs from authentik with Elastic Agent. type: integration categories: diff --git a/packages/aws_bedrock/changelog.yml b/packages/aws_bedrock/changelog.yml index e11d33a80ef..fdd4117bbaf 100644 --- a/packages/aws_bedrock/changelog.yml +++ b/packages/aws_bedrock/changelog.yml @@ -1,3 +1,8 @@ +- version: "0.16.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.15.0" changes: - description: Retain contextualGroundingPolicy check details. diff --git a/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml b/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml index 4fb918c4d22..1534c8f22c5 100644 --- a/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml +++ b/packages/aws_bedrock/data_stream/runtime/elasticsearch/ingest_pipeline/default.yml @@ -69,6 +69,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - set: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/aws_bedrock/manifest.yml b/packages/aws_bedrock/manifest.yml index 4b2d0293f75..f8584c2953e 100644 --- a/packages/aws_bedrock/manifest.yml +++ b/packages/aws_bedrock/manifest.yml @@ -3,7 +3,7 @@ name: aws_bedrock title: Amazon Bedrock description: Collect Amazon Bedrock model invocation logs and runtime metrics with Elastic Agent. type: integration -version: "0.15.0" +version: "0.16.0" categories: - aws conditions: diff --git a/packages/azure_frontdoor/changelog.yml b/packages/azure_frontdoor/changelog.yml index aad9d7bb50b..28de63e315a 100644 --- a/packages/azure_frontdoor/changelog.yml +++ b/packages/azure_frontdoor/changelog.yml @@ -1,3 +1,8 @@ +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml b/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml index e7f42869a0c..fec9b03fed9 100644 --- a/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_frontdoor/data_stream/access/elasticsearch/ingest_pipeline/default.yml @@ -342,6 +342,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml b/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml index 0f1a3a73cfb..84b86a3cf52 100644 --- a/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_frontdoor/data_stream/waf/elasticsearch/ingest_pipeline/default.yml @@ -265,6 +265,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/azure_frontdoor/manifest.yml b/packages/azure_frontdoor/manifest.yml index b844bc6c7e0..5c3e8273dce 100644 --- a/packages/azure_frontdoor/manifest.yml +++ b/packages/azure_frontdoor/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: azure_frontdoor title: "Azure Frontdoor" -version: "2.0.1" +version: "2.1.0" description: "This Elastic integration collects logs from Azure Frontdoor." type: integration categories: diff --git a/packages/azure_network_watcher_nsg/changelog.yml b/packages/azure_network_watcher_nsg/changelog.yml index ccb6df3e72e..1914d86f0b8 100644 --- a/packages/azure_network_watcher_nsg/changelog.yml +++ b/packages/azure_network_watcher_nsg/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 1dd31c48ece..69e1d1f22ba 100644 --- a/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -751,3 +751,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/azure_network_watcher_nsg/manifest.yml b/packages/azure_network_watcher_nsg/manifest.yml index 990ecb277fd..5849f43908b 100644 --- a/packages/azure_network_watcher_nsg/manifest.yml +++ b/packages/azure_network_watcher_nsg/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: azure_network_watcher_nsg title: Azure Network Watcher NSG -version: "1.0.0" +version: "1.1.0" description: Collect logs from Azure Network Watcher NSG with Elastic Agent. type: integration categories: diff --git a/packages/azure_network_watcher_vnet/changelog.yml b/packages/azure_network_watcher_vnet/changelog.yml index 0f95a0d9f5b..57cf894d451 100644 --- a/packages/azure_network_watcher_vnet/changelog.yml +++ b/packages/azure_network_watcher_vnet/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 64e7440c524..21037b9d071 100644 --- a/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -734,3 +734,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/azure_network_watcher_vnet/manifest.yml b/packages/azure_network_watcher_vnet/manifest.yml index f3a3f0d4ad7..0ff2bcf70d2 100644 --- a/packages/azure_network_watcher_vnet/manifest.yml +++ b/packages/azure_network_watcher_vnet/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: azure_network_watcher_vnet title: Azure Network Watcher VNet -version: "1.0.0" +version: "1.1.0" description: Collect logs from Azure Network Watcher VNet with Elastic Agent. type: integration categories: diff --git a/packages/barracuda/changelog.yml b/packages/barracuda/changelog.yml index 50e55cc4871..b3d6a439fd5 100644 --- a/packages/barracuda/changelog.yml +++ b/packages/barracuda/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.16.2" changes: - description: Fix broken link for the Barracuda integration. diff --git a/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml b/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml index 5b2b266142f..811329e1eb9 100644 --- a/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml +++ b/packages/barracuda/data_stream/waf/elasticsearch/ingest_pipeline/default.yml @@ -101,6 +101,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: "{{{ _ingest.on_failure_message }}}" diff --git a/packages/barracuda/manifest.yml b/packages/barracuda/manifest.yml index d0bb85ea716..5775e53201c 100644 --- a/packages/barracuda/manifest.yml +++ b/packages/barracuda/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: barracuda title: "Barracuda Web Application Firewall" -version: "1.16.2" +version: "1.17.0" description: "Collect logs from Barracuda Web Application Firewall with Elastic Agent." type: integration source: diff --git a/packages/barracuda_cloudgen_firewall/changelog.yml b/packages/barracuda_cloudgen_firewall/changelog.yml index 88e530c69ac..42c30d3e9d0 100644 --- a/packages/barracuda_cloudgen_firewall/changelog.yml +++ b/packages/barracuda_cloudgen_firewall/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.14.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.13.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 38c89684833..7894bf59762 100644 --- a/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/barracuda_cloudgen_firewall/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -173,6 +173,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/barracuda_cloudgen_firewall/manifest.yml b/packages/barracuda_cloudgen_firewall/manifest.yml index ca98a418c6d..d2f7a8c3c85 100644 --- a/packages/barracuda_cloudgen_firewall/manifest.yml +++ b/packages/barracuda_cloudgen_firewall/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: barracuda_cloudgen_firewall title: Barracuda CloudGen Firewall Logs -version: "1.13.0" +version: "1.14.0" description: Collect logs from Barracuda CloudGen Firewall devices with Elastic Agent. categories: ["network", "security", "firewall_security"] type: integration diff --git a/packages/bbot/changelog.yml b/packages/bbot/changelog.yml index 495489f18f7..5f8fe5272a6 100644 --- a/packages/bbot/changelog.yml +++ b/packages/bbot/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml b/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml index 4971e4b7a93..d1f77739c56 100644 --- a/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bbot/data_stream/asm_intel/elasticsearch/ingest_pipeline/default.yml @@ -165,6 +165,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} with tag {{{ _ingest.on_failure_processor_tag }}} in pipeline {{{ _ingest.on_failure_pipeline }}} failed with message: {{{ _ingest.on_failure_message }}}' diff --git a/packages/bbot/manifest.yml b/packages/bbot/manifest.yml index 076f1083353..bec50611fba 100644 --- a/packages/bbot/manifest.yml +++ b/packages/bbot/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: bbot title: "BBOT (Bighuge BLS OSINT Tool)" -version: "1.0.0" +version: "1.1.0" description: "BBOT is a recursive internet scanner inspired by Spiderfoot, but designed to be faster, more reliable, and friendlier to pentesters, bug bounty hunters, and developers. " type: integration categories: diff --git a/packages/bitdefender/changelog.yml b/packages/bitdefender/changelog.yml index f8c8da8f29b..0462b847a82 100644 --- a/packages/bitdefender/changelog.yml +++ b/packages/bitdefender/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.3" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml b/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml index 9a59f6db56e..0a35e29b66e 100644 --- a/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitdefender/data_stream/push_configuration/elasticsearch/ingest_pipeline/default.yml @@ -33,6 +33,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml b/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml index f7fcad5c5fe..778138af45d 100644 --- a/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitdefender/data_stream/push_notifications/elasticsearch/ingest_pipeline/default.yml @@ -1584,6 +1584,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: "{{{ _ingest.on_failure_message }}}" diff --git a/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml b/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml index ed44ad066f9..176acd06f32 100644 --- a/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitdefender/data_stream/push_statistics/elasticsearch/ingest_pipeline/default.yml @@ -33,6 +33,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/bitdefender/manifest.yml b/packages/bitdefender/manifest.yml index d4949ad1a81..13987f505f6 100644 --- a/packages/bitdefender/manifest.yml +++ b/packages/bitdefender/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: bitdefender title: "BitDefender" -version: "2.1.3" +version: "2.2.0" source: license: "Elastic-2.0" description: "Ingest BitDefender GravityZone logs and data" diff --git a/packages/bitwarden/changelog.yml b/packages/bitwarden/changelog.yml index 5aeeeef8af1..60ab3c074b7 100644 --- a/packages/bitwarden/changelog.yml +++ b/packages/bitwarden/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.14.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.13.0" changes: - description: Removed import_mappings. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml index 6cefc3d588d..24a20cf354e 100644 --- a/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml @@ -78,3 +78,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 20fa893bfc2..706c3a2c207 100644 --- a/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -742,3 +742,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml index a4092e544e9..35eeb371356 100644 --- a/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -136,3 +136,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml index dc18b4c7dad..f2fd40da9d7 100644 --- a/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml @@ -271,3 +271,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml b/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml index c029745e987..6c08263338d 100644 --- a/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml +++ b/packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml @@ -338,3 +338,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/bitwarden/manifest.yml b/packages/bitwarden/manifest.yml index c5b43233a39..68a419a32a3 100644 --- a/packages/bitwarden/manifest.yml +++ b/packages/bitwarden/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: bitwarden title: Bitwarden -version: "1.13.0" +version: "1.14.0" source: license: Elastic-2.0 description: Collect logs from Bitwarden with Elastic Agent. diff --git a/packages/blacklens/changelog.yml b/packages/blacklens/changelog.yml index 5d792755c62..0c3df960257 100644 --- a/packages/blacklens/changelog.yml +++ b/packages/blacklens/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial draft of the package diff --git a/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 3753bb7a78b..3b2f3cdb71c 100644 --- a/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/blacklens/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -99,6 +99,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/blacklens/manifest.yml b/packages/blacklens/manifest.yml index 0e61c6153de..e8f021d9aec 100644 --- a/packages/blacklens/manifest.yml +++ b/packages/blacklens/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.0 name: blacklens title: "blacklens.io" -version: 0.1.0 +version: 0.2.0 source: license: "Elastic-2.0" description: "Collect logs from blacklens.io with Elastic Agent" diff --git a/packages/box_events/changelog.yml b/packages/box_events/changelog.yml index 7a1a3c975e1..b6bddd25d3f 100644 --- a/packages/box_events/changelog.yml +++ b/packages/box_events/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.11.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.10.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 5491a0141aa..ed9382709ce 100644 --- a/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/box_events/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -1248,6 +1248,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/box_events/manifest.yml b/packages/box_events/manifest.yml index 78a6630d163..19349884e3f 100644 --- a/packages/box_events/manifest.yml +++ b/packages/box_events/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: box_events title: Box Events -version: "2.10.0" +version: "2.11.0" description: "Collect logs from Box with Elastic Agent" type: integration categories: diff --git a/packages/canva/changelog.yml b/packages/canva/changelog.yml index 583efc2510c..1f8d198761e 100644 --- a/packages/canva/changelog.yml +++ b/packages/canva/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial release. diff --git a/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 77c678c2b6a..b6a258e932c 100644 --- a/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -1056,3 +1056,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/canva/manifest.yml b/packages/canva/manifest.yml index f05cde695e4..a2acb5e6c7e 100644 --- a/packages/canva/manifest.yml +++ b/packages/canva/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: canva title: Canva -version: 0.1.0 +version: 0.2.0 description: Collect logs from Canva with Elastic Agent. type: integration categories: diff --git a/packages/carbon_black_cloud/changelog.yml b/packages/carbon_black_cloud/changelog.yml index 631b9a500e7..9a26af3b01e 100644 --- a/packages/carbon_black_cloud/changelog.yml +++ b/packages/carbon_black_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.7.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.6.1" changes: - description: Fix handling of `source.address` to be dependent on direction. diff --git a/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index eb67dbdeca2..1664417961d 100644 --- a/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -373,6 +373,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml index 79c66bb2c4c..172efde61f7 100644 --- a/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/alert_v7/elasticsearch/ingest_pipeline/default.yml @@ -902,6 +902,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml index 7ac10d700f7..6117f11a11d 100644 --- a/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/asset_vulnerability_summary/elasticsearch/ingest_pipeline/default.yml @@ -153,6 +153,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index c27ba039f67..aa0ddff643d 100644 --- a/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -117,6 +117,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml index d9d5b6dcc00..619738b7092 100644 --- a/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/endpoint_event/elasticsearch/ingest_pipeline/default.yml @@ -923,6 +923,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml b/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml index 8ba481ea656..d564ec2ad3f 100644 --- a/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbon_black_cloud/data_stream/watchlist_hit/elasticsearch/ingest_pipeline/default.yml @@ -394,6 +394,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/carbon_black_cloud/manifest.yml b/packages/carbon_black_cloud/manifest.yml index ac1117e4518..a0fd0e80f1f 100644 --- a/packages/carbon_black_cloud/manifest.yml +++ b/packages/carbon_black_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: carbon_black_cloud title: VMware Carbon Black Cloud -version: "2.6.1" +version: "2.7.0" description: Collect logs from VMWare Carbon Black Cloud with Elastic Agent. type: integration categories: diff --git a/packages/carbonblack_edr/changelog.yml b/packages/carbonblack_edr/changelog.yml index 398dd0ee9bf..5ae4d9f36d8 100644 --- a/packages/carbonblack_edr/changelog.yml +++ b/packages/carbonblack_edr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 5250d1dea8b..dc6a58d2d00 100644 --- a/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/carbonblack_edr/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -870,6 +870,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/carbonblack_edr/manifest.yml b/packages/carbonblack_edr/manifest.yml index 6a43a3dd84f..b1b62252f83 100644 --- a/packages/carbonblack_edr/manifest.yml +++ b/packages/carbonblack_edr/manifest.yml @@ -1,6 +1,6 @@ name: carbonblack_edr title: VMware Carbon Black EDR -version: "1.18.1" +version: "1.19.0" description: Collect logs from VMware Carbon Black EDR with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/checkpoint_email/changelog.yml b/packages/checkpoint_email/changelog.yml index 482a7f613c0..2bda48b6d19 100644 --- a/packages/checkpoint_email/changelog.yml +++ b/packages/checkpoint_email/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.2.0" changes: - description: Add support for deleting request trace files. diff --git a/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml index f6b620b67b3..60c4a782211 100644 --- a/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -354,3 +354,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/checkpoint_email/manifest.yml b/packages/checkpoint_email/manifest.yml index 723b92ef4ef..6a4a7d074cc 100644 --- a/packages/checkpoint_email/manifest.yml +++ b/packages/checkpoint_email/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.2 name: checkpoint_email title: Check Point Harmony Email & Collaboration -version: 0.2.0 +version: 0.3.0 description: Collect logs from Check Point Harmony Email & Collaboration with Elastic Agent. type: integration categories: diff --git a/packages/checkpoint_harmony_endpoint/changelog.yml b/packages/checkpoint_harmony_endpoint/changelog.yml index 91af3af9d9d..513f29a6a60 100644 --- a/packages/checkpoint_harmony_endpoint/changelog.yml +++ b/packages/checkpoint_harmony_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.1" changes: - description: Put the dashboard screenshot first, update base_url var. diff --git a/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml index cf866bfe8b1..a7b2c42590f 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/antibot/elasticsearch/ingest_pipeline/default.yml @@ -333,5 +333,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false ##################################################################### diff --git a/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml index 1bb54e5741b..34286b450df 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/antimalware/elasticsearch/ingest_pipeline/default.yml @@ -345,5 +345,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false ########################################################################## diff --git a/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml index 15ebade4fca..ea6b545a0dd 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/forensics/elasticsearch/ingest_pipeline/default.yml @@ -307,5 +307,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false ################################################################ diff --git a/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml index 0bbd7326a01..0c8644045b2 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/threatemulation/elasticsearch/ingest_pipeline/default.yml @@ -313,5 +313,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false ######################################################################## diff --git a/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml index 6d29f9e5a49..ab168ed0f81 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/threatextraction/elasticsearch/ingest_pipeline/default.yml @@ -310,5 +310,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false ################################################################## \ No newline at end of file diff --git a/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml index 64613fa1316..8a58db0fcc3 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/urlfiltering/elasticsearch/ingest_pipeline/default.yml @@ -276,5 +276,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false ###################################################################### diff --git a/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml index 591058d1a2e..989159b5ce5 100644 --- a/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint_harmony_endpoint/data_stream/zerophishing/elasticsearch/ingest_pipeline/default.yml @@ -271,5 +271,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false ############################################################################ \ No newline at end of file diff --git a/packages/checkpoint_harmony_endpoint/manifest.yml b/packages/checkpoint_harmony_endpoint/manifest.yml index 905f23d4243..e613acf62d5 100644 --- a/packages/checkpoint_harmony_endpoint/manifest.yml +++ b/packages/checkpoint_harmony_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: checkpoint_harmony_endpoint title: "Check Point Harmony Endpoint" -version: 0.1.1 +version: 0.2.0 source: license: "Elastic-2.0" description: "Collect logs from Check Point Harmony Endpoint" diff --git a/packages/cisa_kevs/changelog.yml b/packages/cisa_kevs/changelog.yml index 292faccf1eb..1de96fb25ae 100644 --- a/packages/cisa_kevs/changelog.yml +++ b/packages/cisa_kevs/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 4597ca427c5..314655f47cc 100644 --- a/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisa_kevs/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -126,6 +126,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisa_kevs/manifest.yml b/packages/cisa_kevs/manifest.yml index 7a723242f0f..b08bc631f08 100644 --- a/packages/cisa_kevs/manifest.yml +++ b/packages/cisa_kevs/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: cisa_kevs title: "CISA Known Exploited Vulnerabilities" -version: "1.3.1" +version: "1.4.0" description: "This package allows the ingest of known exploited vulnerabilities according to the Cybersecurity and Infrastructure Security Agency of the United States of America. This information could be used to enrich or track exisiting vulnerabilities that are known to be exploited in the wild." type: integration categories: diff --git a/packages/cisco_duo/changelog.yml b/packages/cisco_duo/changelog.yml index a6505de3d36..1b1c748405c 100644 --- a/packages/cisco_duo/changelog.yml +++ b/packages/cisco_duo/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.2.6" changes: - description: Make retry options configurable in CEL-based datastreams. diff --git a/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml index 4d43f301bad..abcd7de7863 100644 --- a/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/activity/elasticsearch/ingest_pipeline/default.yml @@ -253,3 +253,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml index 37ee5ef77a9..c3f05cd8413 100644 --- a/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/admin/elasticsearch/ingest_pipeline/default.yml @@ -179,6 +179,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml index 8201c7b9d1e..cdaf739573c 100644 --- a/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/auth/elasticsearch/ingest_pipeline/default.yml @@ -440,6 +440,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml index cb230150530..ca18ec3ce8e 100644 --- a/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/offline_enrollment/elasticsearch/ingest_pipeline/default.yml @@ -93,6 +93,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml index bb95255bc2c..0253ed7a44e 100644 --- a/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/summary/elasticsearch/ingest_pipeline/default.yml @@ -41,6 +41,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml index af4fc97f011..c67159751f2 100644 --- a/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/telephony/elasticsearch/ingest_pipeline/default.yml @@ -64,6 +64,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{_ingest.on_failure_message}}}' diff --git a/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml index b5e4eedfecc..36d19f7782d 100644 --- a/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/telephony_v2/elasticsearch/ingest_pipeline/default.yml @@ -85,3 +85,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml index d485a24f40d..fca7091e54d 100644 --- a/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_duo/data_stream/trust_monitor/elasticsearch/ingest_pipeline/default.yml @@ -168,3 +168,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cisco_duo/manifest.yml b/packages/cisco_duo/manifest.yml index 84076e03d21..d2b99af0052 100644 --- a/packages/cisco_duo/manifest.yml +++ b/packages/cisco_duo/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_duo title: Cisco Duo -version: "2.2.6" +version: "2.3.0" description: Collect logs from Cisco Duo with Elastic Agent. type: integration categories: diff --git a/packages/cisco_meraki/changelog.yml b/packages/cisco_meraki/changelog.yml index 8abf4011ddb..b59aad51658 100644 --- a/packages/cisco_meraki/changelog.yml +++ b/packages/cisco_meraki/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.25.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.24.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 79bf9a4ce3b..6018c943dd3 100644 --- a/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -306,6 +306,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml index ea878047a6c..39add93230e 100644 --- a/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_meraki/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -351,6 +351,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisco_meraki/manifest.yml b/packages/cisco_meraki/manifest.yml index 7a6f514d977..cd8d0f46a29 100644 --- a/packages/cisco_meraki/manifest.yml +++ b/packages/cisco_meraki/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_meraki title: Cisco Meraki -version: "1.24.0" +version: "1.25.0" description: Collect logs from Cisco Meraki with Elastic Agent. type: integration categories: diff --git a/packages/cisco_secure_endpoint/changelog.yml b/packages/cisco_secure_endpoint/changelog.yml index e056f86d45f..228d9c649c9 100644 --- a/packages/cisco_secure_endpoint/changelog.yml +++ b/packages/cisco_secure_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.28.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.27.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 9cd6d5fe515..6850f705d39 100644 --- a/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -664,6 +664,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: |- diff --git a/packages/cisco_secure_endpoint/manifest.yml b/packages/cisco_secure_endpoint/manifest.yml index dc6761cc0e5..f223af94cb3 100644 --- a/packages/cisco_secure_endpoint/manifest.yml +++ b/packages/cisco_secure_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_secure_endpoint title: Cisco Secure Endpoint -version: "2.27.1" +version: "2.28.0" description: Collect logs from Cisco Secure Endpoint (AMP) with Elastic Agent. type: integration categories: diff --git a/packages/cisco_umbrella/changelog.yml b/packages/cisco_umbrella/changelog.yml index 995a9163486..b4249d45447 100644 --- a/packages/cisco_umbrella/changelog.yml +++ b/packages/cisco_umbrella/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.26.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml index a7776d0ade5..4bc576546ec 100644 --- a/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_umbrella/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -717,6 +717,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cisco_umbrella/manifest.yml b/packages/cisco_umbrella/manifest.yml index cf17e8a153b..4f4a3aba393 100644 --- a/packages/cisco_umbrella/manifest.yml +++ b/packages/cisco_umbrella/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_umbrella title: Cisco Umbrella -version: "1.26.2" +version: "1.27.0" description: Collect logs from Cisco Umbrella with Elastic Agent. type: integration categories: diff --git a/packages/claroty_ctd/changelog.yml b/packages/claroty_ctd/changelog.yml index d98f376bad3..6a8a0f7da69 100644 --- a/packages/claroty_ctd/changelog.yml +++ b/packages/claroty_ctd/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: 0.2.0 changes: - description: Added double new lines between the navigation links on the dashboard. diff --git a/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 7d2bfde1e32..239e8d86ef1 100644 --- a/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -1332,3 +1332,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml b/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml index 1009186f9c5..83b2efd7f20 100644 --- a/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml +++ b/packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml @@ -548,3 +548,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml index b040e712181..54e0eeba518 100644 --- a/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/claroty_ctd/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -2203,3 +2203,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/claroty_ctd/manifest.yml b/packages/claroty_ctd/manifest.yml index 7c55d0c2fb1..2b05262bbdc 100644 --- a/packages/claroty_ctd/manifest.yml +++ b/packages/claroty_ctd/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.4 name: claroty_ctd title: Claroty CTD -version: 0.2.0 +version: 0.3.0 description: Collect logs from Claroty CTD using Elastic Agent. type: integration categories: diff --git a/packages/cloudflare/changelog.yml b/packages/cloudflare/changelog.yml index 2b6e51fdd4d..9fbd0af5aae 100644 --- a/packages/cloudflare/changelog.yml +++ b/packages/cloudflare/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.29.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.28.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index ad6cc474e74..1d064100917 100644 --- a/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -273,6 +273,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml index b701d4417af..dce92a563f3 100644 --- a/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml @@ -65,3 +65,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare/manifest.yml b/packages/cloudflare/manifest.yml index 1d47ad0e7a2..51349d54e62 100644 --- a/packages/cloudflare/manifest.yml +++ b/packages/cloudflare/manifest.yml @@ -1,6 +1,6 @@ name: cloudflare title: Cloudflare -version: "2.28.0" +version: "2.29.0" description: Collect logs from Cloudflare with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/cloudflare_logpush/changelog.yml b/packages/cloudflare_logpush/changelog.yml index 4cd6fa0ac62..52783935963 100644 --- a/packages/cloudflare_logpush/changelog.yml +++ b/packages/cloudflare_logpush/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.0" changes: - description: Retain zone name for firewall events. diff --git a/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml index 935621242b2..8336862b3b5 100644 --- a/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml @@ -232,3 +232,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 6acc7288f78..4bee3425526 100644 --- a/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -212,3 +212,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml index a1f552339a1..5c2211fa67d 100644 --- a/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml @@ -163,3 +163,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml index ed34de00a6d..2e2bbf9fa71 100644 --- a/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml @@ -228,3 +228,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml index 1fb1b8d4cb8..78876a60bb1 100644 --- a/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/dns/elasticsearch/ingest_pipeline/default.yml @@ -183,3 +183,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml index dde7f487b0d..578e9412791 100644 --- a/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/dns_firewall/elasticsearch/ingest_pipeline/default.yml @@ -285,3 +285,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml index ef7ba6371f8..700b6002c11 100644 --- a/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/firewall_event/elasticsearch/ingest_pipeline/default.yml @@ -328,3 +328,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml index 4d7ed12e2be..d3abbe61bee 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml @@ -364,3 +364,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml index 8583350501d..3de100123c2 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/gateway_http/elasticsearch/ingest_pipeline/default.yml @@ -364,3 +364,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml index 642670c6b98..ef5432d0c15 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/gateway_network/elasticsearch/ingest_pipeline/default.yml @@ -297,3 +297,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml index 309336c87c8..07c42812894 100644 --- a/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/http_request/elasticsearch/ingest_pipeline/default.yml @@ -875,3 +875,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml index ba538c49c68..69019c5dc90 100644 --- a/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/magic_ids/elasticsearch/ingest_pipeline/default.yml @@ -275,3 +275,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml index 724e95ee472..07f14bf7700 100644 --- a/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/nel_report/elasticsearch/ingest_pipeline/default.yml @@ -128,3 +128,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml index 6ff6266e448..302aabc6352 100644 --- a/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml @@ -803,3 +803,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml index 972153900ba..d7bcc7fdcf6 100644 --- a/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/network_session/elasticsearch/ingest_pipeline/default.yml @@ -418,3 +418,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml index 48a656fb9b0..f606df26d62 100644 --- a/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/sinkhole_http/elasticsearch/ingest_pipeline/default.yml @@ -322,3 +322,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml index 9a305a9b3f9..9df707c4861 100644 --- a/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/spectrum_event/elasticsearch/ingest_pipeline/default.yml @@ -448,3 +448,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml b/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml index c720b33cb91..9f91a11c24f 100644 --- a/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cloudflare_logpush/data_stream/workers_trace/elasticsearch/ingest_pipeline/default.yml @@ -212,3 +212,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cloudflare_logpush/manifest.yml b/packages/cloudflare_logpush/manifest.yml index 806fae59ecc..0f6ea59665f 100644 --- a/packages/cloudflare_logpush/manifest.yml +++ b/packages/cloudflare_logpush/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cloudflare_logpush title: Cloudflare Logpush -version: "1.25.0" +version: "1.26.0" description: Collect and parse logs from Cloudflare API with Elastic Agent. type: integration categories: diff --git a/packages/crowdstrike/changelog.yml b/packages/crowdstrike/changelog.yml index 9a57f9d4e6e..f42e09536b4 100644 --- a/packages/crowdstrike/changelog.yml +++ b/packages/crowdstrike/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.48.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.47.0" changes: - description: Add Support of CrowdStrike Event Stream. diff --git a/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 4849e24b40c..18c48e70600 100644 --- a/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -2659,3 +2659,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml index b876b908a6d..485648047d6 100644 --- a/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/falcon/elasticsearch/ingest_pipeline/default.yml @@ -402,3 +402,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml index 6c116d2d510..1182eb012b5 100644 --- a/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline/default.yml @@ -2586,6 +2586,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: "Processor '{{{ _ingest.on_failure_processor_type }}}' with tag '{{{ _ingest.on_failure_processor_tag }}}' failed with message {{{ _ingest.on_failure_message }}}" diff --git a/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml b/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml index 29bdb620a2a..1725cc8848e 100644 --- a/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml +++ b/packages/crowdstrike/data_stream/host/elasticsearch/ingest_pipeline/default.yml @@ -816,3 +816,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/crowdstrike/manifest.yml b/packages/crowdstrike/manifest.yml index 13c68299b6a..e933096df2a 100644 --- a/packages/crowdstrike/manifest.yml +++ b/packages/crowdstrike/manifest.yml @@ -1,6 +1,6 @@ name: crowdstrike title: CrowdStrike -version: "1.47.0" +version: "1.48.0" description: Collect logs from Crowdstrike with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/cyberark_pta/changelog.yml b/packages/cyberark_pta/changelog.yml index 3c38b94cc91..ae7a14a34f1 100644 --- a/packages/cyberark_pta/changelog.yml +++ b/packages/cyberark_pta/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.11.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.10.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 0ecec820a24..64aee2102c1 100644 --- a/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cyberark_pta/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -48,3 +48,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cyberark_pta/manifest.yml b/packages/cyberark_pta/manifest.yml index 2b34d586d9e..4a8fb3b56e2 100644 --- a/packages/cyberark_pta/manifest.yml +++ b/packages/cyberark_pta/manifest.yml @@ -1,6 +1,6 @@ name: cyberark_pta title: Cyberark Privileged Threat Analytics -version: "1.10.1" +version: "1.11.0" description: Collect security logs from Cyberark PTA integration. type: integration format_version: "3.0.3" diff --git a/packages/cyberarkpas/changelog.yml b/packages/cyberarkpas/changelog.yml index 484570e1b78..77e2d9ad106 100644 --- a/packages/cyberarkpas/changelog.yml +++ b/packages/cyberarkpas/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.25.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.24.0" changes: - description: Collect monitoring data. diff --git a/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index d4dcbb9d73e..db43f2a6e0e 100644 --- a/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -13,6 +13,10 @@ on_failure: tag: set_event_kind_on_failure field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: tag: append_error_message field: error.message diff --git a/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml b/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml index fbae1d65041..743214d899b 100644 --- a/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cyberarkpas/data_stream/monitor/elasticsearch/ingest_pipeline/default.yml @@ -263,6 +263,10 @@ on_failure: tag: set_event_kind_on_failure field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: tag: append_error_message field: error.message diff --git a/packages/cyberarkpas/manifest.yml b/packages/cyberarkpas/manifest.yml index be3472217de..ab68c1c1c39 100644 --- a/packages/cyberarkpas/manifest.yml +++ b/packages/cyberarkpas/manifest.yml @@ -1,6 +1,6 @@ name: cyberarkpas title: CyberArk Privileged Access Security -version: "2.24.0" +version: "2.25.0" description: Collect logs from CyberArk Privileged Access Security with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/cybereason/changelog.yml b/packages/cybereason/changelog.yml index e94e8187bcf..6447c104d7f 100644 --- a/packages/cybereason/changelog.yml +++ b/packages/cybereason/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml index f8c2e8b702d..51a6796635c 100644 --- a/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/logon_session/elasticsearch/ingest_pipeline/default.yml @@ -814,3 +814,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml index 9ef1880f3c5..f156dd1400c 100644 --- a/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/malop_connection/elasticsearch/ingest_pipeline/default.yml @@ -1213,3 +1213,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml index f5e8a415d77..330101e10a6 100644 --- a/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/malop_process/elasticsearch/ingest_pipeline/default.yml @@ -2334,3 +2334,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml index c4e513b8dbb..1d4017f48bf 100644 --- a/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/malware/elasticsearch/ingest_pipeline/default.yml @@ -264,3 +264,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml index e4b96dd4d94..d0debc2624d 100644 --- a/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/poll_malop/elasticsearch/ingest_pipeline/default.yml @@ -613,3 +613,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml b/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml index 5dceacc8ad4..31df172c2cb 100644 --- a/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cybereason/data_stream/suspicions_process/elasticsearch/ingest_pipeline/default.yml @@ -1349,3 +1349,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/cybereason/manifest.yml b/packages/cybereason/manifest.yml index 04605b7abaf..8ee32d1e9e1 100644 --- a/packages/cybereason/manifest.yml +++ b/packages/cybereason/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: cybereason title: Cybereason -version: "1.0.0" +version: "1.1.0" description: Collect logs from Cybereason with Elastic Agent. type: integration categories: diff --git a/packages/cylance/changelog.yml b/packages/cylance/changelog.yml index 289ebbec959..392b436016c 100644 --- a/packages/cylance/changelog.yml +++ b/packages/cylance/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.22.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.21.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml b/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml index 0a89c45a638..098c5091327 100644 --- a/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cylance/data_stream/protect/elasticsearch/ingest_pipeline/default.yml @@ -75,6 +75,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: "{{{ _ingest.on_failure_message }}}" diff --git a/packages/cylance/manifest.yml b/packages/cylance/manifest.yml index d97a76f61dc..73db3c1c1fe 100644 --- a/packages/cylance/manifest.yml +++ b/packages/cylance/manifest.yml @@ -1,7 +1,7 @@ format_version: 2.7.0 name: cylance title: CylanceProtect Logs -version: "0.21.1" +version: "0.22.0" description: Collect logs from CylanceProtect devices with Elastic Agent. categories: ["security", "edr_xdr"] type: integration diff --git a/packages/darktrace/changelog.yml b/packages/darktrace/changelog.yml index 9f9a11f244e..aa4e131b405 100644 --- a/packages/darktrace/changelog.yml +++ b/packages/darktrace/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.20.0" changes: - description: Handle versions of Darktrace model breach alert documents that hold a boolean in `acknowledged`. diff --git a/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml b/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml index 3f2b78904c4..646824246d0 100644 --- a/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/darktrace/data_stream/ai_analyst_alert/elasticsearch/ingest_pipeline/default.yml @@ -856,6 +856,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml b/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml index 4e7db5ee491..7524fa8e3fd 100644 --- a/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/darktrace/data_stream/model_breach_alert/elasticsearch/ingest_pipeline/default.yml @@ -1503,6 +1503,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: >- diff --git a/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml b/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml index 2a8de7c668e..32988206635 100644 --- a/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/darktrace/data_stream/system_status_alert/elasticsearch/ingest_pipeline/default.yml @@ -235,6 +235,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/darktrace/manifest.yml b/packages/darktrace/manifest.yml index 27bb45dd75e..bd248d57952 100644 --- a/packages/darktrace/manifest.yml +++ b/packages/darktrace/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: darktrace title: Darktrace -version: "1.20.0" +version: "1.21.0" description: Collect logs from Darktrace with Elastic Agent. type: integration categories: diff --git a/packages/digital_guardian/changelog.yml b/packages/digital_guardian/changelog.yml index ca507c464e3..304335d66ee 100644 --- a/packages/digital_guardian/changelog.yml +++ b/packages/digital_guardian/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml b/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml index aa2d36ccbbe..5ff60b11c49 100644 --- a/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/digital_guardian/data_stream/arc/elasticsearch/ingest_pipeline/default.yml @@ -175,3 +175,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/digital_guardian/manifest.yml b/packages/digital_guardian/manifest.yml index e469202700a..836869f4531 100644 --- a/packages/digital_guardian/manifest.yml +++ b/packages/digital_guardian/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: digital_guardian title: Digital Guardian -version: "1.0.0" +version: "1.1.0" description: Collect logs from Digital Guardian with Elastic Agent. type: integration categories: diff --git a/packages/entityanalytics_ad/changelog.yml b/packages/entityanalytics_ad/changelog.yml index 3f386302a52..e9f1d98f307 100644 --- a/packages/entityanalytics_ad/changelog.yml +++ b/packages/entityanalytics_ad/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.5.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.4.0" changes: - description: Expose user and group attribute configurations to the user. diff --git a/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml index f25072e823c..5c21ae845dd 100644 --- a/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/entityanalytics_ad/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -52,3 +52,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/entityanalytics_ad/manifest.yml b/packages/entityanalytics_ad/manifest.yml index d141b8a27c9..90d91c09123 100644 --- a/packages/entityanalytics_ad/manifest.yml +++ b/packages/entityanalytics_ad/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: entityanalytics_ad title: Active Directory Entity Analytics -version: "0.4.0" +version: "0.5.0" description: "Collect User Identities from Active Directory Entity with Elastic Agent." type: integration categories: diff --git a/packages/entityanalytics_entra_id/changelog.yml b/packages/entityanalytics_entra_id/changelog.yml index d40ec015bdd..39550acb3ea 100644 --- a/packages/entityanalytics_entra_id/changelog.yml +++ b/packages/entityanalytics_entra_id/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.1" changes: - description: Don't leak collection implementation details. diff --git a/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml b/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml index 0a1dc645ba4..41686aa5a7a 100644 --- a/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/entityanalytics_entra_id/data_stream/entity/elasticsearch/ingest_pipeline/default.yml @@ -158,3 +158,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/entityanalytics_entra_id/manifest.yml b/packages/entityanalytics_entra_id/manifest.yml index 46646373d70..636e4439284 100644 --- a/packages/entityanalytics_entra_id/manifest.yml +++ b/packages/entityanalytics_entra_id/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: entityanalytics_entra_id title: "Microsoft Entra ID Entity Analytics" -version: "1.3.1" +version: "1.4.0" description: "Collect identities from Microsoft Entra ID (formerly Azure Active Directory) with Elastic Agent." type: integration categories: diff --git a/packages/entityanalytics_okta/changelog.yml b/packages/entityanalytics_okta/changelog.yml index 0f440bffeca..54d15b0f291 100644 --- a/packages/entityanalytics_okta/changelog.yml +++ b/packages/entityanalytics_okta/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.5.1" changes: - description: Don't leak collection implementation details. diff --git a/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml index d058bae358a..ba82c04958e 100644 --- a/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/entityanalytics_okta/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -681,3 +681,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/entityanalytics_okta/manifest.yml b/packages/entityanalytics_okta/manifest.yml index 9e24358b21b..36db5ee082b 100644 --- a/packages/entityanalytics_okta/manifest.yml +++ b/packages/entityanalytics_okta/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: entityanalytics_okta title: Okta Entity Analytics -version: "1.5.1" +version: "1.6.0" description: "Collect User Identities from Okta with Elastic Agent." type: integration categories: diff --git a/packages/f5/changelog.yml b/packages/f5/changelog.yml index 8d4e7ef6c49..37db9529fd1 100644 --- a/packages/f5/changelog.yml +++ b/packages/f5/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.18.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.17.3" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml b/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml index af4abdeb6b1..194eab4b716 100644 --- a/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml +++ b/packages/f5/data_stream/bigipafm/elasticsearch/ingest_pipeline/default.yml @@ -90,6 +90,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml b/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml index a3823c79cd0..eea9b95c865 100644 --- a/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml +++ b/packages/f5/data_stream/bigipapm/elasticsearch/ingest_pipeline/default.yml @@ -90,6 +90,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/f5/manifest.yml b/packages/f5/manifest.yml index 81a12a35598..871749a41ad 100644 --- a/packages/f5/manifest.yml +++ b/packages/f5/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: f5 title: F5 Logs (Deprecated) -version: "0.17.3" +version: "0.18.0" description: Deprecated. Use the F5 BIG-IP package instead. categories: ["observability", "load_balancer"] release: experimental diff --git a/packages/f5_bigip/changelog.yml b/packages/f5_bigip/changelog.yml index 7966ffdb099..fc65ddcff41 100644 --- a/packages/f5_bigip/changelog.yml +++ b/packages/f5_bigip/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.20.0" changes: - description: URL decode user agent strings. diff --git a/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 3ea98e159c8..d2bbb2ad4da 100644 --- a/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/f5_bigip/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -147,3 +147,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/f5_bigip/manifest.yml b/packages/f5_bigip/manifest.yml index 8d06b67c624..7c38f7847c0 100644 --- a/packages/f5_bigip/manifest.yml +++ b/packages/f5_bigip/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: f5_bigip title: F5 BIG-IP -version: "1.20.0" +version: "1.21.0" description: Collect logs from F5 BIG-IP with Elastic Agent. type: integration categories: diff --git a/packages/falco/changelog.yml b/packages/falco/changelog.yml index d8b7395cd92..ffaafcb186a 100644 --- a/packages/falco/changelog.yml +++ b/packages/falco/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index af600b665a5..c108bc8b1cb 100644 --- a/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/falco/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -714,3 +714,7 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/falco/manifest.yml b/packages/falco/manifest.yml index 117c186d4f0..d6b5f192934 100644 --- a/packages/falco/manifest.yml +++ b/packages/falco/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: falco title: Falco -version: 1.0.2 +version: 1.1.0 description: Collect events and alerts from Falco using Elastic Agent type: integration categories: diff --git a/packages/fireeye/changelog.yml b/packages/fireeye/changelog.yml index ad274f91640..03f8811722d 100644 --- a/packages/fireeye/changelog.yml +++ b/packages/fireeye/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml b/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml index 47f16e454cf..1e125119cb2 100644 --- a/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml +++ b/packages/fireeye/data_stream/nx/elasticsearch/ingest_pipeline/default.yml @@ -184,6 +184,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/fireeye/manifest.yml b/packages/fireeye/manifest.yml index ef0269add68..f5bffae19e4 100644 --- a/packages/fireeye/manifest.yml +++ b/packages/fireeye/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: fireeye title: "FireEye Network Security" -version: "1.23.1" +version: "1.24.0" description: Collect logs from FireEye NX with Elastic Agent. type: integration categories: diff --git a/packages/first_epss/changelog.yml b/packages/first_epss/changelog.yml index f284aeeb9fc..b902539ab21 100644 --- a/packages/first_epss/changelog.yml +++ b/packages/first_epss/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial release of the package diff --git a/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 473fb3cdafa..fad4185f68c 100644 --- a/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/first_epss/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -85,3 +85,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/first_epss/manifest.yml b/packages/first_epss/manifest.yml index 3934f55679d..82db7aae161 100644 --- a/packages/first_epss/manifest.yml +++ b/packages/first_epss/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: first_epss title: First EPSS -version: 0.1.0 +version: 0.2.0 description: Collect exploit prediction score data from the First EPSS API with Elastic Agent. type: integration categories: diff --git a/packages/forcepoint_web/changelog.yml b/packages/forcepoint_web/changelog.yml index 92b4d6fe6f5..129bb67494f 100644 --- a/packages/forcepoint_web/changelog.yml +++ b/packages/forcepoint_web/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.10.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.9.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml b/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml index 4b44ceb5ae4..0f1593563c3 100644 --- a/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forcepoint_web/data_stream/logs/elasticsearch/ingest_pipeline/default.yml @@ -300,6 +300,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/forcepoint_web/manifest.yml b/packages/forcepoint_web/manifest.yml index bce36e3b64e..57b0b0c328b 100644 --- a/packages/forcepoint_web/manifest.yml +++ b/packages/forcepoint_web/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: forcepoint_web title: "Forcepoint Web Security" -version: "1.9.1" +version: "1.10.0" source: license: "Elastic-2.0" description: "Forcepoint Web Security" diff --git a/packages/forgerock/changelog.yml b/packages/forgerock/changelog.yml index f047236d7d5..229838aa6ea 100644 --- a/packages/forgerock/changelog.yml +++ b/packages/forgerock/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.4" changes: - description: Fix handling of `endTime` query parameter. diff --git a/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml index b55bd2cc751..9f40b787bbc 100644 --- a/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_access/elasticsearch/ingest_pipeline/default.yml @@ -166,3 +166,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml index a84a9e097c7..6277a479d5b 100644 --- a/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_activity/elasticsearch/ingest_pipeline/default.yml @@ -107,3 +107,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml index 64a35ca0525..796f5c5735c 100644 --- a/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_authentication/elasticsearch/ingest_pipeline/default.yml @@ -111,3 +111,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml index e0fb445c1bb..8c1b8843b3c 100644 --- a/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_config/elasticsearch/ingest_pipeline/default.yml @@ -100,3 +100,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml index a04628ac643..9f3d6d0c78f 100644 --- a/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/am_core/elasticsearch/ingest_pipeline/default.yml @@ -103,3 +103,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml index 511dac91c1c..4d934db0bf7 100644 --- a/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_access/elasticsearch/ingest_pipeline/default.yml @@ -150,3 +150,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml index 15e013b93a5..3dd8aa952db 100644 --- a/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_activity/elasticsearch/ingest_pipeline/default.yml @@ -103,3 +103,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml index 6151233316f..47e0a9208d7 100644 --- a/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_authentication/elasticsearch/ingest_pipeline/default.yml @@ -113,3 +113,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml index e9a9d93e4e7..5322e6a304d 100644 --- a/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_config/elasticsearch/ingest_pipeline/default.yml @@ -107,3 +107,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml index d1634fbd76f..ea93f67f3db 100644 --- a/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_core/elasticsearch/ingest_pipeline/default.yml @@ -85,3 +85,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml b/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml index 1dd073201fe..3a81062e7d7 100644 --- a/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml +++ b/packages/forgerock/data_stream/idm_sync/elasticsearch/ingest_pipeline/default.yml @@ -130,3 +130,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/forgerock/manifest.yml b/packages/forgerock/manifest.yml index 49769e9a3eb..828d40a7e3a 100644 --- a/packages/forgerock/manifest.yml +++ b/packages/forgerock/manifest.yml @@ -1,6 +1,6 @@ name: forgerock title: "ForgeRock" -version: "1.18.4" +version: "1.19.0" description: Collect audit logs from ForgeRock with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/gigamon/changelog.yml b/packages/gigamon/changelog.yml index 639b92aba62..c8610ef87d0 100644 --- a/packages/gigamon/changelog.yml +++ b/packages/gigamon/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.1.0" changes: - description: DevOps dashboard added. diff --git a/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml b/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml index 6a633205bab..ec0c11ff103 100644 --- a/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gigamon/data_stream/ami/elasticsearch/ingest_pipeline/default.yml @@ -861,3 +861,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/gigamon/manifest.yml b/packages/gigamon/manifest.yml index 8f63b7c158f..d80bc4a5289 100644 --- a/packages/gigamon/manifest.yml +++ b/packages/gigamon/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.3 name: gigamon title: Gigamon -version: "1.1.0" +version: "1.2.0" description: Collect logs from Gigamon with Elastic Agent. type: integration categories: diff --git a/packages/github/changelog.yml b/packages/github/changelog.yml index d44909ada89..3d0adad596c 100644 --- a/packages/github/changelog.yml +++ b/packages/github/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.1" changes: - description: Addressed some missing documentation issues and fixed timestamp values in sample enterprise audit logs. diff --git a/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 66a69360c39..09fce9eca48 100644 --- a/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -239,6 +239,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml index 5a4adf23d80..ad8600bb0da 100644 --- a/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/code_scanning/elasticsearch/ingest_pipeline/default.yml @@ -284,6 +284,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml index 482aaa56d32..8309e6140cf 100644 --- a/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/dependabot/elasticsearch/ingest_pipeline/default.yml @@ -315,6 +315,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml index ed8b360078b..048e09c9913 100644 --- a/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/issues/elasticsearch/ingest_pipeline/default.yml @@ -247,6 +247,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml b/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml index c5820932f03..4876219b7c3 100644 --- a/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml +++ b/packages/github/data_stream/secret_scanning/elasticsearch/ingest_pipeline/default.yml @@ -297,6 +297,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/github/manifest.yml b/packages/github/manifest.yml index 48695c4886a..aca3628e47f 100644 --- a/packages/github/manifest.yml +++ b/packages/github/manifest.yml @@ -1,6 +1,6 @@ name: github title: GitHub -version: "2.1.1" +version: "2.2.0" description: Collect logs from GitHub with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/gitlab/changelog.yml b/packages/gitlab/changelog.yml index cfdc980cb40..8b8d78df30d 100644 --- a/packages/gitlab/changelog.yml +++ b/packages/gitlab/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: 1.1.0 changes: - description: Add sidekiq and pages datastreams diff --git a/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml index 68c65a04891..ef243c1a628 100644 --- a/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/api/elasticsearch/ingest_pipeline/default.yml @@ -218,3 +218,7 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml index 308fb5188c2..6afecb08ec4 100644 --- a/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/application/elasticsearch/ingest_pipeline/default.yml @@ -264,3 +264,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index df4bc584444..d252d4cc159 100644 --- a/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -213,6 +213,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml index c08f19a2c39..a3a6435ad4a 100644 --- a/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/auth/elasticsearch/ingest_pipeline/default.yml @@ -200,6 +200,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml index e60e97a6b08..d56c248804a 100644 --- a/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/pages/elasticsearch/ingest_pipeline/default.yml @@ -156,6 +156,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml index 46e64b43073..dbe5926874b 100644 --- a/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/production/elasticsearch/ingest_pipeline/default.yml @@ -278,3 +278,7 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml b/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml index c7e71fdc4e7..840cac0b195 100644 --- a/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml +++ b/packages/gitlab/data_stream/sidekiq/elasticsearch/ingest_pipeline/default.yml @@ -181,6 +181,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/gitlab/manifest.yml b/packages/gitlab/manifest.yml index da92c899508..a5d047b65d7 100644 --- a/packages/gitlab/manifest.yml +++ b/packages/gitlab/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.3 name: gitlab title: GitLab -version: 1.1.0 +version: 1.2.0 description: Collect logs from GitLab with Elastic Agent. type: integration categories: diff --git a/packages/google_scc/changelog.yml b/packages/google_scc/changelog.yml index 4de849a5e83..47a7cfa95fc 100644 --- a/packages/google_scc/changelog.yml +++ b/packages/google_scc/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.4.1" changes: - description: Fix field name typo. diff --git a/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 6f3f7fe93d6..3ababbe1bac 100644 --- a/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -179,3 +179,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 831f42e5b5f..2d402ab464b 100644 --- a/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -957,3 +957,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml index a86d468e39e..8f02877687b 100644 --- a/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/finding/elasticsearch/ingest_pipeline/default.yml @@ -1892,3 +1892,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml b/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml index 051878a7bf5..9780a781eba 100644 --- a/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml +++ b/packages/google_scc/data_stream/source/elasticsearch/ingest_pipeline/default.yml @@ -107,3 +107,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/google_scc/manifest.yml b/packages/google_scc/manifest.yml index a39785f9ae9..09b23e71872 100644 --- a/packages/google_scc/manifest.yml +++ b/packages/google_scc/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: google_scc title: Google Security Command Center -version: "1.4.1" +version: "1.5.0" description: Collect logs from Google Security Command Center with Elastic Agent. type: integration categories: diff --git a/packages/imperva_cloud_waf/changelog.yml b/packages/imperva_cloud_waf/changelog.yml index 70eca994361..14e2048fa44 100644 --- a/packages/imperva_cloud_waf/changelog.yml +++ b/packages/imperva_cloud_waf/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.1.1" changes: - description: Remove reference to a Kibana version from the README. diff --git a/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 62667194526..aee99e954f2 100644 --- a/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/imperva_cloud_waf/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -641,3 +641,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/imperva_cloud_waf/manifest.yml b/packages/imperva_cloud_waf/manifest.yml index 1988b7b8bbb..bd37f5a0722 100644 --- a/packages/imperva_cloud_waf/manifest.yml +++ b/packages/imperva_cloud_waf/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: imperva_cloud_waf title: Imperva Cloud WAF -version: "1.1.1" +version: "1.2.0" description: Collect logs from Imperva Cloud WAF with Elastic Agent. type: integration categories: diff --git a/packages/infoblox_bloxone_ddi/changelog.yml b/packages/infoblox_bloxone_ddi/changelog.yml index 33bf888e70f..d87efd111d2 100644 --- a/packages/infoblox_bloxone_ddi/changelog.yml +++ b/packages/infoblox_bloxone_ddi/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.19.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.18.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml index ba7746a6e7d..ecd08b53ea4 100644 --- a/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml @@ -256,6 +256,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml index 8f9de57948b..3a241353981 100644 --- a/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml @@ -1995,6 +1995,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml index 60217ed5289..e54aa140b56 100644 --- a/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml @@ -478,6 +478,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/infoblox_bloxone_ddi/manifest.yml b/packages/infoblox_bloxone_ddi/manifest.yml index a22e0b99ce5..1a7d4bbd343 100644 --- a/packages/infoblox_bloxone_ddi/manifest.yml +++ b/packages/infoblox_bloxone_ddi/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: infoblox_bloxone_ddi title: Infoblox BloxOne DDI -version: "1.18.0" +version: "1.19.0" description: Collect logs from Infoblox BloxOne DDI with Elastic Agent. type: integration categories: diff --git a/packages/infoblox_nios/changelog.yml b/packages/infoblox_nios/changelog.yml index 199ef0a153a..01ff35a982f 100644 --- a/packages/infoblox_nios/changelog.yml +++ b/packages/infoblox_nios/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 40a43b06bb3..bce02fa4754 100644 --- a/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -187,3 +187,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/infoblox_nios/manifest.yml b/packages/infoblox_nios/manifest.yml index 629a7deb034..17ba0b25ef7 100644 --- a/packages/infoblox_nios/manifest.yml +++ b/packages/infoblox_nios/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: infoblox_nios title: Infoblox NIOS -version: "1.23.2" +version: "1.24.0" description: Collect logs from Infoblox NIOS with Elastic Agent. type: integration categories: diff --git a/packages/jamf_compliance_reporter/changelog.yml b/packages/jamf_compliance_reporter/changelog.yml index 7c1f82e2750..9b6336e6427 100644 --- a/packages/jamf_compliance_reporter/changelog.yml +++ b/packages/jamf_compliance_reporter/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.14.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.13.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml index ea31c9199c3..278e6ef515b 100644 --- a/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_compliance_reporter/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -51,6 +51,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/jamf_compliance_reporter/manifest.yml b/packages/jamf_compliance_reporter/manifest.yml index 5a56b3ebb28..c3cdc856624 100644 --- a/packages/jamf_compliance_reporter/manifest.yml +++ b/packages/jamf_compliance_reporter/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: jamf_compliance_reporter title: Jamf Compliance Reporter -version: "1.13.0" +version: "1.14.0" description: Collect logs from Jamf Compliance Reporter with Elastic Agent. type: integration categories: diff --git a/packages/jamf_pro/changelog.yml b/packages/jamf_pro/changelog.yml index 21d51a41b33..5795982a0b9 100644 --- a/packages/jamf_pro/changelog.yml +++ b/packages/jamf_pro/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.3" changes: - description: Fix type mapping for `jamf_pro.inventory.general.mdm_capable.capable_users`. diff --git a/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 7482a8b411d..8571d496da6 100644 --- a/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_pro/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -170,6 +170,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml b/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml index 5e3631f56aa..328bdabbb2d 100644 --- a/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jamf_pro/data_stream/inventory/elasticsearch/ingest_pipeline/default.yml @@ -151,6 +151,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.on_failure_pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/jamf_pro/manifest.yml b/packages/jamf_pro/manifest.yml index 3a0a91be696..914c2829fd2 100644 --- a/packages/jamf_pro/manifest.yml +++ b/packages/jamf_pro/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.5 name: jamf_pro title: "Jamf Pro" -version: 0.1.3 +version: 0.2.0 source: license: "Elastic-2.0" description: "Collect logs and inventory data from Jamf Pro with Elastic Agent" diff --git a/packages/jumpcloud/changelog.yml b/packages/jumpcloud/changelog.yml index 513500f064a..bb976dc6dc4 100644 --- a/packages/jumpcloud/changelog.yml +++ b/packages/jumpcloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.13.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.12.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 45cb8e7ed06..23777e52455 100644 --- a/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/jumpcloud/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -304,6 +304,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/jumpcloud/manifest.yml b/packages/jumpcloud/manifest.yml index 3ca96349170..19f97e4b9e0 100644 --- a/packages/jumpcloud/manifest.yml +++ b/packages/jumpcloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: jumpcloud title: "JumpCloud" -version: "1.12.1" +version: "1.13.0" description: "Collect logs from JumpCloud Directory as a Service" type: integration categories: diff --git a/packages/keycloak/changelog.yml b/packages/keycloak/changelog.yml index dc6376e3834..e6aaa373eb0 100644 --- a/packages/keycloak/changelog.yml +++ b/packages/keycloak/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml index fdf037363fb..0c42a6a789e 100644 --- a/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/keycloak/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -87,3 +87,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/keycloak/manifest.yml b/packages/keycloak/manifest.yml index a19bafc5c08..547ceb647e1 100644 --- a/packages/keycloak/manifest.yml +++ b/packages/keycloak/manifest.yml @@ -1,6 +1,6 @@ name: keycloak title: Keycloak -version: "1.23.2" +version: "1.24.0" description: Collect logs from Keycloak with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/lastpass/changelog.yml b/packages/lastpass/changelog.yml index 6966b838cf4..b67cb79b8cb 100644 --- a/packages/lastpass/changelog.yml +++ b/packages/lastpass/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.18.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.17.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml b/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml index 65814c44fa8..665682eb884 100644 --- a/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lastpass/data_stream/detailed_shared_folder/elasticsearch/ingest_pipeline/default.yml @@ -140,6 +140,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml b/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml index 0f058a88ec5..bf92333ed55 100644 --- a/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lastpass/data_stream/event_report/elasticsearch/ingest_pipeline/default.yml @@ -517,6 +517,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml b/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml index fce883cdaba..264acc2a3fd 100644 --- a/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lastpass/data_stream/user/elasticsearch/ingest_pipeline/default.yml @@ -240,6 +240,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lastpass/manifest.yml b/packages/lastpass/manifest.yml index f9a9de1d5d4..d7dab80e231 100644 --- a/packages/lastpass/manifest.yml +++ b/packages/lastpass/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: lastpass title: LastPass -version: "1.17.0" +version: "1.18.0" description: Collect logs from LastPass with Elastic Agent. type: integration categories: diff --git a/packages/lumos/changelog.yml b/packages/lumos/changelog.yml index b88153ed648..d915a9f83c2 100644 --- a/packages/lumos/changelog.yml +++ b/packages/lumos/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml b/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml index 4dafa0c0aae..dbc71e87f63 100644 --- a/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lumos/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml @@ -66,3 +66,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/lumos/manifest.yml b/packages/lumos/manifest.yml index 3984bed287c..3b7fb6f1f2e 100644 --- a/packages/lumos/manifest.yml +++ b/packages/lumos/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.2 name: lumos title: "Lumos" -version: "1.3.0" +version: "1.4.0" description: "An integration with Lumos to ship your Activity logs to your Elastic instance." type: integration categories: diff --git a/packages/lyve_cloud/changelog.yml b/packages/lyve_cloud/changelog.yml index 20838dc8630..f43ea77a3bd 100644 --- a/packages/lyve_cloud/changelog.yml +++ b/packages/lyve_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.15.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.14.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 57e6723ea7b..086017a3b6c 100644 --- a/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/lyve_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -34,6 +34,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/lyve_cloud/manifest.yml b/packages/lyve_cloud/manifest.yml index f47149a6e29..e960f4b7269 100644 --- a/packages/lyve_cloud/manifest.yml +++ b/packages/lyve_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: lyve_cloud title: Lyve Cloud -version: "1.14.1" +version: "1.15.0" description: Collect S3 API audit log from Lyve Cloud with Elastic Agent. type: integration categories: diff --git a/packages/m365_defender/changelog.yml b/packages/m365_defender/changelog.yml index 22bf328b1b7..729a239c10c 100644 --- a/packages/m365_defender/changelog.yml +++ b/packages/m365_defender/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.16.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.15.1" changes: - description: Add caseless fields to process events. @@ -19,7 +24,7 @@ link: https://github.com/elastic/integrations/pull/10947 - version: "2.14.6" changes: - - description: Fix dashboard filters to look for correct event.severity values. + - description: Fix dashboard filters to look for correct event.severity values. type: bugfix link: https://github.com/elastic/integrations/pull/10810 - version: "2.14.5" @@ -29,7 +34,7 @@ link: https://github.com/elastic/integrations/pull/10772 - version: "2.14.4" changes: - - description: Fix `host.mac` gsub processor to handle MAC addresses with `-` already present. + - description: Fix `host.mac` gsub processor to handle MAC addresses with `-` already present. type: bugfix link: https://github.com/elastic/integrations/pull/10798 - version: "2.14.3" diff --git a/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 4ffb4815965..48cfa70fa61 100644 --- a/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -2552,3 +2552,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml index f94cadb0af8..3ae43ae2db1 100644 --- a/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -144,3 +144,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index 8218b8d721f..caa282a880b 100644 --- a/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -2360,6 +2360,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml index a771b124284..b90bac63e5c 100644 --- a/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/m365_defender/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -390,6 +390,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: "{{{_ingest.on_failure_message}}}" diff --git a/packages/m365_defender/manifest.yml b/packages/m365_defender/manifest.yml index ee40b624254..e443b6bdd7b 100644 --- a/packages/m365_defender/manifest.yml +++ b/packages/m365_defender/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: m365_defender title: Microsoft M365 Defender -version: "2.15.1" +version: "2.16.0" description: Collect logs from Microsoft M365 Defender with Elastic Agent. categories: - "security" diff --git a/packages/mattermost/changelog.yml b/packages/mattermost/changelog.yml index 152a15f5df9..3b00702d9e1 100644 --- a/packages/mattermost/changelog.yml +++ b/packages/mattermost/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index fa017badcfb..b0728e19285 100644 --- a/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mattermost/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -446,6 +446,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mattermost/manifest.yml b/packages/mattermost/manifest.yml index d92c96df3ac..20c3d91033f 100644 --- a/packages/mattermost/manifest.yml +++ b/packages/mattermost/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: mattermost title: "Mattermost" -version: "2.1.1" +version: "2.2.0" description: Collect logs from Mattermost with Elastic Agent. type: integration categories: diff --git a/packages/menlo/changelog.yml b/packages/menlo/changelog.yml index 0f460331f37..36b36713ca0 100644 --- a/packages/menlo/changelog.yml +++ b/packages/menlo/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.1.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml b/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml index 387ac2a62f3..ac726d70faa 100644 --- a/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml +++ b/packages/menlo/data_stream/dlp/elasticsearch/ingest_pipeline/default.yml @@ -195,6 +195,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml b/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml index 7f51562ec19..cf6cfc2b561 100644 --- a/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml +++ b/packages/menlo/data_stream/web/elasticsearch/ingest_pipeline/default.yml @@ -341,6 +341,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/menlo/manifest.yml b/packages/menlo/manifest.yml index 9cb73d27ce6..e65ace87e53 100644 --- a/packages/menlo/manifest.yml +++ b/packages/menlo/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: menlo title: "Menlo Security" -version: "1.1.1" +version: "1.2.0" source: license: "Elastic-2.0" description: "Collect logs from Menlo Security products with Elastic Agent" diff --git a/packages/microsoft_defender_cloud/changelog.yml b/packages/microsoft_defender_cloud/changelog.yml index bfd7b128d26..4a63e5a71bf 100644 --- a/packages/microsoft_defender_cloud/changelog.yml +++ b/packages/microsoft_defender_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.0" changes: - description: Store eventhub metadata inside azure-eventhub field. diff --git a/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml index a39d3de3bb6..273ff2e9aa3 100644 --- a/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_defender_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -1713,3 +1713,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/microsoft_defender_cloud/manifest.yml b/packages/microsoft_defender_cloud/manifest.yml index d5d3ba1c691..e2ac391c050 100644 --- a/packages/microsoft_defender_cloud/manifest.yml +++ b/packages/microsoft_defender_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: microsoft_defender_cloud title: Microsoft Defender for Cloud -version: "2.0.0" +version: "2.1.0" description: Collect logs from Microsoft Defender for Cloud with Elastic Agent. type: integration categories: diff --git a/packages/microsoft_defender_endpoint/changelog.yml b/packages/microsoft_defender_endpoint/changelog.yml index e2dd4380cd7..9545bae2245 100644 --- a/packages/microsoft_defender_endpoint/changelog.yml +++ b/packages/microsoft_defender_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.25.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 8b6755c4f16..60d07fa1c4d 100644 --- a/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_defender_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -345,6 +345,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/microsoft_defender_endpoint/manifest.yml b/packages/microsoft_defender_endpoint/manifest.yml index 8b457f57c32..9048f1de3aa 100644 --- a/packages/microsoft_defender_endpoint/manifest.yml +++ b/packages/microsoft_defender_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: microsoft_defender_endpoint title: Microsoft Defender for Endpoint -version: "2.25.1" +version: "2.26.0" description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent. categories: - "security" diff --git a/packages/microsoft_exchange_online_message_trace/changelog.yml b/packages/microsoft_exchange_online_message_trace/changelog.yml index 4deb8a8edff..2c3f52c4be1 100644 --- a/packages/microsoft_exchange_online_message_trace/changelog.yml +++ b/packages/microsoft_exchange_online_message_trace/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.1" changes: - description: Improve document fingerprinting resolution. diff --git a/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 584589667f7..ad08343df6c 100644 --- a/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_exchange_online_message_trace/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -334,6 +334,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/microsoft_exchange_online_message_trace/manifest.yml b/packages/microsoft_exchange_online_message_trace/manifest.yml index 311b29de2a3..bf6804faea4 100644 --- a/packages/microsoft_exchange_online_message_trace/manifest.yml +++ b/packages/microsoft_exchange_online_message_trace/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: microsoft_exchange_online_message_trace title: "Microsoft Exchange Online Message Trace" -version: "1.23.1" +version: "1.24.0" description: "Microsoft Exchange Online Message Trace Integration" type: integration categories: diff --git a/packages/microsoft_sentinel/changelog.yml b/packages/microsoft_sentinel/changelog.yml index 39909152884..c9f042aceed 100644 --- a/packages/microsoft_sentinel/changelog.yml +++ b/packages/microsoft_sentinel/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.0" changes: - description: Initial release. diff --git a/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 3da7fac5c69..8caac84ac1f 100644 --- a/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_sentinel/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -447,3 +447,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml index ac6bda2fc23..d8631093bac 100644 --- a/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_sentinel/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -453,3 +453,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index 8986cfb2b3e..105832eb974 100644 --- a/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/microsoft_sentinel/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -457,3 +457,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/microsoft_sentinel/manifest.yml b/packages/microsoft_sentinel/manifest.yml index c226fc01317..e875d35499d 100644 --- a/packages/microsoft_sentinel/manifest.yml +++ b/packages/microsoft_sentinel/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: microsoft_sentinel title: Microsoft Sentinel -version: 0.1.0 +version: 0.2.0 description: Collect logs from Microsoft Sentinel with Elastic Agent. type: integration categories: diff --git a/packages/mimecast/changelog.yml b/packages/mimecast/changelog.yml index 7f2352d1d97..7396c678b05 100644 --- a/packages/mimecast/changelog.yml +++ b/packages/mimecast/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.1.0" changes: - description: Add v2 API client for `siem_logs`. diff --git a/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml index b1978e7e596..99473406d69 100644 --- a/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/archive_search_logs/elasticsearch/ingest_pipeline/default.yml @@ -152,6 +152,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml index bc54c50f8ab..f50e19a1fcf 100644 --- a/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml @@ -363,6 +363,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: >- diff --git a/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml index d2aef3876fa..ee9e240c11f 100644 --- a/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/dlp_logs/elasticsearch/ingest_pipeline/default.yml @@ -102,6 +102,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml index 138ba74db25..ae6c47c4c59 100644 --- a/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/message_release_logs/elasticsearch/ingest_pipeline/default.yml @@ -234,6 +234,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: >- diff --git a/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml index 88c54c771e1..9e2a8e42778 100644 --- a/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/siem_logs/elasticsearch/ingest_pipeline/default.yml @@ -36,6 +36,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: >- diff --git a/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml index 8a865ef86fc..963b95d3638 100644 --- a/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/threat_intel_malware_customer/elasticsearch/ingest_pipeline/default.yml @@ -221,6 +221,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml index ffafb2c8005..3a8d37b6497 100644 --- a/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/threat_intel_malware_grid/elasticsearch/ingest_pipeline/default.yml @@ -219,6 +219,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml index e06769dcaa8..9f235962343 100644 --- a/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/ttp_ap_logs/elasticsearch/ingest_pipeline/default.yml @@ -144,6 +144,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml index 63b61e3c13a..52bcbe4d2be 100644 --- a/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/ttp_ip_logs/elasticsearch/ingest_pipeline/default.yml @@ -111,6 +111,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml b/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml index cd508d76009..d0071cb8b1a 100644 --- a/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/mimecast/data_stream/ttp_url_logs/elasticsearch/ingest_pipeline/default.yml @@ -143,6 +143,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/mimecast/manifest.yml b/packages/mimecast/manifest.yml index 96ce8fc790e..0a382444e5f 100644 --- a/packages/mimecast/manifest.yml +++ b/packages/mimecast/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: mimecast title: "Mimecast" -version: "2.1.0" +version: "2.2.0" description: Collect logs from Mimecast with Elastic Agent. type: integration categories: ["security", "email_security"] diff --git a/packages/netskope/changelog.yml b/packages/netskope/changelog.yml index 278fffaa396..39317bd62a9 100644 --- a/packages/netskope/changelog.yml +++ b/packages/netskope/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.20.2" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 4b649dfd596..4d735b9e1cb 100644 --- a/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/netskope/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -1385,6 +1385,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml index c4b45fac455..59a15a86940 100644 --- a/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/netskope/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -1128,6 +1128,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/netskope/manifest.yml b/packages/netskope/manifest.yml index 27845b70e26..3ee2c11d509 100644 --- a/packages/netskope/manifest.yml +++ b/packages/netskope/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: netskope title: "Netskope" -version: "1.20.2" +version: "1.21.0" description: Collect logs from Netskope with Elastic Agent. type: integration categories: diff --git a/packages/o365/changelog.yml b/packages/o365/changelog.yml index aa73ed210a0..ab6eeac6d35 100644 --- a/packages/o365/changelog.yml +++ b/packages/o365/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.7.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.6.5" changes: - description: Fix the processing of duplicated QueryTime in Data field. diff --git a/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index e46409def1b..d7c78acd4d3 100644 --- a/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/o365/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -1285,6 +1285,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/o365/manifest.yml b/packages/o365/manifest.yml index 088db0be9f7..97c2921ee96 100644 --- a/packages/o365/manifest.yml +++ b/packages/o365/manifest.yml @@ -1,6 +1,6 @@ name: o365 title: Microsoft Office 365 -version: "2.6.5" +version: "2.7.0" description: Collect logs from Microsoft Office 365 with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/okta/changelog.yml b/packages/okta/changelog.yml index 681a0058039..ded0c2f632c 100644 --- a/packages/okta/changelog.yml +++ b/packages/okta/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "3.2.0" changes: - description: Parse JSON string in `okta.debug_context.debug_data.tunnels`. diff --git a/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml b/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml index 8df30d1fcc4..8f70f770080 100644 --- a/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml +++ b/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml @@ -619,6 +619,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: >- diff --git a/packages/okta/manifest.yml b/packages/okta/manifest.yml index f4b82db1693..9449ecdc08c 100644 --- a/packages/okta/manifest.yml +++ b/packages/okta/manifest.yml @@ -1,6 +1,6 @@ name: okta title: Okta -version: "3.2.0" +version: "3.3.0" description: Collect and parse event logs from Okta API with Elastic Agent. type: integration format_version: "3.1.0" @@ -140,11 +140,7 @@ policy_templates: required: false show_user: false description: >- - The request tracer logs requests and responses to the agent's local file-system for debugging configurations. - Enabling this request tracing compromises security and should only be used for debugging. Disabling the request - tracer will delete any stored traces. - See [documentation](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-httpjson.html#_request_tracer_enable) - for details. + The request tracer logs requests and responses to the agent's local file-system for debugging configurations. Enabling this request tracing compromises security and should only be used for debugging. Disabling the request tracer will delete any stored traces. See [documentation](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-httpjson.html#_request_tracer_enable) for details. - name: ssl type: yaml title: SSL diff --git a/packages/opencanary/changelog.yml b/packages/opencanary/changelog.yml index 5e983572a67..dfadd4dc32c 100644 --- a/packages/opencanary/changelog.yml +++ b/packages/opencanary/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.3" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml b/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml index 93aa808e346..4ca8c228224 100755 --- a/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/opencanary/data_stream/events/elasticsearch/ingest_pipeline/default.yml @@ -786,6 +786,10 @@ on_failure: - append: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} with tag {{{ _ingest.on_failure_processor_tag }}} in pipeline {{{ _ingest.on_failure_pipeline }}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/opencanary/manifest.yml b/packages/opencanary/manifest.yml index 640b5b5f805..058d5f270d8 100644 --- a/packages/opencanary/manifest.yml +++ b/packages/opencanary/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.3 name: opencanary title: "OpenCanary" -version: "0.1.3" +version: "0.2.0" description: "This integration collects and parses logs from OpenCanary honeypots." type: integration categories: diff --git a/packages/panw_cortex_xdr/changelog.yml b/packages/panw_cortex_xdr/changelog.yml index 0e8a14d85d4..22938870249 100644 --- a/packages/panw_cortex_xdr/changelog.yml +++ b/packages/panw_cortex_xdr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.30.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.29.0" changes: - description: Use Cortex XDR SIEM ingestion time for cursor progression. diff --git a/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 669d88bcc9c..1a4812f6cb0 100644 --- a/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/panw_cortex_xdr/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -565,6 +565,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml b/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml index 07329eef5e8..7ec259491a7 100644 --- a/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml +++ b/packages/panw_cortex_xdr/data_stream/incidents/elasticsearch/ingest_pipeline/default.yml @@ -217,6 +217,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/panw_cortex_xdr/manifest.yml b/packages/panw_cortex_xdr/manifest.yml index 42d13813109..0e3901dedff 100644 --- a/packages/panw_cortex_xdr/manifest.yml +++ b/packages/panw_cortex_xdr/manifest.yml @@ -1,6 +1,6 @@ name: panw_cortex_xdr title: Palo Alto Cortex XDR -version: "1.29.0" +version: "1.30.0" description: Collect logs from Palo Alto Cortex XDR with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ping_one/changelog.yml b/packages/ping_one/changelog.yml index 8c26ebe7d79..feec57878dd 100644 --- a/packages/ping_one/changelog.yml +++ b/packages/ping_one/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.16.0" changes: - description: Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index c10a35aa0c6..f74a9594541 100644 --- a/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ping_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -324,6 +324,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ping_one/manifest.yml b/packages/ping_one/manifest.yml index be84b0c68a0..2b7c021d60d 100644 --- a/packages/ping_one/manifest.yml +++ b/packages/ping_one/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: ping_one title: PingOne -version: "1.16.0" +version: "1.17.0" description: Collect logs from PingOne with Elastic-Agent. type: integration categories: diff --git a/packages/pps/changelog.yml b/packages/pps/changelog.yml index 1c55793d871..d186a0b9a86 100644 --- a/packages/pps/changelog.yml +++ b/packages/pps/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.2" changes: - description: Update docs. diff --git a/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml index f4ca54eb395..5640bd42bd9 100644 --- a/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/pps/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -93,3 +93,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/pps/manifest.yml b/packages/pps/manifest.yml index 07dae056b3a..6275d31f033 100644 --- a/packages/pps/manifest.yml +++ b/packages/pps/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: pps title: "Pleasant Password Server" -version: "0.1.2" +version: "0.2.0" source: license: "Apache-2.0" description: "Integration for Pleasant Password Server Syslog Messages" diff --git a/packages/prisma_access/changelog.yml b/packages/prisma_access/changelog.yml index a7b25df8289..c983e12e9b5 100644 --- a/packages/prisma_access/changelog.yml +++ b/packages/prisma_access/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml index b2e9c5ae45d..07e2594410a 100644 --- a/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_access/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -5311,3 +5311,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/prisma_access/manifest.yml b/packages/prisma_access/manifest.yml index 29d276beed3..20548cec315 100644 --- a/packages/prisma_access/manifest.yml +++ b/packages/prisma_access/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.4 name: prisma_access title: Palo Alto Prisma Access -version: 1.0.0 +version: 1.1.0 description: Collect logs from Palo Alto Prisma Access with Elastic Agent. type: integration categories: diff --git a/packages/prisma_cloud/changelog.yml b/packages/prisma_cloud/changelog.yml index 38bf8d00833..234e76b5678 100644 --- a/packages/prisma_cloud/changelog.yml +++ b/packages/prisma_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.4.2" changes: - description: 'Revert: Fix path to API login for host data sources.' diff --git a/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 6bdc8d6625c..f1ee8734dc0 100644 --- a/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -1508,3 +1508,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 6e9639ecc77..345f6a5f8c0 100644 --- a/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -233,3 +233,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml index 66fa48b29c0..b13613128c1 100644 --- a/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/host/elasticsearch/ingest_pipeline/default.yml @@ -4259,3 +4259,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml index 719a9e699f7..492d8289efc 100644 --- a/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/host_profile/elasticsearch/ingest_pipeline/default.yml @@ -755,5 +755,9 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml b/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml index 19ebeadaed4..864ac207491 100644 --- a/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/prisma_cloud/data_stream/incident_audit/elasticsearch/ingest_pipeline/default.yml @@ -813,4 +813,8 @@ on_failure: value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag fail-{{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' - set: field: event.kind - value: pipeline_error \ No newline at end of file + value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false \ No newline at end of file diff --git a/packages/prisma_cloud/manifest.yml b/packages/prisma_cloud/manifest.yml index edcb3ef056b..37052933df7 100644 --- a/packages/prisma_cloud/manifest.yml +++ b/packages/prisma_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: prisma_cloud title: "Palo Alto Prisma Cloud" -version: "1.4.2" +version: "1.5.0" description: "Collect logs from Prisma Cloud with Elastic Agent." type: integration categories: diff --git a/packages/proofpoint_on_demand/changelog.yml b/packages/proofpoint_on_demand/changelog.yml index ec86abf264c..d50c16ecd70 100644 --- a/packages/proofpoint_on_demand/changelog.yml +++ b/packages/proofpoint_on_demand/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.2" changes: - description: Fix script processor in mail data-stream. diff --git a/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index f71af370b82..a83ffa7dc61 100644 --- a/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_on_demand/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -470,3 +470,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml index 56945966e5f..9dd5c8338f0 100644 --- a/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_on_demand/data_stream/mail/elasticsearch/ingest_pipeline/default.yml @@ -462,3 +462,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml index 776638e6f63..b276b45d847 100644 --- a/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_on_demand/data_stream/message/elasticsearch/ingest_pipeline/default.yml @@ -1388,3 +1388,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/proofpoint_on_demand/manifest.yml b/packages/proofpoint_on_demand/manifest.yml index 1b4e0664e1a..9ebbc643364 100644 --- a/packages/proofpoint_on_demand/manifest.yml +++ b/packages/proofpoint_on_demand/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.1.4 name: proofpoint_on_demand title: Proofpoint On Demand -version: 1.0.2 +version: 1.1.0 description: Collect logs from Proofpoint On Demand with Elastic Agent. type: integration categories: diff --git a/packages/proofpoint_tap/changelog.yml b/packages/proofpoint_tap/changelog.yml index 9f7b350e970..a44737e8689 100644 --- a/packages/proofpoint_tap/changelog.yml +++ b/packages/proofpoint_tap/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.25.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.24.3" changes: - description: Fix time interval clamp logic. diff --git a/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml index ec916265c71..6c12a0111a4 100644 --- a/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/clicks_blocked/elasticsearch/ingest_pipeline/default.yml @@ -227,6 +227,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml index c48310f0320..2895ecdd92b 100644 --- a/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/clicks_permitted/elasticsearch/ingest_pipeline/default.yml @@ -227,6 +227,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml index fd080fb4bd2..d501a6e8081 100644 --- a/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/message_blocked/elasticsearch/ingest_pipeline/default.yml @@ -533,6 +533,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml b/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml index e2a343c94ad..704b997014e 100644 --- a/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml +++ b/packages/proofpoint_tap/data_stream/message_delivered/elasticsearch/ingest_pipeline/default.yml @@ -512,6 +512,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/proofpoint_tap/manifest.yml b/packages/proofpoint_tap/manifest.yml index 54d141daba9..c586340c78f 100644 --- a/packages/proofpoint_tap/manifest.yml +++ b/packages/proofpoint_tap/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: proofpoint_tap title: Proofpoint TAP -version: "1.24.3" +version: "1.25.0" description: Collect logs from Proofpoint TAP with Elastic Agent. type: integration categories: diff --git a/packages/pulse_connect_secure/changelog.yml b/packages/pulse_connect_secure/changelog.yml index ae7aa4b4e7d..9a5b5b2989e 100644 --- a/packages/pulse_connect_secure/changelog.yml +++ b/packages/pulse_connect_secure/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.2.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml index e4d4aee4bd0..12ccc8cf465 100644 --- a/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/pulse_connect_secure/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -133,6 +133,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/pulse_connect_secure/manifest.yml b/packages/pulse_connect_secure/manifest.yml index 1fa6a118a81..54110d3ceaf 100644 --- a/packages/pulse_connect_secure/manifest.yml +++ b/packages/pulse_connect_secure/manifest.yml @@ -1,6 +1,6 @@ name: pulse_connect_secure title: Pulse Connect Secure -version: "2.2.1" +version: "2.3.0" description: Collect logs from Pulse Connect Secure with Elastic Agent. type: integration icons: diff --git a/packages/qualys_vmdr/changelog.yml b/packages/qualys_vmdr/changelog.yml index c59a1ebc5bc..955c30e5fc4 100644 --- a/packages/qualys_vmdr/changelog.yml +++ b/packages/qualys_vmdr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "5.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "5.5.0" changes: - description: Capture error with decode_xml. diff --git a/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml b/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml index 5571c945f89..9d7abe87c47 100644 --- a/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/qualys_vmdr/data_stream/asset_host_detection/elasticsearch/ingest_pipeline/default.yml @@ -1485,3 +1485,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml b/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml index a26039c6270..1816aa949ad 100644 --- a/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml +++ b/packages/qualys_vmdr/data_stream/knowledge_base/elasticsearch/ingest_pipeline/default.yml @@ -851,3 +851,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml b/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml index 41e6c863bfb..04118fc774d 100644 --- a/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/qualys_vmdr/data_stream/user_activity/elasticsearch/ingest_pipeline/default.yml @@ -177,3 +177,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/qualys_vmdr/manifest.yml b/packages/qualys_vmdr/manifest.yml index 6cb30c09cfd..995e3d7d3e3 100644 --- a/packages/qualys_vmdr/manifest.yml +++ b/packages/qualys_vmdr/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: qualys_vmdr title: Qualys VMDR -version: "5.5.0" +version: "5.6.0" description: Collect data from Qualys VMDR platform with Elastic Agent. type: integration categories: diff --git a/packages/rapid7_insightvm/changelog.yml b/packages/rapid7_insightvm/changelog.yml index 3d0595bf035..04acf07bf2e 100644 --- a/packages/rapid7_insightvm/changelog.yml +++ b/packages/rapid7_insightvm/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.13.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.12.0" changes: - description: Removed import_mappings. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 3b0295cc967..22c314c4f5e 100644 --- a/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/rapid7_insightvm/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -730,3 +730,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 96dfc210210..4b437481b8c 100644 --- a/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/rapid7_insightvm/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -457,3 +457,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/rapid7_insightvm/manifest.yml b/packages/rapid7_insightvm/manifest.yml index 7a9a58b0160..0068af4eeba 100644 --- a/packages/rapid7_insightvm/manifest.yml +++ b/packages/rapid7_insightvm/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: rapid7_insightvm title: Rapid7 InsightVM -version: "1.12.0" +version: "1.13.0" source: license: "Elastic-2.0" description: Collect logs from Rapid7 InsightVM with Elastic Agent. diff --git a/packages/santa/changelog.yml b/packages/santa/changelog.yml index 4940483cb05..b92267ff1ad 100644 --- a/packages/santa/changelog.yml +++ b/packages/santa/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.21.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "3.20.0" changes: - description: Update ingest pipeline to avoid failures with unexpected log formats. diff --git a/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 3d59f02b011..527f0d71f99 100644 --- a/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/santa/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -271,6 +271,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/santa/manifest.yml b/packages/santa/manifest.yml index ed910760bcf..1c775b240b1 100644 --- a/packages/santa/manifest.yml +++ b/packages/santa/manifest.yml @@ -1,6 +1,6 @@ name: santa title: Google Santa -version: "3.20.0" +version: "3.21.0" description: Collect logs from Google Santa with Elastic Agent. type: integration icons: diff --git a/packages/sentinel_one/changelog.yml b/packages/sentinel_one/changelog.yml index b47cff9adb9..8ad677815fa 100644 --- a/packages/sentinel_one/changelog.yml +++ b/packages/sentinel_one/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.1" changes: - description: Document limitation for using the alert data stream in on-premises environments. diff --git a/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml index 0882977e7b3..0fcbf498bd1 100644 --- a/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/activity/elasticsearch/ingest_pipeline/default.yml @@ -534,6 +534,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml index 576ec6c4836..bba9855f730 100644 --- a/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/agent/elasticsearch/ingest_pipeline/default.yml @@ -826,6 +826,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index d2b50ae2cff..283438c0b34 100644 --- a/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -775,6 +775,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml index 125df8f260b..0e1300ac04b 100644 --- a/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -167,6 +167,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index cce132a5da6..e59c35e56a0 100644 --- a/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -1175,6 +1175,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/sentinel_one/manifest.yml b/packages/sentinel_one/manifest.yml index ec39c246e6b..bce5cf573e2 100644 --- a/packages/sentinel_one/manifest.yml +++ b/packages/sentinel_one/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: sentinel_one title: SentinelOne -version: "1.25.1" +version: "1.26.0" description: Collect logs from SentinelOne with Elastic Agent. type: integration categories: diff --git a/packages/sentinel_one_cloud_funnel/changelog.yml b/packages/sentinel_one_cloud_funnel/changelog.yml index a5d05382841..96dc2d91103 100644 --- a/packages/sentinel_one_cloud_funnel/changelog.yml +++ b/packages/sentinel_one_cloud_funnel/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.5.0" changes: - description: Tighten IPv4 extraction from IPv4-mapped IPv6 addresses. diff --git a/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 561b17b0325..402ae95d245 100644 --- a/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -2962,3 +2962,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/sentinel_one_cloud_funnel/manifest.yml b/packages/sentinel_one_cloud_funnel/manifest.yml index 824ad631f02..77f4b803758 100644 --- a/packages/sentinel_one_cloud_funnel/manifest.yml +++ b/packages/sentinel_one_cloud_funnel/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: sentinel_one_cloud_funnel title: SentinelOne Cloud Funnel -version: "1.5.0" +version: "1.6.0" description: Collect logs from SentinelOne Cloud Funnel with Elastic Agent. type: integration categories: ["security", "edr_xdr"] @@ -160,7 +160,6 @@ policy_templates: # yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk # sxSmbIUfc2SGJGCJD4I= # -----END CERTIFICATE----- - # Rerouting options - name: reroute_command_script type: bool @@ -266,7 +265,6 @@ policy_templates: required: false show_user: false description: Enabling this option reroutes url events to `sentinel_one_cloud_funnel.url` from `sentinel_one_cloud_funnel.event`. - - type: gcs title: Collect SentinelOne Cloud Funnel logs via Google Cloud Storage. description: Collecting logs from SentinelOne Cloud Funnel via Google Cloud Storage. @@ -294,7 +292,6 @@ policy_templates: multi: false required: false show_user: false - # Rerouting options - name: reroute_command_script type: bool diff --git a/packages/servicenow/changelog.yml b/packages/servicenow/changelog.yml index 82684d3c4ed..baa5e131697 100644 --- a/packages/servicenow/changelog.yml +++ b/packages/servicenow/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.5.1" changes: - description: Tolerate divers input shapes. diff --git a/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 2bcefda1f50..36ae4e0950b 100644 --- a/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/servicenow/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -3341,3 +3341,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/servicenow/manifest.yml b/packages/servicenow/manifest.yml index b19dd23a8cc..545eaabe98d 100644 --- a/packages/servicenow/manifest.yml +++ b/packages/servicenow/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: servicenow title: "ServiceNow" -version: 0.5.1 +version: 0.6.0 description: "Collect logs from ServiceNow with Elastic Agent." type: integration categories: @@ -24,7 +24,7 @@ screenshots: title: CMDB CI Servers Dashboard size: 600x600 type: image/png - - src: /img/servicenow-incident-dashboard.png + - src: /img/servicenow-incident-dashboard.png title: Incident Dashboard size: 600x600 type: image/png diff --git a/packages/slack/changelog.yml b/packages/slack/changelog.yml index ae490c286fc..e00a60c3fe5 100644 --- a/packages/slack/changelog.yml +++ b/packages/slack/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.23.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.22.0" changes: - description: Map `details.url_private` and `actor` fields. diff --git a/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index f8d0bd6e811..763d19431f8 100644 --- a/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/slack/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -476,3 +476,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/slack/manifest.yml b/packages/slack/manifest.yml index abd74bc5670..f1761f0a074 100644 --- a/packages/slack/manifest.yml +++ b/packages/slack/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: slack title: "Slack Logs" -version: "1.22.0" +version: "1.23.0" description: "Slack Logs Integration" type: integration categories: diff --git a/packages/snyk/changelog.yml b/packages/snyk/changelog.yml index 773162e4c61..60789ca8c14 100644 --- a/packages/snyk/changelog.yml +++ b/packages/snyk/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.3" changes: - description: Fix query parameters definition for issues data stream. diff --git a/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index b63fc74efce..198f726ab31 100644 --- a/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -87,6 +87,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml index f9598f82a36..7d51dec5889 100644 --- a/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml @@ -165,6 +165,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml index 833c1ef2579..8edf4b40907 100644 --- a/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/issues/elasticsearch/ingest_pipeline/default.yml @@ -119,6 +119,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml b/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml index ff238755f6d..eedeeb3f4fe 100644 --- a/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml +++ b/packages/snyk/data_stream/vulnerabilities/elasticsearch/ingest_pipeline/default.yml @@ -200,6 +200,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/snyk/manifest.yml b/packages/snyk/manifest.yml index 0954a8e0c69..4b3096e18f9 100644 --- a/packages/snyk/manifest.yml +++ b/packages/snyk/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: snyk title: "Snyk" -version: "1.25.3" +version: "1.26.0" description: Collect logs from Snyk with Elastic Agent. type: integration categories: diff --git a/packages/sophos_central/changelog.yml b/packages/sophos_central/changelog.yml index cc4109e2e76..cdcedfb8118 100644 --- a/packages/sophos_central/changelog.yml +++ b/packages/sophos_central/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.16.0" changes: - description: Update docs for token_url configuration. diff --git a/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index e2aad6956d6..0dc9b369661 100644 --- a/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sophos_central/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -656,3 +656,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 7d7dfeed36b..44738d02a0d 100644 --- a/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sophos_central/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -448,3 +448,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/sophos_central/manifest.yml b/packages/sophos_central/manifest.yml index a20a1f48483..63b5076254b 100644 --- a/packages/sophos_central/manifest.yml +++ b/packages/sophos_central/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: sophos_central title: Sophos Central -version: "1.16.0" +version: "1.17.0" description: This Elastic integration collects logs from Sophos Central with Elastic Agent. type: integration categories: diff --git a/packages/spycloud/changelog.yml b/packages/spycloud/changelog.yml index 506bb84e449..4aa39475aaa 100644 --- a/packages/spycloud/changelog.yml +++ b/packages/spycloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml b/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml index 55246aacb75..526b63c63f4 100644 --- a/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spycloud/data_stream/breach_catalog/elasticsearch/ingest_pipeline/default.yml @@ -2415,3 +2415,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml b/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml index fc8a1af6789..b487699dc04 100644 --- a/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spycloud/data_stream/breach_record/elasticsearch/ingest_pipeline/default.yml @@ -630,3 +630,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml b/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml index 5c7203d8a91..caad720d5d7 100644 --- a/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spycloud/data_stream/compass/elasticsearch/ingest_pipeline/default.yml @@ -614,3 +614,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/spycloud/manifest.yml b/packages/spycloud/manifest.yml index cfb6412fab2..ca49153a2d6 100644 --- a/packages/spycloud/manifest.yml +++ b/packages/spycloud/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: spycloud title: SpyCloud Enterprise Protection -version: 1.0.0 +version: 1.1.0 description: Collect data from SpyCloud Enterprise Protection with Elastic Agent. type: integration categories: diff --git a/packages/sublime_security/changelog.yml b/packages/sublime_security/changelog.yml index 1cb347867f9..ff85c2566f4 100644 --- a/packages/sublime_security/changelog.yml +++ b/packages/sublime_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: 1.1.1 changes: - description: Fix water mark use. diff --git a/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 1be49745477..b3042cd1d69 100644 --- a/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sublime_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -412,3 +412,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml b/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml index 83f3a843934..1c98227119c 100644 --- a/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sublime_security/data_stream/email_message/elasticsearch/ingest_pipeline/default.yml @@ -2163,3 +2163,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml b/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml index 78c906df39f..44065e93427 100644 --- a/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sublime_security/data_stream/message_event/elasticsearch/ingest_pipeline/default.yml @@ -360,3 +360,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/sublime_security/manifest.yml b/packages/sublime_security/manifest.yml index 87a7ce2a7e6..cac26fbd2c3 100644 --- a/packages/sublime_security/manifest.yml +++ b/packages/sublime_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: sublime_security title: Sublime Security -version: 1.1.1 +version: 1.2.0 description: Collect logs from Sublime Security with Elastic Agent. type: integration categories: diff --git a/packages/symantec_edr_cloud/changelog.yml b/packages/symantec_edr_cloud/changelog.yml index 5a43d51d623..cd10dc32108 100644 --- a/packages/symantec_edr_cloud/changelog.yml +++ b/packages/symantec_edr_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.5.0" changes: - description: Deprecate package. diff --git a/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index ac5b36482f9..de549906018 100644 --- a/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_edr_cloud/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -468,3 +468,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/symantec_edr_cloud/manifest.yml b/packages/symantec_edr_cloud/manifest.yml index 1a73b5bf47e..af55a25997b 100644 --- a/packages/symantec_edr_cloud/manifest.yml +++ b/packages/symantec_edr_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.2 name: symantec_edr_cloud title: Symantec EDR Cloud (Deprecated) -version: "1.5.0" +version: "1.6.0" source: license: Elastic-2.0 description: Deprecated. Use the Symantec Endpoint Security package instead. diff --git a/packages/symantec_endpoint/changelog.yml b/packages/symantec_endpoint/changelog.yml index baaffb54439..16dd6ea2aaa 100644 --- a/packages/symantec_endpoint/changelog.yml +++ b/packages/symantec_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.17.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.16.2" changes: - description: Ensure that `event.duration` is mapped as a `long`. diff --git a/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 6bf2f805dac..ca1303f2a0c 100644 --- a/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_endpoint/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -1124,6 +1124,10 @@ on_failure: - set: field: event.kind value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'processor {{{ _ingest.on_failure_processor_type }}}: {{{ _ingest.on_failure_message }}}' diff --git a/packages/symantec_endpoint/manifest.yml b/packages/symantec_endpoint/manifest.yml index 918ee5f1795..d9f474fe312 100644 --- a/packages/symantec_endpoint/manifest.yml +++ b/packages/symantec_endpoint/manifest.yml @@ -1,6 +1,6 @@ name: symantec_endpoint title: Symantec Endpoint Protection -version: "2.16.2" +version: "2.17.0" description: Collect logs from Symantec Endpoint Protection with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/symantec_endpoint_security/changelog.yml b/packages/symantec_endpoint_security/changelog.yml index 2bb5f383fde..d7f87dd0c47 100644 --- a/packages/symantec_endpoint_security/changelog.yml +++ b/packages/symantec_endpoint_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.1" changes: - description: Fix mapping of `ses.device_name` to ECS fields. diff --git a/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml index de075d49bbd..ec756b2eaba 100644 --- a/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_endpoint_security/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -1233,3 +1233,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml b/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml index ee7a3b6bb7b..e5ba7e0f59a 100644 --- a/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml +++ b/packages/symantec_endpoint_security/data_stream/incident/elasticsearch/ingest_pipeline/default.yml @@ -462,3 +462,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/symantec_endpoint_security/manifest.yml b/packages/symantec_endpoint_security/manifest.yml index 33b890d7426..8e5ee416702 100644 --- a/packages/symantec_endpoint_security/manifest.yml +++ b/packages/symantec_endpoint_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: symantec_endpoint_security title: Symantec Endpoint Security -version: "1.2.1" +version: "1.3.0" description: Collect logs from Symantec Endpoint Security with Elastic Agent. type: integration categories: diff --git a/packages/sysdig/changelog.yml b/packages/sysdig/changelog.yml index 7ac788bc973..3ef954084e6 100644 --- a/packages/sysdig/changelog.yml +++ b/packages/sysdig/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.2.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.1.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml b/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml index 90e437831e8..9f01215fb2e 100644 --- a/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml +++ b/packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml @@ -290,4 +290,8 @@ on_failure: value: 'Processor "{{{ _ingest.on_failure_processor_type }}}" with tag "{{{ _ingest.on_failure_processor_tag }}}" in pipeline "{{{ _ingest.on_failure_pipeline }}}" failed with message "{{{ _ingest.on_failure_message }}}"' - set: field: event.kind - value: pipeline_error \ No newline at end of file + value: pipeline_error +- append: + field: tags + value: preserve_original_event + allow_duplicates: false \ No newline at end of file diff --git a/packages/sysdig/manifest.yml b/packages/sysdig/manifest.yml index 8930abe0f56..d4a4490c265 100644 --- a/packages/sysdig/manifest.yml +++ b/packages/sysdig/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: sysdig title: "Sysdig" -version: 0.1.1 +version: 0.2.0 description: "Collect alerts from Sysdig using Elastic Agent." type: integration categories: diff --git a/packages/tanium/changelog.yml b/packages/tanium/changelog.yml index bd9e86d7db5..50004443541 100644 --- a/packages/tanium/changelog.yml +++ b/packages/tanium/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.11.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.10.3" changes: - description: Extra field presence checks, truncation of excessive depth. diff --git a/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml index 07933a49211..33be197ecfa 100644 --- a/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/action_history/elasticsearch/ingest_pipeline/default.yml @@ -203,6 +203,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: > diff --git a/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml index 331bb62bc40..b155864ad3d 100644 --- a/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/client_status/elasticsearch/ingest_pipeline/default.yml @@ -216,6 +216,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: > diff --git a/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml index e6a3512d41f..8f3840fd6e8 100644 --- a/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/discover/elasticsearch/ingest_pipeline/default.yml @@ -435,6 +435,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: > diff --git a/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml index 0f81539f676..f548adf1d8a 100644 --- a/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/endpoint_config/elasticsearch/ingest_pipeline/default.yml @@ -241,6 +241,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: > diff --git a/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml index 93961d8056a..1585cc87a66 100644 --- a/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/reporting/elasticsearch/ingest_pipeline/default.yml @@ -141,6 +141,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: > diff --git a/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml b/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml index 26a7ef99843..4a21455e043 100644 --- a/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tanium/data_stream/threat_response/elasticsearch/ingest_pipeline/default.yml @@ -454,6 +454,10 @@ on_failure: tag: set_event_kind field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: tag: append_error_message field: error.message diff --git a/packages/tanium/manifest.yml b/packages/tanium/manifest.yml index 8197272d94f..d69eb7c532e 100644 --- a/packages/tanium/manifest.yml +++ b/packages/tanium/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: tanium title: Tanium -version: "1.10.3" +version: "1.11.0" description: This Elastic integration collects logs from Tanium with Elastic Agent. type: integration categories: diff --git a/packages/teleport/changelog.yml b/packages/teleport/changelog.yml index e4beaf568e4..92b9f2a025c 100644 --- a/packages/teleport/changelog.yml +++ b/packages/teleport/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.0.0" changes: - description: Release package as GA. diff --git a/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 5fb1bad4fbe..6e72624f2ed 100644 --- a/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -145,3 +145,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/teleport/manifest.yml b/packages/teleport/manifest.yml index 5c687bfe519..02243a5d39d 100644 --- a/packages/teleport/manifest.yml +++ b/packages/teleport/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: teleport title: "Teleport" -version: 1.0.0 +version: 1.1.0 source: license: "Elastic-2.0" description: "Collect logs from Teleport with Elastic Agent." diff --git a/packages/tenable_io/changelog.yml b/packages/tenable_io/changelog.yml index a73d11cafef..fdd06b1a082 100644 --- a/packages/tenable_io/changelog.yml +++ b/packages/tenable_io/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "3.2.1" changes: - description: Fix pagination progression logic. diff --git a/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 6c206b76296..b649c2f5757 100644 --- a/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -738,3 +738,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml index dddf802cfda..5398c9d23a2 100644 --- a/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml @@ -591,3 +591,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml index 849ef13fe18..a92aa095728 100644 --- a/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/scan/elasticsearch/ingest_pipeline/default.yml @@ -71,3 +71,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 67e5a596820..278732db36e 100644 --- a/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_io/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -1035,3 +1035,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/tenable_io/manifest.yml b/packages/tenable_io/manifest.yml index 7e1762077f7..2023cf756c0 100644 --- a/packages/tenable_io/manifest.yml +++ b/packages/tenable_io/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: tenable_io title: Tenable Vulnerability Management -version: "3.2.1" +version: "3.3.0" description: Collect logs from Tenable Vulnerability Management with Elastic Agent. type: integration categories: diff --git a/packages/tenable_sc/changelog.yml b/packages/tenable_sc/changelog.yml index 9814380ded2..7a41b1c66ad 100644 --- a/packages/tenable_sc/changelog.yml +++ b/packages/tenable_sc/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.0" changes: - description: Rename connector to Tenable Security Center. diff --git a/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml index 345b3e1992d..2c572a0193b 100644 --- a/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_sc/data_stream/asset/elasticsearch/ingest_pipeline/default.yml @@ -290,6 +290,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml index f8b8eb8e0c8..c00b6610cc2 100644 --- a/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_sc/data_stream/plugin/elasticsearch/ingest_pipeline/default.yml @@ -412,6 +412,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 113b67b065d..ad33843dce4 100644 --- a/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tenable_sc/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -590,6 +590,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tenable_sc/manifest.yml b/packages/tenable_sc/manifest.yml index b17fff98ba6..2bb5af35f69 100644 --- a/packages/tenable_sc/manifest.yml +++ b/packages/tenable_sc/manifest.yml @@ -2,7 +2,7 @@ format_version: "3.0.2" name: tenable_sc title: Tenable Security Center # The version must be updated in the input configuration templates as well, in order to set the correct User-Agent header. Until elastic/kibana#121310 is implemented we will have to manually sync these. -version: "1.25.0" +version: "1.26.0" description: | Collect data from Tenable Security Center with Elastic Agent. type: integration diff --git a/packages/thycotic_ss/changelog.yml b/packages/thycotic_ss/changelog.yml index 967a163718f..7c0fbe52e23 100644 --- a/packages/thycotic_ss/changelog.yml +++ b/packages/thycotic_ss/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.9.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.8.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml b/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml index d372737bca2..d4cb7cf86d5 100644 --- a/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/thycotic_ss/data_stream/logs/elasticsearch/ingest_pipeline/default.yml @@ -496,6 +496,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/thycotic_ss/manifest.yml b/packages/thycotic_ss/manifest.yml index 2d61a943ef8..0a73a832585 100644 --- a/packages/thycotic_ss/manifest.yml +++ b/packages/thycotic_ss/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: thycotic_ss title: "Thycotic Secret Server" -version: "1.8.1" +version: "1.9.0" source: license: "Elastic-2.0" description: "Thycotic Secret Server logs" diff --git a/packages/ti_abusech/changelog.yml b/packages/ti_abusech/changelog.yml index f770862c99c..97448afd460 100644 --- a/packages/ti_abusech/changelog.yml +++ b/packages/ti_abusech/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.3.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml index e088b8298da..cb2df0b6d92 100644 --- a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml @@ -232,6 +232,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml index 45f6b5e80d9..c00c3ca24fc 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml @@ -349,6 +349,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml index 6baeb868dc8..a888ce82ba6 100644 --- a/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/threatfox/elasticsearch/ingest_pipeline/default.yml @@ -282,6 +282,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml index e907b644c82..c3f8c87e4a4 100644 --- a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml @@ -228,6 +228,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{ _ingest.on_failure_processor_type }}} {{{#_ingest.on_failure_processor_tag}}}with tag {{{ _ingest.on_failure_processor_tag }}} {{{/_ingest.on_failure_processor_tag}}}in pipeline {{{_ingest.pipeline}}} failed with message {{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_abusech/manifest.yml b/packages/ti_abusech/manifest.yml index 0d1b0cfe4b3..a0009c88412 100644 --- a/packages/ti_abusech/manifest.yml +++ b/packages/ti_abusech/manifest.yml @@ -1,6 +1,6 @@ name: ti_abusech title: AbuseCH -version: "2.3.5" +version: "2.4.0" description: Ingest threat intelligence indicators from URL Haus, Malware Bazaar, and Threat Fox feeds with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/ti_anomali/changelog.yml b/packages/ti_anomali/changelog.yml index a0c8c3163f4..fe72b762bc2 100644 --- a/packages/ti_anomali/changelog.yml +++ b/packages/ti_anomali/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.24.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.23.0" changes: - description: Support the ThreatStream API diff --git a/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml b/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml index c762729499c..60397ffa261 100644 --- a/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_anomali/data_stream/intelligence/elasticsearch/ingest_pipeline/default.yml @@ -604,3 +604,7 @@ on_failure: tag: set_event_kind_on_failure field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml b/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml index baad31861f0..75619f5ee0e 100644 --- a/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml @@ -507,6 +507,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_anomali/manifest.yml b/packages/ti_anomali/manifest.yml index de4dd001347..2ad8a9db3a0 100644 --- a/packages/ti_anomali/manifest.yml +++ b/packages/ti_anomali/manifest.yml @@ -1,6 +1,6 @@ name: ti_anomali title: Anomali -version: "1.23.0" +version: "1.24.0" description: Ingest threat intelligence indicators from Anomali with Elastic Agent. type: integration format_version: 3.0.2 diff --git a/packages/ti_cif3/changelog.yml b/packages/ti_cif3/changelog.yml index a06aaa1f2fa..12d1502ba28 100644 --- a/packages/ti_cif3/changelog.yml +++ b/packages/ti_cif3/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.15.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.14.4" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml b/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml index 12364c5d9bd..70dbb991ad8 100644 --- a/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_cif3/data_stream/feed/elasticsearch/ingest_pipeline/default.yml @@ -436,6 +436,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_cif3/manifest.yml b/packages/ti_cif3/manifest.yml index 624d233f0cb..d2e863830c5 100644 --- a/packages/ti_cif3/manifest.yml +++ b/packages/ti_cif3/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: ti_cif3 title: "Collective Intelligence Framework v3" -version: "1.14.4" +version: "1.15.0" description: "Ingest threat indicators from a Collective Intelligence Framework v3 instance with Elastic Agent." type: integration categories: diff --git a/packages/ti_crowdstrike/changelog.yml b/packages/ti_crowdstrike/changelog.yml index 686a9c99d6f..cc1af09c37a 100644 --- a/packages/ti_crowdstrike/changelog.yml +++ b/packages/ti_crowdstrike/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.0" changes: - description: Fix mapping type for `ioc.value` field. diff --git a/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml b/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml index e4e60c73b9e..5274e43d213 100644 --- a/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_crowdstrike/data_stream/intel/elasticsearch/ingest_pipeline/default.yml @@ -455,3 +455,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml b/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml index c00240cc797..8b49c07da41 100644 --- a/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_crowdstrike/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml @@ -377,3 +377,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_crowdstrike/manifest.yml b/packages/ti_crowdstrike/manifest.yml index c240cf7ed8a..18b8d19bfa8 100644 --- a/packages/ti_crowdstrike/manifest.yml +++ b/packages/ti_crowdstrike/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: ti_crowdstrike title: CrowdStrike Falcon Intelligence -version: "2.0.0" +version: "2.1.0" description: Collect logs from CrowdStrike Falcon Intelligence with Elastic Agent. type: integration categories: diff --git a/packages/ti_custom/changelog.yml b/packages/ti_custom/changelog.yml index 551ae28814d..2ebe541f8d1 100644 --- a/packages/ti_custom/changelog.yml +++ b/packages/ti_custom/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "0.3.0" changes: - description: Support for SSL and Proxy settings. diff --git a/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 2e1ba1346ff..6a8291e2a6a 100644 --- a/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_custom/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -409,3 +409,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_custom/manifest.yml b/packages/ti_custom/manifest.yml index 787e497aefd..23a2d527b09 100644 --- a/packages/ti_custom/manifest.yml +++ b/packages/ti_custom/manifest.yml @@ -3,7 +3,7 @@ name: ti_custom title: Custom Threat Intelligence description: Ingest threat intelligence data in STIX 2.1 format with Elastic Agent type: integration -version: 0.3.0 +version: 0.4.0 categories: - custom - security diff --git a/packages/ti_cybersixgill/changelog.yml b/packages/ti_cybersixgill/changelog.yml index d44868411a3..0d3a7beedd2 100644 --- a/packages/ti_cybersixgill/changelog.yml +++ b/packages/ti_cybersixgill/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.31.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.30.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index e2e3ba06417..aee01d92833 100644 --- a/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -357,6 +357,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_cybersixgill/manifest.yml b/packages/ti_cybersixgill/manifest.yml index 2ebfa536911..f8e97d215ad 100644 --- a/packages/ti_cybersixgill/manifest.yml +++ b/packages/ti_cybersixgill/manifest.yml @@ -1,6 +1,6 @@ name: ti_cybersixgill title: Cybersixgill -version: "1.30.5" +version: "1.31.0" description: Ingest threat intelligence indicators from Cybersixgill with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ti_eclecticiq/changelog.yml b/packages/ti_eclecticiq/changelog.yml index b4e054246b0..2184897234a 100644 --- a/packages/ti_eclecticiq/changelog.yml +++ b/packages/ti_eclecticiq/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.4" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index 15da7f3eb3c..8186819f6cb 100644 --- a/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eclecticiq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -428,4 +428,8 @@ on_failure: value: '{{{_ingest.on_failure_message}}}' - set: field: event.kind - value: pipeline_error \ No newline at end of file + value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false \ No newline at end of file diff --git a/packages/ti_eclecticiq/manifest.yml b/packages/ti_eclecticiq/manifest.yml index 81b792dad10..16727ab7e36 100644 --- a/packages/ti_eclecticiq/manifest.yml +++ b/packages/ti_eclecticiq/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: ti_eclecticiq title: EclecticIQ -version: "1.2.4" +version: "1.3.0" description: Ingest threat intelligence from EclecticIQ with Elastic Agent type: integration categories: diff --git a/packages/ti_eset/changelog.yml b/packages/ti_eset/changelog.yml index d4d4d641d89..2fd524d82d6 100644 --- a/packages/ti_eset/changelog.yml +++ b/packages/ti_eset/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml index 507622ce4e2..084fb717f5c 100644 --- a/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/apt/elasticsearch/ingest_pipeline/default.yml @@ -164,3 +164,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml index aacf065fd66..cf5aee06912 100644 --- a/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/botnet/elasticsearch/ingest_pipeline/default.yml @@ -154,3 +154,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml index afc52530395..8809216de63 100644 --- a/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/cc/elasticsearch/ingest_pipeline/default.yml @@ -146,3 +146,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml index 6b05027ff09..008c8ab9b3a 100644 --- a/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/domains/elasticsearch/ingest_pipeline/default.yml @@ -149,4 +149,8 @@ on_failure: - set: field: event.kind tag: set_pipeline_error_to_event_kind - value: pipeline_error \ No newline at end of file + value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false \ No newline at end of file diff --git a/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml index eda74e0ec81..f8d7bff278d 100644 --- a/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/files/elasticsearch/ingest_pipeline/default.yml @@ -147,3 +147,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml index 26bbc667178..64c37434dd4 100644 --- a/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/ip/elasticsearch/ingest_pipeline/default.yml @@ -147,3 +147,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml b/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml index 58c70ead77a..f60da66bd89 100644 --- a/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_eset/data_stream/url/elasticsearch/ingest_pipeline/default.yml @@ -145,3 +145,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_eset/manifest.yml b/packages/ti_eset/manifest.yml index 2237507c7bf..4f91fce91c4 100644 --- a/packages/ti_eset/manifest.yml +++ b/packages/ti_eset/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: ti_eset title: "ESET Threat Intelligence" -version: "1.2.5" +version: "1.3.0" description: "Ingest threat intelligence indicators from ESET Threat Intelligence with Elastic Agent." type: integration categories: diff --git a/packages/ti_maltiverse/changelog.yml b/packages/ti_maltiverse/changelog.yml index b859c96241e..2b6425f63ad 100644 --- a/packages/ti_maltiverse/changelog.yml +++ b/packages/ti_maltiverse/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.5" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 945533a0d94..80c847054f8 100644 --- a/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_maltiverse/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -306,3 +306,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_maltiverse/manifest.yml b/packages/ti_maltiverse/manifest.yml index b640e8de1de..83fa191e3fc 100644 --- a/packages/ti_maltiverse/manifest.yml +++ b/packages/ti_maltiverse/manifest.yml @@ -1,6 +1,6 @@ name: ti_maltiverse title: Maltiverse -version: "1.2.5" +version: "1.3.0" description: Ingest threat intelligence indicators from Maltiverse feeds with Elastic Agent type: integration format_version: 3.0.2 diff --git a/packages/ti_misp/changelog.yml b/packages/ti_misp/changelog.yml index 8771515ff53..1e81366e316 100644 --- a/packages/ti_misp/changelog.yml +++ b/packages/ti_misp/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.36.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.35.8" changes: - description: Fix the handling of duplicated events with fingerprint processors. diff --git a/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index a7e5544d8b5..f818a5ed41e 100644 --- a/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -463,6 +463,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml b/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml index 320130ef1a5..58a40be8f1e 100644 --- a/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml @@ -558,6 +558,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_misp/manifest.yml b/packages/ti_misp/manifest.yml index 60429c5c34a..689f4428e88 100644 --- a/packages/ti_misp/manifest.yml +++ b/packages/ti_misp/manifest.yml @@ -1,6 +1,6 @@ name: ti_misp title: MISP -version: "1.35.8" +version: "1.36.0" description: Ingest threat intelligence indicators from MISP platform with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ti_opencti/changelog.yml b/packages/ti_opencti/changelog.yml index 24e7d7c3cfa..5b04fc61f20 100644 --- a/packages/ti_opencti/changelog.yml +++ b/packages/ti_opencti/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.3.4" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 4fe6da87a91..50116c618d8 100644 --- a/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_opencti/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -901,3 +901,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_opencti/manifest.yml b/packages/ti_opencti/manifest.yml index 8c96144c853..7635cec3fe1 100644 --- a/packages/ti_opencti/manifest.yml +++ b/packages/ti_opencti/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: ti_opencti title: OpenCTI -version: "2.3.4" +version: "2.4.0" description: "Ingest threat intelligence indicators from OpenCTI with Elastic Agent." type: integration source: diff --git a/packages/ti_otx/changelog.yml b/packages/ti_otx/changelog.yml index 7cacdad41d5..4b2e973e96e 100644 --- a/packages/ti_otx/changelog.yml +++ b/packages/ti_otx/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.25.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml b/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml index 2c10fabe8fe..5342ebe6efd 100644 --- a/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_otx/data_stream/pulses_subscribed/elasticsearch/ingest_pipeline/default.yml @@ -339,6 +339,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: 'Processor {{{_ingest.on_failure_processor_type}}} with tag {{{_ingest.on_failure_processor_tag}}} in pipeline {{{_ingest.pipeline}}} failed with message: {{{_ingest.on_failure_message}}}' diff --git a/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index ff55927d0c4..b36ed839d03 100644 --- a/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -216,6 +216,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_otx/manifest.yml b/packages/ti_otx/manifest.yml index 7391f9ec45a..67dd3472cca 100644 --- a/packages/ti_otx/manifest.yml +++ b/packages/ti_otx/manifest.yml @@ -1,6 +1,6 @@ name: ti_otx title: AlienVault OTX -version: "1.25.3" +version: "1.26.0" description: Ingest threat intelligence indicators from AlienVault Open Threat Exchange (OTX) with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/ti_rapid7_threat_command/changelog.yml b/packages/ti_rapid7_threat_command/changelog.yml index 3621e4c9922..5f66e2dde7d 100644 --- a/packages/ti_rapid7_threat_command/changelog.yml +++ b/packages/ti_rapid7_threat_command/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "2.0.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index 79c492dc098..c72f829cb2c 100644 --- a/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_rapid7_threat_command/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -245,6 +245,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml b/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml index 660a7bcedfc..c8b956c231d 100644 --- a/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_rapid7_threat_command/data_stream/ioc/elasticsearch/ingest_pipeline/default.yml @@ -446,6 +446,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml b/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml index 835b8c7e456..90f58923bb8 100644 --- a/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_rapid7_threat_command/data_stream/vulnerability/elasticsearch/ingest_pipeline/default.yml @@ -342,6 +342,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_rapid7_threat_command/manifest.yml b/packages/ti_rapid7_threat_command/manifest.yml index 15d1c4ddbc4..ade186723f8 100644 --- a/packages/ti_rapid7_threat_command/manifest.yml +++ b/packages/ti_rapid7_threat_command/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.2 name: ti_rapid7_threat_command title: Rapid7 Threat Command -version: "2.0.3" +version: "2.1.0" description: Collect threat intelligence from Threat Command API with Elastic Agent. type: integration categories: ["security", "threat_intel"] diff --git a/packages/ti_recordedfuture/changelog.yml b/packages/ti_recordedfuture/changelog.yml index c43275ebc30..723e36ed1f7 100644 --- a/packages/ti_recordedfuture/changelog.yml +++ b/packages/ti_recordedfuture/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.27.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.26.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index 30b7cb1cc76..2d837174c90 100644 --- a/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -361,6 +361,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_recordedfuture/manifest.yml b/packages/ti_recordedfuture/manifest.yml index 126347f3d68..df7817d8289 100644 --- a/packages/ti_recordedfuture/manifest.yml +++ b/packages/ti_recordedfuture/manifest.yml @@ -1,6 +1,6 @@ name: ti_recordedfuture title: Recorded Future -version: "1.26.3" +version: "1.27.0" description: Ingest threat intelligence indicators from Recorded Future risk lists with Elastic Agent. type: integration format_version: 3.0.2 diff --git a/packages/ti_threatconnect/changelog.yml b/packages/ti_threatconnect/changelog.yml index 6ece2cca1a1..e1b67a2a161 100644 --- a/packages/ti_threatconnect/changelog.yml +++ b/packages/ti_threatconnect/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.3.0" changes: - description: Add in technique.name field to the transform. Remove milliseconds from TQL query. diff --git a/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml b/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml index 8cb6aa46f78..4bc6bf26dfe 100644 --- a/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_threatconnect/data_stream/indicator/elasticsearch/ingest_pipeline/default.yml @@ -2234,3 +2234,7 @@ on_failure: field: event.kind tag: set_pipeline_error_to_event_kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/ti_threatconnect/manifest.yml b/packages/ti_threatconnect/manifest.yml index fd99819f5fe..2fbf8c7df80 100644 --- a/packages/ti_threatconnect/manifest.yml +++ b/packages/ti_threatconnect/manifest.yml @@ -2,7 +2,7 @@ format_version: 3.0.3 name: ti_threatconnect title: ThreatConnect -version: "1.3.0" +version: "1.4.0" description: Collects Indicators from ThreatConnect using the Elastic Agent and saves them as logs inside Elastic type: integration categories: diff --git a/packages/ti_threatq/changelog.yml b/packages/ti_threatq/changelog.yml index ba571d452fe..f16b96b1580 100644 --- a/packages/ti_threatq/changelog.yml +++ b/packages/ti_threatq/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.29.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.28.3" changes: - description: Fix labels.is_ioc_transform_source values diff --git a/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index b122c24c9bc..3e0802a45e3 100644 --- a/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -442,6 +442,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/ti_threatq/manifest.yml b/packages/ti_threatq/manifest.yml index f2e0d96b2ed..410e9ffb1ec 100644 --- a/packages/ti_threatq/manifest.yml +++ b/packages/ti_threatq/manifest.yml @@ -1,6 +1,6 @@ name: ti_threatq title: ThreatQuotient -version: "1.28.3" +version: "1.29.0" description: Ingest threat intelligence indicators from ThreatQuotient with Elastic Agent. type: integration format_version: "3.0.2" diff --git a/packages/tines/changelog.yml b/packages/tines/changelog.yml index cc885b29983..c051959f022 100644 --- a/packages/tines/changelog.yml +++ b/packages/tines/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.13.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.12.2" changes: - description: Fix handling of multimorphic `tines.audit_log.inputs.inputs.options` fields. diff --git a/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml b/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml index b4cea1903d5..af688bd0946 100644 --- a/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tines/data_stream/audit_logs/elasticsearch/ingest_pipeline/default.yml @@ -205,6 +205,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml b/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml index e2b7efca05e..c0a60bd859b 100644 --- a/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tines/data_stream/time_saved/elasticsearch/ingest_pipeline/default.yml @@ -63,6 +63,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/tines/manifest.yml b/packages/tines/manifest.yml index 4896dd633f2..16f4250756c 100644 --- a/packages/tines/manifest.yml +++ b/packages/tines/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.1.0" name: tines title: "Tines" -version: "1.12.2" +version: "1.13.0" description: "Tines Logs & Time Saved Reports" type: integration categories: diff --git a/packages/trellix_edr_cloud/changelog.yml b/packages/trellix_edr_cloud/changelog.yml index 6627cfbd5f3..5a54219ba26 100644 --- a/packages/trellix_edr_cloud/changelog.yml +++ b/packages/trellix_edr_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.2.1" changes: - description: Fix definition of subfields of nested objects diff --git a/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 7fb5d8a1ced..0cc556fcaa8 100644 --- a/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_edr_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -940,3 +940,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/trellix_edr_cloud/manifest.yml b/packages/trellix_edr_cloud/manifest.yml index 9f3d446f8a6..41c85ec0741 100644 --- a/packages/trellix_edr_cloud/manifest.yml +++ b/packages/trellix_edr_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: trellix_edr_cloud title: Trellix EDR Cloud -version: "1.2.1" +version: "1.3.0" description: Collect logs from Trellix EDR Cloud with Elastic Agent. type: integration categories: diff --git a/packages/trellix_epo_cloud/changelog.yml b/packages/trellix_epo_cloud/changelog.yml index e7276684d5f..dea19cde645 100644 --- a/packages/trellix_epo_cloud/changelog.yml +++ b/packages/trellix_epo_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.12.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.11.0" changes: - description: Removed import_mappings. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. diff --git a/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml index c94482f5a01..0ad6dfeec31 100644 --- a/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_epo_cloud/data_stream/device/elasticsearch/ingest_pipeline/default.yml @@ -487,3 +487,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml index 74975faa94e..24b68f3baa5 100644 --- a/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_epo_cloud/data_stream/event/elasticsearch/ingest_pipeline/default.yml @@ -664,3 +664,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml b/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml index 0f740190299..6ece3410e01 100644 --- a/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trellix_epo_cloud/data_stream/group/elasticsearch/ingest_pipeline/default.yml @@ -184,3 +184,7 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false diff --git a/packages/trellix_epo_cloud/manifest.yml b/packages/trellix_epo_cloud/manifest.yml index 301b76ad472..978790a58f7 100644 --- a/packages/trellix_epo_cloud/manifest.yml +++ b/packages/trellix_epo_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: trellix_epo_cloud title: Trellix ePO Cloud -version: "1.11.0" +version: "1.12.0" source: license: Elastic-2.0 description: Collect logs from Trellix ePO Cloud with Elastic Agent. diff --git a/packages/trend_micro_vision_one/changelog.yml b/packages/trend_micro_vision_one/changelog.yml index ec7e7bc3b2b..9cafb74577c 100644 --- a/packages/trend_micro_vision_one/changelog.yml +++ b/packages/trend_micro_vision_one/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.22.0" + changes: + - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error". + type: enhancement + link: https://github.com/elastic/integrations/pull/12046 - version: "1.21.1" changes: - description: Add missing regional URL documentation. diff --git a/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml b/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml index fc26c97a8bf..339006866ec 100644 --- a/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trend_micro_vision_one/data_stream/alert/elasticsearch/ingest_pipeline/default.yml @@ -601,6 +601,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml index 93168f2cdc5..84a44733b50 100644 --- a/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trend_micro_vision_one/data_stream/audit/elasticsearch/ingest_pipeline/default.yml @@ -172,6 +172,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml b/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml index 1ad788e9ad1..78cd5c42b07 100644 --- a/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml +++ b/packages/trend_micro_vision_one/data_stream/detection/elasticsearch/ingest_pipeline/default.yml @@ -995,6 +995,10 @@ on_failure: - set: field: event.kind value: pipeline_error + - append: + field: tags + value: preserve_original_event + allow_duplicates: false - append: field: error.message value: '{{{ _ingest.on_failure_message }}}' diff --git a/packages/trend_micro_vision_one/manifest.yml b/packages/trend_micro_vision_one/manifest.yml index cde76f91bb5..7237bfc1dd1 100644 --- a/packages/trend_micro_vision_one/manifest.yml +++ b/packages/trend_micro_vision_one/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: trend_micro_vision_one title: Trend Micro Vision One -version: "1.21.1" +version: "1.22.0" description: Collect logs from Trend Micro Vision One with Elastic Agent. type: integration categories: @@ -32,12 +32,7 @@ policy_templates: - name: hostname type: text title: Regional Domain URL - description: >- - Trend Micro Vision One URL to connect to the API. The URL domain used for this - configuration is the domain for the region where your service endpoint is hosted. - See the [Trend Vision One documentation](https://automation.trendmicro.com/xdr/Guides/Regional-domains) - for the domain for your region. Enter the the HTTPS URL for your domain, `https://