diff --git a/packages/arista_ngfw/_dev/build/build.yml b/packages/arista_ngfw/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100755 --- a/packages/arista_ngfw/_dev/build/build.yml +++ b/packages/arista_ngfw/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/arista_ngfw/changelog.yml b/packages/arista_ngfw/changelog.yml index ba9be4dd4b0..36a4fdaa65a 100755 --- a/packages/arista_ngfw/changelog.yml +++ b/packages/arista_ngfw/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.2.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-admin-login.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-admin-login.log-expected.json index 357f64473a4..e2b0f949acf 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-admin-login.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-admin-login.log-expected.json @@ -3,7 +3,7 @@ { "@timestamp": "2023-05-24T13:09:53.477-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -60,7 +60,7 @@ { "@timestamp": "2023-05-23T10:06:57.518-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -117,7 +117,7 @@ { "@timestamp": "2023-05-23T13:35:42.611-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -174,7 +174,7 @@ { "@timestamp": "2023-05-22T13:47:59.495-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -231,7 +231,7 @@ { "@timestamp": "2023-05-21T09:58:40.250-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -288,7 +288,7 @@ { "@timestamp": "2023-05-20T08:12:47.018-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -346,7 +346,7 @@ { "@timestamp": "2023-05-18T15:08:14.224-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -403,7 +403,7 @@ { "@timestamp": "2023-05-18T06:58:38.360-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -460,7 +460,7 @@ { "@timestamp": "2023-05-17T15:04:03.772-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -517,7 +517,7 @@ { "@timestamp": "2023-05-12T09:09:40.787-06:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -572,4 +572,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-firewall-event.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-firewall-event.log-expected.json index d5544ea874a..af093cca105 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-firewall-event.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-firewall-event.log-expected.json @@ -6,7 +6,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -55,7 +55,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -104,7 +104,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -153,7 +153,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -202,7 +202,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -251,7 +251,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -300,7 +300,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -349,7 +349,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -398,7 +398,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -447,7 +447,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -496,7 +496,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -545,7 +545,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -594,7 +594,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -643,7 +643,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -692,7 +692,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -741,7 +741,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -790,7 +790,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -839,7 +839,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -888,7 +888,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -937,7 +937,7 @@ "flagged": false }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -981,4 +981,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-request.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-request.log-expected.json index 41d0e1220c4..df7be59a492 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-request.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-request.log-expected.json @@ -31,7 +31,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -162,7 +162,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -287,7 +287,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -412,7 +412,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -537,7 +537,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -662,7 +662,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -787,7 +787,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -912,7 +912,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1037,7 +1037,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1162,7 +1162,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1257,4 +1257,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-response.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-response.log-expected.json index 82edc7f0502..8da52944f3a 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-response.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-http-response.log-expected.json @@ -32,7 +32,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -166,7 +166,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -304,7 +304,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -444,7 +444,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -577,7 +577,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -710,7 +710,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -842,7 +842,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -974,7 +974,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1116,7 +1116,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1258,7 +1258,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1359,4 +1359,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-interface-stats.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-interface-stats.log-expected.json index a2067966a70..1dacaa6c1a9 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-interface-stats.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-interface-stats.log-expected.json @@ -16,7 +16,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -69,7 +69,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -122,7 +122,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -175,7 +175,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -228,7 +228,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -281,7 +281,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -334,7 +334,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -387,7 +387,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -440,7 +440,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -493,7 +493,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -546,7 +546,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -599,7 +599,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -652,7 +652,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -705,7 +705,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -758,7 +758,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -811,7 +811,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -864,7 +864,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -917,7 +917,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -970,7 +970,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1023,7 +1023,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1061,4 +1061,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-intrusion-detection.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-intrusion-detection.log-expected.json index 5f3e689cc70..d99058e6b4a 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-intrusion-detection.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-intrusion-detection.log-expected.json @@ -12,7 +12,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -96,7 +96,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -177,7 +177,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -264,7 +264,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -351,7 +351,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -438,7 +438,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -525,7 +525,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -612,7 +612,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -699,7 +699,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -786,7 +786,7 @@ "ip": "1.128.0.72" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -856,4 +856,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-event.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-event.log-expected.json index ad40de59ab9..cdf02a54e4d 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-event.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-event.log-expected.json @@ -33,7 +33,7 @@ "port": 9930 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -146,7 +146,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -259,7 +259,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -366,7 +366,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -479,7 +479,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -586,7 +586,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -687,7 +687,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -800,7 +800,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -913,7 +913,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1026,7 +1026,7 @@ "port": 9930 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1139,7 +1139,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1252,7 +1252,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1365,7 +1365,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1478,7 +1478,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1591,7 +1591,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1704,7 +1704,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1817,7 +1817,7 @@ "port": 9930 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1930,7 +1930,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2031,7 +2031,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2144,7 +2144,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2228,4 +2228,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-stats.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-stats.log-expected.json index fda8ed4067f..ef443353164 100644 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-stats.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-session-stats.log-expected.json @@ -31,7 +31,7 @@ "port": 9930 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -160,7 +160,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -289,7 +289,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -418,7 +418,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -547,7 +547,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -676,7 +676,7 @@ "port": 9930 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -805,7 +805,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -934,7 +934,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1063,7 +1063,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1192,7 +1192,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1291,4 +1291,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-system-stats.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-system-stats.log-expected.json index 2e14a7345a8..599f9c35a6c 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-system-stats.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-system-stats.log-expected.json @@ -67,7 +67,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -171,7 +171,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -275,7 +275,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -379,7 +379,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -483,7 +483,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -587,7 +587,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -691,7 +691,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -795,7 +795,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -899,7 +899,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1003,7 +1003,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1107,7 +1107,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1211,7 +1211,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1315,7 +1315,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1419,7 +1419,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1523,7 +1523,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1627,7 +1627,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1731,7 +1731,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1835,7 +1835,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1939,7 +1939,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2043,7 +2043,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2081,4 +2081,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-unsupported-mesage-class.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-unsupported-mesage-class.log-expected.json index 1c2f884a449..c97daacf230 100644 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-unsupported-mesage-class.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-unsupported-mesage-class.log-expected.json @@ -2,4 +2,4 @@ "expected": [ null ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-web-filter.log-expected.json b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-web-filter.log-expected.json index 1e2e552f7bc..ed5979ac08b 100755 --- a/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-web-filter.log-expected.json +++ b/packages/arista_ngfw/data_stream/log/_dev/test/pipeline/test-web-filter.log-expected.json @@ -31,7 +31,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -169,7 +169,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -301,7 +301,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -439,7 +439,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -565,7 +565,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -697,7 +697,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -829,7 +829,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -969,7 +969,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1101,7 +1101,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1232,7 +1232,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1340,4 +1340,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/arista_ngfw/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/arista_ngfw/data_stream/log/elasticsearch/ingest_pipeline/default.yml index e9941bd163d..b42cc70294e 100755 --- a/packages/arista_ngfw/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/arista_ngfw/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -11,7 +11,7 @@ processors: if: ctx.event?.original == null - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - grok: field: event.original patterns: diff --git a/packages/arista_ngfw/manifest.yml b/packages/arista_ngfw/manifest.yml index ba01af25e3f..7633bf5bc0e 100755 --- a/packages/arista_ngfw/manifest.yml +++ b/packages/arista_ngfw/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: arista_ngfw title: "Arista NG Firewall" -version: "1.2.0" +version: "1.3.0" source: license: "Elastic-2.0" description: "Collect logs and metrics from Arista NG Firewall." diff --git a/packages/cef/_dev/build/build.yml b/packages/cef/_dev/build/build.yml index 71f48ba2a9c..06addc83d9d 100644 --- a/packages/cef/_dev/build/build.yml +++ b/packages/cef/_dev/build/build.yml @@ -1,4 +1,4 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" import_mappings: true diff --git a/packages/cef/changelog.yml b/packages/cef/changelog.yml index 397d0a45e93..5b9dfa75e7d 100644 --- a/packages/cef/changelog.yml +++ b/packages/cef/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.18.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "2.17.4" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-arcsight.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-arcsight.json-expected.json index 2654b087a43..e60a5b5a797 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-arcsight.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-arcsight.json-expected.json @@ -50,7 +50,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "agent:016", @@ -132,7 +132,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "agent:030", @@ -206,7 +206,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "agent:044", @@ -287,7 +287,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "agent:031", @@ -321,4 +321,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-cef.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-cef.json-expected.json index c84f316e57f..b0bfb39ffa2 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-cef.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-cef.json-expected.json @@ -31,7 +31,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "18", @@ -146,7 +146,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "18", @@ -227,7 +227,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "18", @@ -272,7 +272,7 @@ "ip": "192.168.1.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "18", @@ -299,4 +299,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-checkpoint.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-checkpoint.json-expected.json index 6df83f4252d..d9a60a09ac6 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-checkpoint.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-checkpoint.json-expected.json @@ -77,7 +77,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -168,7 +168,7 @@ "port": 25 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Bypass", @@ -237,7 +237,7 @@ "ip": "::1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Drop", @@ -276,4 +276,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-cisco-asa.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-cisco-asa.json-expected.json index 624c213c8b9..0ffb94b32eb 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-cisco-asa.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-cisco-asa.json-expected.json @@ -88,7 +88,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "305012", @@ -151,4 +151,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-fp-ngfw-smc.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-fp-ngfw-smc.json-expected.json index 79b43ad653f..32ea2c5f3fe 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-fp-ngfw-smc.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-fp-ngfw-smc.json-expected.json @@ -21,7 +21,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "0", @@ -68,7 +68,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "9005", @@ -126,7 +126,7 @@ "ip": "10.1.1.40" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Allow", @@ -219,7 +219,7 @@ "port": 67 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "70019", @@ -292,7 +292,7 @@ "ip": "192.168.1.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Refuse", @@ -367,7 +367,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "70021", @@ -428,7 +428,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "72714", @@ -488,7 +488,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "72715", @@ -548,7 +548,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "72716", @@ -607,7 +607,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "78002", @@ -634,4 +634,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-netscaler.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-netscaler.json-expected.json index cf46b672385..cc54c9863f1 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-netscaler.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-netscaler.json-expected.json @@ -28,7 +28,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "blocked", @@ -86,7 +86,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "not blocked", @@ -144,7 +144,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "transformed", @@ -202,7 +202,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "transformed", @@ -260,7 +260,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "not blocked", @@ -291,4 +291,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-syslog.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-syslog.json-expected.json index df8dd4cc0a1..578d44def19 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-syslog.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-syslog.json-expected.json @@ -56,7 +56,7 @@ "domain": "centos7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Started", @@ -95,4 +95,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/_dev/test/pipeline/test-trend-micro.json-expected.json b/packages/cef/data_stream/log/_dev/test/pipeline/test-trend-micro.json-expected.json index ebfc9c9ffd2..b2f59226f30 100644 --- a/packages/cef/data_stream/log/_dev/test/pipeline/test-trend-micro.json-expected.json +++ b/packages/cef/data_stream/log/_dev/test/pipeline/test-trend-micro.json-expected.json @@ -19,7 +19,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "600", @@ -82,7 +82,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Delete", @@ -143,7 +143,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "detectOnly", @@ -233,7 +233,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Log", @@ -288,7 +288,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "updated", @@ -381,7 +381,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "IDS:Reset", @@ -448,7 +448,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "3002795", @@ -504,7 +504,7 @@ "version": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "5000000", @@ -531,4 +531,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/cef/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cef/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 375eebc67ab..50740b3b02c 100644 --- a/packages/cef/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cef/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for CEF logs. CEF decoding happens in the Agent. This perf processors: - set: field: ecs.version - value: 8.11.0 + value: 8.16.0 - convert: field: event.id ignore_missing: true diff --git a/packages/cef/data_stream/log/sample_event.json b/packages/cef/data_stream/log/sample_event.json index 19548d538dd..86b0eb03b27 100644 --- a/packages/cef/data_stream/log/sample_event.json +++ b/packages/cef/data_stream/log/sample_event.json @@ -42,7 +42,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "f1ee4a83-b99b-4611-925d-b83b001f8b86", diff --git a/packages/cef/docs/README.md b/packages/cef/docs/README.md index 9c0f75928c0..77526d44868 100644 --- a/packages/cef/docs/README.md +++ b/packages/cef/docs/README.md @@ -175,7 +175,7 @@ An example event for `log` looks as following: "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "f1ee4a83-b99b-4611-925d-b83b001f8b86", diff --git a/packages/cef/manifest.yml b/packages/cef/manifest.yml index 84e184448fe..097a5c3f2ac 100644 --- a/packages/cef/manifest.yml +++ b/packages/cef/manifest.yml @@ -1,6 +1,6 @@ name: cef title: Common Event Format (CEF) -version: "2.17.4" +version: "2.18.0" description: Collect logs from CEF Logs with Elastic Agent. categories: - security diff --git a/packages/checkpoint/_dev/build/build.yml b/packages/checkpoint/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/checkpoint/_dev/build/build.yml +++ b/packages/checkpoint/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/checkpoint/changelog.yml b/packages/checkpoint/changelog.yml index 9c7f853eea0..4008f95f4ff 100644 --- a/packages/checkpoint/changelog.yml +++ b/packages/checkpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.35.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.34.4" changes: - description: Add instructions on using logfile input diff --git a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-audit.log-expected.json b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-audit.log-expected.json index a3df669e74c..2428b5e7737 100644 --- a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-audit.log-expected.json +++ b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-audit.log-expected.json @@ -20,7 +20,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -88,7 +88,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -153,7 +153,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -219,7 +219,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -277,7 +277,7 @@ "origin_sic_name": "cn=cp_mgmt,o=auditTest..aw4c8s" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-out", @@ -338,7 +338,7 @@ "origin_sic_name": "cn=cp_mgmt,o=auditTest..aw4c8s" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -401,7 +401,7 @@ "session_uid": "d5c7cc4f-01ea-4ac7-8de1-72ae05d28bc6" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -465,7 +465,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -531,7 +531,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -593,7 +593,7 @@ "tasktargetid": "e62ce0ce-d7ec-45c7-6bd6-0cdfa6687f3b" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Forgot Passcode", @@ -656,7 +656,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -722,7 +722,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", diff --git a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-authentication.log-expected.json b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-authentication.log-expected.json index 18dda067aed..0e0f8b2f664 100644 --- a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-authentication.log-expected.json +++ b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-authentication.log-expected.json @@ -10,7 +10,7 @@ "sendtotrackerasadvancedauditlog": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -69,7 +69,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -129,7 +129,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -190,7 +190,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -252,7 +252,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -313,7 +313,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -366,7 +366,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -428,7 +428,7 @@ "operation": "Log In" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -492,7 +492,7 @@ "operation": "Log In" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -556,7 +556,7 @@ "session_uid": "f424fd06-f25a-44f1-918d-5c837b77f1c8" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-out", @@ -616,7 +616,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-out", @@ -675,7 +675,7 @@ "origin_sic_name": "cn=cp_mgmt,o=CP-Manager.example.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-out", diff --git a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-with-time.log-expected.json b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-with-time.log-expected.json index b5bc7b09fcd..c8a0e71186e 100644 --- a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-with-time.log-expected.json +++ b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-with-time.log-expected.json @@ -14,7 +14,7 @@ "port": 514 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -94,7 +94,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Drop", @@ -171,7 +171,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Decrypt", @@ -261,7 +261,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Decrypt", diff --git a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint.log-expected.json b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint.log-expected.json index a89f070f1a2..8a556bcabba 100644 --- a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint.log-expected.json +++ b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint.log-expected.json @@ -6,7 +6,7 @@ "sys_message": "The eth0 interface is not protected by the anti-spoofing feature. Your network may be at risk" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -42,7 +42,7 @@ "sys_message": "installed Standard" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -86,7 +86,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -171,7 +171,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -245,7 +245,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -311,7 +311,7 @@ "status": "Finished" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -364,7 +364,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -452,7 +452,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -513,7 +513,7 @@ "status": "Started" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -566,7 +566,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -640,7 +640,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -706,7 +706,7 @@ "status": "Finished" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -745,7 +745,7 @@ "port": 514 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -811,7 +811,7 @@ "update_status": "updated" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -846,7 +846,7 @@ "update_status": "updated" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -886,7 +886,7 @@ "port": 138 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -968,7 +968,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Drop", @@ -1025,7 +1025,7 @@ "port": 514 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -1096,7 +1096,7 @@ "port": 137 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -1167,7 +1167,7 @@ "port": 22 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -1238,7 +1238,7 @@ "port": 514 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -1309,7 +1309,7 @@ "port": 514 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -1374,7 +1374,7 @@ "syslog_severity": "Notice" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1427,7 +1427,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Drop", @@ -1514,7 +1514,7 @@ "subscription_stat_desc": "Contract is up to date." }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1583,7 +1583,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Drop", @@ -1689,7 +1689,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Block", @@ -1817,7 +1817,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Block", diff --git a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r80x.log-expected.json b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r80x.log-expected.json index 6ad04991bd8..062b01144b0 100644 --- a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r80x.log-expected.json +++ b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r80x.log-expected.json @@ -6,7 +6,7 @@ "origin_sic_name": "CN=xxx-dc-gw-1_gw-vp-ext-7,O=7checkpoint-mng..tstst7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -62,7 +62,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", diff --git a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r81x.log-expected.json b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r81x.log-expected.json index 45da0582a02..236f641fda3 100644 --- a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r81x.log-expected.json +++ b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r81x.log-expected.json @@ -13,7 +13,7 @@ "packets": 30 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -78,7 +78,7 @@ "ip": "81.2.69.142" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -166,7 +166,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -261,7 +261,7 @@ "ip": "192.168.178.40" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-out", @@ -347,7 +347,7 @@ "ip": "10.0.0.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -409,7 +409,7 @@ "sendtotrackerasadvancedauditlog": "0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -467,7 +467,7 @@ "session_uid": "02e77b40-e0d5-400c-bea0-5a7bd8fc9648" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-out", @@ -526,7 +526,7 @@ "operation": "Set Object" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -581,7 +581,7 @@ "session_uid": "b08fb9da-a627-48b3-a815-0433f8ce6e06" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -641,7 +641,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -698,7 +698,7 @@ "system_application": "AutoUpdater" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -739,7 +739,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -794,7 +794,7 @@ "stormagentname": "daemon" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -831,7 +831,7 @@ "session_uid": "7ab751aa-66a7-4756-b66b-97a88b0a21fc" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -889,7 +889,7 @@ "origin_sic_name": "cn=cp_mgmt,o=gw-0b8ccd..zx8qy7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -933,7 +933,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", @@ -1025,7 +1025,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Block", @@ -1145,7 +1145,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Block", diff --git a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-trailing-space.log-expected.json b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-trailing-space.log-expected.json index d302821a1db..6335ba6ca84 100644 --- a/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-trailing-space.log-expected.json +++ b/packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-trailing-space.log-expected.json @@ -14,7 +14,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Accept", diff --git a/packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml index 81a5180b98f..3f7558968e1 100644 --- a/packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml +++ b/packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for parsing checkpoint firewall logs processors: - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - set: tag: set_event_original field: event.original diff --git a/packages/checkpoint/data_stream/firewall/sample_event.json b/packages/checkpoint/data_stream/firewall/sample_event.json index 4896c3741f9..6c07de4a415 100644 --- a/packages/checkpoint/data_stream/firewall/sample_event.json +++ b/packages/checkpoint/data_stream/firewall/sample_event.json @@ -16,7 +16,7 @@ "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "ecc82406-78ce-41c1-b1e2-7c12ce01f525", diff --git a/packages/checkpoint/docs/README.md b/packages/checkpoint/docs/README.md index 9fb47ee2437..bf621c01859 100644 --- a/packages/checkpoint/docs/README.md +++ b/packages/checkpoint/docs/README.md @@ -87,7 +87,7 @@ An example event for `firewall` looks as following: "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "ecc82406-78ce-41c1-b1e2-7c12ce01f525", @@ -793,5 +793,5 @@ An example event for `firewall` looks as following: | user_agent.name | Name of the user agent. | keyword | | user_agent.original | Unparsed user_agent string. | keyword | | user_agent.original.text | Multi-field of `user_agent.original`. | match_only_text | -| vulnerability.id | The identification (ID) is the number portion of a vulnerability entry. It includes a unique identification number for the vulnerability. For example (https://cve.mitre.org/about/faqs.html#what_is_cve_id)[Common Vulnerabilities and Exposure CVE ID] | keyword | +| vulnerability.id | The identification (ID) is the number portion of a vulnerability entry. It includes a unique identification number for the vulnerability. For example (https://cve.mitre.org/about/faqs.html#what_is_cve_id[Common Vulnerabilities and Exposure CVE ID]) | keyword | diff --git a/packages/checkpoint/manifest.yml b/packages/checkpoint/manifest.yml index 6f663246003..60c99576ee0 100644 --- a/packages/checkpoint/manifest.yml +++ b/packages/checkpoint/manifest.yml @@ -1,6 +1,6 @@ name: checkpoint title: Check Point -version: "1.34.4" +version: "1.35.0" description: Collect logs from Check Point with Elastic Agent. type: integration format_version: "3.0.3" diff --git a/packages/cisco_aironet/_dev/build/build.yml b/packages/cisco_aironet/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/cisco_aironet/_dev/build/build.yml +++ b/packages/cisco_aironet/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/cisco_aironet/changelog.yml b/packages/cisco_aironet/changelog.yml index 4188459b500..c52f71abf3b 100644 --- a/packages/cisco_aironet/changelog.yml +++ b/packages/cisco_aironet/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.15.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.14.2" changes: - description: Fix the event.severity ECS field mapping. diff --git a/packages/cisco_aironet/data_stream/log/_dev/test/pipeline/test-aironet-messages.log-expected.json b/packages/cisco_aironet/data_stream/log/_dev/test/pipeline/test-aironet-messages.log-expected.json index 47dbc905198..07419d6dcac 100644 --- a/packages/cisco_aironet/data_stream/log/_dev/test/pipeline/test-aironet-messages.log-expected.json +++ b/packages/cisco_aironet/data_stream/log/_dev/test/pipeline/test-aironet-messages.log-expected.json @@ -7,7 +7,7 @@ "mac": "2C-6D-C1-F5-0C-80" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -49,7 +49,7 @@ "mac": "66-7C-DE-EF-D9-18" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ARP_ORPHANPKT_DETECTED", @@ -86,7 +86,7 @@ }, { "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<132>WLC001: -Traceback: 0x11759554 0x1175b0f0 0x1175d2b8 0x11766124 0x116d0cf8 0xfff2ae0888 0xfff29f2cfc" @@ -116,7 +116,7 @@ "mac": "28-6F-7F-F8-64-E0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "USER_NAME_DELETED", @@ -156,7 +156,7 @@ "mac": "28-6F-7F-F8-64-E0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "USER_NAME_CREATED", @@ -201,7 +201,7 @@ "ip": "fe80::1e24:cdff:fe11:2f90" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ENTRY_CREATED", @@ -243,7 +243,7 @@ "ip": "fe80::aee2:d3ff:feba:56a4" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ENTRY_DELETED", @@ -286,7 +286,7 @@ "mac": "70-EE-50-56-99-99" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ENTRY_CHANGED", @@ -323,7 +323,7 @@ "mac": "E8-96-06-02-02-99" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -368,7 +368,7 @@ "ip": "fe80::48d:c1bc:6c01:6e85" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -423,7 +423,7 @@ "ip": "89.160.20.112" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "AAA_AUTH_ADMIN_USER", @@ -460,7 +460,7 @@ { "@timestamp": "2024-08-22T18:14:03.172Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ADMIN_MODE_DISABLE", @@ -510,7 +510,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "SIG_ALARM_OFF", @@ -549,7 +549,7 @@ "mac": "4A-B8-CB-63-1D-BD" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "SIG_ALARM_OFF_CONT", @@ -587,7 +587,7 @@ "mac": "28-6F-7F-F8-64-E0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "SIG_INFO1", @@ -634,7 +634,7 @@ "mac": "80-7D-3A-9B-2F-FC" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "MAX_EAPOL_KEY_RETRANS", @@ -671,7 +671,7 @@ "mac": "CC-73-14-61-B0-8F" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "RRM_LOGMSG", @@ -705,7 +705,7 @@ { "@timestamp": "2024-08-29T10:58:28.227Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "RRM_LOGMSG", @@ -743,7 +743,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ABORT_AUTH", @@ -788,7 +788,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -825,7 +825,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -869,7 +869,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "INVALID_WPA_KEY_STATE", @@ -906,7 +906,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "WPA_SEND_STATE_ERR", @@ -943,7 +943,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "INVALID_REPLAY_CTR", @@ -977,7 +977,7 @@ { "@timestamp": "2024-08-29T10:47:25.944Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "REPLAY_ERR", @@ -1014,7 +1014,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "CLIENT_NOT_FOUND", @@ -1048,7 +1048,7 @@ { "@timestamp": "2024-08-22T18:14:24.651Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "SIG_ALARM_OFF", @@ -1079,7 +1079,7 @@ { "@timestamp": "2024-08-29T10:58:58.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "INVALID_REQUEST", @@ -1116,7 +1116,7 @@ "mac": "DE-FB-48-7C-4F-F7" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "AAA_AUTH_SEND_FAIL", @@ -1150,7 +1150,7 @@ { "@timestamp": "2024-08-20T14:55:28.577Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "MLD_INVALID_IPV6_PKT", @@ -1184,7 +1184,7 @@ { "@timestamp": "2024-08-22T10:24:20.959Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "MOBILESTATION_NOT_FOUND", @@ -1218,7 +1218,7 @@ { "@timestamp": "2024-01-04T17:25:42.866Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "CLIENT_ADDED_TO_RUN_STATE", @@ -1246,7 +1246,7 @@ { "@timestamp": "2024-12-17T19:59:10.223Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -1280,7 +1280,7 @@ { "@timestamp": "2024-06-08T04:26:43.773Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -1314,7 +1314,7 @@ { "@timestamp": "2024-01-22T11:42:50.501Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Q_IND", @@ -1348,7 +1348,7 @@ { "@timestamp": "2024-07-09T09:06:15.007Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "CCMP_REPLAY", diff --git a/packages/cisco_aironet/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_aironet/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 01da4c6fc95..7ef6f5a748f 100644 --- a/packages/cisco_aironet/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_aironet/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -9,7 +9,7 @@ processors: if: ctx.event?.original == null - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - grok: field: event.original patterns: diff --git a/packages/cisco_aironet/data_stream/log/sample_event.json b/packages/cisco_aironet/data_stream/log/sample_event.json index 80983d03bf6..9bd680301bc 100644 --- a/packages/cisco_aironet/data_stream/log/sample_event.json +++ b/packages/cisco_aironet/data_stream/log/sample_event.json @@ -21,7 +21,7 @@ "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "0335de7e-b2c1-4352-bf23-c023d21c1252", diff --git a/packages/cisco_aironet/docs/README.md b/packages/cisco_aironet/docs/README.md index 1ce4da0b43e..2231ffbc837 100644 --- a/packages/cisco_aironet/docs/README.md +++ b/packages/cisco_aironet/docs/README.md @@ -38,7 +38,7 @@ An example event for `log` looks as following: "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "0335de7e-b2c1-4352-bf23-c023d21c1252", diff --git a/packages/cisco_aironet/manifest.yml b/packages/cisco_aironet/manifest.yml index 36b74abef2f..dbaa343c618 100644 --- a/packages/cisco_aironet/manifest.yml +++ b/packages/cisco_aironet/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: cisco_aironet title: "Cisco Aironet" -version: "1.14.2" +version: "1.15.0" description: "Integration for Cisco Aironet WLC Logs" type: integration categories: diff --git a/packages/cisco_asa/_dev/build/build.yml b/packages/cisco_asa/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/cisco_asa/_dev/build/build.yml +++ b/packages/cisco_asa/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/cisco_asa/changelog.yml b/packages/cisco_asa/changelog.yml index 05443248fd7..7741a1467c5 100644 --- a/packages/cisco_asa/changelog.yml +++ b/packages/cisco_asa/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.39.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "2.38.3" changes: - description: "Handles another variation of log message type 113040 that includes a Group and Terminating message." diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-106023-iface-with-prefix.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-106023-iface-with-prefix.log-expected.json index e4f6a062614..b3c2e0ecbc6 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-106023-iface-with-prefix.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-106023-iface-with-prefix.log-expected.json @@ -14,7 +14,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -90,7 +90,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -166,7 +166,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -242,7 +242,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -316,7 +316,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -390,7 +390,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -463,7 +463,7 @@ "ip": "172.16.1.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -537,7 +537,7 @@ "ip": "172.16.1.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -611,7 +611,7 @@ "ip": "172.16.1.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-additional-messages.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-additional-messages.log-expected.json index 951babd5f6e..abadf673c97 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-additional-messages.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-additional-messages.log-expected.json @@ -22,7 +22,7 @@ "port": 53500 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -112,7 +112,7 @@ "port": 53500 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -194,7 +194,7 @@ "ip": "10.10.10.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -257,7 +257,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -319,7 +319,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -384,7 +384,7 @@ "ip": "10.10.10.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -461,7 +461,7 @@ "port": 111 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-offload-started", @@ -547,7 +547,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-offload-ended", @@ -623,7 +623,7 @@ "port": 67 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -700,7 +700,7 @@ "port": 21 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ftp", @@ -767,7 +767,7 @@ { "@timestamp": "2024-05-05T17:51:17.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -822,7 +822,7 @@ "port": 10872 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -904,7 +904,7 @@ "port": 10872 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -997,7 +997,7 @@ "port": 10872 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1086,7 +1086,7 @@ "ip": "192.168.2.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1169,7 +1169,7 @@ "ip": "192.168.2.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1254,7 +1254,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1318,7 +1318,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1377,7 +1377,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1443,7 +1443,7 @@ "ip": "10.10.10.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1512,7 +1512,7 @@ "ip": "10.10.10.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1582,7 +1582,7 @@ "port": 55225 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1672,7 +1672,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1754,7 +1754,7 @@ "port": 54230 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -1833,7 +1833,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1904,7 +1904,7 @@ "port": 57006 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -1980,7 +1980,7 @@ "port": 14322 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2054,7 +2054,7 @@ "port": 53356 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2142,7 +2142,7 @@ "port": 161 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2232,7 +2232,7 @@ "port": 161 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2315,7 +2315,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2390,7 +2390,7 @@ "ip": "10.10.10.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2459,7 +2459,7 @@ "port": 65020 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2531,7 +2531,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2602,7 +2602,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2673,7 +2673,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2745,7 +2745,7 @@ "port": 10051 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2822,7 +2822,7 @@ "port": 10051 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2899,7 +2899,7 @@ "port": 10051 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2975,7 +2975,7 @@ "port": 10051 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3057,7 +3057,7 @@ "port": 39222 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3133,7 +3133,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration", @@ -3187,7 +3187,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration", @@ -3248,7 +3248,7 @@ "port": 3452 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3326,7 +3326,7 @@ "port": 6007 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3392,7 +3392,7 @@ { "@timestamp": "2024-05-05T19:02:26.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3434,7 +3434,7 @@ { "@timestamp": "2024-05-05T19:02:26.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3486,7 +3486,7 @@ "port": 1985 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3547,7 +3547,7 @@ { "@timestamp": "2024-05-05T19:02:26.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3589,7 +3589,7 @@ { "@timestamp": "2024-05-05T19:02:26.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3641,7 +3641,7 @@ "ip": "10.10.10.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3719,7 +3719,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3769,7 +3769,7 @@ "port": 2 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3845,7 +3845,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-termination", @@ -3914,7 +3914,7 @@ "ip": "10.20.30.40" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -3973,7 +3973,7 @@ "ip": "10.20.30.40" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -4032,7 +4032,7 @@ "ip": "10.20.30.40" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -4091,7 +4091,7 @@ "ip": "10.20.30.40" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -4170,7 +4170,7 @@ "port": 9101 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4264,7 +4264,7 @@ "port": 51635 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4342,7 +4342,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4407,7 +4407,7 @@ { "@timestamp": "2024-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration", @@ -4458,7 +4458,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration", @@ -4522,7 +4522,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "privilege-level-changed", @@ -4581,7 +4581,7 @@ "ip": "10.10.1.254" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -4644,7 +4644,7 @@ { "@timestamp": "2024-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -4711,7 +4711,7 @@ "ip": "10.10.1.254" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -4777,7 +4777,7 @@ { "@timestamp": "2024-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -4835,7 +4835,7 @@ { "@timestamp": "2024-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4918,7 +4918,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -4984,7 +4984,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "address-assigned", @@ -5050,7 +5050,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -5125,7 +5125,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -5191,7 +5191,7 @@ "port": 23 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5275,7 +5275,7 @@ "port": 123123 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "bypass", @@ -5361,7 +5361,7 @@ "port": 514514 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5448,7 +5448,7 @@ "port": 123412 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5532,7 +5532,7 @@ "port": 514514 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5618,7 +5618,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "sa-created", @@ -5699,7 +5699,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "sa-deleted", @@ -5776,7 +5776,7 @@ "port": 7777 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", @@ -5851,7 +5851,7 @@ "port": 7777 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -5920,7 +5920,7 @@ { "@timestamp": "2020-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5971,7 +5971,7 @@ { "@timestamp": "2020-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6020,7 +6020,7 @@ { "@timestamp": "2020-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -6067,7 +6067,7 @@ { "@timestamp": "2020-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -6107,7 +6107,7 @@ { "@timestamp": "2020-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -6146,7 +6146,7 @@ { "@timestamp": "2020-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -6188,7 +6188,7 @@ { "@timestamp": "2020-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -6237,7 +6237,7 @@ { "@timestamp": "2024-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6315,7 +6315,7 @@ "ip": "172.31.98.44" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6411,7 +6411,7 @@ "ip": "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6511,7 +6511,7 @@ "port": 500 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6606,7 +6606,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -6658,7 +6658,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -6710,7 +6710,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -6762,7 +6762,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -6822,7 +6822,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -6897,7 +6897,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -6972,7 +6972,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7029,7 +7029,7 @@ { "@timestamp": "2024-05-05T19:02:25.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -7080,7 +7080,7 @@ { "@timestamp": "2024-05-05T19:02:25.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7136,7 +7136,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7195,7 +7195,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7254,7 +7254,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7318,7 +7318,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7382,7 +7382,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7450,7 +7450,7 @@ "ip": "192.168.0.8" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -7513,7 +7513,7 @@ { "@timestamp": "2023-03-03T08:50:32.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -7578,7 +7578,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7651,7 +7651,7 @@ "ip": "10.1.2.0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -7721,7 +7721,7 @@ "ip": "10.1.2.0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -7792,7 +7792,7 @@ "ip": "10.1.2.0" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7879,7 +7879,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -7978,7 +7978,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -8077,7 +8077,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -8176,7 +8176,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -8259,7 +8259,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -8341,7 +8341,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -8425,7 +8425,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8509,7 +8509,7 @@ "port": 389 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8588,7 +8588,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8666,7 +8666,7 @@ "ip": "172.31.98.44" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8726,7 +8726,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -8786,7 +8786,7 @@ { "@timestamp": "2024-06-26T01:35:42.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -8844,7 +8844,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -8910,7 +8910,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -8960,7 +8960,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ssh-session-ended", @@ -9036,7 +9036,7 @@ "ip": "10.20.0.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -9106,7 +9106,7 @@ "ip": "10.20.0.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -9168,7 +9168,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9235,7 +9235,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9302,7 +9302,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9369,7 +9369,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9447,7 +9447,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9521,7 +9521,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9599,7 +9599,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9670,7 +9670,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9749,7 +9749,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9824,7 +9824,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9893,7 +9893,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -9963,7 +9963,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10018,7 +10018,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10074,7 +10074,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10129,7 +10129,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10186,7 +10186,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10242,7 +10242,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10299,7 +10299,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10355,7 +10355,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10410,7 +10410,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10461,7 +10461,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10519,7 +10519,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10596,7 +10596,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -10673,7 +10673,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -10744,7 +10744,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -10819,7 +10819,7 @@ "ip": "10.20.0.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-resumed", @@ -10895,7 +10895,7 @@ "ip": "10.20.0.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-resumed", @@ -10971,7 +10971,7 @@ "ip": "10.20.0.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-resumed", @@ -11041,7 +11041,7 @@ "ip": "10.20.0.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-resumed", @@ -11099,7 +11099,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -11167,7 +11167,7 @@ { "@timestamp": "2023-10-03T16:40:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -11235,7 +11235,7 @@ { "@timestamp": "2024-04-27T02:03:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11305,7 +11305,7 @@ "ip": "81.2.69.145" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -11398,7 +11398,7 @@ "ip": "10.0.0.70" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -11479,7 +11479,7 @@ "ip": "192.168.1.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -11564,7 +11564,7 @@ "domain": "myservername" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -11626,7 +11626,7 @@ "domain": "myservername" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -11692,7 +11692,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-anyconnect-messages.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-anyconnect-messages.log-expected.json index c7b4960d46f..cec5c7072d6 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-anyconnect-messages.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-anyconnect-messages.log-expected.json @@ -3,7 +3,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -77,7 +77,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -151,7 +151,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -225,7 +225,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -299,7 +299,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -373,7 +373,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -447,7 +447,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -521,7 +521,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -595,7 +595,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -641,7 +641,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -715,7 +715,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -790,7 +790,7 @@ { "@timestamp": "2018-10-10T12:34:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", @@ -843,7 +843,7 @@ { "@timestamp": "2022-06-22T13:29:11.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -923,7 +923,7 @@ { "@timestamp": "2022-06-22T13:29:11.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -1006,7 +1006,7 @@ { "@timestamp": "2022-06-22T13:29:11.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -1094,7 +1094,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-error", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json index e81e723ccf8..ae1520b634f 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json @@ -17,7 +17,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -104,7 +104,7 @@ "ip": "10.123.123.123" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -180,7 +180,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -251,7 +251,7 @@ "port": 57621 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -326,7 +326,7 @@ "ip": "10.123.123.123" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -382,7 +382,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -456,7 +456,7 @@ "port": 0 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -527,7 +527,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -598,7 +598,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -670,7 +670,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -759,7 +759,7 @@ "port": 8080 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -861,7 +861,7 @@ "port": 9803 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -975,7 +975,7 @@ "port": 9803 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1095,7 +1095,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-missing-groups.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-missing-groups.log-expected.json index dcd771e78b4..36c0da39a78 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-missing-groups.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa-missing-groups.log-expected.json @@ -25,7 +25,7 @@ "ip": "67.43.156.12" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -101,7 +101,7 @@ "ip": "67.43.156.12" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", @@ -155,7 +155,7 @@ { "@timestamp": "2019-10-20T15:42:54.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -217,7 +217,7 @@ { "@timestamp": "2020-08-06T11:01:37.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -272,7 +272,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "address-assigned", @@ -341,7 +341,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "address-assigned", @@ -405,7 +405,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -454,7 +454,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -503,7 +503,7 @@ { "@timestamp": "2024-01-24T15:24:40.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -585,7 +585,7 @@ { "@timestamp": "2024-01-24T15:25:23.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -667,7 +667,7 @@ { "@timestamp": "2024-02-21T09:53:46.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -737,7 +737,7 @@ { "@timestamp": "2024-02-21T09:55:01.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -804,7 +804,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -859,7 +859,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -914,7 +914,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -969,7 +969,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1023,7 +1023,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1078,7 +1078,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1133,7 +1133,7 @@ { "@timestamp": "2021-10-20T16:41:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json index 27086b42e0a..34a2d40e5c0 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json @@ -14,7 +14,7 @@ "port": 8256 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -100,7 +100,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -183,7 +183,7 @@ "port": 1758 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -270,7 +270,7 @@ "port": 1757 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -357,7 +357,7 @@ "port": 1755 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -444,7 +444,7 @@ "port": 1754 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -531,7 +531,7 @@ "port": 1752 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -618,7 +618,7 @@ "port": 1749 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -705,7 +705,7 @@ "port": 1750 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -792,7 +792,7 @@ "port": 1747 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -879,7 +879,7 @@ "port": 1742 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -966,7 +966,7 @@ "port": 1741 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1053,7 +1053,7 @@ "port": 1739 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1140,7 +1140,7 @@ "port": 1740 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1227,7 +1227,7 @@ "port": 1738 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1314,7 +1314,7 @@ "port": 1756 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1401,7 +1401,7 @@ "port": 1737 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1488,7 +1488,7 @@ "port": 1736 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1575,7 +1575,7 @@ "port": 1765 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1661,7 +1661,7 @@ "port": 1188 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -1747,7 +1747,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1830,7 +1830,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1920,7 +1920,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2003,7 +2003,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2088,7 +2088,7 @@ "port": 8257 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -2174,7 +2174,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2256,7 +2256,7 @@ "port": 8258 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -2342,7 +2342,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2429,7 +2429,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2516,7 +2516,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2599,7 +2599,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2685,7 +2685,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2770,7 +2770,7 @@ "port": 8259 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -2856,7 +2856,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2938,7 +2938,7 @@ "port": 1189 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -3024,7 +3024,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3111,7 +3111,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3194,7 +3194,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3280,7 +3280,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3365,7 +3365,7 @@ "port": 8265 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -3451,7 +3451,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3538,7 +3538,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3625,7 +3625,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3708,7 +3708,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3794,7 +3794,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3879,7 +3879,7 @@ "port": 8266 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -3965,7 +3965,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -4048,7 +4048,7 @@ "port": 1453 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4139,7 +4139,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -4222,7 +4222,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4308,7 +4308,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4393,7 +4393,7 @@ "port": 8267 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -4479,7 +4479,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -4561,7 +4561,7 @@ "port": 8268 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -4647,7 +4647,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -4729,7 +4729,7 @@ "port": 8269 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -4815,7 +4815,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -4902,7 +4902,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -4985,7 +4985,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -5070,7 +5070,7 @@ "port": 8270 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -5156,7 +5156,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5238,7 +5238,7 @@ "port": 8271 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -5324,7 +5324,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5411,7 +5411,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5494,7 +5494,7 @@ "port": 1457 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -5580,7 +5580,7 @@ "port": 8272 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -5666,7 +5666,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5749,7 +5749,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -5834,7 +5834,7 @@ "port": 8273 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -5920,7 +5920,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -6002,7 +6002,7 @@ "port": 8267 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6086,7 +6086,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6172,7 +6172,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -6254,7 +6254,7 @@ "port": 8268 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6338,7 +6338,7 @@ "port": 8269 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6422,7 +6422,7 @@ "port": 8270 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6506,7 +6506,7 @@ "port": 8271 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6590,7 +6590,7 @@ "port": 8272 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6674,7 +6674,7 @@ "port": 8273 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6759,7 +6759,7 @@ "port": 1382 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6846,7 +6846,7 @@ "port": 1385 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6932,7 +6932,7 @@ "port": 8278 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -7018,7 +7018,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -7101,7 +7101,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7183,7 +7183,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7265,7 +7265,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7347,7 +7347,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7429,7 +7429,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7511,7 +7511,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7593,7 +7593,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7675,7 +7675,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7757,7 +7757,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7839,7 +7839,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7921,7 +7921,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8003,7 +8003,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8085,7 +8085,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8166,7 +8166,7 @@ "port": 8279 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -8252,7 +8252,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -8334,7 +8334,7 @@ "port": 1190 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -8420,7 +8420,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -8503,7 +8503,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -8593,7 +8593,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -8676,7 +8676,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -8761,7 +8761,7 @@ "port": 8280 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -8847,7 +8847,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -8929,7 +8929,7 @@ "port": 8281 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -9015,7 +9015,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -9098,7 +9098,7 @@ "port": 1276 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9184,7 +9184,7 @@ "port": 8282 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -9270,7 +9270,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -9353,7 +9353,7 @@ "port": 1277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9439,7 +9439,7 @@ "port": 8283 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -9525,7 +9525,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -9608,7 +9608,7 @@ "port": 1278 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9695,7 +9695,7 @@ "port": 1279 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9781,7 +9781,7 @@ "port": 8284 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -9867,7 +9867,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -9950,7 +9950,7 @@ "port": 1280 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -10036,7 +10036,7 @@ "port": 8285 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -10122,7 +10122,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -10204,7 +10204,7 @@ "port": 8286 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -10290,7 +10290,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -10372,7 +10372,7 @@ "port": 8287 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -10458,7 +10458,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -10540,7 +10540,7 @@ "port": 8288 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -10626,7 +10626,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -10709,7 +10709,7 @@ "port": 1281 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -10796,7 +10796,7 @@ "port": 1282 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -10883,7 +10883,7 @@ "port": 1283 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -10969,7 +10969,7 @@ "port": 8289 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -11055,7 +11055,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -11137,7 +11137,7 @@ "port": 8290 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -11223,7 +11223,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -11306,7 +11306,7 @@ "port": 1284 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11392,7 +11392,7 @@ "port": 8291 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -11478,7 +11478,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -11561,7 +11561,7 @@ "port": 1285 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11648,7 +11648,7 @@ "port": 1286 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11739,7 +11739,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -11821,7 +11821,7 @@ "port": 8292 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -11907,7 +11907,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -11990,7 +11990,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12080,7 +12080,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -12163,7 +12163,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12248,7 +12248,7 @@ "port": 8293 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -12334,7 +12334,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -12417,7 +12417,7 @@ "port": 1288 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12504,7 +12504,7 @@ "port": 1287 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12595,7 +12595,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -12678,7 +12678,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12763,7 +12763,7 @@ "port": 8294 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -12849,7 +12849,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -12932,7 +12932,7 @@ "port": 68 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13017,7 +13017,7 @@ "port": 8276 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -13106,7 +13106,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -13193,7 +13193,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -13276,7 +13276,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13366,7 +13366,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -13449,7 +13449,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13535,7 +13535,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13625,7 +13625,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -13708,7 +13708,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13793,7 +13793,7 @@ "port": 8295 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -13879,7 +13879,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -13966,7 +13966,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -14049,7 +14049,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -14134,7 +14134,7 @@ "port": 8296 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -14220,7 +14220,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -14302,7 +14302,7 @@ "port": 8297 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -14388,7 +14388,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -14470,7 +14470,7 @@ "port": 8298 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -14556,7 +14556,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -14639,7 +14639,7 @@ "port": 1293 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -14725,7 +14725,7 @@ "port": 8299 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -14811,7 +14811,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -14893,7 +14893,7 @@ "port": 8300 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -14979,7 +14979,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -15062,7 +15062,7 @@ "port": 1294 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15149,7 +15149,7 @@ "port": 1295 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15236,7 +15236,7 @@ "port": 1296 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15322,7 +15322,7 @@ "port": 8301 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -15408,7 +15408,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -15490,7 +15490,7 @@ "port": 8302 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -15576,7 +15576,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -15663,7 +15663,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -15746,7 +15746,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15832,7 +15832,7 @@ "port": 1297 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15918,7 +15918,7 @@ "port": 8303 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -16004,7 +16004,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -16086,7 +16086,7 @@ "port": 8304 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -16172,7 +16172,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -16255,7 +16255,7 @@ "port": 1298 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16342,7 +16342,7 @@ "port": 1300 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16428,7 +16428,7 @@ "port": 8305 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -16514,7 +16514,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -16596,7 +16596,7 @@ "port": 8306 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -16682,7 +16682,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -16764,7 +16764,7 @@ "port": 8280 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -16848,7 +16848,7 @@ "port": 8281 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -16932,7 +16932,7 @@ "port": 8282 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17016,7 +17016,7 @@ "port": 8283 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17100,7 +17100,7 @@ "port": 8284 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17184,7 +17184,7 @@ "port": 8285 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17268,7 +17268,7 @@ "port": 8286 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17352,7 +17352,7 @@ "port": 8287 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17436,7 +17436,7 @@ "port": 8288 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17520,7 +17520,7 @@ "port": 8289 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17604,7 +17604,7 @@ "port": 8290 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17688,7 +17688,7 @@ "port": 8291 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17772,7 +17772,7 @@ "port": 8292 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17856,7 +17856,7 @@ "port": 8297 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -17940,7 +17940,7 @@ "port": 8298 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -18024,7 +18024,7 @@ "port": 8308 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -18110,7 +18110,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -18192,7 +18192,7 @@ "port": 8299 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -18276,7 +18276,7 @@ "port": 8300 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -18365,7 +18365,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -18452,7 +18452,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -18535,7 +18535,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18621,7 +18621,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18706,7 +18706,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -18792,7 +18792,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -18874,7 +18874,7 @@ "port": 8301 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -18958,7 +18958,7 @@ "port": 8302 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -19042,7 +19042,7 @@ "port": 8303 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -19126,7 +19126,7 @@ "port": 8304 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -19210,7 +19210,7 @@ "port": 8305 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -19294,7 +19294,7 @@ "port": 8306 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -19378,7 +19378,7 @@ "port": 8307 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -19463,7 +19463,7 @@ "port": 1305 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -19550,7 +19550,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19632,7 +19632,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19714,7 +19714,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19795,7 +19795,7 @@ "port": 8310 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -19881,7 +19881,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -19964,7 +19964,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20046,7 +20046,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20128,7 +20128,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20210,7 +20210,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20292,7 +20292,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20374,7 +20374,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20456,7 +20456,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20538,7 +20538,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20620,7 +20620,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20702,7 +20702,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20784,7 +20784,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20866,7 +20866,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20948,7 +20948,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21030,7 +21030,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21112,7 +21112,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21194,7 +21194,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21276,7 +21276,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21358,7 +21358,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21440,7 +21440,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21522,7 +21522,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21604,7 +21604,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21686,7 +21686,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21768,7 +21768,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21850,7 +21850,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21932,7 +21932,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22014,7 +22014,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22096,7 +22096,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22178,7 +22178,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22260,7 +22260,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22342,7 +22342,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22424,7 +22424,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22506,7 +22506,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22588,7 +22588,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22674,7 +22674,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -22762,7 +22762,7 @@ "port": 123 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22830,7 +22830,7 @@ { "@timestamp": "2023-01-11T13:34:06.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration", @@ -22884,7 +22884,7 @@ "ip": "192.168.124.24" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "server-failed", @@ -22937,7 +22937,7 @@ "ip": "192.168.124.24" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "server-active", @@ -22992,7 +22992,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "interface-switchover", @@ -23032,7 +23032,7 @@ { "@timestamp": "2024-06-21T09:07:00.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-out", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-dap-records.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-dap-records.log-expected.json index 26a948604aa..dbd90286234 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-dap-records.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-dap-records.log-expected.json @@ -12,7 +12,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json index 580bf558f63..598b68d263a 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json @@ -3,7 +3,7 @@ { "@timestamp": "2024-01-01T01:00:27.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -43,7 +43,7 @@ { "@timestamp": "2024-01-01T01:00:30.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -90,7 +90,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-hostnames.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-hostnames.log-expected.json index 2acab6a0c42..1ad1f867c42 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-hostnames.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-hostnames.log-expected.json @@ -11,7 +11,7 @@ "domain": "target.destination.hostname.local" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -79,7 +79,7 @@ "ip": "192.168.2.15" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-invalid-data.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-invalid-data.log-expected.json index 1e9267eff6c..4cef6f841f1 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-invalid-data.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-invalid-data.log-expected.json @@ -7,7 +7,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -37,7 +37,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -88,7 +88,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -134,7 +134,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -185,7 +185,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -230,7 +230,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -275,7 +275,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -320,7 +320,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -365,7 +365,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -410,7 +410,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -455,7 +455,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -500,7 +500,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -539,7 +539,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -578,7 +578,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -620,7 +620,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -666,7 +666,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -718,7 +718,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -761,7 +761,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -803,7 +803,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -848,7 +848,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -878,7 +878,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -908,7 +908,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-non-canonical.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-non-canonical.log-expected.json index 8e9dd878b61..a01529f783d 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-non-canonical.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-non-canonical.log-expected.json @@ -19,7 +19,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -101,7 +101,7 @@ "port": 10050 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -187,7 +187,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -273,7 +273,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -353,7 +353,7 @@ "port": 54703 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -423,7 +423,7 @@ "port": 25 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -524,7 +524,7 @@ "port": 62409 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -615,7 +615,7 @@ "port": 56421 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -706,7 +706,7 @@ "port": 50578 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -794,7 +794,7 @@ "port": 56570 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -889,7 +889,7 @@ "port": 2511 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -984,7 +984,7 @@ "port": 2511 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1059,7 +1059,7 @@ "domain": "eth0_fw" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1135,7 +1135,7 @@ "domain": "eth0_fw" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1211,7 +1211,7 @@ "domain": "eth0_fw" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1287,7 +1287,7 @@ "domain": "eth0_fw" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1353,7 +1353,7 @@ { "@timestamp": "2024-07-15T12:18:51.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -1429,7 +1429,7 @@ { "@timestamp": "2024-07-01T09:27:13.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -1506,7 +1506,7 @@ "domain": "mirror" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -1583,7 +1583,7 @@ "ip": "81.2.69.142" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -1679,7 +1679,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json index 88938a14de2..52dfb93a481 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json @@ -27,7 +27,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -105,7 +105,7 @@ "ip": "172.24.177.29" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -179,7 +179,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "dynamic-filter", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json index 29387160930..119dbfd2a80 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json @@ -15,7 +15,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -86,7 +86,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -158,7 +158,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -228,7 +228,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -306,7 +306,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -383,7 +383,7 @@ "port": 12834 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -458,7 +458,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -532,7 +532,7 @@ "port": 25882 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -610,7 +610,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -685,7 +685,7 @@ "port": 45392 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -760,7 +760,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -837,7 +837,7 @@ "port": 52925 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -917,7 +917,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1007,7 +1007,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1089,7 +1089,7 @@ "ip": "172.24.177.29" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1155,7 +1155,7 @@ "port": 10879 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -1230,7 +1230,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1300,7 +1300,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1363,7 +1363,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1434,7 +1434,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1505,7 +1505,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1576,7 +1576,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1647,7 +1647,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1718,7 +1718,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1789,7 +1789,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1860,7 +1860,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1931,7 +1931,7 @@ "port": 25 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2002,7 +2002,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2071,7 +2071,7 @@ "port": 137 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2131,7 +2131,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2194,7 +2194,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2265,7 +2265,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2336,7 +2336,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2407,7 +2407,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2478,7 +2478,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2549,7 +2549,7 @@ "port": 8111 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2620,7 +2620,7 @@ "port": 8111 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2691,7 +2691,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2762,7 +2762,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2834,7 +2834,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2908,7 +2908,7 @@ "port": 11180 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2983,7 +2983,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3057,7 +3057,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3135,7 +3135,7 @@ "port": 1234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3215,7 +3215,7 @@ "port": 1234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3291,7 +3291,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3370,7 +3370,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3449,7 +3449,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3526,7 +3526,7 @@ "port": 5679 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3593,7 +3593,7 @@ "port": 5679 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3662,7 +3662,7 @@ "port": 5000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3740,7 +3740,7 @@ "port": 1234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3819,7 +3819,7 @@ "port": 1234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -3894,7 +3894,7 @@ "port": 1235 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3973,7 +3973,7 @@ "port": 500 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4045,7 +4045,7 @@ "ip": "192.168.99.47" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4109,7 +4109,7 @@ "ip": "192.168.99.57" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4173,7 +4173,7 @@ "ip": "192.168.99.47" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4237,7 +4237,7 @@ "ip": "192.168.99.47" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4301,7 +4301,7 @@ "ip": "192.168.99.57" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4365,7 +4365,7 @@ "ip": "192.168.99.57" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4429,7 +4429,7 @@ "ip": "192.168.1.255" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4493,7 +4493,7 @@ "ip": "192.168.1.255" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4560,7 +4560,7 @@ "port": 25 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4633,7 +4633,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4701,7 +4701,7 @@ "ip": "172.16.1.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4771,7 +4771,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "dynamic-filter", @@ -4858,7 +4858,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "dynamic-filter", @@ -4938,7 +4938,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "dynamic-filter", @@ -5005,7 +5005,7 @@ "ip": "192.168.2.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -5056,7 +5056,7 @@ "ip": "192.168.2.32" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -5114,7 +5114,7 @@ "ip": "192.168.0.19" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -5199,7 +5199,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5272,7 +5272,7 @@ "ip": "172.17.6.211" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "url-access", @@ -5358,7 +5358,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5471,7 +5471,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5587,7 +5587,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5685,7 +5685,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5787,7 +5787,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -5882,7 +5882,7 @@ "port": 18449 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -5961,7 +5961,7 @@ "ip": "ff02::1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6035,7 +6035,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -6127,7 +6127,7 @@ "port": 50120 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "nat-slot", @@ -6232,7 +6232,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6336,7 +6336,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -6436,7 +6436,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6545,7 +6545,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -6652,7 +6652,7 @@ "ip": "81.2.69.193" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "sa-deleted", @@ -6731,7 +6731,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6828,7 +6828,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6925,7 +6925,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -7026,7 +7026,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -7123,7 +7123,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sgt-tag-name.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sgt-tag-name.log-expected.json index 682dad750f7..8cffdfd2455 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sgt-tag-name.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sgt-tag-name.log-expected.json @@ -17,7 +17,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -110,7 +110,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -201,7 +201,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -299,7 +299,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -389,7 +389,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -481,7 +481,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -557,7 +557,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -636,7 +636,7 @@ "port": 60919 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -731,7 +731,7 @@ "port": 60919 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -818,7 +818,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -881,7 +881,7 @@ { "@timestamp": "2023-10-06T10:37:59.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", @@ -969,7 +969,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1068,7 +1068,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1174,7 +1174,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1270,7 +1270,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1362,7 +1362,7 @@ "ip": "192.168.2.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1443,7 +1443,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1532,7 +1532,7 @@ "port": 54860 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1636,7 +1636,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1734,7 +1734,7 @@ "port": 5985 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1840,7 +1840,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -1938,7 +1938,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2041,7 +2041,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", @@ -2131,7 +2131,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2220,7 +2220,7 @@ "port": 55735 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2309,7 +2309,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -2384,7 +2384,7 @@ "port": 58164 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sip.log-expected.json b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sip.log-expected.json index 1880f8217a4..9ed8c0ed4a6 100644 --- a/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sip.log-expected.json +++ b/packages/cisco_asa/data_stream/log/_dev/test/pipeline/test-sip.log-expected.json @@ -16,7 +16,7 @@ "port": 5060 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -85,7 +85,7 @@ "port": 5060 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -154,7 +154,7 @@ "port": 5060 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -223,7 +223,7 @@ "port": 5060 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_asa/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_asa/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 867d39ab85e..f986f9361b7 100644 --- a/packages/cisco_asa/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_asa/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -8,7 +8,7 @@ processors: field: message - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - set: field: event.kind value: event diff --git a/packages/cisco_asa/data_stream/log/sample_event.json b/packages/cisco_asa/data_stream/log/sample_event.json index 839d7936120..8e6dcefc519 100644 --- a/packages/cisco_asa/data_stream/log/sample_event.json +++ b/packages/cisco_asa/data_stream/log/sample_event.json @@ -25,7 +25,7 @@ "port": 8256 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "6a762ace-ff7a-4a1f-9fc4-cae4c2122d76", diff --git a/packages/cisco_asa/docs/README.md b/packages/cisco_asa/docs/README.md index c1aec07a736..44207c81934 100644 --- a/packages/cisco_asa/docs/README.md +++ b/packages/cisco_asa/docs/README.md @@ -41,7 +41,7 @@ An example event for `log` looks as following: "port": 8256 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "6a762ace-ff7a-4a1f-9fc4-cae4c2122d76", diff --git a/packages/cisco_asa/manifest.yml b/packages/cisco_asa/manifest.yml index 2fbed52cff9..b911a5ba0db 100644 --- a/packages/cisco_asa/manifest.yml +++ b/packages/cisco_asa/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: cisco_asa title: Cisco ASA -version: "2.38.3" +version: "2.39.0" description: Collect logs from Cisco ASA with Elastic Agent. type: integration categories: diff --git a/packages/cisco_ftd/_dev/build/build.yml b/packages/cisco_ftd/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/cisco_ftd/_dev/build/build.yml +++ b/packages/cisco_ftd/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/cisco_ftd/changelog.yml b/packages/cisco_ftd/changelog.yml index ffa5805809a..b9c1917780c 100644 --- a/packages/cisco_ftd/changelog.yml +++ b/packages/cisco_ftd/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.5.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "3.4.4" changes: - description: Fixed grok errors on ftd message ID 305006. Added additional matching pattern per specification. diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json index 73ce4c5c00b..a8f823b2d69 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa-fix.log-expected.json @@ -17,7 +17,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -103,7 +103,7 @@ "ip": "10.123.123.123" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -179,7 +179,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -250,7 +250,7 @@ "port": 57621 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -325,7 +325,7 @@ "ip": "10.123.123.123" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -385,7 +385,7 @@ "ip": "10.10.10.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-creation", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json index cf58496456a..a9dc4136213 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-asa.log-expected.json @@ -14,7 +14,7 @@ "port": 8256 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -98,7 +98,7 @@ "port": 1772 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -178,7 +178,7 @@ "port": 1758 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -264,7 +264,7 @@ "port": 1757 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -350,7 +350,7 @@ "port": 1755 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -436,7 +436,7 @@ "port": 1754 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -522,7 +522,7 @@ "port": 1752 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -608,7 +608,7 @@ "port": 1749 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -694,7 +694,7 @@ "port": 1750 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -780,7 +780,7 @@ "port": 1747 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -866,7 +866,7 @@ "port": 1742 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -952,7 +952,7 @@ "port": 1741 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1038,7 +1038,7 @@ "port": 1739 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1124,7 +1124,7 @@ "port": 1740 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1210,7 +1210,7 @@ "port": 1738 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1296,7 +1296,7 @@ "port": 1756 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1382,7 +1382,7 @@ "port": 1737 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1468,7 +1468,7 @@ "port": 1736 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1554,7 +1554,7 @@ "port": 1765 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1639,7 +1639,7 @@ "port": 1188 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1723,7 +1723,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1803,7 +1803,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1892,7 +1892,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1972,7 +1972,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2056,7 +2056,7 @@ "port": 8257 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2140,7 +2140,7 @@ "port": 1773 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2219,7 +2219,7 @@ "port": 8258 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2303,7 +2303,7 @@ "port": 1774 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2387,7 +2387,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2471,7 +2471,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2551,7 +2551,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2636,7 +2636,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -2720,7 +2720,7 @@ "port": 8259 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2804,7 +2804,7 @@ "port": 1775 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2883,7 +2883,7 @@ "port": 1189 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2967,7 +2967,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3051,7 +3051,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3131,7 +3131,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3216,7 +3216,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3300,7 +3300,7 @@ "port": 8265 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3384,7 +3384,7 @@ "port": 1452 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3468,7 +3468,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3552,7 +3552,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3632,7 +3632,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3717,7 +3717,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3801,7 +3801,7 @@ "port": 8266 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3885,7 +3885,7 @@ "port": 1453 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3965,7 +3965,7 @@ "port": 1453 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4055,7 +4055,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4135,7 +4135,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4220,7 +4220,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4304,7 +4304,7 @@ "port": 8267 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4388,7 +4388,7 @@ "port": 1454 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4467,7 +4467,7 @@ "port": 8268 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4551,7 +4551,7 @@ "port": 1455 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4630,7 +4630,7 @@ "port": 8269 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4714,7 +4714,7 @@ "port": 1456 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4798,7 +4798,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4878,7 +4878,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4962,7 +4962,7 @@ "port": 8270 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5046,7 +5046,7 @@ "port": 1457 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5125,7 +5125,7 @@ "port": 8271 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5209,7 +5209,7 @@ "port": 1458 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5293,7 +5293,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5373,7 +5373,7 @@ "port": 1457 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -5458,7 +5458,7 @@ "port": 8272 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5542,7 +5542,7 @@ "port": 1459 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5622,7 +5622,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -5706,7 +5706,7 @@ "port": 8273 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5790,7 +5790,7 @@ "port": 1460 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5869,7 +5869,7 @@ "port": 8267 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -5952,7 +5952,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6036,7 +6036,7 @@ "port": 1385 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6115,7 +6115,7 @@ "port": 8268 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6198,7 +6198,7 @@ "port": 8269 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6281,7 +6281,7 @@ "port": 8270 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6364,7 +6364,7 @@ "port": 8271 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6447,7 +6447,7 @@ "port": 8272 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6530,7 +6530,7 @@ "port": 8273 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6614,7 +6614,7 @@ "port": 1382 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6700,7 +6700,7 @@ "port": 1385 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -6785,7 +6785,7 @@ "port": 8278 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6869,7 +6869,7 @@ "port": 1386 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -6949,7 +6949,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7031,7 +7031,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7113,7 +7113,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7195,7 +7195,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7277,7 +7277,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7359,7 +7359,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7441,7 +7441,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7523,7 +7523,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7605,7 +7605,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7687,7 +7687,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7769,7 +7769,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7851,7 +7851,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -7933,7 +7933,7 @@ "port": 8277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8014,7 +8014,7 @@ "port": 8279 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8098,7 +8098,7 @@ "port": 1275 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8177,7 +8177,7 @@ "port": 1190 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8261,7 +8261,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8341,7 +8341,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -8430,7 +8430,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8510,7 +8510,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -8594,7 +8594,7 @@ "port": 8280 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8678,7 +8678,7 @@ "port": 1276 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8757,7 +8757,7 @@ "port": 8281 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8841,7 +8841,7 @@ "port": 1277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -8921,7 +8921,7 @@ "port": 1276 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9006,7 +9006,7 @@ "port": 8282 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -9090,7 +9090,7 @@ "port": 1278 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -9170,7 +9170,7 @@ "port": 1277 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9255,7 +9255,7 @@ "port": 8283 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -9339,7 +9339,7 @@ "port": 1279 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -9419,7 +9419,7 @@ "port": 1278 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9505,7 +9505,7 @@ "port": 1279 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9590,7 +9590,7 @@ "port": 8284 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -9674,7 +9674,7 @@ "port": 1280 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -9754,7 +9754,7 @@ "port": 1280 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -9839,7 +9839,7 @@ "port": 8285 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -9923,7 +9923,7 @@ "port": 1281 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10002,7 +10002,7 @@ "port": 8286 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10086,7 +10086,7 @@ "port": 1282 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10165,7 +10165,7 @@ "port": 8287 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10249,7 +10249,7 @@ "port": 1283 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10328,7 +10328,7 @@ "port": 8288 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10412,7 +10412,7 @@ "port": 1284 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10492,7 +10492,7 @@ "port": 1281 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -10578,7 +10578,7 @@ "port": 1282 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -10664,7 +10664,7 @@ "port": 1283 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -10749,7 +10749,7 @@ "port": 8289 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10833,7 +10833,7 @@ "port": 1285 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10912,7 +10912,7 @@ "port": 8290 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -10996,7 +10996,7 @@ "port": 1286 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11076,7 +11076,7 @@ "port": 1284 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11161,7 +11161,7 @@ "port": 8291 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11245,7 +11245,7 @@ "port": 1287 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11325,7 +11325,7 @@ "port": 1285 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11411,7 +11411,7 @@ "port": 1286 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11501,7 +11501,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11580,7 +11580,7 @@ "port": 8292 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11664,7 +11664,7 @@ "port": 1288 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11744,7 +11744,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11833,7 +11833,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -11913,7 +11913,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -11997,7 +11997,7 @@ "port": 8293 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -12081,7 +12081,7 @@ "port": 1289 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -12161,7 +12161,7 @@ "port": 1288 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12247,7 +12247,7 @@ "port": 1287 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12337,7 +12337,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -12417,7 +12417,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12501,7 +12501,7 @@ "port": 8294 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -12585,7 +12585,7 @@ "port": 1290 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -12665,7 +12665,7 @@ "port": 68 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12749,7 +12749,7 @@ "port": 8276 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -12837,7 +12837,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -12921,7 +12921,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -13001,7 +13001,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13090,7 +13090,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -13170,7 +13170,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13255,7 +13255,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13344,7 +13344,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -13424,7 +13424,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13508,7 +13508,7 @@ "port": 8295 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -13592,7 +13592,7 @@ "port": 1291 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -13676,7 +13676,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -13756,7 +13756,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -13840,7 +13840,7 @@ "port": 8296 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -13924,7 +13924,7 @@ "port": 1292 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14003,7 +14003,7 @@ "port": 8297 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14087,7 +14087,7 @@ "port": 1293 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14166,7 +14166,7 @@ "port": 8298 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14250,7 +14250,7 @@ "port": 1294 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14330,7 +14330,7 @@ "port": 1293 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -14415,7 +14415,7 @@ "port": 8299 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14499,7 +14499,7 @@ "port": 1295 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14578,7 +14578,7 @@ "port": 8300 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14662,7 +14662,7 @@ "port": 1296 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -14742,7 +14742,7 @@ "port": 1294 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -14828,7 +14828,7 @@ "port": 1295 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -14914,7 +14914,7 @@ "port": 1296 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -14999,7 +14999,7 @@ "port": 8301 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15083,7 +15083,7 @@ "port": 1297 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15162,7 +15162,7 @@ "port": 8302 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15246,7 +15246,7 @@ "port": 1298 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15330,7 +15330,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15410,7 +15410,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15495,7 +15495,7 @@ "port": 1297 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15580,7 +15580,7 @@ "port": 8303 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15664,7 +15664,7 @@ "port": 1299 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15743,7 +15743,7 @@ "port": 8304 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15827,7 +15827,7 @@ "port": 1300 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -15907,7 +15907,7 @@ "port": 1298 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -15993,7 +15993,7 @@ "port": 1300 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16078,7 +16078,7 @@ "port": 8305 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -16162,7 +16162,7 @@ "port": 1301 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -16241,7 +16241,7 @@ "port": 8306 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -16325,7 +16325,7 @@ "port": 1302 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -16404,7 +16404,7 @@ "port": 8280 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16487,7 +16487,7 @@ "port": 8281 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16570,7 +16570,7 @@ "port": 8282 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16653,7 +16653,7 @@ "port": 8283 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16736,7 +16736,7 @@ "port": 8284 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16819,7 +16819,7 @@ "port": 8285 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16902,7 +16902,7 @@ "port": 8286 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -16985,7 +16985,7 @@ "port": 8287 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17068,7 +17068,7 @@ "port": 8288 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17151,7 +17151,7 @@ "port": 8289 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17234,7 +17234,7 @@ "port": 8290 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17317,7 +17317,7 @@ "port": 8291 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17400,7 +17400,7 @@ "port": 8292 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17483,7 +17483,7 @@ "port": 8297 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17566,7 +17566,7 @@ "port": 8298 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17649,7 +17649,7 @@ "port": 8308 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -17733,7 +17733,7 @@ "port": 1304 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -17812,7 +17812,7 @@ "port": 8299 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17895,7 +17895,7 @@ "port": 8300 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -17983,7 +17983,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -18067,7 +18067,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -18147,7 +18147,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18232,7 +18232,7 @@ "port": 56132 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18316,7 +18316,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -18400,7 +18400,7 @@ "port": 1305 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -18479,7 +18479,7 @@ "port": 8301 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18562,7 +18562,7 @@ "port": 8302 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18645,7 +18645,7 @@ "port": 8303 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18728,7 +18728,7 @@ "port": 8304 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18811,7 +18811,7 @@ "port": 8305 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18894,7 +18894,7 @@ "port": 8306 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -18977,7 +18977,7 @@ "port": 8307 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -19061,7 +19061,7 @@ "port": 1305 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -19147,7 +19147,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19229,7 +19229,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19311,7 +19311,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19392,7 +19392,7 @@ "port": 8310 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19476,7 +19476,7 @@ "port": 1306 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19556,7 +19556,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19638,7 +19638,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19720,7 +19720,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19802,7 +19802,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19884,7 +19884,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -19966,7 +19966,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20048,7 +20048,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20130,7 +20130,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20212,7 +20212,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20294,7 +20294,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20376,7 +20376,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20458,7 +20458,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20540,7 +20540,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20622,7 +20622,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20704,7 +20704,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20786,7 +20786,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20868,7 +20868,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -20950,7 +20950,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21032,7 +21032,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21114,7 +21114,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21196,7 +21196,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21278,7 +21278,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21360,7 +21360,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21442,7 +21442,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21524,7 +21524,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21606,7 +21606,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21688,7 +21688,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21770,7 +21770,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21852,7 +21852,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -21934,7 +21934,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22016,7 +22016,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22098,7 +22098,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -22180,7 +22180,7 @@ "port": 8309 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-dns.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-dns.log-expected.json index 2461d1e1735..60bd4ffd8ea 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-dns.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-dns.log-expected.json @@ -68,7 +68,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -216,7 +216,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -360,7 +360,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -509,7 +509,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -654,7 +654,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -798,7 +798,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -947,7 +947,7 @@ "response_code": "NXDOMAIN" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1091,7 +1091,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1236,7 +1236,7 @@ "response_code": "SERVFAIL" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1384,7 +1384,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1528,7 +1528,7 @@ "response_code": "REFUSED" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1664,7 +1664,7 @@ "response_code": "SERVFAIL" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1810,7 +1810,7 @@ "response_code": "NXDOMAIN" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1955,7 +1955,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2101,7 +2101,7 @@ "response_code": "NXDOMAIN" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2249,7 +2249,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2393,7 +2393,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2537,7 +2537,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2681,7 +2681,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2821,7 +2821,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2969,7 +2969,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json index b55c4c55637..0f588d60b17 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-filtered.log-expected.json @@ -3,7 +3,7 @@ { "@timestamp": "2019-01-01T01:00:27.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -47,7 +47,7 @@ { "@timestamp": "2019-01-01T01:00:30.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-firepower-management.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-firepower-management.log-expected.json index 3bfdfc14895..1db2e4f17e1 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-firepower-management.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-firepower-management.log-expected.json @@ -3,7 +3,7 @@ { "@timestamp": "2019-08-14T13:56:30.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:56:30 platformSettingEdit.cgi: siem-management: admin@10.0.255.31, System > Configuration > Configuration > /platinum/platformSettingEdit.cgi?type=AuditLog, Page View\u0000x0a\u0000x00", @@ -40,7 +40,7 @@ { "@timestamp": "2019-08-14T13:57:19.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:57:19 platformSettingEdit.cgi: siem-management: admin@10.0.255.31, System > Configuration > Configuration > /platinum/platformSettingEdit.cgi?type=Banner, Page View\u0000x0a\u0000x00", @@ -77,7 +77,7 @@ { "@timestamp": "2019-08-14T13:57:26.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:57:26 ChangeReconciliation.cgi: siem-management: admin@10.0.255.31, System > Configuration > Configuration > /platinum/ChangeReconciliation.cgi, Page View\u0000x0a\u0000x00", @@ -114,7 +114,7 @@ { "@timestamp": "2019-08-14T13:57:34.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:57:34 platformSettingEdit.cgi: siem-management: admin@10.0.255.31, System > Configuration > Configuration > /platinum/platformSettingEdit.cgi?type=IntrusionPolicyPrefs, Page View\u0000x0a\u0000x00", @@ -151,7 +151,7 @@ { "@timestamp": "2019-08-14T13:57:43.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:57:43 lights_out_mgmt.cgi: siem-management: admin@10.0.255.31, System > Configuration > Configuration > /admin/lights_out_mgmt.cgi, Page View\u0000x0a\u0000x00", @@ -188,7 +188,7 @@ { "@timestamp": "2019-08-14T13:58:02.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:58:02 mojo_server.pl: siem-management: admin@10.0.255.31, Cloud Services, View url filtering settings\u0000x0a\u0000x00", @@ -225,7 +225,7 @@ { "@timestamp": "2019-08-14T13:58:02.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:58:02 mojo_server.pl: siem-management: admin@10.0.255.31, Cloud Services, View amp settings\u0000x0a\u0000x00", @@ -262,7 +262,7 @@ { "@timestamp": "2019-08-14T13:58:20.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:58:20 mojo_server.pl: siem-management: admin@10.0.255.31, System > Monitoring > Syslog, Page View\u0000x0a\u0000x00", @@ -299,7 +299,7 @@ { "@timestamp": "2019-08-14T13:58:41.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:58:41 mojo_server.pl: siem-management: admin@10.0.255.31, Devices > Device Management, Page View\u0000x0a\u0000x00", @@ -336,7 +336,7 @@ { "@timestamp": "2019-08-14T13:58:47.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:58:47 sfdccsm: siem-management: admin@10.0.255.31, Devices > Device Management > NGFW Interfaces, Page View\u0000x0a\u0000x00", @@ -373,7 +373,7 @@ { "@timestamp": "2019-08-14T13:58:52.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:58:52 mojo_server.pl: siem-management: admin@10.0.255.31, Devices > Device Management > NGFW Device Summary, Page View\u0000x0a\u0000x00", @@ -410,7 +410,7 @@ { "@timestamp": "2019-08-14T13:58:54.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:58:54 mojo_server.pl: siem-management: admin@10.0.255.31, Devices > Device Management > NGFW Device Summary, Page View\u0000x0a\u0000x00", @@ -447,7 +447,7 @@ { "@timestamp": "2019-08-14T13:59:10.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:59:10 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings, Page View\u0000x0a\u0000x00", @@ -484,7 +484,7 @@ { "@timestamp": "2019-08-14T13:59:15.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 13:59:15 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings > Platform Settings Editor, Page View\u0000x0a\u0000x00", @@ -521,7 +521,7 @@ { "@timestamp": "2019-08-14T14:00:37.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:00:37 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings > Platform Settings Editor, Save Policy ftd-policy\u0000x0a\u0000x00", @@ -558,7 +558,7 @@ { "@timestamp": "2019-08-14T14:00:37.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:00:37 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings > Platform Settings Editor, Modified: Syslog\u0000x0a\u0000x00", @@ -595,7 +595,7 @@ { "@timestamp": "2019-08-14T14:00:37.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:00:37 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings > Platform Settings Editor, Page View\u0000x0a\u0000x00", @@ -632,7 +632,7 @@ { "@timestamp": "2019-08-14T14:01:12.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:12 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings > Platform Settings Editor, Save Policy ftd-policy\u0000x0a\u0000x00", @@ -669,7 +669,7 @@ { "@timestamp": "2019-08-14T14:01:12.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:12 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings > Platform Settings Editor, Modified: Syslog\u0000x0a\u0000x00", @@ -706,7 +706,7 @@ { "@timestamp": "2019-08-14T14:01:13.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:13 sfdccsm: siem-management: admin@10.0.255.31, Devices > Platform Settings > Platform Settings Editor, Page View\u0000x0a\u0000x00", @@ -743,7 +743,7 @@ { "@timestamp": "2019-08-14T14:01:20.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:20 sfdccsm: siem-management: csm_processes@Default User IP, Login, Login Success\u0000x0a\u0000x00", @@ -780,7 +780,7 @@ { "@timestamp": "2019-08-14T14:01:31.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:31 ActionQueueScrape.pl: siem-management: csm_processes@Default User IP, Login, Login Success\u0000x0a\u0000x00", @@ -817,7 +817,7 @@ { "@timestamp": "2019-08-14T14:01:31.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:31 ActionQueueScrape.pl: siem-management: admin@localhost, Task Queue, Successful task completion : Pre-deploy Global Configuration Generation\u0000x0a\u0000x00", @@ -854,7 +854,7 @@ { "@timestamp": "2019-08-14T14:01:35.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:35 ActionQueueScrape.pl: siem-management: csm_processes@Default User IP, Login, Login Success\u0000x0a\u0000x00", @@ -891,7 +891,7 @@ { "@timestamp": "2019-08-14T14:01:36.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:36 ActionQueueScrape.pl: siem-management: admin@localhost, Task Queue, Successful task completion : Pre-deploy Device Configuration for siem-ftd\u0000x0a\u0000x00", @@ -928,7 +928,7 @@ { "@timestamp": "2019-08-14T14:01:55.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:55 mojo_server.pl: siem-management: admin@10.0.255.31, System > Configuration > Configuration, Page View\u0000x0a\u0000x00", @@ -965,7 +965,7 @@ { "@timestamp": "2019-08-14T14:01:56.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:56 sfdccsm: siem-management: admin@localhost, Task Queue, Policy Deployment to siem-ftd - SUCCESS\u0000x0a\u0000x00", @@ -1002,7 +1002,7 @@ { "@timestamp": "2019-08-14T14:01:57.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:01:57 sfdccsm: siem-management: csm_processes@Default User IP, Login, Login Success\u0000x0a\u0000x00", @@ -1039,7 +1039,7 @@ { "@timestamp": "2019-08-14T14:02:03.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:02:03 mojo_server.pl: siem-management: admin@10.0.255.31, System > Monitoring > Syslog, Page View\u0000x0a\u0000x00", @@ -1076,7 +1076,7 @@ { "@timestamp": "2019-08-14T14:02:11.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:02:11 index.cgi: siem-management: admin@10.0.255.31, System > Monitoring > Audit, Page View\u0000x0a\u0000x00", @@ -1113,7 +1113,7 @@ { "@timestamp": "2019-08-14T14:02:19.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:02:19 mojo_server.pl: siem-management: admin@10.0.255.31, System > Configuration > Configuration, Page View\u0000x0a\u0000x00", @@ -1150,7 +1150,7 @@ { "@timestamp": "2019-08-14T14:02:31.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:02:31 platformSettingEdit.cgi: siem-management: admin@10.0.255.31, System > Configuration > Configuration > /platinum/platformSettingEdit.cgi?type=AuditLog, Page View\u0000x0a\u0000x00", @@ -1187,7 +1187,7 @@ { "@timestamp": "2019-08-14T14:02:38.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14>Aug 14 2019 14:02:38 platformSettingEdit.cgi: siem-management: admin@10.0.255.31, Devices > Platform Settings > Local System Configuration, Save Local System Configuration\u0000x0a\u0000x00", @@ -1223,7 +1223,7 @@ }, { "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<14.2>Aug 14 2019 14:02:38 platformSettingEdit.cgi: siem-management: admin@10.0.255.31, Devices > Platform Settings > Audit Log Settings > Modified: Send Audit Log to Syslog enabled > Disabled", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-305006.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-305006.log-expected.json index 8727760b630..9103e6dd174 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-305006.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-305006.log-expected.json @@ -27,7 +27,7 @@ "ip": "81.2.69.200" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -128,7 +128,7 @@ "port": 9234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -228,7 +228,7 @@ "port": 9234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -330,7 +330,7 @@ "ip": "81.2.69.200" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -444,7 +444,7 @@ "ip": "81.2.69.200" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -562,7 +562,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -681,7 +681,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -800,7 +800,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -924,7 +924,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1044,7 +1044,7 @@ "ip": "81.2.69.200" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1159,7 +1159,7 @@ "ip": "81.2.69.200" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1278,7 +1278,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1398,7 +1398,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1518,7 +1518,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1643,7 +1643,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1765,7 +1765,7 @@ "port": 9234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1880,7 +1880,7 @@ "port": 9234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1999,7 +1999,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2119,7 +2119,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2239,7 +2239,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2364,7 +2364,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2485,7 +2485,7 @@ "port": 9234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2601,7 +2601,7 @@ "port": 9234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2721,7 +2721,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2842,7 +2842,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2963,7 +2963,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3089,7 +3089,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-endpoint-profile.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-endpoint-profile.log-expected.json index 7cbdc979e5b..bdccbd34a3e 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-endpoint-profile.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-endpoint-profile.log-expected.json @@ -49,7 +49,7 @@ "manufacturer": "Microsoft" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -177,7 +177,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -305,7 +305,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -433,7 +433,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -561,7 +561,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -689,7 +689,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -820,7 +820,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -951,7 +951,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1082,7 +1082,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1213,7 +1213,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1344,7 +1344,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1475,7 +1475,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1600,7 +1600,7 @@ "manufacturer": "Konica" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1725,7 +1725,7 @@ "manufacturer": "Android" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1847,7 +1847,7 @@ "manufacturer": "Android" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1972,7 +1972,7 @@ "manufacturer": "Android" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2097,7 +2097,7 @@ "manufacturer": "Android" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2222,7 +2222,7 @@ "manufacturer": "Android" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2350,7 +2350,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2478,7 +2478,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2606,7 +2606,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2737,7 +2737,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2865,7 +2865,7 @@ "manufacturer": "Apple" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -2987,7 +2987,7 @@ "manufacturer": "Apple" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3112,7 +3112,7 @@ "manufacturer": "Apple" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3237,7 +3237,7 @@ "manufacturer": "Apple" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3365,7 +3365,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3493,7 +3493,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3618,7 +3618,7 @@ "manufacturer": "Cisco" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3743,7 +3743,7 @@ "manufacturer": "Cisco" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3868,7 +3868,7 @@ "manufacturer": "Cisco" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -3996,7 +3996,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4121,7 +4121,7 @@ "manufacturer": "Google" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4246,7 +4246,7 @@ "manufacturer": "RaspberryPi" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4368,7 +4368,7 @@ "manufacturer": "Intel" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4490,7 +4490,7 @@ "manufacturer": "HP" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4609,7 +4609,7 @@ "port": 631 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4731,7 +4731,7 @@ "manufacturer": "Nortel" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4853,7 +4853,7 @@ "manufacturer": "Dell" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -4975,7 +4975,7 @@ "manufacturer": "ChromeBook" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -5103,7 +5103,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -5228,7 +5228,7 @@ "manufacturer": "American Power Conversion" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -5350,7 +5350,7 @@ "manufacturer": "Microsoft" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -5478,7 +5478,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -5603,7 +5603,7 @@ "manufacturer": "RICOH" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -5725,7 +5725,7 @@ "port": 631 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-fix.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-fix.log-expected.json index ccd71efbffb..639c05d491b 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-fix.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-fix.log-expected.json @@ -12,7 +12,7 @@ "ip": "192.168.0.38" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "created", @@ -81,7 +81,7 @@ "ip": "192.168.0.139" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deleted", @@ -153,7 +153,7 @@ "ip": "192.168.0.38" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -213,7 +213,7 @@ "ip": "192.168.0.38" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", @@ -256,7 +256,7 @@ }, { "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -308,7 +308,7 @@ "port": 41330 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -390,7 +390,7 @@ "port": 10872 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -470,7 +470,7 @@ "port": 10872 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -561,7 +561,7 @@ "port": 10872 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -648,7 +648,7 @@ "ip": "192.168.2.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -716,7 +716,7 @@ { "@timestamp": "2024-05-05T17:51:17.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": "<188>May 5 17:51:17 dev01: %FTD-4-313005: No matching connection for ICMP error message: icmp src srcif:192.168.2.2 dst dstif:192.168.2.3 (type 3, code 2) on srcif interface. Original IP payload: protocol 51 src 192.168.2.2 dst 192.168.2.3.", @@ -770,7 +770,7 @@ "port": 60919 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -861,7 +861,7 @@ "port": 60919 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -951,7 +951,7 @@ "port": 54860 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1041,7 +1041,7 @@ "port": 55735 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1130,7 +1130,7 @@ "port": 58164 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1213,7 +1213,7 @@ "port": 7000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1309,7 +1309,7 @@ "port": 0 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1400,7 +1400,7 @@ "ip": "1.128.0.20" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1477,7 +1477,7 @@ "port": 0 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1568,7 +1568,7 @@ "ip": "81.2.69.200" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1653,7 +1653,7 @@ "port": 444 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1722,7 +1722,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1789,7 +1789,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1865,7 +1865,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1959,7 +1959,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-inbound-outbound.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-inbound-outbound.log-expected.json index 0247b67250a..9ffe7900c03 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-inbound-outbound.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-inbound-outbound.log-expected.json @@ -37,7 +37,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -168,7 +168,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -267,7 +267,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -384,7 +384,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -498,7 +498,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -629,7 +629,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -728,7 +728,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -845,7 +845,7 @@ "port": 443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-session.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-session.log-expected.json index 377640d8040..980e936a165 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-session.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-session.log-expected.json @@ -13,7 +13,7 @@ "ip": "10.0.100.30" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-disconnected", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-username-with-spaces.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-username-with-spaces.log-expected.json index 24b68a0757a..460cf958532 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-username-with-spaces.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-ftd-username-with-spaces.log-expected.json @@ -7,7 +7,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "client-vpn-connected", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-intrusion.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-intrusion.log-expected.json index 70bbf413469..3e551f7c1ea 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-intrusion.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-intrusion.log-expected.json @@ -43,7 +43,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "intrusion-detected", @@ -158,7 +158,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "intrusion-detected", @@ -271,7 +271,7 @@ "port": 39114 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "intrusion-detected", @@ -382,7 +382,7 @@ "port": 40740 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "intrusion-detected", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-no-type-id.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-no-type-id.log-expected.json index fe4fa841e71..3b68c80416e 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-no-type-id.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-no-type-id.log-expected.json @@ -20,7 +20,7 @@ "ip": "10.8.12.47" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "intrusion-detected", @@ -87,7 +87,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "intrusion-detected", @@ -147,7 +147,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", @@ -220,7 +220,7 @@ "port": 64311 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "malware-detected", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json index 903eee58ea0..4613324f650 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-not-ip.log-expected.json @@ -27,7 +27,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -105,7 +105,7 @@ "ip": "172.24.177.29" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -178,7 +178,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json index d965d6fac9a..01e5aa11647 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-sample.log-expected.json @@ -15,7 +15,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -86,7 +86,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -158,7 +158,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -228,7 +228,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -306,7 +306,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -383,7 +383,7 @@ "port": 12834 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -459,7 +459,7 @@ "port": 4952 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -527,7 +527,7 @@ "port": 25882 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -603,7 +603,7 @@ "port": 52925 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -675,7 +675,7 @@ "port": 45392 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -752,7 +752,7 @@ "port": 4953 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -822,7 +822,7 @@ "port": 52925 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -901,7 +901,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -982,7 +982,7 @@ "ip": "172.24.177.29" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -1047,7 +1047,7 @@ "port": 10879 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1124,7 +1124,7 @@ "port": 4954 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1187,7 +1187,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1249,7 +1249,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1320,7 +1320,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1391,7 +1391,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1462,7 +1462,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1533,7 +1533,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1604,7 +1604,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1675,7 +1675,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1746,7 +1746,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1817,7 +1817,7 @@ "port": 25 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1888,7 +1888,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -1957,7 +1957,7 @@ "port": 137 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2016,7 +2016,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2078,7 +2078,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2149,7 +2149,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2220,7 +2220,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2291,7 +2291,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2362,7 +2362,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2433,7 +2433,7 @@ "port": 8111 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2504,7 +2504,7 @@ "port": 8111 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2575,7 +2575,7 @@ "port": 40443 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2646,7 +2646,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2718,7 +2718,7 @@ "port": 2000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2792,7 +2792,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2868,7 +2868,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -2946,7 +2946,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3028,7 +3028,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3107,7 +3107,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3182,7 +3182,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3264,7 +3264,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3346,7 +3346,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3428,7 +3428,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3510,7 +3510,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3592,7 +3592,7 @@ "port": 5678 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -3672,7 +3672,7 @@ "port": 5679 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3743,7 +3743,7 @@ "port": 5679 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3816,7 +3816,7 @@ "port": 5000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3898,7 +3898,7 @@ "port": 65000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -3978,7 +3978,7 @@ "port": 65000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4054,7 +4054,7 @@ "port": 1235 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4136,7 +4136,7 @@ "port": 500 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "flow-expiration", @@ -4207,7 +4207,7 @@ "ip": "192.168.99.47" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4271,7 +4271,7 @@ "ip": "192.168.99.57" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4335,7 +4335,7 @@ "ip": "192.168.99.47" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4399,7 +4399,7 @@ "ip": "192.168.99.47" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4463,7 +4463,7 @@ "ip": "192.168.99.57" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4527,7 +4527,7 @@ "ip": "192.168.99.57" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4591,7 +4591,7 @@ "ip": "192.168.1.255" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4655,7 +4655,7 @@ "ip": "192.168.1.255" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4722,7 +4722,7 @@ "port": 25 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4795,7 +4795,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4863,7 +4863,7 @@ "ip": "172.16.1.10" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -4933,7 +4933,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5024,7 +5024,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5109,7 +5109,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5176,7 +5176,7 @@ "ip": "192.168.2.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5227,7 +5227,7 @@ "ip": "192.168.2.32" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5284,7 +5284,7 @@ "ip": "192.168.0.19" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5371,7 +5371,7 @@ "port": 1433 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "firewall-rule", @@ -5437,7 +5437,7 @@ "ip": "192.168.0.8" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -5491,7 +5491,7 @@ { "@timestamp": "2023-03-03T08:50:32.000Z", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logged-in", @@ -5547,7 +5547,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logon-failed", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-connection.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-connection.log-expected.json index cd049302e1b..e8e1dcba1ad 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-connection.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-connection.log-expected.json @@ -42,7 +42,7 @@ "packets": 0 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", @@ -157,7 +157,7 @@ "packets": 1 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -299,7 +299,7 @@ "response_code": "NOERROR" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", @@ -439,7 +439,7 @@ "response_code": "NXDOMAIN" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -568,7 +568,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", @@ -701,7 +701,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -848,7 +848,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", @@ -980,7 +980,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1111,7 +1111,7 @@ "packets": 0 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", @@ -1232,7 +1232,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1379,7 +1379,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1500,7 +1500,7 @@ "port": 7680 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1612,7 +1612,7 @@ "port": 8193 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", @@ -1731,7 +1731,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "intrusion-detected", @@ -1851,7 +1851,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-started", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-file-malware.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-file-malware.log-expected.json index 030df2dd7e0..0ff253440fe 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-file-malware.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-file-malware.log-expected.json @@ -31,7 +31,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "file-detected", @@ -130,7 +130,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "file-detected", @@ -229,7 +229,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "file-detected", @@ -328,7 +328,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "file-detected", @@ -433,7 +433,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "file-detected", @@ -545,7 +545,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "file-detected", @@ -661,7 +661,7 @@ "port": 8000 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "malware-detected", @@ -789,7 +789,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "malware-detected", @@ -904,7 +904,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "malware-detected", @@ -1031,7 +1031,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "malware-detected", @@ -1162,7 +1162,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "malware-detected", diff --git a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-malware-site.log-expected.json b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-malware-site.log-expected.json index 6e1bf35dfcb..268fe6741bf 100644 --- a/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-malware-site.log-expected.json +++ b/packages/cisco_ftd/data_stream/log/_dev/test/pipeline/test-security-malware-site.log-expected.json @@ -66,7 +66,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "connection-finished", diff --git a/packages/cisco_ftd/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_ftd/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 1f65ab6a205..99149871761 100644 --- a/packages/cisco_ftd/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_ftd/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -8,7 +8,7 @@ processors: if: ctx.event?.original == null - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' # # Parse the syslog header # diff --git a/packages/cisco_ftd/data_stream/log/sample_event.json b/packages/cisco_ftd/data_stream/log/sample_event.json index cefa0071e32..76645833a2a 100644 --- a/packages/cisco_ftd/data_stream/log/sample_event.json +++ b/packages/cisco_ftd/data_stream/log/sample_event.json @@ -62,7 +62,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "003c2ae5-ffc1-4a61-a309-b9d59a743dda", diff --git a/packages/cisco_ftd/docs/README.md b/packages/cisco_ftd/docs/README.md index 1e3b230e122..eced2557228 100644 --- a/packages/cisco_ftd/docs/README.md +++ b/packages/cisco_ftd/docs/README.md @@ -100,7 +100,7 @@ An example event for `log` looks as following: "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "003c2ae5-ffc1-4a61-a309-b9d59a743dda", diff --git a/packages/cisco_ftd/manifest.yml b/packages/cisco_ftd/manifest.yml index bb3cf200cdc..03b54908bd2 100644 --- a/packages/cisco_ftd/manifest.yml +++ b/packages/cisco_ftd/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: cisco_ftd title: Cisco FTD -version: "3.4.4" +version: "3.5.0" description: Collect logs from Cisco FTD with Elastic Agent. type: integration categories: diff --git a/packages/cisco_ios/_dev/build/build.yml b/packages/cisco_ios/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/cisco_ios/_dev/build/build.yml +++ b/packages/cisco_ios/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/cisco_ios/changelog.yml b/packages/cisco_ios/changelog.yml index d019c87bea5..8c911e57433 100644 --- a/packages/cisco_ios/changelog.yml +++ b/packages/cisco_ios/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.29.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.28.1" changes: - description: Fix FQDN parsing. diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-asr920.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-asr920.log-expected.json index 53f7ecc73d9..df4b4e96424 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-asr920.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-asr920.log-expected.json @@ -14,7 +14,7 @@ "port": 22 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -79,7 +79,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -144,7 +144,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -204,7 +204,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -246,7 +246,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -287,7 +287,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -335,7 +335,7 @@ "port": 0 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -413,7 +413,7 @@ "ip": "224.0.0.18" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -440,6 +440,7 @@ }, "message": "list ACL_CE-SECURITY denied 112 89.160.20.112 -> 224.0.0.18, 295 packets", "network": { + "community_id": "1:yTOnBBP4TTf0EyFmw0nUNwq2Tgo=", "iana_number": "112", "packets": 295, "type": "ipv4" @@ -491,7 +492,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-badauth.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-badauth.log-expected.json index 4ae24ee0a52..c2c029170b2 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-badauth.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-badauth.log-expected.json @@ -15,7 +15,7 @@ "port": 15448 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -76,7 +76,7 @@ "port": 15448 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -136,7 +136,7 @@ "port": 15448 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -196,7 +196,7 @@ "port": 15448 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -256,7 +256,7 @@ "port": 1234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -317,7 +317,7 @@ "port": 1234 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-cisco-ios.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-cisco-ios.log-expected.json index 90fbbcf778f..390b5398fe9 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-cisco-ios.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-cisco-ios.log-expected.json @@ -14,7 +14,7 @@ "ip": "224.0.0.22" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -76,7 +76,7 @@ "ip": "224.0.0.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -141,7 +141,7 @@ "ip": "255.255.255.255" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -164,6 +164,7 @@ }, "message": "list 171 denied 0 192.168.100.1 -> 255.255.255.255, 1 packet", "network": { + "community_id": "1:CbX5kHSTDJ4dLxp//cXG53tbrNc=", "iana_number": "0", "packets": 1, "type": "ipv4" @@ -212,7 +213,7 @@ "port": 22 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "allow", @@ -284,7 +285,7 @@ "port": 15600 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -347,7 +348,7 @@ "ip": "192.168.100.2" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -414,7 +415,7 @@ "port": 15600 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -472,7 +473,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -516,7 +517,7 @@ "port": 15600 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -592,7 +593,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -650,7 +651,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -693,7 +694,7 @@ "ip": "192.168.100.1" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -772,7 +773,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -834,7 +835,7 @@ "port": 22 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -894,7 +895,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -960,7 +961,7 @@ "ip": "10.3.66.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "multicast-join", @@ -1027,7 +1028,7 @@ "ip": "10.3.66.3" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "multicast-join", @@ -1080,7 +1081,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1118,7 +1119,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1162,7 +1163,7 @@ "port": 1103 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "allow", @@ -1229,7 +1230,7 @@ "port": 7774 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -1296,7 +1297,7 @@ "port": 1985 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "allow", @@ -1363,7 +1364,7 @@ "port": 1985 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -1430,7 +1431,7 @@ "port": 10001 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -1493,7 +1494,7 @@ "ip": "10.100.8.34" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "allow", @@ -1559,7 +1560,7 @@ "ip": "172.16.0.26" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "allow", @@ -1634,7 +1635,7 @@ "ip": "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format-tzoffset.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format-tzoffset.log-expected.json index e9fa7341026..4ec3ea5b096 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format-tzoffset.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format-tzoffset.log-expected.json @@ -9,7 +9,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -51,7 +51,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -92,7 +92,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format.log-expected.json index eb7684cca89..35afa4a3789 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-date-format.log-expected.json @@ -9,7 +9,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -50,7 +50,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -92,7 +92,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -133,7 +133,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -175,7 +175,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -216,7 +216,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -250,7 +250,7 @@ ] }, { - "@timestamp": "2022-01-17T01:11:43.000+11:00", + "@timestamp": "2022-01-16T22:11:43.000+08:00", "cisco": { "ios": { "facility": "FOO", @@ -258,7 +258,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -299,7 +299,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -341,7 +341,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -382,7 +382,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -423,7 +423,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -465,7 +465,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -506,7 +506,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -548,7 +548,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -589,7 +589,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -631,7 +631,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -672,7 +672,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -714,7 +714,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-fqdn.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-fqdn.log-expected.json index 90880c1e633..20e9d8dacf4 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-fqdn.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-fqdn.log-expected.json @@ -9,7 +9,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog-header.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog-header.log-expected.json index 2a8f38955ee..cddc7044a5d 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog-header.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog-header.log-expected.json @@ -10,7 +10,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -51,7 +51,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -93,7 +93,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -134,7 +134,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -175,7 +175,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -217,7 +217,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -257,7 +257,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -297,7 +297,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -337,7 +337,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -376,7 +376,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -415,7 +415,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -453,7 +453,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -491,7 +491,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -531,7 +531,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -572,7 +572,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -612,7 +612,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -649,7 +649,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -690,7 +690,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog.log-expected.json index 555da1261a7..ab943e15d8c 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-syslog.log-expected.json @@ -9,7 +9,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -49,7 +49,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -93,7 +93,7 @@ "ip": "10.100.8.34" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "deny", @@ -155,7 +155,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -196,7 +196,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -237,7 +237,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -277,7 +277,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -314,7 +314,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -351,7 +351,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -398,7 +398,7 @@ "port": 53 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -479,7 +479,7 @@ "port": 80 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -526,7 +526,7 @@ { "@timestamp": "2024-08-18T07:15:04.461+02:00", "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -563,7 +563,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -604,7 +604,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -643,7 +643,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -682,7 +682,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-tzoffset.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-tzoffset.log-expected.json index 2ca5bc75d7b..af776a4e492 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-tzoffset.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-tzoffset.log-expected.json @@ -9,7 +9,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-yearfirst-timestamp.log-expected.json b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-yearfirst-timestamp.log-expected.json index 853a5a7563c..e4c8ecbbe2e 100644 --- a/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-yearfirst-timestamp.log-expected.json +++ b/packages/cisco_ios/data_stream/log/_dev/test/pipeline/test-yearfirst-timestamp.log-expected.json @@ -8,7 +8,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ios/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_ios/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 7fac83ed8ea..e378a01816e 100644 --- a/packages/cisco_ios/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_ios/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -4,7 +4,7 @@ description: Pipeline for Cisco IOS logs. processors: - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - set: field: event.category value: [network] diff --git a/packages/cisco_ios/data_stream/log/sample_event.json b/packages/cisco_ios/data_stream/log/sample_event.json index 9e86d28642d..33f4790ca19 100644 --- a/packages/cisco_ios/data_stream/log/sample_event.json +++ b/packages/cisco_ios/data_stream/log/sample_event.json @@ -19,7 +19,7 @@ "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "f00ff835-626e-4a18-a8a2-0bb3ebb7503f", diff --git a/packages/cisco_ios/docs/README.md b/packages/cisco_ios/docs/README.md index 8e421668613..ef6739002cd 100644 --- a/packages/cisco_ios/docs/README.md +++ b/packages/cisco_ios/docs/README.md @@ -45,7 +45,7 @@ An example event for `log` looks as following: "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "f00ff835-626e-4a18-a8a2-0bb3ebb7503f", diff --git a/packages/cisco_ios/manifest.yml b/packages/cisco_ios/manifest.yml index a389a5866ad..af3e85648c3 100644 --- a/packages/cisco_ios/manifest.yml +++ b/packages/cisco_ios/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: cisco_ios title: Cisco IOS -version: "1.28.1" +version: "1.29.0" description: Collect logs from Cisco IOS with Elastic Agent. type: integration categories: diff --git a/packages/cisco_ise/_dev/build/build.yml b/packages/cisco_ise/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/cisco_ise/_dev/build/build.yml +++ b/packages/cisco_ise/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/cisco_ise/changelog.yml b/packages/cisco_ise/changelog.yml index 80f9240aa23..b53b1ae2d73 100644 --- a/packages/cisco_ise/changelog.yml +++ b/packages/cisco_ise/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.25.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.24.2" changes: - description: Revert mapping change for cisco_av_pair that was introduced with 1.24.1. diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-ad-connector.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-ad-connector.log-expected.json index 7a439ea4b9e..ef4bb47cb86 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-ad-connector.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-ad-connector.log-expected.json @@ -34,7 +34,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -106,7 +106,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -180,7 +180,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -249,7 +249,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -315,7 +315,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -384,7 +384,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -450,7 +450,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -520,7 +520,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -588,7 +588,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -651,7 +651,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -716,7 +716,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "ad-connector", @@ -779,7 +779,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -828,7 +828,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-administrative-and-operational-audit.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-administrative-and-operational-audit.log-expected.json index 27a6f22e1ab..c948320c858 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-administrative-and-operational-audit.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-administrative-and-operational-audit.log-expected.json @@ -35,7 +35,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -115,7 +115,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -188,7 +188,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -268,7 +268,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -347,7 +347,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -424,7 +424,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -508,7 +508,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -593,7 +593,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -681,7 +681,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -763,7 +763,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "feedservice", @@ -824,7 +824,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "feedservice", @@ -899,7 +899,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -979,7 +979,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -1061,7 +1061,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -1139,7 +1139,7 @@ "ip": "10.0.9.204" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap-tls", @@ -1216,7 +1216,7 @@ "ip": "10.0.9.204" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap-tls", @@ -1296,7 +1296,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -1401,7 +1401,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -1484,7 +1484,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -1579,7 +1579,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "process-management", @@ -1661,7 +1661,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -1742,7 +1742,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -1823,7 +1823,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -1899,7 +1899,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -1975,7 +1975,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -2052,7 +2052,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -2129,7 +2129,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -2206,7 +2206,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "administrator-login", @@ -2275,7 +2275,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -2334,7 +2334,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -2409,7 +2409,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -2517,7 +2517,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -2611,7 +2611,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -2701,7 +2701,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -2786,7 +2786,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", @@ -2877,7 +2877,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "configuration-changes", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-authentication-flow-diagnostics.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-authentication-flow-diagnostics.log-expected.json index 3db84c6cba3..93647d929d4 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-authentication-flow-diagnostics.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-authentication-flow-diagnostics.log-expected.json @@ -62,7 +62,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "workflow", @@ -170,7 +170,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "workflow", @@ -276,7 +276,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "authentication", @@ -382,7 +382,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "workflow", @@ -490,7 +490,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "workflow", @@ -596,7 +596,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "workflow", @@ -712,7 +712,7 @@ "ip": "10.0.9.204" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "workflow", @@ -823,7 +823,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "workflow", @@ -915,7 +915,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "authentication", @@ -996,7 +996,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-cise-alarm.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-cise-alarm.log-expected.json index ffea3095a4a..fb1dbdcc8a2 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-cise-alarm.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-cise-alarm.log-expected.json @@ -15,7 +15,7 @@ "address": "abcdefghihknm021.eur.aa.abce.abc" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Queue Link Error", @@ -60,7 +60,7 @@ "address": "aabcdefghihk001.eur.aa.abce.abc" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Queue Link Error", @@ -102,7 +102,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -146,7 +146,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -190,7 +190,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -234,7 +234,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -281,7 +281,7 @@ "address": "asafsfas5e03nm021.eur.aa.abce.abc" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Queue Link Error", @@ -323,7 +323,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -368,7 +368,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "EAP Connection Timeout", @@ -412,7 +412,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -456,7 +456,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -500,7 +500,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -547,7 +547,7 @@ "address": "abcdefghihklm003.eur.aa.abce.abc" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Queue Link Error", @@ -589,7 +589,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -636,7 +636,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Dynamic Authorization Failed for Device", @@ -686,7 +686,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Dynamic Authorization Failed for Device", @@ -736,7 +736,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Dynamic Authorization Failed for Device", @@ -786,7 +786,7 @@ "address": "chaabcdefghj021.eur.aa.abce.abc" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Queue Link Error", @@ -828,7 +828,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -872,7 +872,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -916,7 +916,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Profiler SNMP Request Failure", @@ -961,7 +961,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "EAP Connection Timeout", @@ -1008,7 +1008,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "Dynamic Authorization Failed for Device", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-failed-attempts.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-failed-attempts.log-expected.json index dea3f3b786e..c18765c2113 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-failed-attempts.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-failed-attempts.log-expected.json @@ -83,7 +83,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "failed-attempt", @@ -269,7 +269,7 @@ "ip": "81.2.69.145" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "failed-attempt", @@ -355,7 +355,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "guest", @@ -495,7 +495,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -681,7 +681,7 @@ "ip": "81.2.69.145" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -1114,7 +1114,7 @@ "port": 1645 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "failed-attempt", @@ -1199,7 +1199,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-guest.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-guest.log-expected.json index e5d3ff26ed4..7f612f9a31d 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-guest.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-guest.log-expected.json @@ -45,7 +45,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "guest", @@ -135,7 +135,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "guest", @@ -217,7 +217,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -267,7 +267,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -320,7 +320,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-identity-stores-diagnostics.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-identity-stores-diagnostics.log-expected.json index fb2203698c4..7452d2c3350 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-identity-stores-diagnostics.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-identity-stores-diagnostics.log-expected.json @@ -49,7 +49,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "local-user-db", @@ -140,7 +140,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "local-user-db", @@ -234,7 +234,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "local-user-db", @@ -330,7 +330,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "local-user-db", @@ -424,7 +424,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "local-user-db", @@ -494,7 +494,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -555,7 +555,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -616,7 +616,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -677,7 +677,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -739,7 +739,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -823,7 +823,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -915,7 +915,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -1006,7 +1006,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "local-user-db", @@ -1098,7 +1098,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "local-user-db", @@ -1193,7 +1193,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -1263,7 +1263,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "external-active-directory", @@ -1341,7 +1341,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-internal-operations-diagnostics.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-internal-operations-diagnostics.log-expected.json index 1bd2eb55eea..d61e7440a48 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-internal-operations-diagnostics.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-internal-operations-diagnostics.log-expected.json @@ -28,7 +28,7 @@ "port": 9025 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -88,7 +88,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "profiler", @@ -154,7 +154,7 @@ "port": 9005 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -220,7 +220,7 @@ "port": 9005 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "system-management", @@ -286,7 +286,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "logging", @@ -344,7 +344,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-monitoring-data-purge-audit.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-monitoring-data-purge-audit.log-expected.json index ce2a263b9f0..92ee3463936 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-monitoring-data-purge-audit.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-monitoring-data-purge-audit.log-expected.json @@ -16,7 +16,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "null", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-my-devices.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-my-devices.log-expected.json index 6a6397dfd72..356da02792d 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-my-devices.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-my-devices.log-expected.json @@ -57,7 +57,7 @@ "mac": "00-00-00-00-00-00" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -161,7 +161,7 @@ "mac": "00-00-00-00-00-01" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -244,7 +244,7 @@ "mac": "00-00-00-00-00-00" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -319,7 +319,7 @@ "mac": "12-34-52-24-24-32" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -406,7 +406,7 @@ "mac": "00-00-00-00-00-00" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -509,7 +509,7 @@ "mac": "00-00-00-00-00-01" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -591,7 +591,7 @@ "mac": "00-00-00-00-00-00" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "mydevices", @@ -665,7 +665,7 @@ "mac": "12-34-52-24-24-32" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-passed-authentications.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-passed-authentications.log-expected.json index e379d41728c..093be0f37bd 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-passed-authentications.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-passed-authentications.log-expected.json @@ -197,7 +197,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "passed-authentication", @@ -298,7 +298,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "guest", @@ -460,7 +460,7 @@ "port": 1645 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "passed-authentication", @@ -546,7 +546,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -619,7 +619,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -663,7 +663,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -796,7 +796,7 @@ "port": 1645 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "failed-authentication", @@ -952,7 +952,7 @@ "port": 1645 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "failed-authentication", @@ -1108,7 +1108,7 @@ "port": 1645 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "failed-authentication", @@ -1526,7 +1526,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "passed-authentication", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-policy-diagnostics.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-policy-diagnostics.log-expected.json index 4b7e5ff8419..8895d56b943 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-policy-diagnostics.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-policy-diagnostics.log-expected.json @@ -41,7 +41,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "policy", @@ -139,7 +139,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "policy", @@ -261,7 +261,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "policy", @@ -376,7 +376,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "policy", @@ -471,7 +471,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "policy", @@ -571,7 +571,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "policy", @@ -664,7 +664,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "policy", @@ -751,7 +751,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-posture-client-provisioning-audit.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-posture-client-provisioning-audit.log-expected.json index a2bb520a61c..f59c8a04d38 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-posture-client-provisioning-audit.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-posture-client-provisioning-audit.log-expected.json @@ -32,7 +32,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eps", @@ -103,7 +103,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting-identifier.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting-identifier.log-expected.json index d66ae4d0933..18005f599c2 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting-identifier.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting-identifier.log-expected.json @@ -134,7 +134,7 @@ "ip": "81.2.69.143" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius-accounting", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting.log-expected.json index 040eefd491a..c81117a7f53 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-accounting.log-expected.json @@ -114,7 +114,7 @@ "ip": "81.2.69.145" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius-accounting", @@ -232,7 +232,7 @@ "ip": "81.2.69.145" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius-accounting", @@ -348,7 +348,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-diagnostics.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-diagnostics.log-expected.json index 700ec666cb7..ba52e9966ff 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-diagnostics.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-radius-diagnostics.log-expected.json @@ -58,7 +58,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -182,7 +182,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -268,7 +268,7 @@ "port": 1813 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -378,7 +378,7 @@ "port": 1813 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -500,7 +500,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -604,7 +604,7 @@ "port": 73 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -683,7 +683,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -783,7 +783,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -893,7 +893,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -993,7 +993,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -1097,7 +1097,7 @@ "port": 1813 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -1196,7 +1196,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -1312,7 +1312,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -1436,7 +1436,7 @@ "port": 72 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -1552,7 +1552,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -1668,7 +1668,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -1787,7 +1787,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -1912,7 +1912,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2037,7 +2037,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2163,7 +2163,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2283,7 +2283,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2398,7 +2398,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2518,7 +2518,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2637,7 +2637,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2756,7 +2756,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2876,7 +2876,7 @@ "port": 1812 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "eap", @@ -2990,7 +2990,7 @@ "port": 1892 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-system-statistics.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-system-statistics.log-expected.json index f22d939f1af..b7380b3c8af 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-system-statistics.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-system-statistics.log-expected.json @@ -77,7 +77,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": [ @@ -173,7 +173,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": [ @@ -317,7 +317,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": [ @@ -409,7 +409,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": [ @@ -497,7 +497,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": [ @@ -568,7 +568,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": [ @@ -646,7 +646,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": [ diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-tacacs-accounting.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-tacacs-accounting.log-expected.json index 7763722cb58..cab7727166f 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-tacacs-accounting.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-tacacs-accounting.log-expected.json @@ -112,7 +112,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "tacacs-accounting", @@ -264,7 +264,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "tacacs-accounting", @@ -435,7 +435,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "tacacs-accounting", @@ -581,7 +581,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -707,7 +707,7 @@ "ip": "81.2.69.145" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "tacacs-accounting", diff --git a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-threat-centric-nac.log-expected.json b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-threat-centric-nac.log-expected.json index 9bf9cedc3ab..b5c0a462f76 100644 --- a/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-threat-centric-nac.log-expected.json +++ b/packages/cisco_ise/data_stream/log/_dev/test/pipeline/test-pipeline-threat-centric-nac.log-expected.json @@ -28,7 +28,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "irf", @@ -95,7 +95,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "irf", @@ -155,7 +155,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "radius", @@ -213,7 +213,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_ise/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_ise/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 40481869bdf..1a2c28d7c49 100644 --- a/packages/cisco_ise/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_ise/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for Cisco ISE logs. processors: - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - rename: field: message target_field: event.original diff --git a/packages/cisco_ise/data_stream/log/sample_event.json b/packages/cisco_ise/data_stream/log/sample_event.json index e5cc59b64c8..3de120ef715 100644 --- a/packages/cisco_ise/data_stream/log/sample_event.json +++ b/packages/cisco_ise/data_stream/log/sample_event.json @@ -122,7 +122,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "901f4c48-583a-4848-aa7b-89dc8e9c4b76", diff --git a/packages/cisco_ise/docs/README.md b/packages/cisco_ise/docs/README.md index d537084af19..eb8625740b6 100644 --- a/packages/cisco_ise/docs/README.md +++ b/packages/cisco_ise/docs/README.md @@ -158,7 +158,7 @@ An example event for `log` looks as following: "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "901f4c48-583a-4848-aa7b-89dc8e9c4b76", diff --git a/packages/cisco_ise/manifest.yml b/packages/cisco_ise/manifest.yml index bc52b283db0..0f5a69ad667 100644 --- a/packages/cisco_ise/manifest.yml +++ b/packages/cisco_ise/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: cisco_ise title: Cisco ISE -version: "1.24.2" +version: "1.25.0" description: Collect logs from Cisco ISE with Elastic Agent. type: integration categories: diff --git a/packages/cisco_nexus/_dev/build/build.yml b/packages/cisco_nexus/_dev/build/build.yml index 71f48ba2a9c..06addc83d9d 100644 --- a/packages/cisco_nexus/_dev/build/build.yml +++ b/packages/cisco_nexus/_dev/build/build.yml @@ -1,4 +1,4 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" import_mappings: true diff --git a/packages/cisco_nexus/changelog.yml b/packages/cisco_nexus/changelog.yml index 80ce2812be3..39f76dc430c 100644 --- a/packages/cisco_nexus/changelog.yml +++ b/packages/cisco_nexus/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.2.0" changes: - description: "Allow @custom pipeline access to event.original without setting preserve_original_event." diff --git a/packages/cisco_nexus/data_stream/log/_dev/test/pipeline/test-nexus.log-expected.json b/packages/cisco_nexus/data_stream/log/_dev/test/pipeline/test-nexus.log-expected.json index 96b3e16ecf5..8a101e74d3c 100644 --- a/packages/cisco_nexus/data_stream/log/_dev/test/pipeline/test-nexus.log-expected.json +++ b/packages/cisco_nexus/data_stream/log/_dev/test/pipeline/test-nexus.log-expected.json @@ -11,7 +11,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -50,7 +50,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -102,7 +102,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -151,7 +151,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -199,7 +199,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -261,7 +261,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -318,7 +318,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -362,7 +362,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -416,7 +416,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -467,7 +467,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -516,7 +516,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "SYSTEM_MSG", @@ -578,7 +578,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -636,7 +636,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -681,7 +681,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -736,7 +736,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -788,7 +788,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -838,7 +838,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -909,7 +909,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -969,7 +969,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -1016,7 +1016,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1073,7 +1073,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1125,7 +1125,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -1171,7 +1171,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1250,7 +1250,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1308,7 +1308,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -1348,7 +1348,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1417,7 +1417,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1465,7 +1465,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -1499,7 +1499,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1546,7 +1546,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "DETECT_MULTIPLE_PEERS", @@ -1586,7 +1586,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -1632,7 +1632,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1707,7 +1707,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1765,7 +1765,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -1807,7 +1807,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "SYSTEM_MSG", @@ -1864,7 +1864,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1921,7 +1921,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -1973,7 +1973,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "CFGWRITE_STARTED", @@ -2030,7 +2030,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "CFGWRITE_DONE", @@ -2079,7 +2079,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2160,7 +2160,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2221,7 +2221,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "SYSLOG_SL_MSG_WARNING", @@ -2287,7 +2287,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2346,7 +2346,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2407,7 +2407,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2458,7 +2458,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "SYSTEM_MSG", @@ -2501,7 +2501,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "SYSTEM_MSG", @@ -2559,7 +2559,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2618,7 +2618,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2674,7 +2674,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2735,7 +2735,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2793,7 +2793,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2858,7 +2858,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2917,7 +2917,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -2984,7 +2984,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3039,7 +3039,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "SYSTEM_MSG", @@ -3094,7 +3094,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3145,7 +3145,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3194,7 +3194,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3256,7 +3256,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3310,7 +3310,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "TACACS_WARNING", @@ -3357,7 +3357,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "TACACS_WARNING", @@ -3412,7 +3412,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3466,7 +3466,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3530,7 +3530,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3585,7 +3585,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3660,7 +3660,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "LOGOUT", @@ -3727,7 +3727,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3792,7 +3792,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3850,7 +3850,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3904,7 +3904,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -3974,7 +3974,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "code": "LOGOUT_C6K", @@ -4021,4 +4021,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/cisco_nexus/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_nexus/data_stream/log/elasticsearch/ingest_pipeline/default.yml index d4f7aab5412..5c53fe6ad4a 100644 --- a/packages/cisco_nexus/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_nexus/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for processing Cisco Nexus logs. processors: - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' tag: 'set_ecs_version' - set: field: observer.vendor diff --git a/packages/cisco_nexus/data_stream/log/sample_event.json b/packages/cisco_nexus/data_stream/log/sample_event.json index d85cd98c687..011f7bd97a9 100644 --- a/packages/cisco_nexus/data_stream/log/sample_event.json +++ b/packages/cisco_nexus/data_stream/log/sample_event.json @@ -26,7 +26,7 @@ "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "45b4f828-da65-463c-980e-09ba9a67922b", diff --git a/packages/cisco_nexus/docs/README.md b/packages/cisco_nexus/docs/README.md index 366bf9f8732..cb76d0d9a5f 100644 --- a/packages/cisco_nexus/docs/README.md +++ b/packages/cisco_nexus/docs/README.md @@ -71,7 +71,7 @@ An example event for `log` looks as following: "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "45b4f828-da65-463c-980e-09ba9a67922b", diff --git a/packages/cisco_nexus/manifest.yml b/packages/cisco_nexus/manifest.yml index 06cfe1e6e64..fec9fecb1dd 100644 --- a/packages/cisco_nexus/manifest.yml +++ b/packages/cisco_nexus/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: cisco_nexus title: Cisco Nexus -version: "1.2.0" +version: "1.3.0" description: Collect logs from Cisco Nexus with Elastic Agent. type: integration categories: diff --git a/packages/cisco_secure_email_gateway/_dev/build/build.yml b/packages/cisco_secure_email_gateway/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/cisco_secure_email_gateway/_dev/build/build.yml +++ b/packages/cisco_secure_email_gateway/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/cisco_secure_email_gateway/changelog.yml b/packages/cisco_secure_email_gateway/changelog.yml index 1d786b95693..778457079a3 100644 --- a/packages/cisco_secure_email_gateway/changelog.yml +++ b/packages/cisco_secure_email_gateway/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.25.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.24.2" changes: - description: Fix parsing the text_mail log lines for file uploads. diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-amp.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-amp.log-expected.json index 0caa6628372..6410782bcdc 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-amp.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-amp.log-expected.json @@ -11,7 +11,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -55,7 +55,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -110,7 +110,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -152,7 +152,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -206,7 +206,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -253,7 +253,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -301,7 +301,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -349,7 +349,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -391,7 +391,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -442,7 +442,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { @@ -493,7 +493,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "attachments": { diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-anti-spam.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-anti-spam.log-expected.json index c4580ab5f5b..94f9a666b91 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-anti-spam.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-anti-spam.log-expected.json @@ -14,7 +14,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -46,7 +46,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -79,7 +79,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-antivirus.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-antivirus.log-expected.json index 9b23bc2d996..4768749156a 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-antivirus.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-antivirus.log-expected.json @@ -13,7 +13,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "69391938" @@ -52,7 +52,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68431780" @@ -91,7 +91,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "66842418" @@ -132,7 +132,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "66784457" @@ -173,7 +173,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68016096" @@ -214,7 +214,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68016096" @@ -255,7 +255,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "66301278" @@ -296,7 +296,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "67753636" @@ -337,7 +337,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "66710307" @@ -373,7 +373,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "66708787" diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-consolidated-event.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-consolidated-event.log-expected.json index 119e3998510..c45fa558f32 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-consolidated-event.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-consolidated-event.log-expected.json @@ -60,7 +60,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "direction": "inbound", @@ -167,7 +167,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "direction": "inbound", @@ -271,7 +271,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -366,7 +366,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -462,7 +462,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -570,7 +570,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -678,7 +678,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -799,7 +799,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -931,7 +931,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1039,7 +1039,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1160,7 +1160,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1274,7 +1274,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1392,7 +1392,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1509,7 +1509,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1627,7 +1627,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1748,7 +1748,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1823,7 +1823,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "2348764", @@ -1890,7 +1890,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1999,7 +1999,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -2125,7 +2125,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -2242,7 +2242,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-content-scanner.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-content-scanner.log-expected.json index a4b617da359..ef78a5331ca 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-content-scanner.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-content-scanner.log-expected.json @@ -13,7 +13,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -47,7 +47,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-error.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-error.log-expected.json index 35b62108b82..ed12ae5dfb1 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-error.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-error.log-expected.json @@ -13,7 +13,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -44,7 +44,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "subject": "'Warning example.com: Your \"IronPort Email Encryption\" key will expire in under 60...': Unrecoverable error", @@ -87,7 +87,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "subject": "Warning example.com: Your \"IronPort Email Encryption\" key will expire in under 60...", @@ -126,7 +126,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "subject": "'Critical example.com: Log Error: Subscription error_logs: Failed to connect to 10....' (attempt #0)", diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-gui-log.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-gui-log.log-expected.json index bb6dffcd353..ade950494a8 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-gui-log.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-gui-log.log-expected.json @@ -14,7 +14,7 @@ "ip": "1.128.3.4" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -88,7 +88,7 @@ "ip": "1.128.3.4" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -142,7 +142,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -186,7 +186,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "category": [ @@ -230,7 +230,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -270,7 +270,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -314,7 +314,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -344,7 +344,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -374,7 +374,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -413,7 +413,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -452,7 +452,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-mail-file-upload.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-mail-file-upload.log-expected.json index ac911c31598..67091dfb8ae 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-mail-file-upload.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-mail-file-upload.log-expected.json @@ -13,7 +13,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "96521668" @@ -53,7 +53,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "118210542" @@ -93,7 +93,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "118204993" @@ -133,7 +133,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "114536988" @@ -173,7 +173,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "115066977" @@ -213,7 +213,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "119039446" @@ -252,7 +252,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "108550225" @@ -291,7 +291,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "101104085" @@ -330,7 +330,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "115872223" @@ -369,7 +369,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "115872174" @@ -408,7 +408,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "115330889" @@ -447,7 +447,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "101100063" @@ -475,7 +475,7 @@ }, { "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "original": " ", diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-status.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-status.log-expected.json index 1966d3ee277..7df17a12239 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-status.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-status.log-expected.json @@ -96,7 +96,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "0" diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-system.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-system.log-expected.json index e826b8a799a..fb2f6d5c0c8 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-system.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-system.log-expected.json @@ -12,7 +12,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -57,7 +57,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -87,7 +87,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -117,7 +117,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -147,7 +147,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", diff --git a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-text-mail.log-expected.json b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-text-mail.log-expected.json index 829970dbd99..a187ba263f9 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-text-mail.log-expected.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/_dev/test/pipeline/test-common-text-mail.log-expected.json @@ -15,7 +15,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "111" @@ -48,7 +48,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -80,7 +80,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -109,7 +109,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "subject": "\"Warning cisco.esa: URL category definitions have changed.; Added new category '...\"", @@ -155,7 +155,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -193,7 +193,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "6" @@ -225,7 +225,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -263,7 +263,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "6", @@ -300,7 +300,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -338,7 +338,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -370,7 +370,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -409,7 +409,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "6" @@ -443,7 +443,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "6" @@ -478,7 +478,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "6" @@ -511,7 +511,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -541,7 +541,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -570,7 +570,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "subject": "Warning example.com: Your \"IronPort Email Encryption\" key will expire in under 60...", @@ -608,7 +608,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "kind": "event", @@ -636,7 +636,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "subject": "'Warning cisco.esa: Your \"Sophos Anti-Virus\" key will expire in under 60 day(s)....'", @@ -675,7 +675,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "subject": "'Warning example.com: Your \"IronPort Email Encryption\" key will expire in under 60...': Unrecoverable error", @@ -720,7 +720,7 @@ "port": 0 }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "to": { @@ -765,7 +765,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -797,7 +797,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -829,7 +829,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -861,7 +861,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -893,7 +893,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -925,7 +925,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -957,7 +957,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -990,7 +990,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -1022,7 +1022,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -1054,7 +1054,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -1086,7 +1086,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -1121,7 +1121,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1161,7 +1161,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "direction": "inbound", @@ -1194,7 +1194,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -1232,7 +1232,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1278,7 +1278,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -1312,7 +1312,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "from": { @@ -1353,7 +1353,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" @@ -1388,7 +1388,7 @@ } }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "email": { "message_id": "68119155" diff --git a/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 6665c7bd731..27e66155c29 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cisco_secure_email_gateway/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for Cisco Secure Email Gateway logs. processors: - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - set: field: _tmp.filepath value: '{{{log.file.path}}}' diff --git a/packages/cisco_secure_email_gateway/data_stream/log/sample_event.json b/packages/cisco_secure_email_gateway/data_stream/log/sample_event.json index 609e0694919..f14823355c3 100644 --- a/packages/cisco_secure_email_gateway/data_stream/log/sample_event.json +++ b/packages/cisco_secure_email_gateway/data_stream/log/sample_event.json @@ -21,7 +21,7 @@ "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "0949f27e-3199-48ba-af2b-55e717cda399", diff --git a/packages/cisco_secure_email_gateway/docs/README.md b/packages/cisco_secure_email_gateway/docs/README.md index ba9cc87ebe5..46ae37c8c00 100644 --- a/packages/cisco_secure_email_gateway/docs/README.md +++ b/packages/cisco_secure_email_gateway/docs/README.md @@ -283,7 +283,7 @@ An example event for `log` looks as following: "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "0949f27e-3199-48ba-af2b-55e717cda399", diff --git a/packages/cisco_secure_email_gateway/manifest.yml b/packages/cisco_secure_email_gateway/manifest.yml index ef4ad02b303..c91c2378914 100644 --- a/packages/cisco_secure_email_gateway/manifest.yml +++ b/packages/cisco_secure_email_gateway/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: cisco_secure_email_gateway title: Cisco Secure Email Gateway -version: "1.24.2" +version: "1.25.0" description: Collect logs from Cisco Secure Email Gateway with Elastic Agent. type: integration categories: diff --git a/packages/citrix_waf/_dev/build/build.yml b/packages/citrix_waf/_dev/build/build.yml index 2bfcfc223b0..d19a3a31dc2 100644 --- a/packages/citrix_waf/_dev/build/build.yml +++ b/packages/citrix_waf/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: "git@v8.11.0" + reference: "git@v8.16.0" diff --git a/packages/citrix_waf/changelog.yml b/packages/citrix_waf/changelog.yml index f80cd3d1dc1..e753438effb 100644 --- a/packages/citrix_waf/changelog.yml +++ b/packages/citrix_waf/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: ECS version updated to 8.16.0. + type: enhancement + link: https://github.com/elastic/integrations/pull/12119 - version: "1.16.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-cef.log-expected.json b/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-cef.log-expected.json index 1f6094a0dd2..adc444b6f23 100644 --- a/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-cef.log-expected.json +++ b/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-cef.log-expected.json @@ -34,7 +34,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "blocked", @@ -108,7 +108,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "not blocked", @@ -183,7 +183,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "transformed", @@ -258,7 +258,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "blocked", @@ -335,7 +335,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "not blocked", @@ -412,7 +412,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "not blocked", @@ -486,7 +486,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "transformed", @@ -560,7 +560,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "transformed", @@ -634,7 +634,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "not blocked", @@ -709,7 +709,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "action": "not blocked", @@ -750,4 +750,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-native.log-expected.json b/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-native.log-expected.json index 3731806c773..9e8744cf83d 100644 --- a/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-native.log-expected.json +++ b/packages/citrix_waf/data_stream/log/_dev/test/pipeline/test-citrix-waf-native.log-expected.json @@ -31,7 +31,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "60", @@ -70,7 +70,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "5743593", @@ -109,7 +109,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "4471", @@ -148,7 +148,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "4472", @@ -187,7 +187,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "4473", @@ -226,7 +226,7 @@ "ip": "81.2.69.144" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "4474", @@ -248,7 +248,7 @@ "name": "CMD_EXECUTED" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "149531", @@ -271,7 +271,7 @@ "name": "Message" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "490029", @@ -294,7 +294,7 @@ "name": "Message" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "490026", @@ -317,7 +317,7 @@ "name": "Message" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "event": { "id": "490023", @@ -327,4 +327,4 @@ } } ] -} \ No newline at end of file +} diff --git a/packages/citrix_waf/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/citrix_waf/data_stream/log/elasticsearch/ingest_pipeline/default.yml index ea5132f06f9..d1560bee6b6 100644 --- a/packages/citrix_waf/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/citrix_waf/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for Citrix Web App Firewall logs processors: - set: field: ecs.version - value: '8.11.0' + value: '8.16.0' - rename: field: message target_field: event.original diff --git a/packages/citrix_waf/data_stream/log/sample_event.json b/packages/citrix_waf/data_stream/log/sample_event.json index 50182a84992..0e8d4588443 100644 --- a/packages/citrix_waf/data_stream/log/sample_event.json +++ b/packages/citrix_waf/data_stream/log/sample_event.json @@ -44,7 +44,7 @@ "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "e30119bc-b47d-4e56-86e3-4a9683305c6e", diff --git a/packages/citrix_waf/docs/README.md b/packages/citrix_waf/docs/README.md index 6827f3247ab..f034a7d55f0 100644 --- a/packages/citrix_waf/docs/README.md +++ b/packages/citrix_waf/docs/README.md @@ -95,7 +95,7 @@ An example event for `log` looks as following: "type": "logs" }, "ecs": { - "version": "8.11.0" + "version": "8.16.0" }, "elastic_agent": { "id": "e30119bc-b47d-4e56-86e3-4a9683305c6e", diff --git a/packages/citrix_waf/manifest.yml b/packages/citrix_waf/manifest.yml index 340cb333bbf..d9408bc92c2 100644 --- a/packages/citrix_waf/manifest.yml +++ b/packages/citrix_waf/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: citrix_waf title: "Citrix Web App Firewall" -version: "1.16.1" +version: "1.17.0" description: Ingest events from Citrix Systems Web App Firewall. type: integration categories: