ssi_all: add "preserve_original_event" tag to documents with event.ki…

…nd manually set to "pipeline_error"

packages/abnormal_security/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.2.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "1.1.0"
   changes:
     - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".

packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml

@@ -275,6 +275,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml

@@ -251,6 +251,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml

@@ -214,6 +214,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml

@@ -535,6 +535,11 @@ processors:
       tag: set_pipeline_error_to_event_kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/abnormal_security/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.2.1
 name: abnormal_security
 title: Abnormal Security
-version: 1.1.0
+version: 1.2.0
 description: Collect logs from Abnormal Security with Elastic Agent.
 type: integration
 categories:

packages/amazon_security_lake/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.2.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "2.1.0"
   changes:
     - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".

packages/amazon_security_lake/data_stream/event/elasticsearch/ingest_pipeline/default.yml

@@ -1446,6 +1446,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/amazon_security_lake/manifest.yml

@@ -1,7 +1,7 @@
 format_version: "3.0.3"
 name: amazon_security_lake
 title: Amazon Security Lake
-version: "2.1.0"
+version: "2.2.0"
 description: Collect logs from Amazon Security Lake with Elastic Agent.
 type: integration
 categories: ["aws", "security"]

packages/authentik/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.2.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "1.1.1"
   changes:
     - description: Fix broken links in Security Service integrations packages.

packages/authentik/data_stream/event/elasticsearch/ingest_pipeline/default.yml

@@ -512,6 +512,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/authentik/data_stream/group/elasticsearch/ingest_pipeline/default.yml

@@ -152,6 +152,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/authentik/data_stream/user/elasticsearch/ingest_pipeline/default.yml

@@ -210,6 +210,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/authentik/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.2.1
 name: authentik
 title: authentik
-version: 1.1.1
+version: 1.2.0
 description: Collect logs from authentik with Elastic Agent.
 type: integration
 categories:

packages/azure_network_watcher_nsg/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.2.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "1.1.0"
   changes:
     - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".

packages/azure_network_watcher_nsg/data_stream/log/elasticsearch/ingest_pipeline/default.yml

@@ -744,6 +744,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/azure_network_watcher_nsg/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.1.2
 name: azure_network_watcher_nsg
 title: Azure Network Watcher NSG
-version: "1.1.0"
+version: "1.2.0"
 description: Collect logs from Azure Network Watcher NSG with Elastic Agent.
 type: integration
 categories:

packages/azure_network_watcher_vnet/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.2.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "1.1.0"
   changes:
     - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".

packages/azure_network_watcher_vnet/data_stream/log/elasticsearch/ingest_pipeline/default.yml

@@ -727,6 +727,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/azure_network_watcher_vnet/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.1.2
 name: azure_network_watcher_vnet
 title: Azure Network Watcher VNet
-version: "1.1.0"
+version: "1.2.0"
 description: Collect logs from Azure Network Watcher VNet with Elastic Agent.
 type: integration
 categories:

packages/bitwarden/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.16.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "1.15.0"
   changes:
     - description: Do not remove `event.original` in main ingest pipeline.

packages/bitwarden/data_stream/collection/elasticsearch/ingest_pipeline/default.yml

@@ -66,6 +66,11 @@ processors:
       field: event.kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/bitwarden/data_stream/event/elasticsearch/ingest_pipeline/default.yml

@@ -730,6 +730,11 @@ processors:
       field: event.kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/bitwarden/data_stream/group/elasticsearch/ingest_pipeline/default.yml

@@ -124,6 +124,11 @@ processors:
       field: event.kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/bitwarden/data_stream/member/elasticsearch/ingest_pipeline/default.yml

@@ -258,6 +258,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/bitwarden/data_stream/policy/elasticsearch/ingest_pipeline/default.yml

@@ -326,6 +326,11 @@ processors:
       field: event.kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/bitwarden/manifest.yml

@@ -1,7 +1,7 @@
 format_version: "3.0.2"
 name: bitwarden
 title: Bitwarden
-version: "1.15.0"
+version: "1.16.0"
 source:
   license: Elastic-2.0
 description: Collect logs from Bitwarden with Elastic Agent.

packages/canva/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.3.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "0.2.0"
   changes:
     - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".

packages/canva/data_stream/audit/elasticsearch/ingest_pipeline/default.yml

@@ -1048,6 +1048,11 @@ processors:
       value: pipeline_error
       tag: set_pipeline_error_into_event_kind
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/canva/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.2.1
 name: canva
 title: Canva
-version: 0.2.0
+version: 0.3.0
 description: Collect logs from Canva with Elastic Agent.
 type: integration
 categories:

packages/checkpoint_email/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.4.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "0.3.0"
   changes:
     - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".

packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml

@@ -343,6 +343,11 @@ processors:
       tag: set_pipeline_error_to_event_kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/checkpoint_email/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.2.2
 name: checkpoint_email
 title: Check Point Harmony Email & Collaboration
-version: 0.3.0
+version: 0.4.0
 description: Collect logs from Check Point Harmony Email & Collaboration with Elastic Agent.
 type: integration
 categories:

packages/claroty_ctd/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.4.0"
+  changes:
+    - description: Add "preserve_original_event" tag to documents with `event.kind` manually set to "pipeline_error".
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12109
 - version: "0.3.0"
   changes:
     - description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".

packages/claroty_ctd/data_stream/asset/elasticsearch/ingest_pipeline/default.yml

@@ -1324,6 +1324,11 @@ processors:
       tag: set_pipeline_error_to_event_kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message

packages/claroty_ctd/data_stream/baseline/elasticsearch/ingest_pipeline/default.yml

@@ -540,6 +540,11 @@ processors:
       tag: set_pipeline_error_to_event_kind
       value: pipeline_error
       if: ctx.error?.message != null
+  - append:
+      field: tags
+      value: preserve_original_event
+      allow_duplicates: false
+      if: ctx.error?.message != null
 on_failure:
   - append:
       field: error.message