From 02b7e62d36a80541714e9b8a55fe134c19174299 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 12:45:08 +0100
Subject: [PATCH 01/16] WIP

---
 .ci/Jenkinsfile                               |   5 +-
 Makefile                                      |  12 +-
 scripts/test-check-packages.sh                |  24 ++-
 test/packages/log/changelog.yml               |  21 --
 .../log/agent/stream/stream.yml.hbs           |   9 -
 .../data_stream/log/fields/base-fields.yml    |  12 --
 .../packages/log/data_stream/log/manifest.yml |  28 ---
 test/packages/log/docs/README.md              |   3 -
 test/packages/log/img/icon.svg                |   4 -
 test/packages/log/manifest.yml                |  24 ---
 .../data_stream/stubstatus/fields/agent.yml   | 198 ------------------
 .../fields_tests/_dev/build/build.yml         |   0
 .../fields_tests/_dev/build/docs/README.md    |   0
 .../{ => other}/fields_tests/changelog.yml    |   0
 .../first/agent/stream/stream.yml.hbs         |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../data_stream/first/fields/base-fields.yml  |   0
 .../data_stream/first/fields/geo-fields.yml   |   0
 .../data_stream/first/manifest.yml            |   0
 .../data_stream/first/sample_event.json       |   0
 .../{ => other}/fields_tests/docs/README.md   |   0
 .../{ => other}/fields_tests/manifest.yml     |   0
 .../_dev/deploy/docker/docker-compose.yml     |   0
 .../_dev/deploy/docker/logs/generated.log     |   0
 .../{ => other}/multiinput/changelog.yml      |   0
 .../test/_dev/test/system/test-tcp-config.yml |   0
 .../test/_dev/test/system/test-udp-config.yml |   0
 .../test/agent/stream/stream.yml.hbs          |   0
 .../data_stream/test/agent/stream/tcp.yml.hbs |   0
 .../data_stream/test/agent/stream/udp.yml.hbs |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../data_stream/test/fields/base-fields.yml   |   0
 .../data_stream/test/fields/ecs.yml           |   0
 .../multiinput/data_stream/test/manifest.yml  |   0
 .../{ => other}/multiinput/docs/README.md     |   0
 .../{ => other}/multiinput/manifest.yml       |   0
 .../{ => other}/pipeline_tests/changelog.yml  |   0
 .../_dev/test/pipeline/test-access-raw.log    |   0
 .../pipeline/test-access-raw.log-config.yml   |   0
 .../test-access-raw.log-expected.json         |   0
 .../test/agent/stream/stream.yml.hbs          |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../data_stream/test/fields/base-fields.yml   |   0
 .../data_stream/test/manifest.yml             |   0
 .../{ => other}/pipeline_tests/docs/README.md |   0
 .../{ => other}/pipeline_tests/manifest.yml   |   0
 .../apache/_dev/build/build.yml               |   0
 .../apache/_dev/build/docs/README.md          |   0
 .../apache/_dev/deploy/docker/Dockerfile      |   0
 .../_dev/deploy/docker/docker-compose.yml     |   0
 .../apache/_dev/deploy/docker/httpd.conf      |   0
 .../apache/_dev/deploy/variants.yml           |   0
 .../{ => parallel}/apache/changelog.yml       |   0
 .../_dev/test/pipeline/test-access-basic.log  |   0
 .../test-access-basic.log-expected.json       |   0
 .../_dev/test/pipeline/test-access-darwin.log |   0
 .../test-access-darwin.log-expected.json      |   0
 .../test/pipeline/test-access-ssl-request.log |   0
 .../test-access-ssl-request.log-expected.json |   0
 .../_dev/test/pipeline/test-access-ubuntu.log |   0
 .../test-access-ubuntu.log-expected.json      |   0
 .../_dev/test/pipeline/test-access-vhost.log  |   0
 .../test-access-vhost.log-expected.json       |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../access/agent/stream/httpjson.yml.hbs      |   0
 .../access/agent/stream/log.yml.hbs           |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../ingest_pipeline/third-party.yml           |   0
 .../data_stream/access/fields/agent.yml       |   0
 .../data_stream/access/fields/base-fields.yml |   0
 .../apache/data_stream/access/fields/ecs.yml  |   0
 .../data_stream/access/fields/fields.yml      |   0
 .../apache/data_stream/access/manifest.yml    |   0
 .../data_stream/access/sample_event.json      |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../_dev/test/pipeline/test-error-basic.log   |   0
 .../test-error-basic.log-expected.json        |   0
 .../_dev/test/pipeline/test-error-darwin.log  |   0
 .../test-error-darwin.log-expected.json       |   0
 .../_dev/test/pipeline/test-error-trace.log   |   0
 .../test-error-trace.log-expected.json        |   0
 .../_dev/test/pipeline/test-error-ubuntu.log  |   0
 .../test-error-ubuntu.log-expected.json       |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../error/agent/stream/httpjson.yml.hbs       |   0
 .../error/agent/stream/log.yml.hbs            |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../ingest_pipeline/third-party.yml           |   0
 .../apache/data_stream/error/fields/agent.yml |   0
 .../data_stream/error/fields/base-fields.yml  |   0
 .../apache/data_stream/error/fields/ecs.yml   |   0
 .../data_stream/error/fields/fields.yml       |   0
 .../apache/data_stream/error/manifest.yml     |   0
 .../data_stream/error/sample_event.json       |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../status/agent/stream/stream.yml.hbs        |   0
 .../data_stream/status/fields/agent.yml       |   0
 .../data_stream/status/fields/base-fields.yml |   0
 .../apache/data_stream/status/fields/ecs.yml  |   0
 .../data_stream/status/fields/fields.yml      |   0
 .../apache/data_stream/status/manifest.yml    |   0
 .../data_stream/status/sample_event.json      |   0
 .../{ => parallel}/apache/docs/README.md      |   0
 .../apache/img/apache-logs-overview.png       | Bin
 .../apache/img/apache-metrics-overview.png    | Bin
 .../{ => parallel}/apache/img/logo_apache.svg |   0
 .../apache-Logs-Apache-Dashboard.json         |   0
 ...he-Metrics-Apache-HTTPD-server-status.json |   0
 .../kibana/ml_module/apache-Logs-ml.json      |   0
 .../apache/kibana/search/apache-HTTPD.json    |   0
 .../kibana/search/apache-access-logs.json     |   0
 .../kibana/search/apache-errors-log.json      |   0
 ...-22057f20-3a12-11eb-8946-296aab7b13db.json |   0
 ...-320cd980-3a36-11eb-8946-296aab7b13db.json |   0
 ...-47820ce0-3a1d-11eb-8946-296aab7b13db.json |   0
 ...-7724cf20-3a39-11eb-8946-296aab7b13db.json |   0
 ...-7d68f730-3a39-11eb-8946-296aab7b13db.json |   0
 ...-805d7bb0-3a10-11eb-8946-296aab7b13db.json |   0
 ...-99666080-3a20-11eb-8946-296aab7b13db.json |   0
 .../visualization/apache-HTTPD-CPU.json       |   0
 .../apache-HTTPD-Load1-slash-5-slash-15.json  |   0
 .../apache-HTTPD-Scoreboard.json              |   0
 ...-a45311f0-3a34-11eb-8946-296aab7b13db.json |   0
 .../apache-access-unique-IPs-map.json         |   0
 .../kibana/visualization/apache-browsers.json |   0
 ...-ed44f820-3a10-11eb-8946-296aab7b13db.json |   0
 .../apache-error-logs-over-time.json          |   0
 ...-f4ffec70-3a36-11eb-8946-296aab7b13db.json |   0
 .../apache-operating-systems.json             |   0
 .../apache-response-codes-of-top-URLs.json    |   0
 .../apache-response-codes-over-time.json      |   0
 .../{ => parallel}/apache/manifest.yml        |   0
 .../{ => parallel}/aws/_dev/build/build.yml   |   0
 .../aws/_dev/build/docs/README.md             |   0
 .../aws/_dev/build/docs/billing.md            |   0
 .../aws/_dev/build/docs/cloudtrail.md         |   0
 .../aws/_dev/build/docs/cloudwatch.md         |   0
 .../aws/_dev/build/docs/dynamodb.md           |   0
 .../{ => parallel}/aws/_dev/build/docs/ebs.md |   0
 .../{ => parallel}/aws/_dev/build/docs/ec2.md |   0
 .../{ => parallel}/aws/_dev/build/docs/elb.md |   0
 .../aws/_dev/build/docs/lambda.md             |   0
 .../aws/_dev/build/docs/natgateway.md         |   0
 .../{ => parallel}/aws/_dev/build/docs/rds.md |   0
 .../{ => parallel}/aws/_dev/build/docs/s3.md  |   0
 .../aws/_dev/build/docs/s3_storage_lens.md    |   0
 .../{ => parallel}/aws/_dev/build/docs/sns.md |   0
 .../{ => parallel}/aws/_dev/build/docs/sqs.md |   0
 .../aws/_dev/build/docs/transitgateway.md     |   0
 .../aws/_dev/build/docs/usage.md              |   0
 .../aws/_dev/build/docs/vpcflow.md            |   0
 .../{ => parallel}/aws/_dev/build/docs/vpn.md |   0
 .../{ => parallel}/aws/_dev/build/docs/waf.md |   0
 .../packages/{ => parallel}/aws/changelog.yml |   0
 .../billing/agent/stream/stream.yml.hbs       |   0
 .../aws/data_stream/billing/fields/agent.yml  |   0
 .../billing/fields/base-fields.yml            |   0
 .../aws/data_stream/billing/fields/ecs.yml    |   0
 .../aws/data_stream/billing/fields/fields.yml |   0
 .../billing/fields/package-fields.yml         |   0
 .../aws/data_stream/billing/manifest.yml      |   0
 .../aws/data_stream/billing/sample_event.json |   0
 .../pipeline/test-add-user-to-group-json.log  |   0
 ...t-add-user-to-group-json.log-expected.json |   0
 .../test/pipeline/test-assume-role-json.log   |   0
 .../test-assume-role-json.log-expected.json   |   0
 .../pipeline/test-change-password-json.log    |   0
 ...est-change-password-json.log-expected.json |   0
 .../pipeline/test-cloudtrail-digest-json.log  |   0
 ...t-cloudtrail-digest-json.log-expected.json |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../test/pipeline/test-console-login-json.log |   0
 .../test-console-login-json.log-expected.json |   0
 .../pipeline/test-create-access-key-json.log  |   0
 ...t-create-access-key-json.log-expected.json |   0
 .../test/pipeline/test-create-group-json.log  |   0
 .../test-create-group-json.log-expected.json  |   0
 .../pipeline/test-create-key-pair-json.log    |   0
 ...est-create-key-pair-json.log-expected.json |   0
 .../test/pipeline/test-create-trail-json.log  |   0
 .../test-create-trail-json.log-expected.json  |   0
 .../test/pipeline/test-create-user-json.log   |   0
 .../test-create-user-json.log-expected.json   |   0
 .../test-create-virtual-mfa-device-json.log   |   0
 ...-virtual-mfa-device-json.log-expected.json |   0
 .../test-deactivate-mfa-device-json.log       |   0
 ...activate-mfa-device-json.log-expected.json |   0
 .../pipeline/test-delete-access-key-json.log  |   0
 ...t-delete-access-key-json.log-expected.json |   0
 .../test/pipeline/test-delete-bucket-json.log |   0
 .../test-delete-bucket-json.log-expected.json |   0
 .../test/pipeline/test-delete-group-json.log  |   0
 .../test-delete-group-json.log-expected.json  |   0
 .../test-delete-ssh-public-key-json.log       |   0
 ...lete-ssh-public-key-json.log-expected.json |   0
 .../test/pipeline/test-delete-trail-json.log  |   0
 .../test-delete-trail-json.log-expected.json  |   0
 .../test/pipeline/test-delete-user-json.log   |   0
 .../test-delete-user-json.log-expected.json   |   0
 .../test-delete-virtual-mfa-device-json.log   |   0
 ...-virtual-mfa-device-json.log-expected.json |   0
 .../pipeline/test-enable-mfa-device-json.log  |   0
 ...t-enable-mfa-device-json.log-expected.json |   0
 .../_dev/test/pipeline/test-insight-json.log  |   0
 .../test-insight-json.log-expected.json       |   0
 .../test-remove-user-from-group-json.log      |   0
 ...ove-user-from-group-json.log-expected.json |   0
 .../test/pipeline/test-start-logging-json.log |   0
 .../test-start-logging-json.log-expected.json |   0
 .../test/pipeline/test-stop-logging-json.log  |   0
 .../test-stop-logging-json.log-expected.json  |   0
 .../pipeline/test-update-access-key-json.log  |   0
 ...t-update-access-key-json.log-expected.json |   0
 ...est-update-accout-password-policy-json.log |   0
 ...out-password-policy-json.log-expected.json |   0
 .../test/pipeline/test-update-group-json.log  |   0
 .../test-update-group-json.log-expected.json  |   0
 .../test-update-login-profile-json.log        |   0
 ...pdate-login-profile-json.log-expected.json |   0
 .../test-update-ssh-public-key-json.log       |   0
 ...date-ssh-public-key-json.log-expected.json |   0
 .../test/pipeline/test-update-trail-json.log  |   0
 .../test-update-trail-json.log-expected.json  |   0
 .../test/pipeline/test-update-user-json.log   |   0
 .../test-update-user-json.log-expected.json   |   0
 .../test-upload-ssh-public-key-json.log       |   0
 ...load-ssh-public-key-json.log-expected.json |   0
 .../cloudtrail/agent/stream/aws-s3.yml.hbs    |   0
 .../cloudtrail/agent/stream/httpjson.yml.hbs  |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../ingest_pipeline/third-party.yml           |   0
 .../data_stream/cloudtrail/fields/agent.yml   |   0
 .../cloudtrail/fields/base-fields.yml         |   0
 .../aws/data_stream/cloudtrail/fields/ecs.yml |   0
 .../data_stream/cloudtrail/fields/fields.yml  |   0
 .../aws/data_stream/cloudtrail/manifest.yml   |   0
 .../data_stream/cloudtrail/sample_event.json  |   0
 .../test/pipeline/test-cloudwatch-ec2.log     |   0
 .../test-cloudwatch-ec2.log-expected.json     |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../agent/stream/aws-s3.yml.hbs               |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../cloudwatch_logs/fields/agent.yml          |   0
 .../cloudwatch_logs/fields/base-fields.yml    |   0
 .../cloudwatch_logs/fields/ecs.yml            |   0
 .../cloudwatch_logs/fields/fields.yml         |   0
 .../data_stream/cloudwatch_logs/manifest.yml  |   0
 .../cloudwatch_logs/sample_event.json         |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../cloudwatch_metrics/fields/agent.yml       |   0
 .../cloudwatch_metrics/fields/base-fields.yml |   0
 .../cloudwatch_metrics/fields/ecs.yml         |   0
 .../cloudwatch_metrics/fields/fields.yml      |   0
 .../fields/package-fields.yml                 |   0
 .../cloudwatch_metrics/manifest.yml           |   0
 .../cloudwatch_metrics/sample_event.json      |   0
 .../dynamodb/agent/stream/stream.yml.hbs      |   0
 .../aws/data_stream/dynamodb/fields/agent.yml |   0
 .../dynamodb/fields/base-fields.yml           |   0
 .../aws/data_stream/dynamodb/fields/ecs.yml   |   0
 .../data_stream/dynamodb/fields/fields.yml    |   0
 .../dynamodb/fields/package-fields.yml        |   0
 .../aws/data_stream/dynamodb/manifest.yml     |   0
 .../data_stream/dynamodb/sample_event.json    |   0
 .../ebs/agent/stream/stream.yml.hbs           |   0
 .../aws/data_stream/ebs/fields/agent.yml      |   0
 .../data_stream/ebs/fields/base-fields.yml    |   0
 .../aws/data_stream/ebs/fields/ecs.yml        |   0
 .../aws/data_stream/ebs/fields/fields.yml     |   0
 .../data_stream/ebs/fields/package-fields.yml |   0
 .../aws/data_stream/ebs/manifest.yml          |   0
 .../aws/data_stream/ebs/sample_event.json     |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../ec2_logs/_dev/test/pipeline/test-ec2.log  |   0
 .../test/pipeline/test-ec2.log-expected.json  |   0
 .../ec2_logs/agent/stream/aws-s3.yml.hbs      |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../aws/data_stream/ec2_logs/fields/agent.yml |   0
 .../ec2_logs/fields/base-fields.yml           |   0
 .../aws/data_stream/ec2_logs/fields/ecs.yml   |   0
 .../data_stream/ec2_logs/fields/fields.yml    |   0
 .../aws/data_stream/ec2_logs/manifest.yml     |   0
 .../data_stream/ec2_logs/sample_event.json    |   0
 .../ec2_metrics/_dev/deploy/tf/env.yml        |   0
 .../ec2_metrics/_dev/deploy/tf/main.tf        |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../ec2_metrics/agent/stream/stream.yml.hbs   |   0
 .../data_stream/ec2_metrics/fields/agent.yml  |   0
 .../ec2_metrics/fields/base-fields.yml        |   0
 .../data_stream/ec2_metrics/fields/ecs.yml    |   0
 .../data_stream/ec2_metrics/fields/fields.yml |   0
 .../ec2_metrics/fields/package-fields.yml     |   0
 .../aws/data_stream/ec2_metrics/manifest.yml  |   0
 .../data_stream/ec2_metrics/sample_event.json |   0
 .../elb_logs/_dev/test/pipeline/test-alb.log  |   0
 .../test/pipeline/test-alb.log-expected.json  |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../elb_logs/agent/stream/aws-s3.yml.hbs      |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../aws/data_stream/elb_logs/fields/agent.yml |   0
 .../elb_logs/fields/base-fields.yml           |   0
 .../aws/data_stream/elb_logs/fields/ecs.yml   |   0
 .../data_stream/elb_logs/fields/fields.yml    |   0
 .../aws/data_stream/elb_logs/manifest.yml     |   0
 .../data_stream/elb_logs/sample_event.json    |   0
 .../elb_metrics/agent/stream/stream.yml.hbs   |   0
 .../data_stream/elb_metrics/fields/agent.yml  |   0
 .../elb_metrics/fields/base-fields.yml        |   0
 .../data_stream/elb_metrics/fields/ecs.yml    |   0
 .../data_stream/elb_metrics/fields/fields.yml |   0
 .../elb_metrics/fields/package-fields.yml     |   0
 .../aws/data_stream/elb_metrics/manifest.yml  |   0
 .../data_stream/elb_metrics/sample_event.json |   0
 .../lambda/agent/stream/stream.yml.hbs        |   0
 .../aws/data_stream/lambda/fields/agent.yml   |   0
 .../data_stream/lambda/fields/base-fields.yml |   0
 .../aws/data_stream/lambda/fields/ecs.yml     |   0
 .../aws/data_stream/lambda/fields/fields.yml  |   0
 .../lambda/fields/package-fields.yml          |   0
 .../aws/data_stream/lambda/manifest.yml       |   0
 .../aws/data_stream/lambda/sample_event.json  |   0
 .../natgateway/agent/stream/stream.yml.hbs    |   0
 .../data_stream/natgateway/fields/agent.yml   |   0
 .../natgateway/fields/base-fields.yml         |   0
 .../aws/data_stream/natgateway/fields/ecs.yml |   0
 .../data_stream/natgateway/fields/fields.yml  |   0
 .../natgateway/fields/package-fields.yml      |   0
 .../aws/data_stream/natgateway/manifest.yml   |   0
 .../data_stream/natgateway/sample_event.json  |   0
 .../rds/agent/stream/stream.yml.hbs           |   0
 .../aws/data_stream/rds/fields/agent.yml      |   0
 .../data_stream/rds/fields/base-fields.yml    |   0
 .../aws/data_stream/rds/fields/ecs.yml        |   0
 .../aws/data_stream/rds/fields/fields.yml     |   0
 .../data_stream/rds/fields/package-fields.yml |   0
 .../aws/data_stream/rds/manifest.yml          |   0
 .../aws/data_stream/rds/sample_event.json     |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../s3_daily_storage/fields/agent.yml         |   0
 .../s3_daily_storage/fields/base-fields.yml   |   0
 .../s3_daily_storage/fields/ecs.yml           |   0
 .../s3_daily_storage/fields/fields.yml        |   0
 .../fields/package-fields.yml                 |   0
 .../data_stream/s3_daily_storage/manifest.yml |   0
 .../s3_daily_storage/sample_event.json        |   0
 .../s3_request/agent/stream/stream.yml.hbs    |   0
 .../data_stream/s3_request/fields/agent.yml   |   0
 .../s3_request/fields/base-fields.yml         |   0
 .../aws/data_stream/s3_request/fields/ecs.yml |   0
 .../data_stream/s3_request/fields/fields.yml  |   0
 .../s3_request/fields/package-fields.yml      |   0
 .../aws/data_stream/s3_request/manifest.yml   |   0
 .../data_stream/s3_request/sample_event.json  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../s3_storage_lens/fields/agent.yml          |   0
 .../s3_storage_lens/fields/base-fields.yml    |   0
 .../s3_storage_lens/fields/ecs.yml            |   0
 .../s3_storage_lens/fields/fields.yml         |   0
 .../s3_storage_lens/fields/package-fields.yml |   0
 .../data_stream/s3_storage_lens/manifest.yml  |   0
 .../s3_storage_lens/sample_event.json         |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../test/pipeline/test-s3-server-access.log   |   0
 .../test-s3-server-access.log-expected.json   |   0
 .../s3access/agent/stream/aws-s3.yml.hbs      |   0
 .../s3access/agent/stream/log.yml.hbs         |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../aws/data_stream/s3access/fields/agent.yml |   0
 .../s3access/fields/base-fields.yml           |   0
 .../aws/data_stream/s3access/fields/ecs.yml   |   0
 .../data_stream/s3access/fields/fields.yml    |   0
 .../aws/data_stream/s3access/manifest.yml     |   0
 .../data_stream/s3access/sample_event.json    |   0
 .../sns/agent/stream/stream.yml.hbs           |   0
 .../aws/data_stream/sns/fields/agent.yml      |   0
 .../data_stream/sns/fields/base-fields.yml    |   0
 .../aws/data_stream/sns/fields/ecs.yml        |   0
 .../aws/data_stream/sns/fields/fields.yml     |   0
 .../data_stream/sns/fields/package-fields.yml |   0
 .../aws/data_stream/sns/manifest.yml          |   0
 .../aws/data_stream/sns/sample_event.json     |   0
 .../sqs/agent/stream/stream.yml.hbs           |   0
 .../aws/data_stream/sqs/fields/agent.yml      |   0
 .../data_stream/sqs/fields/base-fields.yml    |   0
 .../aws/data_stream/sqs/fields/ecs.yml        |   0
 .../aws/data_stream/sqs/fields/fields.yml     |   0
 .../data_stream/sqs/fields/package-fields.yml |   0
 .../aws/data_stream/sqs/manifest.yml          |   0
 .../aws/data_stream/sqs/sample_event.json     |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../transitgateway/fields/agent.yml           |   0
 .../transitgateway/fields/base-fields.yml     |   0
 .../data_stream/transitgateway/fields/ecs.yml |   0
 .../transitgateway/fields/fields.yml          |   0
 .../transitgateway/fields/package-fields.yml  |   0
 .../data_stream/transitgateway/manifest.yml   |   0
 .../transitgateway/sample_event.json          |   0
 .../usage/agent/stream/stream.yml.hbs         |   0
 .../aws/data_stream/usage/fields/agent.yml    |   0
 .../data_stream/usage/fields/base-fields.yml  |   0
 .../aws/data_stream/usage/fields/ecs.yml      |   0
 .../aws/data_stream/usage/fields/fields.yml   |   0
 .../usage/fields/package-fields.yml           |   0
 .../aws/data_stream/usage/manifest.yml        |   0
 .../aws/data_stream/usage/sample_event.json   |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../_dev/test/pipeline/test-extra-samples.log |   0
 .../test-extra-samples.log-expected.json      |   0
 .../test/pipeline/test-tcp-flag-sequence.log  |   0
 .../test-tcp-flag-sequence.log-expected.json  |   0
 .../vpcflow/agent/stream/aws-s3.yml.hbs       |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../aws/data_stream/vpcflow/fields/agent.yml  |   0
 .../vpcflow/fields/base-fields.yml            |   0
 .../aws/data_stream/vpcflow/fields/ecs.yml    |   0
 .../aws/data_stream/vpcflow/fields/fields.yml |   0
 .../aws/data_stream/vpcflow/manifest.yml      |   0
 .../aws/data_stream/vpcflow/sample_event.json |   0
 .../vpn/agent/stream/stream.yml.hbs           |   0
 .../aws/data_stream/vpn/fields/agent.yml      |   0
 .../data_stream/vpn/fields/base-fields.yml    |   0
 .../aws/data_stream/vpn/fields/ecs.yml        |   0
 .../aws/data_stream/vpn/fields/fields.yml     |   0
 .../data_stream/vpn/fields/package-fields.yml |   0
 .../aws/data_stream/vpn/manifest.yml          |   0
 .../aws/data_stream/vpn/sample_event.json     |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../waf/_dev/test/pipeline/test-waf.log       |   0
 .../test/pipeline/test-waf.log-expected.json  |   0
 .../waf/agent/stream/aws-s3.yml.hbs           |   0
 .../data_stream/waf/agent/stream/log.yml.hbs  |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../aws/data_stream/waf/fields/agent.yml      |   0
 .../data_stream/waf/fields/base-fields.yml    |   0
 .../aws/data_stream/waf/fields/ecs.yml        |   0
 .../aws/data_stream/waf/fields/fields.yml     |   0
 .../aws/data_stream/waf/manifest.yml          |   0
 .../aws/data_stream/waf/sample_event.json     |   0
 .../{ => parallel}/aws/docs/README.md         |   0
 .../{ => parallel}/aws/docs/billing.md        |   0
 .../{ => parallel}/aws/docs/cloudtrail.md     |   0
 .../{ => parallel}/aws/docs/cloudwatch.md     |   0
 .../{ => parallel}/aws/docs/dynamodb.md       |   0
 test/packages/{ => parallel}/aws/docs/ebs.md  |   0
 test/packages/{ => parallel}/aws/docs/ec2.md  |   0
 test/packages/{ => parallel}/aws/docs/elb.md  |   0
 .../{ => parallel}/aws/docs/lambda.md         |   0
 .../{ => parallel}/aws/docs/natgateway.md     |   0
 test/packages/{ => parallel}/aws/docs/rds.md  |   0
 test/packages/{ => parallel}/aws/docs/s3.md   |   0
 .../aws/docs/s3_storage_lens.md               |   0
 test/packages/{ => parallel}/aws/docs/sns.md  |   0
 test/packages/{ => parallel}/aws/docs/sqs.md  |   0
 .../{ => parallel}/aws/docs/transitgateway.md |   0
 .../packages/{ => parallel}/aws/docs/usage.md |   0
 .../{ => parallel}/aws/docs/vpcflow.md        |   0
 test/packages/{ => parallel}/aws/docs/vpn.md  |   0
 test/packages/{ => parallel}/aws/docs/waf.md  |   0
 .../aws/img/filebeat-aws-cloudtrail.png       | Bin
 .../aws/img/filebeat-aws-elb-overview.png     | Bin
 .../img/filebeat-aws-s3access-overview.png    | Bin
 .../aws/img/filebeat-aws-vpcflow-overview.png | Bin
 .../{ => parallel}/aws/img/logo_aws.svg       |   0
 .../{ => parallel}/aws/img/logo_billing.svg   |   0
 .../aws/img/logo_cloudtrail.svg               |   0
 .../aws/img/logo_cloudwatch.svg               |   0
 .../{ => parallel}/aws/img/logo_dynamodb.svg  |   0
 .../{ => parallel}/aws/img/logo_ebs.svg       |   0
 .../{ => parallel}/aws/img/logo_ec2.svg       |   0
 .../{ => parallel}/aws/img/logo_elb.svg       |   0
 .../{ => parallel}/aws/img/logo_lambda.svg    |   0
 .../aws/img/logo_natgateway.svg               |   0
 .../{ => parallel}/aws/img/logo_rds.svg       |   0
 .../{ => parallel}/aws/img/logo_s3.svg        |   0
 .../aws/img/logo_s3_storage_lens.svg          |   0
 .../{ => parallel}/aws/img/logo_sns.svg       |   0
 .../{ => parallel}/aws/img/logo_sqs.svg       |   0
 .../aws/img/logo_transitgateway.svg           |   0
 .../{ => parallel}/aws/img/logo_vpcflow.svg   |   0
 .../{ => parallel}/aws/img/logo_vpn.svg       |   0
 .../{ => parallel}/aws/img/logo_waf.svg       |   0
 .../img/metricbeat-aws-billing-overview.png   | Bin
 .../img/metricbeat-aws-dynamodb-overview.png  | Bin
 .../aws/img/metricbeat-aws-ebs-overview.png   | Bin
 .../aws/img/metricbeat-aws-ec2-overview.png   | Bin
 .../aws/img/metricbeat-aws-elb-overview.png   | Bin
 .../img/metricbeat-aws-lambda-overview.png    | Bin
 .../aws/img/metricbeat-aws-overview.png       | Bin
 .../aws/img/metricbeat-aws-rds-overview.png   | Bin
 .../aws/img/metricbeat-aws-s3-overview.png    | Bin
 ...etricbeat-aws-s3-storage-lens-overview.png | Bin
 .../aws/img/metricbeat-aws-sns-overview.png   | Bin
 .../aws/img/metricbeat-aws-sqs-overview.png   | Bin
 .../aws/img/metricbeat-aws-usage-overview.png | Bin
 ...-0eb5a6a0-694f-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-15503340-4488-11ea-ad63-791a5dc86f10.json |   0
 ...-234aeda0-43b7-11e9-8697-530f39afc6eb.json |   0
 ...-3367c170-921f-11e9-aa19-159bf182e06f.json |   0
 ...-3af47420-3e7b-11ea-bb0a-69c3ca1d410f.json |   0
 ...-44ce4680-b7ba-11e9-8349-f15f850c5cd0.json |   0
 ...-4746e000-bacd-11e9-9f70-1f7bda85a5eb.json |   0
 ...-67c9f900-693e-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-68ba7bd0-20b6-11ea-8f72-2f8d21e50b0c.json |   0
 ...-7ac8e1d0-28d2-11ea-ba6c-49a884eb104f.json |   0
 ...-80ed1380-41a6-11ec-a605-bff67d9b7872.json |   0
 ...-917a07b0-178e-11ea-8650-fb606deb5be4.json |   0
 ...-9c09cd20-7399-11ea-a345-f985c61fe654.json |   0
 ...-a096b830-4762-11e9-8062-c98a86cb6f94.json |   0
 ...-c2b1cbc0-6891-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-c5846400-f7fb-11e8-af03-c999c9dea608.json |   0
 ...-d17b1000-17a4-11ea-8e91-03c7047cbb9d.json |   0
 ...-e6776b10-1534-11ea-841c-01bf20a6c8ba.json |   0
 ...-e74bf320-b3ce-11e9-87a4-078dbbae220d.json |   0
 ...-fac28650-7349-11e9-816b-07687310a99a.json |   0
 ...-0d511340-41a1-11ec-a605-bff67d9b7872.json |   0
 ...-1a1508a0-41a8-11ec-a605-bff67d9b7872.json |   0
 ...-30e707b0-41a1-11ec-a605-bff67d9b7872.json |   0
 ...-30fd4e40-f0a1-11eb-b61f-a53cb4913361.json |   0
 ...-352dd3f0-41b3-11ec-a605-bff67d9b7872.json |   0
 ...-41e37710-f09d-11eb-b61f-a53cb4913361.json |   0
 ...-6445e130-41b5-11ec-a605-bff67d9b7872.json |   0
 ...-68f36fb0-f0a0-11eb-b61f-a53cb4913361.json |   0
 ...-7543b3e0-41b5-11ec-a605-bff67d9b7872.json |   0
 ...-8560b400-f096-11eb-b61f-a53cb4913361.json |   0
 ...-8614f2f0-41a2-11ec-a605-bff67d9b7872.json |   0
 ...-8721fb80-41b5-11ec-a605-bff67d9b7872.json |   0
 ...-8d42b050-41a5-11ec-a605-bff67d9b7872.json |   0
 ...-955b2000-41a1-11ec-a605-bff67d9b7872.json |   0
 ...-9a64ca30-427b-11ec-9b39-b9df88395505.json |   0
 ...-9fb44b60-41b2-11ec-a605-bff67d9b7872.json |   0
 ...-b0077d10-f09b-11eb-b61f-a53cb4913361.json |   0
 ...-bbc80900-f09e-11eb-b61f-a53cb4913361.json |   0
 ...-c4419a90-f091-11eb-b61f-a53cb4913361.json |   0
 ...-cd0300c0-41a8-11ec-a605-bff67d9b7872.json |   0
 ...-d33fa860-41a0-11ec-a605-bff67d9b7872.json |   0
 ...-ed494970-41b2-11ec-a605-bff67d9b7872.json |   0
 ...-f757eba0-f0a0-11eb-b61f-a53cb4913361.json |   0
 ...-f8d829f0-41a8-11ec-a605-bff67d9b7872.json |   0
 ...-f9ff3450-f094-11eb-b61f-a53cb4913361.json |   0
 ...-0edf0640-3e7e-11ea-bb0a-69c3ca1d410f.json |   0
 ...-513a3d70-4482-11ea-ad63-791a5dc86f10.json |   0
 ...-dae24080-739a-11ea-a345-f985c61fe654.json |   0
 ...-30ccde50-7397-11ea-a345-f985c61fe654.json |   0
 ...-5e5a3c90-bac0-11e9-9f70-1f7bda85a5eb.json |   0
 ...-c1aee600-4487-11ea-ad63-791a5dc86f10.json |   0
 ...-007ceec0-694c-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-00b29040-921d-11e9-aa19-159bf182e06f.json |   0
 ...-01ed5990-694a-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-08645080-6891-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-09857a20-180f-11ea-8e91-03c7047cbb9d.json |   0
 ...-09db13f0-2bdd-11e9-9fe1-cde861544141.json |   0
 ...-0a36b590-694c-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-0f056420-739e-11ea-a345-f985c61fe654.json |   0
 ...-10e0f270-694c-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-11f4e0d0-42a9-11ec-a440-675e476c18bb.json |   0
 ...-1235fe50-41e7-11e9-b7a0-c99d9d127b61.json |   0
 ...-128fd450-734e-11e9-816b-07687310a99a.json |   0
 ...-12eff7e0-b7b9-11e9-8349-f15f850c5cd0.json |   0
 ...-13e624c0-180e-11ea-8e91-03c7047cbb9d.json |   0
 ...-142ad600-693b-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-15818fd0-f7f9-11e8-af03-c999c9dea608.json |   0
 ...-17fcda50-921b-11e9-aa19-159bf182e06f.json |   0
 ...-1f3f00c0-28d1-11ea-ba6c-49a884eb104f.json |   0
 ...-1f528f50-b3ce-11e9-87a4-078dbbae220d.json |   0
 ...-219c1850-3e82-11ea-bb0a-69c3ca1d410f.json |   0
 ...-21f30090-b3ca-11e9-87a4-078dbbae220d.json |   0
 ...-233b3400-f7f9-11e8-af03-c999c9dea608.json |   0
 ...-247e2990-4699-11ea-ad63-791a5dc86f10.json |   0
 ...-25384bf0-b7b9-11e9-8349-f15f850c5cd0.json |   0
 ...-26b73e50-6943-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-2929edb0-178e-11ea-8650-fb606deb5be4.json |   0
 ...-2b2d58b0-4762-11e9-8062-c98a86cb6f94.json |   0
 ...-2dbb8f90-4760-11e9-8062-c98a86cb6f94.json |   0
 ...-2e265070-42a6-11ec-a440-675e476c18bb.json |   0
 ...-2ee7f420-6943-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-31a4ea90-152b-11ea-841c-01bf20a6c8ba.json |   0
 ...-31ad4090-2003-11ea-8f72-2f8d21e50b0c.json |   0
 ...-37aeedc0-42a9-11ec-a440-675e476c18bb.json |   0
 ...-396089c0-7399-11ea-a345-f985c61fe654.json |   0
 ...-398d12d0-7352-11e9-816b-07687310a99a.json |   0
 ...-39dfc8d0-28cf-11ea-ba6c-49a884eb104f.json |   0
 ...-3a3914d0-4761-11e9-8062-c98a86cb6f94.json |   0
 ...-3c08b9b0-42a3-11ec-a440-675e476c18bb.json |   0
 ...-3dee68c0-7b0c-11ea-9bb4-e958b64b5685.json |   0
 ...-415fed40-694f-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-41f5aaf0-42ac-11ec-a440-675e476c18bb.json |   0
 ...-42016bf0-728f-11e9-9a7b-4d62d5bcf4fc.json |   0
 ...-4658f540-734a-11e9-816b-07687310a99a.json |   0
 ...-49379b70-7b07-11ea-9bb4-e958b64b5685.json |   0
 ...-4bf0a740-28d1-11ea-ba6c-49a884eb104f.json |   0
 ...-4bf62a10-8310-11e9-ac83-47df3568ff90.json |   0
 ...-4c23e4c0-739a-11ea-a345-f985c61fe654.json |   0
 ...-526a1ba0-42a7-11ec-a440-675e476c18bb.json |   0
 ...-53730d20-437e-11e9-8697-530f39afc6eb.json |   0
 ...-54e88a40-734e-11e9-816b-07687310a99a.json |   0
 ...-572d40e0-b3ca-11e9-87a4-078dbbae220d.json |   0
 ...-57b610a0-41ad-11ec-a605-bff67d9b7872.json |   0
 ...-58e17c10-7349-11e9-816b-07687310a99a.json |   0
 ...-58f5a3c0-6943-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-59defc90-17a5-11ea-8e91-03c7047cbb9d.json |   0
 ...-59e2e110-178d-11ea-8650-fb606deb5be4.json |   0
 ...-5c586e80-427c-11ec-9b39-b9df88395505.json |   0
 ...-5c93cd10-bac3-11e9-9f70-1f7bda85a5eb.json |   0
 ...-6392bc30-b3c9-11e9-87a4-078dbbae220d.json |   0
 ...-67f43080-b7b9-11e9-8349-f15f850c5cd0.json |   0
 ...-681aab60-178c-11ea-8650-fb606deb5be4.json |   0
 ...-68970b10-6890-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-6e3285d0-4763-11e9-8062-c98a86cb6f94.json |   0
 ...-6f7f7680-180c-11ea-8e91-03c7047cbb9d.json |   0
 ...-6fc1efd0-b3c9-11e9-87a4-078dbbae220d.json |   0
 ...-73970bc0-3e86-11ea-bb0a-69c3ca1d410f.json |   0
 ...-749cd470-1530-11ea-841c-01bf20a6c8ba.json |   0
 ...-75853f20-4484-11ea-ad63-791a5dc86f10.json |   0
 ...-7593a130-427c-11ec-9b39-b9df88395505.json |   0
 ...-75ebfda0-1789-11ea-8650-fb606deb5be4.json |   0
 ...-76af8140-3e84-11ea-bb0a-69c3ca1d410f.json |   0
 ...-7b93bab0-7b0a-11ea-9bb4-e958b64b5685.json |   0
 ...-7bca4f50-739c-11ea-a345-f985c61fe654.json |   0
 ...-7d1e0870-7a3f-11ea-bfa4-dfea8c457654.json |   0
 ...-7dd7fab0-42ab-11ec-a440-675e476c18bb.json |   0
 ...-81d83c70-4762-11e9-8062-c98a86cb6f94.json |   0
 ...-82b8f4a0-427c-11ec-9b39-b9df88395505.json |   0
 ...-8345d580-6891-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-83f08eb0-1532-11ea-841c-01bf20a6c8ba.json |   0
 ...-8b34a100-4762-11e9-8062-c98a86cb6f94.json |   0
 ...-8b8a7f80-921c-11e9-aa19-159bf182e06f.json |   0
 ...-8cf5fbe0-7b07-11ea-9bb4-e958b64b5685.json |   0
 ...-8ec43590-739b-11ea-a345-f985c61fe654.json |   0
 ...-9121ac90-734d-11e9-816b-07687310a99a.json |   0
 ...-915bcd50-28d1-11ea-ba6c-49a884eb104f.json |   0
 ...-9202d1a0-178c-11ea-8650-fb606deb5be4.json |   0
 ...-95b322f0-734a-11e9-816b-07687310a99a.json |   0
 ...-966ae990-d979-11e9-9458-bbef63ad717b.json |   0
 ...-96834640-42a7-11ec-a440-675e476c18bb.json |   0
 ...-99ffdb00-bacb-11e9-9f70-1f7bda85a5eb.json |   0
 ...-9bf8e1e0-6890-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-9d284bc0-7b08-11ea-9bb4-e958b64b5685.json |   0
 ...-9e8c6030-f7f8-11e8-af03-c999c9dea608.json |   0
 ...-9f0425c0-7b0a-11ea-9bb4-e958b64b5685.json |   0
 ...-a1670af0-42a3-11ec-a440-675e476c18bb.json |   0
 ...-abdc7480-180b-11ea-8e91-03c7047cbb9d.json |   0
 ...-b00c4390-b7b8-11e9-8349-f15f850c5cd0.json |   0
 ...-b0afd3e0-43b7-11e9-8697-530f39afc6eb.json |   0
 ...-b2191dd0-734c-11e9-816b-07687310a99a.json |   0
 ...-b2ea15a0-b3c7-11e9-87a4-078dbbae220d.json |   0
 ...-b36532e0-688e-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-b403f7b0-7b15-11ea-9bb4-e958b64b5685.json |   0
 ...-b5308940-7347-11e9-816b-07687310a99a.json |   0
 ...-b6a308f0-3e82-11ea-bb0a-69c3ca1d410f.json |   0
 ...-b7f8bf90-180f-11ea-8e91-03c7047cbb9d.json |   0
 ...-b9703dd0-b3c9-11e9-87a4-078dbbae220d.json |   0
 ...-bad8c910-4485-11ea-ad63-791a5dc86f10.json |   0
 ...-bb3a6cd0-b7b6-11e9-8349-f15f850c5cd0.json |   0
 ...-bb82c4d0-6c25-11e9-81bc-7f4cd8b3d892.json |   0
 ...-bc5dcc90-688e-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-bc8bd8f0-31fd-11ea-bcbf-59cb7eefc1f0.json |   0
 ...-bd37d720-3e84-11ea-bb0a-69c3ca1d410f.json |   0
 ...-bdb8ddd0-6890-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-be6c4180-41e6-11e9-b7a0-c99d9d127b61.json |   0
 ...-be8828d0-f7f6-11e8-af03-c999c9dea608.json |   0
 ...-bf81e030-180e-11ea-8e91-03c7047cbb9d.json |   0
 ...-c0e32d50-b7b8-11e9-8349-f15f850c5cd0.json |   0
 ...-c186b610-688d-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-c1afd130-921e-11e9-aa19-159bf182e06f.json |   0
 ...-c1db9b80-694b-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-c4a82470-42aa-11ec-a440-675e476c18bb.json |   0
 ...-c631dc40-42ab-11ec-a440-675e476c18bb.json |   0
 ...-c7d6cf90-688e-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-c84ed3d0-6890-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-cc3a1950-921c-11e9-aa19-159bf182e06f.json |   0
 ...-cd6419c0-6949-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-ce7445c0-688f-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-ceb7c030-3e86-11ea-bb0a-69c3ca1d410f.json |   0
 ...-d045d120-b7b9-11e9-8349-f15f850c5cd0.json |   0
 ...-d186fd50-4763-11e9-8062-c98a86cb6f94.json |   0
 ...-d19a71b0-180e-11ea-8e91-03c7047cbb9d.json |   0
 ...-d2f46190-830f-11e9-ac83-47df3568ff90.json |   0
 ...-d560de70-b3c7-11e9-87a4-078dbbae220d.json |   0
 ...-d8b1e830-3e82-11ea-bb0a-69c3ca1d410f.json |   0
 ...-dc5f65b0-6949-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-dcd31cd0-41e5-11e9-b7a0-c99d9d127b61.json |   0
 ...-dd2f2a10-41e6-11e9-b7a0-c99d9d127b61.json |   0
 ...-deab0260-2981-11e9-86eb-a3a07a77f530.json |   0
 ...-dffa19e0-180e-11ea-8e91-03c7047cbb9d.json |   0
 ...-e06e4cf0-921e-11e9-aa19-159bf182e06f.json |   0
 ...-e0e65e60-688e-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-e1c345e0-42a9-11ec-a440-675e476c18bb.json |   0
 ...-e50c51e0-3e7f-11ea-bb0a-69c3ca1d410f.json |   0
 ...-ea9e3d40-693a-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-ef9717b0-427b-11ec-9b39-b9df88395505.json |   0
 ...-f1db6ec0-f7f8-11e8-af03-c999c9dea608.json |   0
 ...-f58f99b0-693a-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-f6831f30-b7b6-11e9-8349-f15f850c5cd0.json |   0
 ...-f74eb760-41e8-11e9-b7a0-c99d9d127b61.json |   0
 ...-f7c17000-6949-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-f8b63860-739e-11ea-a345-f985c61fe654.json |   0
 ...-f9b2beb0-42a9-11ec-a440-675e476c18bb.json |   0
 ...-fc0869c0-180e-11ea-8e91-03c7047cbb9d.json |   0
 ...-fcfc8d80-693e-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-fd915180-6890-11ea-b0ac-95d4ecb1fecd.json |   0
 ...-fe0581b0-b7b8-11e9-8349-f15f850c5cd0.json |   0
 ...-fed59380-f7f8-11e8-af03-c999c9dea608.json |   0
 test/packages/{ => parallel}/aws/manifest.yml |   0
 .../nginx}/_dev/build/build.yml               |   0
 .../nginx/_dev/build/docs/README.md           |   0
 .../nginx/_dev/deploy/docker/Dockerfile       |   0
 .../_dev/deploy/docker/docker-compose.yml     |   0
 .../nginx/_dev/deploy/docker/nginx.conf       |   0
 .../nginx/_dev/deploy/variants.yml            |   0
 .../{ => parallel}/nginx/changelog.yml        |   0
 .../access/_dev/test/pipeline/test-access.log |   0
 .../pipeline/test-access.log-expected.json    |   0
 .../_dev/test/pipeline/test-common-config.yml |   0
 .../access/_dev/test/pipeline/test-nginx.log  |   0
 .../pipeline/test-nginx.log-expected.json     |   0
 .../test/pipeline/test-test-with-host.log     |   0
 .../test-test-with-host.log-expected.json     |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../access/agent/stream/httpjson.yml.hbs      |   0
 .../access/agent/stream/stream.yml.hbs        |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../ingest_pipeline/third-party.yml           |   0
 .../nginx/data_stream/access/fields/agent.yml |   0
 .../data_stream/access/fields/base-fields.yml |   0
 .../nginx/data_stream/access/fields/ecs.yml   |   0
 .../data_stream/access/fields/fields.yml      |   0
 .../nginx/data_stream/access/manifest.yml     |   0
 .../data_stream/access/sample_event.json      |   0
 .../_dev/test/pipeline/test-error-raw.log     |   0
 .../pipeline/test-error-raw.log-config.yml    |   0
 .../pipeline/test-error-raw.log-expected.json |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../error/agent/stream/httpjson.yml.hbs       |   0
 .../error/agent/stream/stream.yml.hbs         |   0
 .../elasticsearch/ingest_pipeline/default.yml |   0
 .../ingest_pipeline/third-party.yml           |   0
 .../nginx/data_stream/error/fields/agent.yml  |   0
 .../data_stream/error/fields/base-fields.yml  |   0
 .../nginx/data_stream/error/fields/ecs.yml    |   0
 .../nginx/data_stream/error/fields/fields.yml |   0
 .../nginx/data_stream/error/manifest.yml      |   0
 .../nginx/data_stream/error/sample_event.json |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../stubstatus/agent/stream/stream.yml.hbs    |   0
 .../data_stream/stubstatus}/fields/agent.yml  |   0
 .../stubstatus/fields/base-fields.yml         |   0
 .../data_stream/stubstatus/fields/ecs.yml     |   0
 .../data_stream/stubstatus/fields/fields.yml  |   0
 .../nginx/data_stream/stubstatus/manifest.yml |   0
 .../data_stream/stubstatus/sample_event.json  |   0
 .../{ => parallel}/nginx/docs/README.md       |   0
 .../{ => parallel}/nginx/img/logo_nginx.svg   |   0
 .../nginx/img/nginx-logs-access-error.png     | Bin
 .../nginx/img/nginx-logs-overview.png         | Bin
 .../nginx/img/nginx-metrics-overview.png      | Bin
 ...-023d2930-f1a5-11e7-a9ef-93c69af7b129.json |   0
 ...-046212a0-a2a1-11e7-928f-5dbe6f6f5519.json |   0
 ...-55a9e6e0-a29e-11e7-928f-5dbe6f6f5519.json |   0
 .../nginx/kibana/ml_module/nginx-Logs-ml.json |   0
 ...-6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519.json |   0
 ...-9eb25600-a1f0-11e7-928f-5dbe6f6f5519.json |   0
 .../search/nginx-Logs-Nginx-integration.json  |   0
 ...-0dd6f320-a29f-11e7-928f-5dbe6f6f5519.json |   0
 ...-1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519.json |   0
 ...-46322e50-a1f6-11e7-928f-5dbe6f6f5519.json |   0
 ...-47a8e0f0-f1a4-11e7-a9ef-93c69af7b129.json |   0
 ...-555df8a0-f1a1-11e7-a9ef-93c69af7b129.json |   0
 ...-7cc9ea40-3af8-11eb-94b7-0dab91df36a6.json |   0
 ...-823b3c80-3af9-11eb-94b7-0dab91df36a6.json |   0
 ...-9184fa00-a1f5-11e7-928f-5dbe6f6f5519.json |   0
 ...-9484ecf0-3af5-11eb-94b7-0dab91df36a6.json |   0
 ...-97109780-a2a5-11e7-928f-5dbe6f6f5519.json |   0
 .../visualization/nginx-Access-Browsers.json  |   0
 .../visualization/nginx-Access-Map.json       |   0
 .../visualization/nginx-Access-OSes.json      |   0
 ...-a1d92240-f1a1-11e7-a9ef-93c69af7b129.json |   0
 ...-b70b1b20-a1f4-11e7-928f-5dbe6f6f5519.json |   0
 ...-d763a570-f1a1-11e7-a9ef-93c69af7b129.json |   0
 ...-dcbffe30-f1a4-11e7-a9ef-93c69af7b129.json |   0
 ...-e302b5a0-3afb-11eb-94b7-0dab91df36a6.json |   0
 ...-ea7f9e10-3af6-11eb-94b7-0dab91df36a6.json |   0
 .../{ => parallel}/nginx/manifest.yml         |   0
 .../kubernetes}/_dev/build/build.yml          |   0
 .../kubernetes/_dev/build/docs/README.md      |   0
 .../_dev/build/docs/container-logs.md         |   0
 .../kubernetes/_dev/build/docs/events.md      |   0
 .../_dev/build/docs/kube-apiserver.md         |   0
 .../build/docs/kube-controller-manager.md     |   0
 .../kubernetes/_dev/build/docs/kube-proxy.md  |   0
 .../_dev/build/docs/kube-scheduler.md         |   0
 .../_dev/build/docs/kube-state-metrics.md     |   0
 .../kubernetes/_dev/build/docs/kubelet.md     |   0
 .../_dev/deploy/k8s/cluster-role-binding.yaml |   0
 .../_dev/deploy/k8s/cluster-role.yaml         |   0
 .../kubernetes/_dev/deploy/k8s/conrjob.yaml   |   0
 .../_dev/deploy/k8s/deployment.yaml           |   0
 .../_dev/deploy/k8s/example-redis-config.yaml |   0
 .../kubernetes/_dev/deploy/k8s/job.yaml       |   0
 .../kubernetes/_dev/deploy/k8s/pv.yaml        |   0
 .../kubernetes/_dev/deploy/k8s/pvc.yaml       |   0
 .../kubernetes/_dev/deploy/k8s/rq.yaml        |   0
 .../_dev/deploy/k8s/service-account.yaml      |   0
 .../kubernetes/_dev/deploy/k8s/service.yaml   |   0
 .../kubernetes/_dev/deploy/k8s/ss.yaml        |   0
 .../{ => with-kind}/kubernetes/changelog.yml  |   0
 .../apiserver/_dev/deploy/k8s/.empty          |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../apiserver/agent/stream/stream.yml.hbs     |   0
 .../data_stream/apiserver}/fields/agent.yml   |   0
 .../apiserver/fields/base-fields.yml          |   0
 .../data_stream/apiserver/fields/ecs.yml      |   0
 .../data_stream/apiserver/fields/fields.yml   |   0
 .../data_stream/apiserver/manifest.yml        |   0
 .../data_stream/apiserver/sample_event.json   |   0
 .../container/_dev/deploy/k8s/.empty          |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../container/agent/stream/stream.yml.hbs     |   0
 .../data_stream/container/fields/agent.yml    |   0
 .../container/fields/base-fields.yml          |   0
 .../data_stream/container/fields/ecs.yml      |   0
 .../data_stream/container/fields/fields.yml   |   0
 .../data_stream/container/manifest.yml        |   0
 .../data_stream/container/sample_event.json   |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../container_logs/fields/agent.yml           |   0
 .../container_logs/fields/base-fields.yml     |   0
 .../data_stream/container_logs/fields/ecs.yml |   0
 .../data_stream/container_logs/manifest.yml   |   0
 .../controllermanager/_dev/deploy/k8s/.empty  |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../controllermanager}/fields/agent.yml       |   0
 .../controllermanager/fields/base-fields.yml  |   0
 .../controllermanager/fields/ecs.yml          |   0
 .../controllermanager/fields/fields.yml       |   0
 .../controllermanager/manifest.yml            |   0
 .../controllermanager/sample_event.json       |   0
 .../event/agent/stream/stream.yml.hbs         |   0
 .../data_stream/event}/fields/agent.yml       |   0
 .../data_stream/event/fields/base-fields.yml  |   0
 .../data_stream/event/fields/ecs.yml          |   0
 .../data_stream/event/fields/fields.yml       |   0
 .../kubernetes/data_stream/event/manifest.yml |   0
 .../data_stream/event/sample_event.json       |   0
 .../data_stream/node/_dev/deploy/k8s/.empty   |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../node/agent/stream/stream.yml.hbs          |   0
 .../data_stream/node}/fields/agent.yml        |   0
 .../data_stream/node/fields/base-fields.yml   |   0
 .../data_stream/node/fields/ecs.yml           |   0
 .../data_stream/node/fields/fields.yml        |   0
 .../kubernetes/data_stream/node/manifest.yml  |   0
 .../data_stream/node/sample_event.json        |   0
 .../data_stream/pod/_dev/deploy/k8s/.empty    |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../pod/agent/stream/stream.yml.hbs           |   0
 .../data_stream/pod}/fields/agent.yml         |   0
 .../data_stream/pod/fields/base-fields.yml    |   0
 .../kubernetes/data_stream/pod/fields/ecs.yml |   0
 .../data_stream/pod/fields/fields.yml         |   0
 .../kubernetes/data_stream/pod/manifest.yml   |   0
 .../data_stream/pod/sample_event.json         |   0
 .../data_stream/proxy/_dev/deploy/k8s/.empty  |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../proxy/agent/stream/stream.yml.hbs         |   0
 .../data_stream/proxy}/fields/agent.yml       |   0
 .../data_stream/proxy/fields/base-fields.yml  |   0
 .../data_stream/proxy/fields/ecs.yml          |   0
 .../data_stream/proxy/fields/fields.yml       |   0
 .../kubernetes/data_stream/proxy/manifest.yml |   0
 .../data_stream/proxy/sample_event.json       |   0
 .../scheduler/_dev/deploy/k8s/.empty          |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../scheduler/agent/stream/stream.yml.hbs     |   0
 .../data_stream/scheduler}/fields/agent.yml   |   0
 .../scheduler/fields/base-fields.yml          |   0
 .../data_stream/scheduler/fields/ecs.yml      |   0
 .../data_stream/scheduler/fields/fields.yml   |   0
 .../data_stream/scheduler/manifest.yml        |   0
 .../data_stream/scheduler/sample_event.json   |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_container/fields/agent.yml          |   0
 .../state_container/fields/base-fields.yml    |   0
 .../state_container/fields/ecs.yml            |   0
 .../state_container/fields/fields.yml         |   0
 .../data_stream/state_container/manifest.yml  |   0
 .../state_container/sample_event.json         |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../state_cronjob/agent/stream/stream.yml.hbs |   0
 .../state_cronjob}/fields/agent.yml           |   0
 .../state_cronjob/fields/base-fields.yml      |   0
 .../data_stream/state_cronjob/fields/ecs.yml  |   0
 .../state_cronjob/fields/fields.yml           |   0
 .../data_stream/state_cronjob/manifest.yml    |   0
 .../state_cronjob/sample_event.json           |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_daemonset}/fields/agent.yml         |   0
 .../state_daemonset/fields/base-fields.yml    |   0
 .../state_daemonset/fields/ecs.yml            |   0
 .../state_daemonset/fields/fields.yml         |   0
 .../data_stream/state_daemonset/manifest.yml  |   0
 .../state_daemonset/sample_event.json         |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_deployment}/fields/agent.yml        |   0
 .../state_deployment/fields/base-fields.yml   |   0
 .../state_deployment/fields/ecs.yml           |   0
 .../state_deployment/fields/fields.yml        |   0
 .../data_stream/state_deployment/manifest.yml |   0
 .../state_deployment/sample_event.json        |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../state_job/agent/stream/stream.yml.hbs     |   0
 .../data_stream/state_job}/fields/agent.yml   |   0
 .../state_job/fields/base-fields.yml          |   0
 .../data_stream/state_job/fields/ecs.yml      |   0
 .../data_stream/state_job/fields/fields.yml   |   0
 .../data_stream/state_job/manifest.yml        |   0
 .../data_stream/state_job/sample_event.json   |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../state_node/agent/stream/stream.yml.hbs    |   0
 .../data_stream/state_node}/fields/agent.yml  |   0
 .../state_node/fields/base-fields.yml         |   0
 .../data_stream/state_node/fields/ecs.yml     |   0
 .../data_stream/state_node/fields/fields.yml  |   0
 .../data_stream/state_node/manifest.yml       |   0
 .../data_stream/state_node/sample_event.json  |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_persistentvolume}/fields/agent.yml  |   0
 .../fields/base-fields.yml                    |   0
 .../state_persistentvolume/fields/ecs.yml     |   0
 .../state_persistentvolume/fields/fields.yml  |   0
 .../state_persistentvolume/manifest.yml       |   0
 .../state_persistentvolume/sample_event.json  |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../fields/agent.yml                          |   0
 .../fields/base-fields.yml                    |   0
 .../fields/ecs.yml                            |   0
 .../fields/fields.yml                         |   0
 .../state_persistentvolumeclaim/manifest.yml  |   0
 .../sample_event.json                         |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../state_pod/agent/stream/stream.yml.hbs     |   0
 .../data_stream/state_pod}/fields/agent.yml   |   0
 .../state_pod/fields/base-fields.yml          |   0
 .../data_stream/state_pod/fields/ecs.yml      |   0
 .../data_stream/state_pod/fields/fields.yml   |   0
 .../data_stream/state_pod/manifest.yml        |   0
 .../data_stream/state_pod/sample_event.json   |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_replicaset}/fields/agent.yml        |   0
 .../state_replicaset/fields/base-fields.yml   |   0
 .../state_replicaset/fields/ecs.yml           |   0
 .../state_replicaset/fields/fields.yml        |   0
 .../data_stream/state_replicaset/manifest.yml |   0
 .../state_replicaset/sample_event.json        |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_resourcequota}/fields/agent.yml     |   0
 .../fields/base-fields.yml                    |   0
 .../state_resourcequota/fields/ecs.yml        |   0
 .../state_resourcequota/fields/fields.yml     |   0
 .../state_resourcequota/manifest.yml          |   0
 .../state_resourcequota/sample_event.json     |   0
 .../state_service/agent/stream/stream.yml.hbs |   0
 .../state_service}/fields/agent.yml           |   0
 .../state_service/fields/base-fields.yml      |   0
 .../data_stream/state_service/fields/ecs.yml  |   0
 .../state_service/fields/fields.yml           |   0
 .../data_stream/state_service/manifest.yml    |   0
 .../state_service/sample_event.json           |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_statefulset}/fields/agent.yml       |   0
 .../state_statefulset/fields/base-fields.yml  |   0
 .../state_statefulset/fields/ecs.yml          |   0
 .../state_statefulset/fields/fields.yml       |   0
 .../state_statefulset/manifest.yml            |   0
 .../state_statefulset/sample_event.json       |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../agent/stream/stream.yml.hbs               |   0
 .../state_storageclass}/fields/agent.yml      |   0
 .../state_storageclass/fields/base-fields.yml |   0
 .../state_storageclass/fields/ecs.yml         |   0
 .../state_storageclass/fields/fields.yml      |   0
 .../state_storageclass/manifest.yml           |   0
 .../state_storageclass/sample_event.json      |   0
 .../data_stream/system/_dev/deploy/k8s/.empty |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../system/agent/stream/stream.yml.hbs        |   0
 .../data_stream/system}/fields/agent.yml      |   0
 .../data_stream/system/fields/base-fields.yml |   0
 .../data_stream/system/fields/ecs.yml         |   0
 .../data_stream/system/fields/fields.yml      |   0
 .../data_stream/system/manifest.yml           |   0
 .../data_stream/system/sample_event.json      |   0
 .../data_stream/volume/_dev/deploy/k8s/.empty |   0
 .../_dev/test/system/test-default-config.yml  |   0
 .../volume/agent/stream/stream.yml.hbs        |   0
 .../data_stream/volume}/fields/agent.yml      |   0
 .../data_stream/volume/fields/base-fields.yml |   0
 .../data_stream/volume/fields/ecs.yml         |   0
 .../data_stream/volume/fields/fields.yml      |   0
 .../data_stream/volume/manifest.yml           |   0
 .../data_stream/volume/sample_event.json      |   0
 .../{ => with-kind}/kubernetes/docs/README.md |   0
 .../kubernetes/docs/container-logs.md         |   0
 .../{ => with-kind}/kubernetes/docs/events.md |   0
 .../kubernetes/docs/kube-apiserver.md         |   0
 .../docs/kube-controller-manager.md           |   0
 .../kubernetes/docs/kube-proxy.md             |   0
 .../kubernetes/docs/kube-scheduler.md         |   0
 .../kubernetes/docs/kube-state-metrics.md     |   0
 .../kubernetes/docs/kubelet.md                |   0
 .../kubernetes/img/logo_kubernetes.svg        |   0
 ...etricbeat-kubernetes-controllermanager.png | Bin
 .../img/metricbeat-kubernetes-proxy.png       | Bin
 .../img/metricbeat_kubernetes_overview.png    | Bin
 .../img/metricbeat_kubernetes_scheduler.png   | Bin
 ...-5e649d60-9901-11e9-ba57-b7ab4e2d4b58.json |   0
 ...-97312060-9c1b-11e9-9dc8-fd27291d427f.json |   0
 .../kubernetes-AV4RGUqo5NkDleZmzKuZ.json      |   0
 ...-af7225b0-5794-11e8-afa2-e9067ea62228.json |   0
 ...-f5ab5510-9c94-11e9-94fd-c91206cd5249.json |   0
 ...-022a54c0-2bf5-11e7-859b-f78b612cde28.json |   0
 ...-09b404f0-99af-11e9-ba57-b7ab4e2d4b58.json |   0
 ...-0ca95350-9c24-11e9-9dc8-fd27291d427f.json |   0
 ...-15bd4420-9c9b-11e9-94fd-c91206cd5249.json |   0
 ...-16fa4470-2bfd-11e7-859b-f78b612cde28.json |   0
 ...-174a6ad0-30e0-11e7-8df8-6d3604a72912.json |   0
 ...-294546b0-30d6-11e7-8df8-6d3604a72912.json |   0
 ...-2ba628e0-9c2a-11e9-9dc8-fd27291d427f.json |   0
 ...-382ace30-9d98-11e9-b2ae-49acc4cbcea9.json |   0
 ...-3dbf6230-9c20-11e9-9dc8-fd27291d427f.json |   0
 ...-3e1e1fd0-9c27-11e9-9dc8-fd27291d427f.json |   0
 ...-408fccf0-30d6-11e7-8df8-6d3604a72912.json |   0
 ...-44f12b40-2bf4-11e7-859b-f78b612cde28.json |   0
 ...-485c8550-9c3a-11e9-9dc8-fd27291d427f.json |   0
 ...-58e644f0-30d6-11e7-8df8-6d3604a72912.json |   0
 ...-7aac4fd0-30e0-11e7-8df8-6d3604a72912.json |   0
 ...-7cbeb750-5794-11e8-afa2-e9067ea62228.json |   0
 ...-7d80f790-9d96-11e9-b2ae-49acc4cbcea9.json |   0
 ...-826d80c0-9c97-11e9-94fd-c91206cd5249.json |   0
 ...-84d9b200-9d98-11e9-b2ae-49acc4cbcea9.json |   0
 ...-8a95de50-9c38-11e9-9dc8-fd27291d427f.json |   0
 ...-8c6c2690-9bd8-11e9-9dc8-fd27291d427f.json |   0
 ...-95595810-9ca8-11e9-94fd-c91206cd5249.json |   0
 ...-95a7f110-57a2-11e8-afa2-e9067ea62228.json |   0
 ...-a4c9d360-30df-11e7-8df8-6d3604a72912.json |   0
 ...-b8a24790-9bf0-11e9-9dc8-fd27291d427f.json |   0
 ...-ba7bf750-9bf5-11e9-9dc8-fd27291d427f.json |   0
 ...-bcb194a0-9bf8-11e9-9dc8-fd27291d427f.json |   0
 ...-cac89fb0-9906-11e9-ba57-b7ab4e2d4b58.json |   0
 ...-cd059410-2bfb-11e7-859b-f78b612cde28.json |   0
 ...-d6564360-2bfc-11e7-859b-f78b612cde28.json |   0
 ...-d86b2da0-9c20-11e9-9dc8-fd27291d427f.json |   0
 ...-d9fc1b80-9c9c-11e9-94fd-c91206cd5249.json |   0
 ...-da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3.json |   0
 ...-e0ddd3e0-98fe-11e9-ba57-b7ab4e2d4b58.json |   0
 ...-e1018b90-2bfb-11e7-859b-f78b612cde28.json |   0
 ...-ec360ff0-57a0-11e8-afa2-e9067ea62228.json |   0
 .../{ => with-kind}/kubernetes/manifest.yml   |   0
 1067 files changed, 28 insertions(+), 312 deletions(-)
 delete mode 100644 test/packages/log/changelog.yml
 delete mode 100644 test/packages/log/data_stream/log/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/log/data_stream/log/fields/base-fields.yml
 delete mode 100644 test/packages/log/data_stream/log/manifest.yml
 delete mode 100644 test/packages/log/docs/README.md
 delete mode 100644 test/packages/log/img/icon.svg
 delete mode 100644 test/packages/log/manifest.yml
 delete mode 100644 test/packages/nginx/data_stream/stubstatus/fields/agent.yml
 rename test/packages/{ => other}/fields_tests/_dev/build/build.yml (100%)
 rename test/packages/{ => other}/fields_tests/_dev/build/docs/README.md (100%)
 rename test/packages/{ => other}/fields_tests/changelog.yml (100%)
 rename test/packages/{ => other}/fields_tests/data_stream/first/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => other}/fields_tests/data_stream/first/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => other}/fields_tests/data_stream/first/fields/base-fields.yml (100%)
 rename test/packages/{ => other}/fields_tests/data_stream/first/fields/geo-fields.yml (100%)
 rename test/packages/{ => other}/fields_tests/data_stream/first/manifest.yml (100%)
 rename test/packages/{ => other}/fields_tests/data_stream/first/sample_event.json (100%)
 rename test/packages/{ => other}/fields_tests/docs/README.md (100%)
 rename test/packages/{ => other}/fields_tests/manifest.yml (100%)
 rename test/packages/{ => other}/multiinput/_dev/deploy/docker/docker-compose.yml (100%)
 rename test/packages/{ => other}/multiinput/_dev/deploy/docker/logs/generated.log (100%)
 rename test/packages/{ => other}/multiinput/changelog.yml (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/_dev/test/system/test-tcp-config.yml (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/_dev/test/system/test-udp-config.yml (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/agent/stream/tcp.yml.hbs (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/agent/stream/udp.yml.hbs (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/fields/base-fields.yml (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/fields/ecs.yml (100%)
 rename test/packages/{ => other}/multiinput/data_stream/test/manifest.yml (100%)
 rename test/packages/{ => other}/multiinput/docs/README.md (100%)
 rename test/packages/{ => other}/multiinput/manifest.yml (100%)
 rename test/packages/{ => other}/pipeline_tests/changelog.yml (100%)
 rename test/packages/{ => other}/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log (100%)
 rename test/packages/{ => other}/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-config.yml (100%)
 rename test/packages/{ => other}/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-expected.json (100%)
 rename test/packages/{ => other}/pipeline_tests/data_stream/test/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => other}/pipeline_tests/data_stream/test/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => other}/pipeline_tests/data_stream/test/fields/base-fields.yml (100%)
 rename test/packages/{ => other}/pipeline_tests/data_stream/test/manifest.yml (100%)
 rename test/packages/{ => other}/pipeline_tests/docs/README.md (100%)
 rename test/packages/{ => other}/pipeline_tests/manifest.yml (100%)
 rename test/packages/{ => parallel}/apache/_dev/build/build.yml (100%)
 rename test/packages/{ => parallel}/apache/_dev/build/docs/README.md (100%)
 rename test/packages/{ => parallel}/apache/_dev/deploy/docker/Dockerfile (100%)
 rename test/packages/{ => parallel}/apache/_dev/deploy/docker/docker-compose.yml (100%)
 rename test/packages/{ => parallel}/apache/_dev/deploy/docker/httpd.conf (100%)
 rename test/packages/{ => parallel}/apache/_dev/deploy/variants.yml (100%)
 rename test/packages/{ => parallel}/apache/changelog.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/agent/stream/httpjson.yml.hbs (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/agent/stream/log.yml.hbs (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/manifest.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/access/sample_event.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log-expected.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/agent/stream/httpjson.yml.hbs (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/agent/stream/log.yml.hbs (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/manifest.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/error/sample_event.json (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/manifest.yml (100%)
 rename test/packages/{ => parallel}/apache/data_stream/status/sample_event.json (100%)
 rename test/packages/{ => parallel}/apache/docs/README.md (100%)
 rename test/packages/{ => parallel}/apache/img/apache-logs-overview.png (100%)
 rename test/packages/{ => parallel}/apache/img/apache-metrics-overview.png (100%)
 rename test/packages/{ => parallel}/apache/img/logo_apache.svg (100%)
 rename test/packages/{ => parallel}/apache/kibana/dashboard/apache-Logs-Apache-Dashboard.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/dashboard/apache-Metrics-Apache-HTTPD-server-status.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/ml_module/apache-Logs-ml.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/search/apache-HTTPD.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/search/apache-access-logs.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/search/apache-errors-log.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-22057f20-3a12-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-320cd980-3a36-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-47820ce0-3a1d-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-7724cf20-3a39-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-7d68f730-3a39-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-805d7bb0-3a10-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-99666080-3a20-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-HTTPD-CPU.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-HTTPD-Load1-slash-5-slash-15.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-HTTPD-Scoreboard.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-a45311f0-3a34-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-access-unique-IPs-map.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-browsers.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-ed44f820-3a10-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-error-logs-over-time.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-f4ffec70-3a36-11eb-8946-296aab7b13db.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-operating-systems.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-response-codes-of-top-URLs.json (100%)
 rename test/packages/{ => parallel}/apache/kibana/visualization/apache-response-codes-over-time.json (100%)
 rename test/packages/{ => parallel}/apache/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/build.yml (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/README.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/billing.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/cloudtrail.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/cloudwatch.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/dynamodb.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/ebs.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/ec2.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/elb.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/lambda.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/natgateway.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/rds.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/s3.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/s3_storage_lens.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/sns.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/sqs.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/transitgateway.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/usage.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/vpcflow.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/vpn.md (100%)
 rename test/packages/{ => parallel}/aws/_dev/build/docs/waf.md (100%)
 rename test/packages/{ => parallel}/aws/changelog.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/billing/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudtrail/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_logs/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/cloudwatch_metrics/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/dynamodb/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ebs/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_logs/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/_dev/deploy/tf/env.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/_dev/deploy/tf/main.tf (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/ec2_metrics/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_logs/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/elb_metrics/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/lambda/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/natgateway/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/rds/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_daily_storage/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_request/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3_storage_lens/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/agent/stream/log.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/s3access/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sns/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/sqs/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/transitgateway/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/usage/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpcflow/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/fields/package-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/vpn/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/_dev/test/pipeline/test-waf.log (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/agent/stream/log.yml.hbs (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/manifest.yml (100%)
 rename test/packages/{ => parallel}/aws/data_stream/waf/sample_event.json (100%)
 rename test/packages/{ => parallel}/aws/docs/README.md (100%)
 rename test/packages/{ => parallel}/aws/docs/billing.md (100%)
 rename test/packages/{ => parallel}/aws/docs/cloudtrail.md (100%)
 rename test/packages/{ => parallel}/aws/docs/cloudwatch.md (100%)
 rename test/packages/{ => parallel}/aws/docs/dynamodb.md (100%)
 rename test/packages/{ => parallel}/aws/docs/ebs.md (100%)
 rename test/packages/{ => parallel}/aws/docs/ec2.md (100%)
 rename test/packages/{ => parallel}/aws/docs/elb.md (100%)
 rename test/packages/{ => parallel}/aws/docs/lambda.md (100%)
 rename test/packages/{ => parallel}/aws/docs/natgateway.md (100%)
 rename test/packages/{ => parallel}/aws/docs/rds.md (100%)
 rename test/packages/{ => parallel}/aws/docs/s3.md (100%)
 rename test/packages/{ => parallel}/aws/docs/s3_storage_lens.md (100%)
 rename test/packages/{ => parallel}/aws/docs/sns.md (100%)
 rename test/packages/{ => parallel}/aws/docs/sqs.md (100%)
 rename test/packages/{ => parallel}/aws/docs/transitgateway.md (100%)
 rename test/packages/{ => parallel}/aws/docs/usage.md (100%)
 rename test/packages/{ => parallel}/aws/docs/vpcflow.md (100%)
 rename test/packages/{ => parallel}/aws/docs/vpn.md (100%)
 rename test/packages/{ => parallel}/aws/docs/waf.md (100%)
 rename test/packages/{ => parallel}/aws/img/filebeat-aws-cloudtrail.png (100%)
 rename test/packages/{ => parallel}/aws/img/filebeat-aws-elb-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/filebeat-aws-s3access-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/filebeat-aws-vpcflow-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/logo_aws.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_billing.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_cloudtrail.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_cloudwatch.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_dynamodb.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_ebs.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_ec2.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_elb.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_lambda.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_natgateway.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_rds.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_s3.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_s3_storage_lens.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_sns.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_sqs.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_transitgateway.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_vpcflow.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_vpn.svg (100%)
 rename test/packages/{ => parallel}/aws/img/logo_waf.svg (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-billing-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-dynamodb-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-ebs-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-ec2-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-elb-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-lambda-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-rds-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-s3-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-s3-storage-lens-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-sns-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-sqs-overview.png (100%)
 rename test/packages/{ => parallel}/aws/img/metricbeat-aws-usage-overview.png (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-0eb5a6a0-694f-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-15503340-4488-11ea-ad63-791a5dc86f10.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-234aeda0-43b7-11e9-8697-530f39afc6eb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-3367c170-921f-11e9-aa19-159bf182e06f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-3af47420-3e7b-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-44ce4680-b7ba-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-4746e000-bacd-11e9-9f70-1f7bda85a5eb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-67c9f900-693e-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-68ba7bd0-20b6-11ea-8f72-2f8d21e50b0c.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-7ac8e1d0-28d2-11ea-ba6c-49a884eb104f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-80ed1380-41a6-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-917a07b0-178e-11ea-8650-fb606deb5be4.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-9c09cd20-7399-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-a096b830-4762-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-c2b1cbc0-6891-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-c5846400-f7fb-11e8-af03-c999c9dea608.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-d17b1000-17a4-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-e6776b10-1534-11ea-841c-01bf20a6c8ba.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-e74bf320-b3ce-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/dashboard/aws-fac28650-7349-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-0d511340-41a1-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-1a1508a0-41a8-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-30e707b0-41a1-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-30fd4e40-f0a1-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-352dd3f0-41b3-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-41e37710-f09d-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-6445e130-41b5-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-68f36fb0-f0a0-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-7543b3e0-41b5-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-8560b400-f096-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-8614f2f0-41a2-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-8721fb80-41b5-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-8d42b050-41a5-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-955b2000-41a1-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-9a64ca30-427b-11ec-9b39-b9df88395505.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-9fb44b60-41b2-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-b0077d10-f09b-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-bbc80900-f09e-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-c4419a90-f091-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-cd0300c0-41a8-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-d33fa860-41a0-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-ed494970-41b2-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-f757eba0-f0a0-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-f8d829f0-41a8-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/lens/aws-f9ff3450-f094-11eb-b61f-a53cb4913361.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/map/aws-0edf0640-3e7e-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/map/aws-513a3d70-4482-11ea-ad63-791a5dc86f10.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/map/aws-dae24080-739a-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/search/aws-30ccde50-7397-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/search/aws-5e5a3c90-bac0-11e9-9f70-1f7bda85a5eb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/search/aws-c1aee600-4487-11ea-ad63-791a5dc86f10.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-007ceec0-694c-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-00b29040-921d-11e9-aa19-159bf182e06f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-01ed5990-694a-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-08645080-6891-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-09857a20-180f-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-09db13f0-2bdd-11e9-9fe1-cde861544141.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-0a36b590-694c-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-0f056420-739e-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-10e0f270-694c-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-11f4e0d0-42a9-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-1235fe50-41e7-11e9-b7a0-c99d9d127b61.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-128fd450-734e-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-12eff7e0-b7b9-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-13e624c0-180e-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-142ad600-693b-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-15818fd0-f7f9-11e8-af03-c999c9dea608.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-17fcda50-921b-11e9-aa19-159bf182e06f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-1f3f00c0-28d1-11ea-ba6c-49a884eb104f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-1f528f50-b3ce-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-219c1850-3e82-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-21f30090-b3ca-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-233b3400-f7f9-11e8-af03-c999c9dea608.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-247e2990-4699-11ea-ad63-791a5dc86f10.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-25384bf0-b7b9-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-26b73e50-6943-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-2929edb0-178e-11ea-8650-fb606deb5be4.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-2b2d58b0-4762-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-2dbb8f90-4760-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-2e265070-42a6-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-2ee7f420-6943-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-31a4ea90-152b-11ea-841c-01bf20a6c8ba.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-31ad4090-2003-11ea-8f72-2f8d21e50b0c.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-37aeedc0-42a9-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-396089c0-7399-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-398d12d0-7352-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-39dfc8d0-28cf-11ea-ba6c-49a884eb104f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-3a3914d0-4761-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-3c08b9b0-42a3-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-3dee68c0-7b0c-11ea-9bb4-e958b64b5685.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-415fed40-694f-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-41f5aaf0-42ac-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-42016bf0-728f-11e9-9a7b-4d62d5bcf4fc.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-4658f540-734a-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-49379b70-7b07-11ea-9bb4-e958b64b5685.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-4bf0a740-28d1-11ea-ba6c-49a884eb104f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-4bf62a10-8310-11e9-ac83-47df3568ff90.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-4c23e4c0-739a-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-526a1ba0-42a7-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-53730d20-437e-11e9-8697-530f39afc6eb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-54e88a40-734e-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-572d40e0-b3ca-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-57b610a0-41ad-11ec-a605-bff67d9b7872.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-58e17c10-7349-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-58f5a3c0-6943-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-59defc90-17a5-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-59e2e110-178d-11ea-8650-fb606deb5be4.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-5c586e80-427c-11ec-9b39-b9df88395505.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-5c93cd10-bac3-11e9-9f70-1f7bda85a5eb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-6392bc30-b3c9-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-67f43080-b7b9-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-681aab60-178c-11ea-8650-fb606deb5be4.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-68970b10-6890-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-6e3285d0-4763-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-6f7f7680-180c-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-6fc1efd0-b3c9-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-73970bc0-3e86-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-749cd470-1530-11ea-841c-01bf20a6c8ba.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-75853f20-4484-11ea-ad63-791a5dc86f10.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-7593a130-427c-11ec-9b39-b9df88395505.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-75ebfda0-1789-11ea-8650-fb606deb5be4.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-76af8140-3e84-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-7b93bab0-7b0a-11ea-9bb4-e958b64b5685.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-7bca4f50-739c-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-7d1e0870-7a3f-11ea-bfa4-dfea8c457654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-7dd7fab0-42ab-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-81d83c70-4762-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-82b8f4a0-427c-11ec-9b39-b9df88395505.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-8345d580-6891-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-83f08eb0-1532-11ea-841c-01bf20a6c8ba.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-8b34a100-4762-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-8b8a7f80-921c-11e9-aa19-159bf182e06f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-8cf5fbe0-7b07-11ea-9bb4-e958b64b5685.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-8ec43590-739b-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-9121ac90-734d-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-915bcd50-28d1-11ea-ba6c-49a884eb104f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-9202d1a0-178c-11ea-8650-fb606deb5be4.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-95b322f0-734a-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-966ae990-d979-11e9-9458-bbef63ad717b.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-96834640-42a7-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-99ffdb00-bacb-11e9-9f70-1f7bda85a5eb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-9bf8e1e0-6890-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-9d284bc0-7b08-11ea-9bb4-e958b64b5685.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-9e8c6030-f7f8-11e8-af03-c999c9dea608.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-9f0425c0-7b0a-11ea-9bb4-e958b64b5685.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-a1670af0-42a3-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-abdc7480-180b-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b00c4390-b7b8-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b0afd3e0-43b7-11e9-8697-530f39afc6eb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b2191dd0-734c-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b2ea15a0-b3c7-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b36532e0-688e-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b403f7b0-7b15-11ea-9bb4-e958b64b5685.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b5308940-7347-11e9-816b-07687310a99a.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b6a308f0-3e82-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b7f8bf90-180f-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-b9703dd0-b3c9-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bad8c910-4485-11ea-ad63-791a5dc86f10.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bb3a6cd0-b7b6-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bb82c4d0-6c25-11e9-81bc-7f4cd8b3d892.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bc5dcc90-688e-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bc8bd8f0-31fd-11ea-bcbf-59cb7eefc1f0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bd37d720-3e84-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bdb8ddd0-6890-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-be6c4180-41e6-11e9-b7a0-c99d9d127b61.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-be8828d0-f7f6-11e8-af03-c999c9dea608.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-bf81e030-180e-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c0e32d50-b7b8-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c186b610-688d-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c1afd130-921e-11e9-aa19-159bf182e06f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c1db9b80-694b-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c4a82470-42aa-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c631dc40-42ab-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c7d6cf90-688e-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-c84ed3d0-6890-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-cc3a1950-921c-11e9-aa19-159bf182e06f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-cd6419c0-6949-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-ce7445c0-688f-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-ceb7c030-3e86-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-d045d120-b7b9-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-d186fd50-4763-11e9-8062-c98a86cb6f94.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-d19a71b0-180e-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-d2f46190-830f-11e9-ac83-47df3568ff90.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-d560de70-b3c7-11e9-87a4-078dbbae220d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-d8b1e830-3e82-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-dc5f65b0-6949-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-dcd31cd0-41e5-11e9-b7a0-c99d9d127b61.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-dd2f2a10-41e6-11e9-b7a0-c99d9d127b61.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-deab0260-2981-11e9-86eb-a3a07a77f530.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-dffa19e0-180e-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-e06e4cf0-921e-11e9-aa19-159bf182e06f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-e0e65e60-688e-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-e1c345e0-42a9-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-e50c51e0-3e7f-11ea-bb0a-69c3ca1d410f.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-ea9e3d40-693a-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-ef9717b0-427b-11ec-9b39-b9df88395505.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-f1db6ec0-f7f8-11e8-af03-c999c9dea608.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-f58f99b0-693a-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-f6831f30-b7b6-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-f74eb760-41e8-11e9-b7a0-c99d9d127b61.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-f7c17000-6949-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-f8b63860-739e-11ea-a345-f985c61fe654.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-f9b2beb0-42a9-11ec-a440-675e476c18bb.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-fc0869c0-180e-11ea-8e91-03c7047cbb9d.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-fcfc8d80-693e-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-fd915180-6890-11ea-b0ac-95d4ecb1fecd.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-fe0581b0-b7b8-11e9-8349-f15f850c5cd0.json (100%)
 rename test/packages/{ => parallel}/aws/kibana/visualization/aws-fed59380-f7f8-11e8-af03-c999c9dea608.json (100%)
 rename test/packages/{ => parallel}/aws/manifest.yml (100%)
 rename test/packages/{kubernetes => parallel/nginx}/_dev/build/build.yml (100%)
 rename test/packages/{ => parallel}/nginx/_dev/build/docs/README.md (100%)
 rename test/packages/{ => parallel}/nginx/_dev/deploy/docker/Dockerfile (100%)
 rename test/packages/{ => parallel}/nginx/_dev/deploy/docker/docker-compose.yml (100%)
 rename test/packages/{ => parallel}/nginx/_dev/deploy/docker/nginx.conf (100%)
 rename test/packages/{ => parallel}/nginx/_dev/deploy/variants.yml (100%)
 rename test/packages/{ => parallel}/nginx/changelog.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/pipeline/test-access.log (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/pipeline/test-access.log-expected.json (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/pipeline/test-common-config.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log-expected.json (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log-expected.json (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/agent/stream/httpjson.yml.hbs (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/manifest.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/access/sample_event.json (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-config.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-expected.json (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/agent/stream/httpjson.yml.hbs (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/elasticsearch/ingest_pipeline/default.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/manifest.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/error/sample_event.json (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/stubstatus/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/stubstatus/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/apiserver => parallel/nginx/data_stream/stubstatus}/fields/agent.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/stubstatus/fields/base-fields.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/stubstatus/fields/ecs.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/stubstatus/fields/fields.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/stubstatus/manifest.yml (100%)
 rename test/packages/{ => parallel}/nginx/data_stream/stubstatus/sample_event.json (100%)
 rename test/packages/{ => parallel}/nginx/docs/README.md (100%)
 rename test/packages/{ => parallel}/nginx/img/logo_nginx.svg (100%)
 rename test/packages/{ => parallel}/nginx/img/nginx-logs-access-error.png (100%)
 rename test/packages/{ => parallel}/nginx/img/nginx-logs-overview.png (100%)
 rename test/packages/{ => parallel}/nginx/img/nginx-metrics-overview.png (100%)
 rename test/packages/{ => parallel}/nginx/kibana/dashboard/nginx-023d2930-f1a5-11e7-a9ef-93c69af7b129.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/dashboard/nginx-046212a0-a2a1-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/dashboard/nginx-55a9e6e0-a29e-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/ml_module/nginx-Logs-ml.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/search/nginx-6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/search/nginx-9eb25600-a1f0-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/search/nginx-Logs-Nginx-integration.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-0dd6f320-a29f-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-46322e50-a1f6-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-47a8e0f0-f1a4-11e7-a9ef-93c69af7b129.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-555df8a0-f1a1-11e7-a9ef-93c69af7b129.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-7cc9ea40-3af8-11eb-94b7-0dab91df36a6.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-823b3c80-3af9-11eb-94b7-0dab91df36a6.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-9184fa00-a1f5-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-9484ecf0-3af5-11eb-94b7-0dab91df36a6.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-97109780-a2a5-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-Access-Browsers.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-Access-Map.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-Access-OSes.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-a1d92240-f1a1-11e7-a9ef-93c69af7b129.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-b70b1b20-a1f4-11e7-928f-5dbe6f6f5519.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-d763a570-f1a1-11e7-a9ef-93c69af7b129.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-dcbffe30-f1a4-11e7-a9ef-93c69af7b129.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-e302b5a0-3afb-11eb-94b7-0dab91df36a6.json (100%)
 rename test/packages/{ => parallel}/nginx/kibana/visualization/nginx-ea7f9e10-3af6-11eb-94b7-0dab91df36a6.json (100%)
 rename test/packages/{ => parallel}/nginx/manifest.yml (100%)
 rename test/packages/{nginx => with-kind/kubernetes}/_dev/build/build.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/README.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/container-logs.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/events.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/kube-apiserver.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/kube-controller-manager.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/kube-proxy.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/kube-scheduler.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/kube-state-metrics.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/build/docs/kubelet.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/cluster-role-binding.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/cluster-role.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/conrjob.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/deployment.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/example-redis-config.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/job.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/pv.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/pvc.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/rq.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/service-account.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/service.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/_dev/deploy/k8s/ss.yaml (100%)
 rename test/packages/{ => with-kind}/kubernetes/changelog.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/controllermanager => with-kind/kubernetes/data_stream/apiserver}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/apiserver/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container_logs/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container_logs/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container_logs/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/container_logs/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/event => with-kind/kubernetes/data_stream/controllermanager}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/controllermanager/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/event/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/node => with-kind/kubernetes/data_stream/event}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/event/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/event/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/event/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/event/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/event/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/pod => with-kind/kubernetes/data_stream/node}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/node/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/proxy => with-kind/kubernetes/data_stream/pod}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/pod/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/scheduler => with-kind/kubernetes/data_stream/proxy}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/proxy/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_cronjob => with-kind/kubernetes/data_stream/scheduler}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/scheduler/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_container/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_daemonset => with-kind/kubernetes/data_stream/state_cronjob}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_cronjob/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_cronjob/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_cronjob/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_cronjob/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_cronjob/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_deployment => with-kind/kubernetes/data_stream/state_daemonset}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_daemonset/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_daemonset/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_daemonset/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_daemonset/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_daemonset/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_job => with-kind/kubernetes/data_stream/state_deployment}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_deployment/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_deployment/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_deployment/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_deployment/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_deployment/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_node => with-kind/kubernetes/data_stream/state_job}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_job/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_job/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_job/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_job/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_job/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_persistentvolume => with-kind/kubernetes/data_stream/state_node}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_node/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_node/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_node/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_node/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_node/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_persistentvolumeclaim => with-kind/kubernetes/data_stream/state_persistentvolume}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolume/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolume/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolume/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_pod => with-kind/kubernetes/data_stream/state_persistentvolumeclaim}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_replicaset => with-kind/kubernetes/data_stream/state_pod}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_pod/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_pod/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_pod/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_pod/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_pod/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_resourcequota => with-kind/kubernetes/data_stream/state_replicaset}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_replicaset/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_replicaset/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_replicaset/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_replicaset/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_replicaset/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_service => with-kind/kubernetes/data_stream/state_resourcequota}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_resourcequota/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_resourcequota/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_resourcequota/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_resourcequota/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_statefulset => with-kind/kubernetes/data_stream/state_service}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_service/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_service/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_service/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_service/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_service/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/state_storageclass => with-kind/kubernetes/data_stream/state_statefulset}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_statefulset/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_statefulset/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_statefulset/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_statefulset/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_statefulset/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/system => with-kind/kubernetes/data_stream/state_storageclass}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_storageclass/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_storageclass/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_storageclass/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_storageclass/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/state_storageclass/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{kubernetes/data_stream/volume => with-kind/kubernetes/data_stream/system}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/system/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs (100%)
 rename test/packages/{log/data_stream/log => with-kind/kubernetes/data_stream/volume}/fields/agent.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/fields/base-fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/fields/ecs.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/fields/fields.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/manifest.yml (100%)
 rename test/packages/{ => with-kind}/kubernetes/data_stream/volume/sample_event.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/README.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/container-logs.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/events.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/kube-apiserver.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/kube-controller-manager.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/kube-proxy.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/kube-scheduler.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/kube-state-metrics.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/docs/kubelet.md (100%)
 rename test/packages/{ => with-kind}/kubernetes/img/logo_kubernetes.svg (100%)
 rename test/packages/{ => with-kind}/kubernetes/img/metricbeat-kubernetes-controllermanager.png (100%)
 rename test/packages/{ => with-kind}/kubernetes/img/metricbeat-kubernetes-proxy.png (100%)
 rename test/packages/{ => with-kind}/kubernetes/img/metricbeat_kubernetes_overview.png (100%)
 rename test/packages/{ => with-kind}/kubernetes/img/metricbeat_kubernetes_scheduler.png (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/dashboard/kubernetes-5e649d60-9901-11e9-ba57-b7ab4e2d4b58.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/dashboard/kubernetes-97312060-9c1b-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/dashboard/kubernetes-AV4RGUqo5NkDleZmzKuZ.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/dashboard/kubernetes-af7225b0-5794-11e8-afa2-e9067ea62228.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/dashboard/kubernetes-f5ab5510-9c94-11e9-94fd-c91206cd5249.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-022a54c0-2bf5-11e7-859b-f78b612cde28.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-09b404f0-99af-11e9-ba57-b7ab4e2d4b58.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-0ca95350-9c24-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-15bd4420-9c9b-11e9-94fd-c91206cd5249.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-16fa4470-2bfd-11e7-859b-f78b612cde28.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-174a6ad0-30e0-11e7-8df8-6d3604a72912.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-294546b0-30d6-11e7-8df8-6d3604a72912.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-2ba628e0-9c2a-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-382ace30-9d98-11e9-b2ae-49acc4cbcea9.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-3dbf6230-9c20-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-3e1e1fd0-9c27-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-408fccf0-30d6-11e7-8df8-6d3604a72912.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-44f12b40-2bf4-11e7-859b-f78b612cde28.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-485c8550-9c3a-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-58e644f0-30d6-11e7-8df8-6d3604a72912.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-7aac4fd0-30e0-11e7-8df8-6d3604a72912.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-7cbeb750-5794-11e8-afa2-e9067ea62228.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-7d80f790-9d96-11e9-b2ae-49acc4cbcea9.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-826d80c0-9c97-11e9-94fd-c91206cd5249.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-84d9b200-9d98-11e9-b2ae-49acc4cbcea9.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-8a95de50-9c38-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-8c6c2690-9bd8-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-95595810-9ca8-11e9-94fd-c91206cd5249.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-95a7f110-57a2-11e8-afa2-e9067ea62228.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-a4c9d360-30df-11e7-8df8-6d3604a72912.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-b8a24790-9bf0-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-ba7bf750-9bf5-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-bcb194a0-9bf8-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-cac89fb0-9906-11e9-ba57-b7ab4e2d4b58.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-cd059410-2bfb-11e7-859b-f78b612cde28.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-d6564360-2bfc-11e7-859b-f78b612cde28.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-d86b2da0-9c20-11e9-9dc8-fd27291d427f.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-d9fc1b80-9c9c-11e9-94fd-c91206cd5249.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-e0ddd3e0-98fe-11e9-ba57-b7ab4e2d4b58.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-e1018b90-2bfb-11e7-859b-f78b612cde28.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/kibana/visualization/kubernetes-ec360ff0-57a0-11e8-afa2-e9067ea62228.json (100%)
 rename test/packages/{ => with-kind}/kubernetes/manifest.yml (100%)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index 56668d2e5..82d664bca 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -94,7 +94,10 @@ pipeline {
                     'stack-command-default': generateTestCommandStage(command: 'test-stack-command-default', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'stack-command-7x': generateTestCommandStage(command: 'test-stack-command-7x', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'stack-command-8x': generateTestCommandStage(command: 'test-stack-command-8x', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
-                    'check-packages': generateTestCommandStage(command: 'test-check-packages', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
+                    'check-packages-with-kind': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
+                    'check-packages-other': generateTestCommandStage(command: 'test-check-packages-other', artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
+                    'check-packages-parallel': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
+
                     'build-zip': generateTestCommandStage(command: 'test-build-zip', artifacts: ['build/elastic-stack-dump/build-zip/logs/*.log', 'build/integrations/*.sig']),
                     'profiles-command': generateTestCommandStage(command: 'test-profiles-command'),
                   ])
diff --git a/Makefile b/Makefile
index 04f81a4be..1a8152082 100644
--- a/Makefile
+++ b/Makefile
@@ -53,8 +53,16 @@ test-stack-command-8x:
 
 test-stack-command: test-stack-command-default test-stack-command-7x test-stack-command-8x
 
-test-check-packages:
-	./scripts/test-check-packages.sh
+test-check-packages: test-check-packages-with-kind test-check-packages-with-other test-check-packages-with-parallel
+
+test-check-packages-with-kind:
+	PACKAGE_TEST_TYPE=with-kind ./scripts/test-check-packages.sh
+
+test-check-packages-with-other:
+	PACKAGE_TEST_TYPE=other ./scripts/test-check-packages.sh
+
+test-check-packages-with-parallel:
+	PACKAGE_TEST_TYPE=other ./scripts/test-check-packages.sh
 
 test-build-zip:
 	./scripts/test-build-zip.sh
diff --git a/scripts/test-check-packages.sh b/scripts/test-check-packages.sh
index 2a9740dc8..bd3d00aa6 100755
--- a/scripts/test-check-packages.sh
+++ b/scripts/test-check-packages.sh
@@ -8,18 +8,20 @@ cleanup() {
   # Dump stack logs
   elastic-package stack dump -v --output build/elastic-stack-dump/check
 
-  # Dump kubectl details
-  kubectl describe pods --all-namespaces > build/kubectl-dump.txt
-  kubectl logs -l app=elastic-agent -n kube-system >> build/kubectl-dump.txt
+  if [ "${PACKAGE_TEST_TYPE:-other}" == "with-kind" ]; then
+    # Dump kubectl details
+    kubectl describe pods --all-namespaces > build/kubectl-dump.txt
+    kubectl logs -l app=elastic-agent -n kube-system >> build/kubectl-dump.txt
 
-  # Take down the kind cluster
-  kind delete cluster
+    # Take down the kind cluster
+    kind delete cluster
+  fi
 
   # Take down the stack
   elastic-package stack down -v
 
   # Clean used resources
-  for d in test/packages/*/; do
+  for d in test/packages/${PACKAGE_TEST_TYPE:-other}/${PACKAGE_UNDER_TEST:-*}/; do
     (
       cd $d
       elastic-package clean -v
@@ -33,7 +35,7 @@ trap cleanup EXIT
 
 OLDPWD=$PWD
 # Build/check packages
-for d in test/packages/*/; do
+for d in test/packages/${PACKAGE_TEST_TYPE:-other}/${PACKAGE_UNDER_TEST:-*}/; do
   (
     cd $d
     elastic-package check -v
@@ -47,13 +49,15 @@ elastic-package stack update -v
 # Boot up the stack
 elastic-package stack up -d -v
 
-# Boot up the kind cluster
-kind create cluster --config $PWD/scripts/kind-config.yaml
+if [ "${PACKAGE_TEST_TYPE:-other}" == "with-kind" ]; then
+  # Boot up the kind cluster
+  kind create cluster --config $PWD/scripts/kind-config.yaml
+fi
 
 # Run package tests
 eval "$(elastic-package stack shellinit)"
 
-for d in test/packages/*/; do
+for d in test/packages/${PACKAGE_TEST_TYPE:-other}/${PACKAGE_UNDER_TEST:-*}/; do
   (
     cd $d
     elastic-package install -v
diff --git a/test/packages/log/changelog.yml b/test/packages/log/changelog.yml
deleted file mode 100644
index 0561af474..000000000
--- a/test/packages/log/changelog.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-# newer versions go on top
-- version: "999.999.999"
-  changes:
-    - description: Uniform with guidelines
-      type: enhancement
-      link: https://github.com/elastic/integrations/pull/2059
-- version: "0.5.0"
-  changes:
-    - description: Update integration description
-      type: enhancement
-      link: https://github.com/elastic/integrations/pull/1364
-- version: "0.4.6"
-  changes:
-    - description: Updating package owner
-      type: enhancement
-      link: https://github.com/elastic/integrations/pull/766
-- version: "0.1.0"
-  changes:
-    - description: initial release
-      type: enhancement # can be one of: enhancement, bugfix, breaking-change
-      link: https://github.com/elastic/package-storage/pull/30
diff --git a/test/packages/log/data_stream/log/agent/stream/stream.yml.hbs b/test/packages/log/data_stream/log/agent/stream/stream.yml.hbs
deleted file mode 100644
index 371933ede..000000000
--- a/test/packages/log/data_stream/log/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,9 +0,0 @@
-paths:
-{{#each paths}}
-  - {{this}}
-{{/each}}
-
-data_stream:
-  dataset: {{data_stream.dataset}}
-
-{{custom}}
diff --git a/test/packages/log/data_stream/log/fields/base-fields.yml b/test/packages/log/data_stream/log/fields/base-fields.yml
deleted file mode 100644
index 7c798f453..000000000
--- a/test/packages/log/data_stream/log/fields/base-fields.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
diff --git a/test/packages/log/data_stream/log/manifest.yml b/test/packages/log/data_stream/log/manifest.yml
deleted file mode 100644
index c3d93e36b..000000000
--- a/test/packages/log/data_stream/log/manifest.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-title: Log Dataset
-type: logs
-streams:
-  - input: logfile
-    description: Collect your custom log files.
-    title: Collect log files
-    vars:
-      - name: paths
-        required: true
-        title: Log file path
-        description: Path to log files to be collected
-        type: text
-        multi: true
-      - name: data_stream.dataset
-        required: true
-        default: generic
-        title: Dataset name
-        description: >
-          Set the name for your dataset. Changing the dataset will send the data to a different index. You can't use `-` in the name of a dataset and only valid characters for [Elasticsearch index names](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-index_.html).
-
-        type: text
-      - name: custom
-        title: Custom configurations
-        description: >
-          Here YAML configuration options can be used to be added to your configuration. Be careful using this as it might break your configuration file.
-
-        type: yaml
-        default: ""
diff --git a/test/packages/log/docs/README.md b/test/packages/log/docs/README.md
deleted file mode 100644
index ddc05a316..000000000
--- a/test/packages/log/docs/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Log Package
-
-The log package is used as a generic package based on which any log file can be tailed by adjusting the ingest pipeline.
diff --git a/test/packages/log/img/icon.svg b/test/packages/log/img/icon.svg
deleted file mode 100644
index 173fdec50..000000000
--- a/test/packages/log/img/icon.svg
+++ /dev/null
@@ -1,4 +0,0 @@
-<svg width="32" height="32" viewBox="0 0 32 32" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path fill-rule="evenodd" clip-rule="evenodd" d="M17 13H8V15H17V13ZM24 18H8V20H24V18ZM8 23H24V25H8V23Z" fill="#017D73"/>
-    <path d="M21.41 0H5C3.34315 0 2 1.34315 2 3V29C2 30.6569 3.34315 32 5 32H27C28.6569 32 30 30.6569 30 29V8.59L21.41 0ZM22 3.41L26.59 8H22V3.41ZM27 30H5C4.44772 30 4 29.5523 4 29V3C4 2.44772 4.44772 2 5 2H20V10H28V29C28 29.5523 27.5523 30 27 30Z" fill="#343741"/>
-</svg>
\ No newline at end of file
diff --git a/test/packages/log/manifest.yml b/test/packages/log/manifest.yml
deleted file mode 100644
index a53742e70..000000000
--- a/test/packages/log/manifest.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-format_version: 1.0.0
-name: log
-title: Custom Logs
-description: >-
-  Collect custom logs with Elastic Agent.
-type: integration
-version: 999.999.999
-release: experimental
-license: basic
-categories:
-  - custom
-policy_templates:
-  - name: logs
-    title: Custom logs
-    description: Collect your custom log files.
-    inputs:
-      - type: logfile
-        title: Custom log file
-        description: Collect your custom log files.
-icons:
-  - src: "/img/icon.svg"
-    type: "image/svg+xml"
-owner:
-  github: elastic/integrations
diff --git a/test/packages/nginx/data_stream/stubstatus/fields/agent.yml b/test/packages/nginx/data_stream/stubstatus/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/nginx/data_stream/stubstatus/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/fields_tests/_dev/build/build.yml b/test/packages/other/fields_tests/_dev/build/build.yml
similarity index 100%
rename from test/packages/fields_tests/_dev/build/build.yml
rename to test/packages/other/fields_tests/_dev/build/build.yml
diff --git a/test/packages/fields_tests/_dev/build/docs/README.md b/test/packages/other/fields_tests/_dev/build/docs/README.md
similarity index 100%
rename from test/packages/fields_tests/_dev/build/docs/README.md
rename to test/packages/other/fields_tests/_dev/build/docs/README.md
diff --git a/test/packages/fields_tests/changelog.yml b/test/packages/other/fields_tests/changelog.yml
similarity index 100%
rename from test/packages/fields_tests/changelog.yml
rename to test/packages/other/fields_tests/changelog.yml
diff --git a/test/packages/fields_tests/data_stream/first/agent/stream/stream.yml.hbs b/test/packages/other/fields_tests/data_stream/first/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/fields_tests/data_stream/first/agent/stream/stream.yml.hbs
rename to test/packages/other/fields_tests/data_stream/first/agent/stream/stream.yml.hbs
diff --git a/test/packages/fields_tests/data_stream/first/elasticsearch/ingest_pipeline/default.yml b/test/packages/other/fields_tests/data_stream/first/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/fields_tests/data_stream/first/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/other/fields_tests/data_stream/first/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/fields_tests/data_stream/first/fields/base-fields.yml b/test/packages/other/fields_tests/data_stream/first/fields/base-fields.yml
similarity index 100%
rename from test/packages/fields_tests/data_stream/first/fields/base-fields.yml
rename to test/packages/other/fields_tests/data_stream/first/fields/base-fields.yml
diff --git a/test/packages/fields_tests/data_stream/first/fields/geo-fields.yml b/test/packages/other/fields_tests/data_stream/first/fields/geo-fields.yml
similarity index 100%
rename from test/packages/fields_tests/data_stream/first/fields/geo-fields.yml
rename to test/packages/other/fields_tests/data_stream/first/fields/geo-fields.yml
diff --git a/test/packages/fields_tests/data_stream/first/manifest.yml b/test/packages/other/fields_tests/data_stream/first/manifest.yml
similarity index 100%
rename from test/packages/fields_tests/data_stream/first/manifest.yml
rename to test/packages/other/fields_tests/data_stream/first/manifest.yml
diff --git a/test/packages/fields_tests/data_stream/first/sample_event.json b/test/packages/other/fields_tests/data_stream/first/sample_event.json
similarity index 100%
rename from test/packages/fields_tests/data_stream/first/sample_event.json
rename to test/packages/other/fields_tests/data_stream/first/sample_event.json
diff --git a/test/packages/fields_tests/docs/README.md b/test/packages/other/fields_tests/docs/README.md
similarity index 100%
rename from test/packages/fields_tests/docs/README.md
rename to test/packages/other/fields_tests/docs/README.md
diff --git a/test/packages/fields_tests/manifest.yml b/test/packages/other/fields_tests/manifest.yml
similarity index 100%
rename from test/packages/fields_tests/manifest.yml
rename to test/packages/other/fields_tests/manifest.yml
diff --git a/test/packages/multiinput/_dev/deploy/docker/docker-compose.yml b/test/packages/other/multiinput/_dev/deploy/docker/docker-compose.yml
similarity index 100%
rename from test/packages/multiinput/_dev/deploy/docker/docker-compose.yml
rename to test/packages/other/multiinput/_dev/deploy/docker/docker-compose.yml
diff --git a/test/packages/multiinput/_dev/deploy/docker/logs/generated.log b/test/packages/other/multiinput/_dev/deploy/docker/logs/generated.log
similarity index 100%
rename from test/packages/multiinput/_dev/deploy/docker/logs/generated.log
rename to test/packages/other/multiinput/_dev/deploy/docker/logs/generated.log
diff --git a/test/packages/multiinput/changelog.yml b/test/packages/other/multiinput/changelog.yml
similarity index 100%
rename from test/packages/multiinput/changelog.yml
rename to test/packages/other/multiinput/changelog.yml
diff --git a/test/packages/multiinput/data_stream/test/_dev/test/system/test-tcp-config.yml b/test/packages/other/multiinput/data_stream/test/_dev/test/system/test-tcp-config.yml
similarity index 100%
rename from test/packages/multiinput/data_stream/test/_dev/test/system/test-tcp-config.yml
rename to test/packages/other/multiinput/data_stream/test/_dev/test/system/test-tcp-config.yml
diff --git a/test/packages/multiinput/data_stream/test/_dev/test/system/test-udp-config.yml b/test/packages/other/multiinput/data_stream/test/_dev/test/system/test-udp-config.yml
similarity index 100%
rename from test/packages/multiinput/data_stream/test/_dev/test/system/test-udp-config.yml
rename to test/packages/other/multiinput/data_stream/test/_dev/test/system/test-udp-config.yml
diff --git a/test/packages/multiinput/data_stream/test/agent/stream/stream.yml.hbs b/test/packages/other/multiinput/data_stream/test/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/multiinput/data_stream/test/agent/stream/stream.yml.hbs
rename to test/packages/other/multiinput/data_stream/test/agent/stream/stream.yml.hbs
diff --git a/test/packages/multiinput/data_stream/test/agent/stream/tcp.yml.hbs b/test/packages/other/multiinput/data_stream/test/agent/stream/tcp.yml.hbs
similarity index 100%
rename from test/packages/multiinput/data_stream/test/agent/stream/tcp.yml.hbs
rename to test/packages/other/multiinput/data_stream/test/agent/stream/tcp.yml.hbs
diff --git a/test/packages/multiinput/data_stream/test/agent/stream/udp.yml.hbs b/test/packages/other/multiinput/data_stream/test/agent/stream/udp.yml.hbs
similarity index 100%
rename from test/packages/multiinput/data_stream/test/agent/stream/udp.yml.hbs
rename to test/packages/other/multiinput/data_stream/test/agent/stream/udp.yml.hbs
diff --git a/test/packages/multiinput/data_stream/test/elasticsearch/ingest_pipeline/default.yml b/test/packages/other/multiinput/data_stream/test/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/multiinput/data_stream/test/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/other/multiinput/data_stream/test/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/multiinput/data_stream/test/fields/base-fields.yml b/test/packages/other/multiinput/data_stream/test/fields/base-fields.yml
similarity index 100%
rename from test/packages/multiinput/data_stream/test/fields/base-fields.yml
rename to test/packages/other/multiinput/data_stream/test/fields/base-fields.yml
diff --git a/test/packages/multiinput/data_stream/test/fields/ecs.yml b/test/packages/other/multiinput/data_stream/test/fields/ecs.yml
similarity index 100%
rename from test/packages/multiinput/data_stream/test/fields/ecs.yml
rename to test/packages/other/multiinput/data_stream/test/fields/ecs.yml
diff --git a/test/packages/multiinput/data_stream/test/manifest.yml b/test/packages/other/multiinput/data_stream/test/manifest.yml
similarity index 100%
rename from test/packages/multiinput/data_stream/test/manifest.yml
rename to test/packages/other/multiinput/data_stream/test/manifest.yml
diff --git a/test/packages/multiinput/docs/README.md b/test/packages/other/multiinput/docs/README.md
similarity index 100%
rename from test/packages/multiinput/docs/README.md
rename to test/packages/other/multiinput/docs/README.md
diff --git a/test/packages/multiinput/manifest.yml b/test/packages/other/multiinput/manifest.yml
similarity index 100%
rename from test/packages/multiinput/manifest.yml
rename to test/packages/other/multiinput/manifest.yml
diff --git a/test/packages/pipeline_tests/changelog.yml b/test/packages/other/pipeline_tests/changelog.yml
similarity index 100%
rename from test/packages/pipeline_tests/changelog.yml
rename to test/packages/other/pipeline_tests/changelog.yml
diff --git a/test/packages/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log b/test/packages/other/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log
similarity index 100%
rename from test/packages/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log
rename to test/packages/other/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log
diff --git a/test/packages/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-config.yml b/test/packages/other/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-config.yml
similarity index 100%
rename from test/packages/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-config.yml
rename to test/packages/other/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-config.yml
diff --git a/test/packages/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-expected.json b/test/packages/other/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-expected.json
similarity index 100%
rename from test/packages/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-expected.json
rename to test/packages/other/pipeline_tests/data_stream/test/_dev/test/pipeline/test-access-raw.log-expected.json
diff --git a/test/packages/pipeline_tests/data_stream/test/agent/stream/stream.yml.hbs b/test/packages/other/pipeline_tests/data_stream/test/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/pipeline_tests/data_stream/test/agent/stream/stream.yml.hbs
rename to test/packages/other/pipeline_tests/data_stream/test/agent/stream/stream.yml.hbs
diff --git a/test/packages/pipeline_tests/data_stream/test/elasticsearch/ingest_pipeline/default.yml b/test/packages/other/pipeline_tests/data_stream/test/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/pipeline_tests/data_stream/test/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/other/pipeline_tests/data_stream/test/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/pipeline_tests/data_stream/test/fields/base-fields.yml b/test/packages/other/pipeline_tests/data_stream/test/fields/base-fields.yml
similarity index 100%
rename from test/packages/pipeline_tests/data_stream/test/fields/base-fields.yml
rename to test/packages/other/pipeline_tests/data_stream/test/fields/base-fields.yml
diff --git a/test/packages/pipeline_tests/data_stream/test/manifest.yml b/test/packages/other/pipeline_tests/data_stream/test/manifest.yml
similarity index 100%
rename from test/packages/pipeline_tests/data_stream/test/manifest.yml
rename to test/packages/other/pipeline_tests/data_stream/test/manifest.yml
diff --git a/test/packages/pipeline_tests/docs/README.md b/test/packages/other/pipeline_tests/docs/README.md
similarity index 100%
rename from test/packages/pipeline_tests/docs/README.md
rename to test/packages/other/pipeline_tests/docs/README.md
diff --git a/test/packages/pipeline_tests/manifest.yml b/test/packages/other/pipeline_tests/manifest.yml
similarity index 100%
rename from test/packages/pipeline_tests/manifest.yml
rename to test/packages/other/pipeline_tests/manifest.yml
diff --git a/test/packages/apache/_dev/build/build.yml b/test/packages/parallel/apache/_dev/build/build.yml
similarity index 100%
rename from test/packages/apache/_dev/build/build.yml
rename to test/packages/parallel/apache/_dev/build/build.yml
diff --git a/test/packages/apache/_dev/build/docs/README.md b/test/packages/parallel/apache/_dev/build/docs/README.md
similarity index 100%
rename from test/packages/apache/_dev/build/docs/README.md
rename to test/packages/parallel/apache/_dev/build/docs/README.md
diff --git a/test/packages/apache/_dev/deploy/docker/Dockerfile b/test/packages/parallel/apache/_dev/deploy/docker/Dockerfile
similarity index 100%
rename from test/packages/apache/_dev/deploy/docker/Dockerfile
rename to test/packages/parallel/apache/_dev/deploy/docker/Dockerfile
diff --git a/test/packages/apache/_dev/deploy/docker/docker-compose.yml b/test/packages/parallel/apache/_dev/deploy/docker/docker-compose.yml
similarity index 100%
rename from test/packages/apache/_dev/deploy/docker/docker-compose.yml
rename to test/packages/parallel/apache/_dev/deploy/docker/docker-compose.yml
diff --git a/test/packages/apache/_dev/deploy/docker/httpd.conf b/test/packages/parallel/apache/_dev/deploy/docker/httpd.conf
similarity index 100%
rename from test/packages/apache/_dev/deploy/docker/httpd.conf
rename to test/packages/parallel/apache/_dev/deploy/docker/httpd.conf
diff --git a/test/packages/apache/_dev/deploy/variants.yml b/test/packages/parallel/apache/_dev/deploy/variants.yml
similarity index 100%
rename from test/packages/apache/_dev/deploy/variants.yml
rename to test/packages/parallel/apache/_dev/deploy/variants.yml
diff --git a/test/packages/apache/changelog.yml b/test/packages/parallel/apache/changelog.yml
similarity index 100%
rename from test/packages/apache/changelog.yml
rename to test/packages/parallel/apache/changelog.yml
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log-expected.json b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log-expected.json
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log-expected.json
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log-expected.json b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log-expected.json
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log-expected.json
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log-expected.json b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log-expected.json
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log-expected.json
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log-expected.json b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log-expected.json
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-ubuntu.log-expected.json
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log-expected.json b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log-expected.json
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-access-vhost.log-expected.json
diff --git a/test/packages/apache/data_stream/access/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/apache/data_stream/access/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/apache/data_stream/access/_dev/test/system/test-default-config.yml b/test/packages/parallel/apache/data_stream/access/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/_dev/test/system/test-default-config.yml
rename to test/packages/parallel/apache/data_stream/access/_dev/test/system/test-default-config.yml
diff --git a/test/packages/apache/data_stream/access/agent/stream/httpjson.yml.hbs b/test/packages/parallel/apache/data_stream/access/agent/stream/httpjson.yml.hbs
similarity index 100%
rename from test/packages/apache/data_stream/access/agent/stream/httpjson.yml.hbs
rename to test/packages/parallel/apache/data_stream/access/agent/stream/httpjson.yml.hbs
diff --git a/test/packages/apache/data_stream/access/agent/stream/log.yml.hbs b/test/packages/parallel/apache/data_stream/access/agent/stream/log.yml.hbs
similarity index 100%
rename from test/packages/apache/data_stream/access/agent/stream/log.yml.hbs
rename to test/packages/parallel/apache/data_stream/access/agent/stream/log.yml.hbs
diff --git a/test/packages/apache/data_stream/access/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/apache/data_stream/access/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/apache/data_stream/access/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/apache/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml b/test/packages/parallel/apache/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml
rename to test/packages/parallel/apache/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml
diff --git a/test/packages/apache/data_stream/access/fields/agent.yml b/test/packages/parallel/apache/data_stream/access/fields/agent.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/fields/agent.yml
rename to test/packages/parallel/apache/data_stream/access/fields/agent.yml
diff --git a/test/packages/apache/data_stream/access/fields/base-fields.yml b/test/packages/parallel/apache/data_stream/access/fields/base-fields.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/fields/base-fields.yml
rename to test/packages/parallel/apache/data_stream/access/fields/base-fields.yml
diff --git a/test/packages/apache/data_stream/access/fields/ecs.yml b/test/packages/parallel/apache/data_stream/access/fields/ecs.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/fields/ecs.yml
rename to test/packages/parallel/apache/data_stream/access/fields/ecs.yml
diff --git a/test/packages/apache/data_stream/access/fields/fields.yml b/test/packages/parallel/apache/data_stream/access/fields/fields.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/fields/fields.yml
rename to test/packages/parallel/apache/data_stream/access/fields/fields.yml
diff --git a/test/packages/apache/data_stream/access/manifest.yml b/test/packages/parallel/apache/data_stream/access/manifest.yml
similarity index 100%
rename from test/packages/apache/data_stream/access/manifest.yml
rename to test/packages/parallel/apache/data_stream/access/manifest.yml
diff --git a/test/packages/apache/data_stream/access/sample_event.json b/test/packages/parallel/apache/data_stream/access/sample_event.json
similarity index 100%
rename from test/packages/apache/data_stream/access/sample_event.json
rename to test/packages/parallel/apache/data_stream/access/sample_event.json
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log-expected.json b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log-expected.json
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-basic.log-expected.json
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log-expected.json b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log-expected.json
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-darwin.log-expected.json
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log-expected.json b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log-expected.json
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-trace.log-expected.json
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log
diff --git a/test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log-expected.json b/test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log-expected.json
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log-expected.json
rename to test/packages/parallel/apache/data_stream/error/_dev/test/pipeline/test-error-ubuntu.log-expected.json
diff --git a/test/packages/apache/data_stream/error/_dev/test/system/test-default-config.yml b/test/packages/parallel/apache/data_stream/error/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/_dev/test/system/test-default-config.yml
rename to test/packages/parallel/apache/data_stream/error/_dev/test/system/test-default-config.yml
diff --git a/test/packages/apache/data_stream/error/agent/stream/httpjson.yml.hbs b/test/packages/parallel/apache/data_stream/error/agent/stream/httpjson.yml.hbs
similarity index 100%
rename from test/packages/apache/data_stream/error/agent/stream/httpjson.yml.hbs
rename to test/packages/parallel/apache/data_stream/error/agent/stream/httpjson.yml.hbs
diff --git a/test/packages/apache/data_stream/error/agent/stream/log.yml.hbs b/test/packages/parallel/apache/data_stream/error/agent/stream/log.yml.hbs
similarity index 100%
rename from test/packages/apache/data_stream/error/agent/stream/log.yml.hbs
rename to test/packages/parallel/apache/data_stream/error/agent/stream/log.yml.hbs
diff --git a/test/packages/apache/data_stream/error/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/apache/data_stream/error/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/apache/data_stream/error/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/apache/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml b/test/packages/parallel/apache/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml
rename to test/packages/parallel/apache/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml
diff --git a/test/packages/apache/data_stream/error/fields/agent.yml b/test/packages/parallel/apache/data_stream/error/fields/agent.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/fields/agent.yml
rename to test/packages/parallel/apache/data_stream/error/fields/agent.yml
diff --git a/test/packages/apache/data_stream/error/fields/base-fields.yml b/test/packages/parallel/apache/data_stream/error/fields/base-fields.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/fields/base-fields.yml
rename to test/packages/parallel/apache/data_stream/error/fields/base-fields.yml
diff --git a/test/packages/apache/data_stream/error/fields/ecs.yml b/test/packages/parallel/apache/data_stream/error/fields/ecs.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/fields/ecs.yml
rename to test/packages/parallel/apache/data_stream/error/fields/ecs.yml
diff --git a/test/packages/apache/data_stream/error/fields/fields.yml b/test/packages/parallel/apache/data_stream/error/fields/fields.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/fields/fields.yml
rename to test/packages/parallel/apache/data_stream/error/fields/fields.yml
diff --git a/test/packages/apache/data_stream/error/manifest.yml b/test/packages/parallel/apache/data_stream/error/manifest.yml
similarity index 100%
rename from test/packages/apache/data_stream/error/manifest.yml
rename to test/packages/parallel/apache/data_stream/error/manifest.yml
diff --git a/test/packages/apache/data_stream/error/sample_event.json b/test/packages/parallel/apache/data_stream/error/sample_event.json
similarity index 100%
rename from test/packages/apache/data_stream/error/sample_event.json
rename to test/packages/parallel/apache/data_stream/error/sample_event.json
diff --git a/test/packages/apache/data_stream/status/_dev/test/system/test-default-config.yml b/test/packages/parallel/apache/data_stream/status/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/apache/data_stream/status/_dev/test/system/test-default-config.yml
rename to test/packages/parallel/apache/data_stream/status/_dev/test/system/test-default-config.yml
diff --git a/test/packages/apache/data_stream/status/agent/stream/stream.yml.hbs b/test/packages/parallel/apache/data_stream/status/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/apache/data_stream/status/agent/stream/stream.yml.hbs
rename to test/packages/parallel/apache/data_stream/status/agent/stream/stream.yml.hbs
diff --git a/test/packages/apache/data_stream/status/fields/agent.yml b/test/packages/parallel/apache/data_stream/status/fields/agent.yml
similarity index 100%
rename from test/packages/apache/data_stream/status/fields/agent.yml
rename to test/packages/parallel/apache/data_stream/status/fields/agent.yml
diff --git a/test/packages/apache/data_stream/status/fields/base-fields.yml b/test/packages/parallel/apache/data_stream/status/fields/base-fields.yml
similarity index 100%
rename from test/packages/apache/data_stream/status/fields/base-fields.yml
rename to test/packages/parallel/apache/data_stream/status/fields/base-fields.yml
diff --git a/test/packages/apache/data_stream/status/fields/ecs.yml b/test/packages/parallel/apache/data_stream/status/fields/ecs.yml
similarity index 100%
rename from test/packages/apache/data_stream/status/fields/ecs.yml
rename to test/packages/parallel/apache/data_stream/status/fields/ecs.yml
diff --git a/test/packages/apache/data_stream/status/fields/fields.yml b/test/packages/parallel/apache/data_stream/status/fields/fields.yml
similarity index 100%
rename from test/packages/apache/data_stream/status/fields/fields.yml
rename to test/packages/parallel/apache/data_stream/status/fields/fields.yml
diff --git a/test/packages/apache/data_stream/status/manifest.yml b/test/packages/parallel/apache/data_stream/status/manifest.yml
similarity index 100%
rename from test/packages/apache/data_stream/status/manifest.yml
rename to test/packages/parallel/apache/data_stream/status/manifest.yml
diff --git a/test/packages/apache/data_stream/status/sample_event.json b/test/packages/parallel/apache/data_stream/status/sample_event.json
similarity index 100%
rename from test/packages/apache/data_stream/status/sample_event.json
rename to test/packages/parallel/apache/data_stream/status/sample_event.json
diff --git a/test/packages/apache/docs/README.md b/test/packages/parallel/apache/docs/README.md
similarity index 100%
rename from test/packages/apache/docs/README.md
rename to test/packages/parallel/apache/docs/README.md
diff --git a/test/packages/apache/img/apache-logs-overview.png b/test/packages/parallel/apache/img/apache-logs-overview.png
similarity index 100%
rename from test/packages/apache/img/apache-logs-overview.png
rename to test/packages/parallel/apache/img/apache-logs-overview.png
diff --git a/test/packages/apache/img/apache-metrics-overview.png b/test/packages/parallel/apache/img/apache-metrics-overview.png
similarity index 100%
rename from test/packages/apache/img/apache-metrics-overview.png
rename to test/packages/parallel/apache/img/apache-metrics-overview.png
diff --git a/test/packages/apache/img/logo_apache.svg b/test/packages/parallel/apache/img/logo_apache.svg
similarity index 100%
rename from test/packages/apache/img/logo_apache.svg
rename to test/packages/parallel/apache/img/logo_apache.svg
diff --git a/test/packages/apache/kibana/dashboard/apache-Logs-Apache-Dashboard.json b/test/packages/parallel/apache/kibana/dashboard/apache-Logs-Apache-Dashboard.json
similarity index 100%
rename from test/packages/apache/kibana/dashboard/apache-Logs-Apache-Dashboard.json
rename to test/packages/parallel/apache/kibana/dashboard/apache-Logs-Apache-Dashboard.json
diff --git a/test/packages/apache/kibana/dashboard/apache-Metrics-Apache-HTTPD-server-status.json b/test/packages/parallel/apache/kibana/dashboard/apache-Metrics-Apache-HTTPD-server-status.json
similarity index 100%
rename from test/packages/apache/kibana/dashboard/apache-Metrics-Apache-HTTPD-server-status.json
rename to test/packages/parallel/apache/kibana/dashboard/apache-Metrics-Apache-HTTPD-server-status.json
diff --git a/test/packages/apache/kibana/ml_module/apache-Logs-ml.json b/test/packages/parallel/apache/kibana/ml_module/apache-Logs-ml.json
similarity index 100%
rename from test/packages/apache/kibana/ml_module/apache-Logs-ml.json
rename to test/packages/parallel/apache/kibana/ml_module/apache-Logs-ml.json
diff --git a/test/packages/apache/kibana/search/apache-HTTPD.json b/test/packages/parallel/apache/kibana/search/apache-HTTPD.json
similarity index 100%
rename from test/packages/apache/kibana/search/apache-HTTPD.json
rename to test/packages/parallel/apache/kibana/search/apache-HTTPD.json
diff --git a/test/packages/apache/kibana/search/apache-access-logs.json b/test/packages/parallel/apache/kibana/search/apache-access-logs.json
similarity index 100%
rename from test/packages/apache/kibana/search/apache-access-logs.json
rename to test/packages/parallel/apache/kibana/search/apache-access-logs.json
diff --git a/test/packages/apache/kibana/search/apache-errors-log.json b/test/packages/parallel/apache/kibana/search/apache-errors-log.json
similarity index 100%
rename from test/packages/apache/kibana/search/apache-errors-log.json
rename to test/packages/parallel/apache/kibana/search/apache-errors-log.json
diff --git a/test/packages/apache/kibana/visualization/apache-22057f20-3a12-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-22057f20-3a12-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-22057f20-3a12-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-22057f20-3a12-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-320cd980-3a36-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-320cd980-3a36-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-320cd980-3a36-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-320cd980-3a36-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-47820ce0-3a1d-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-47820ce0-3a1d-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-47820ce0-3a1d-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-47820ce0-3a1d-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-7724cf20-3a39-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-7724cf20-3a39-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-7724cf20-3a39-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-7724cf20-3a39-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-7d68f730-3a39-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-7d68f730-3a39-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-7d68f730-3a39-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-7d68f730-3a39-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-805d7bb0-3a10-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-805d7bb0-3a10-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-805d7bb0-3a10-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-805d7bb0-3a10-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-99666080-3a20-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-99666080-3a20-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-99666080-3a20-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-99666080-3a20-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-HTTPD-CPU.json b/test/packages/parallel/apache/kibana/visualization/apache-HTTPD-CPU.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-HTTPD-CPU.json
rename to test/packages/parallel/apache/kibana/visualization/apache-HTTPD-CPU.json
diff --git a/test/packages/apache/kibana/visualization/apache-HTTPD-Load1-slash-5-slash-15.json b/test/packages/parallel/apache/kibana/visualization/apache-HTTPD-Load1-slash-5-slash-15.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-HTTPD-Load1-slash-5-slash-15.json
rename to test/packages/parallel/apache/kibana/visualization/apache-HTTPD-Load1-slash-5-slash-15.json
diff --git a/test/packages/apache/kibana/visualization/apache-HTTPD-Scoreboard.json b/test/packages/parallel/apache/kibana/visualization/apache-HTTPD-Scoreboard.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-HTTPD-Scoreboard.json
rename to test/packages/parallel/apache/kibana/visualization/apache-HTTPD-Scoreboard.json
diff --git a/test/packages/apache/kibana/visualization/apache-a45311f0-3a34-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-a45311f0-3a34-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-a45311f0-3a34-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-a45311f0-3a34-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-access-unique-IPs-map.json b/test/packages/parallel/apache/kibana/visualization/apache-access-unique-IPs-map.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-access-unique-IPs-map.json
rename to test/packages/parallel/apache/kibana/visualization/apache-access-unique-IPs-map.json
diff --git a/test/packages/apache/kibana/visualization/apache-browsers.json b/test/packages/parallel/apache/kibana/visualization/apache-browsers.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-browsers.json
rename to test/packages/parallel/apache/kibana/visualization/apache-browsers.json
diff --git a/test/packages/apache/kibana/visualization/apache-ed44f820-3a10-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-ed44f820-3a10-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-ed44f820-3a10-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-ed44f820-3a10-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-error-logs-over-time.json b/test/packages/parallel/apache/kibana/visualization/apache-error-logs-over-time.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-error-logs-over-time.json
rename to test/packages/parallel/apache/kibana/visualization/apache-error-logs-over-time.json
diff --git a/test/packages/apache/kibana/visualization/apache-f4ffec70-3a36-11eb-8946-296aab7b13db.json b/test/packages/parallel/apache/kibana/visualization/apache-f4ffec70-3a36-11eb-8946-296aab7b13db.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-f4ffec70-3a36-11eb-8946-296aab7b13db.json
rename to test/packages/parallel/apache/kibana/visualization/apache-f4ffec70-3a36-11eb-8946-296aab7b13db.json
diff --git a/test/packages/apache/kibana/visualization/apache-operating-systems.json b/test/packages/parallel/apache/kibana/visualization/apache-operating-systems.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-operating-systems.json
rename to test/packages/parallel/apache/kibana/visualization/apache-operating-systems.json
diff --git a/test/packages/apache/kibana/visualization/apache-response-codes-of-top-URLs.json b/test/packages/parallel/apache/kibana/visualization/apache-response-codes-of-top-URLs.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-response-codes-of-top-URLs.json
rename to test/packages/parallel/apache/kibana/visualization/apache-response-codes-of-top-URLs.json
diff --git a/test/packages/apache/kibana/visualization/apache-response-codes-over-time.json b/test/packages/parallel/apache/kibana/visualization/apache-response-codes-over-time.json
similarity index 100%
rename from test/packages/apache/kibana/visualization/apache-response-codes-over-time.json
rename to test/packages/parallel/apache/kibana/visualization/apache-response-codes-over-time.json
diff --git a/test/packages/apache/manifest.yml b/test/packages/parallel/apache/manifest.yml
similarity index 100%
rename from test/packages/apache/manifest.yml
rename to test/packages/parallel/apache/manifest.yml
diff --git a/test/packages/aws/_dev/build/build.yml b/test/packages/parallel/aws/_dev/build/build.yml
similarity index 100%
rename from test/packages/aws/_dev/build/build.yml
rename to test/packages/parallel/aws/_dev/build/build.yml
diff --git a/test/packages/aws/_dev/build/docs/README.md b/test/packages/parallel/aws/_dev/build/docs/README.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/README.md
rename to test/packages/parallel/aws/_dev/build/docs/README.md
diff --git a/test/packages/aws/_dev/build/docs/billing.md b/test/packages/parallel/aws/_dev/build/docs/billing.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/billing.md
rename to test/packages/parallel/aws/_dev/build/docs/billing.md
diff --git a/test/packages/aws/_dev/build/docs/cloudtrail.md b/test/packages/parallel/aws/_dev/build/docs/cloudtrail.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/cloudtrail.md
rename to test/packages/parallel/aws/_dev/build/docs/cloudtrail.md
diff --git a/test/packages/aws/_dev/build/docs/cloudwatch.md b/test/packages/parallel/aws/_dev/build/docs/cloudwatch.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/cloudwatch.md
rename to test/packages/parallel/aws/_dev/build/docs/cloudwatch.md
diff --git a/test/packages/aws/_dev/build/docs/dynamodb.md b/test/packages/parallel/aws/_dev/build/docs/dynamodb.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/dynamodb.md
rename to test/packages/parallel/aws/_dev/build/docs/dynamodb.md
diff --git a/test/packages/aws/_dev/build/docs/ebs.md b/test/packages/parallel/aws/_dev/build/docs/ebs.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/ebs.md
rename to test/packages/parallel/aws/_dev/build/docs/ebs.md
diff --git a/test/packages/aws/_dev/build/docs/ec2.md b/test/packages/parallel/aws/_dev/build/docs/ec2.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/ec2.md
rename to test/packages/parallel/aws/_dev/build/docs/ec2.md
diff --git a/test/packages/aws/_dev/build/docs/elb.md b/test/packages/parallel/aws/_dev/build/docs/elb.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/elb.md
rename to test/packages/parallel/aws/_dev/build/docs/elb.md
diff --git a/test/packages/aws/_dev/build/docs/lambda.md b/test/packages/parallel/aws/_dev/build/docs/lambda.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/lambda.md
rename to test/packages/parallel/aws/_dev/build/docs/lambda.md
diff --git a/test/packages/aws/_dev/build/docs/natgateway.md b/test/packages/parallel/aws/_dev/build/docs/natgateway.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/natgateway.md
rename to test/packages/parallel/aws/_dev/build/docs/natgateway.md
diff --git a/test/packages/aws/_dev/build/docs/rds.md b/test/packages/parallel/aws/_dev/build/docs/rds.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/rds.md
rename to test/packages/parallel/aws/_dev/build/docs/rds.md
diff --git a/test/packages/aws/_dev/build/docs/s3.md b/test/packages/parallel/aws/_dev/build/docs/s3.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/s3.md
rename to test/packages/parallel/aws/_dev/build/docs/s3.md
diff --git a/test/packages/aws/_dev/build/docs/s3_storage_lens.md b/test/packages/parallel/aws/_dev/build/docs/s3_storage_lens.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/s3_storage_lens.md
rename to test/packages/parallel/aws/_dev/build/docs/s3_storage_lens.md
diff --git a/test/packages/aws/_dev/build/docs/sns.md b/test/packages/parallel/aws/_dev/build/docs/sns.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/sns.md
rename to test/packages/parallel/aws/_dev/build/docs/sns.md
diff --git a/test/packages/aws/_dev/build/docs/sqs.md b/test/packages/parallel/aws/_dev/build/docs/sqs.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/sqs.md
rename to test/packages/parallel/aws/_dev/build/docs/sqs.md
diff --git a/test/packages/aws/_dev/build/docs/transitgateway.md b/test/packages/parallel/aws/_dev/build/docs/transitgateway.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/transitgateway.md
rename to test/packages/parallel/aws/_dev/build/docs/transitgateway.md
diff --git a/test/packages/aws/_dev/build/docs/usage.md b/test/packages/parallel/aws/_dev/build/docs/usage.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/usage.md
rename to test/packages/parallel/aws/_dev/build/docs/usage.md
diff --git a/test/packages/aws/_dev/build/docs/vpcflow.md b/test/packages/parallel/aws/_dev/build/docs/vpcflow.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/vpcflow.md
rename to test/packages/parallel/aws/_dev/build/docs/vpcflow.md
diff --git a/test/packages/aws/_dev/build/docs/vpn.md b/test/packages/parallel/aws/_dev/build/docs/vpn.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/vpn.md
rename to test/packages/parallel/aws/_dev/build/docs/vpn.md
diff --git a/test/packages/aws/_dev/build/docs/waf.md b/test/packages/parallel/aws/_dev/build/docs/waf.md
similarity index 100%
rename from test/packages/aws/_dev/build/docs/waf.md
rename to test/packages/parallel/aws/_dev/build/docs/waf.md
diff --git a/test/packages/aws/changelog.yml b/test/packages/parallel/aws/changelog.yml
similarity index 100%
rename from test/packages/aws/changelog.yml
rename to test/packages/parallel/aws/changelog.yml
diff --git a/test/packages/aws/data_stream/billing/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/billing/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/billing/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/billing/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/billing/fields/agent.yml b/test/packages/parallel/aws/data_stream/billing/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/billing/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/billing/fields/agent.yml
diff --git a/test/packages/aws/data_stream/billing/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/billing/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/billing/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/billing/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/billing/fields/ecs.yml b/test/packages/parallel/aws/data_stream/billing/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/billing/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/billing/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/billing/fields/fields.yml b/test/packages/parallel/aws/data_stream/billing/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/billing/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/billing/fields/fields.yml
diff --git a/test/packages/aws/data_stream/billing/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/billing/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/billing/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/billing/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/billing/manifest.yml b/test/packages/parallel/aws/data_stream/billing/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/billing/manifest.yml
rename to test/packages/parallel/aws/data_stream/billing/manifest.yml
diff --git a/test/packages/aws/data_stream/billing/sample_event.json b/test/packages/parallel/aws/data_stream/billing/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/billing/sample_event.json
rename to test/packages/parallel/aws/data_stream/billing/sample_event.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log
diff --git a/test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs
rename to test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs
diff --git a/test/packages/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs b/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs
rename to test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs
diff --git a/test/packages/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml b/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/fields/agent.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/fields/agent.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/fields/ecs.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/fields/fields.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/fields/fields.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/manifest.yml b/test/packages/parallel/aws/data_stream/cloudtrail/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/manifest.yml
rename to test/packages/parallel/aws/data_stream/cloudtrail/manifest.yml
diff --git a/test/packages/aws/data_stream/cloudtrail/sample_event.json b/test/packages/parallel/aws/data_stream/cloudtrail/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudtrail/sample_event.json
rename to test/packages/parallel/aws/data_stream/cloudtrail/sample_event.json
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log b/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json b/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/fields/agent.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/agent.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/fields/fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/fields.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/manifest.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/manifest.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/manifest.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_logs/sample_event.json b/test/packages/parallel/aws/data_stream/cloudwatch_logs/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_logs/sample_event.json
rename to test/packages/parallel/aws/data_stream/cloudwatch_logs/sample_event.json
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/fields/agent.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/agent.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/fields/ecs.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/fields/fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/fields.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/manifest.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/manifest.yml
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/manifest.yml
diff --git a/test/packages/aws/data_stream/cloudwatch_metrics/sample_event.json b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/cloudwatch_metrics/sample_event.json
rename to test/packages/parallel/aws/data_stream/cloudwatch_metrics/sample_event.json
diff --git a/test/packages/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/dynamodb/fields/agent.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/dynamodb/fields/agent.yml
diff --git a/test/packages/aws/data_stream/dynamodb/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/dynamodb/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/dynamodb/fields/ecs.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/dynamodb/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/dynamodb/fields/fields.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/dynamodb/fields/fields.yml
diff --git a/test/packages/aws/data_stream/dynamodb/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/dynamodb/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/dynamodb/manifest.yml b/test/packages/parallel/aws/data_stream/dynamodb/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/manifest.yml
rename to test/packages/parallel/aws/data_stream/dynamodb/manifest.yml
diff --git a/test/packages/aws/data_stream/dynamodb/sample_event.json b/test/packages/parallel/aws/data_stream/dynamodb/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/dynamodb/sample_event.json
rename to test/packages/parallel/aws/data_stream/dynamodb/sample_event.json
diff --git a/test/packages/aws/data_stream/ebs/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/ebs/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/ebs/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/ebs/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/ebs/fields/agent.yml b/test/packages/parallel/aws/data_stream/ebs/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/ebs/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/ebs/fields/agent.yml
diff --git a/test/packages/aws/data_stream/ebs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/ebs/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ebs/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/ebs/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/ebs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/ebs/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/ebs/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/ebs/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/ebs/fields/fields.yml b/test/packages/parallel/aws/data_stream/ebs/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ebs/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/ebs/fields/fields.yml
diff --git a/test/packages/aws/data_stream/ebs/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/ebs/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ebs/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/ebs/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/ebs/manifest.yml b/test/packages/parallel/aws/data_stream/ebs/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/ebs/manifest.yml
rename to test/packages/parallel/aws/data_stream/ebs/manifest.yml
diff --git a/test/packages/aws/data_stream/ebs/sample_event.json b/test/packages/parallel/aws/data_stream/ebs/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/ebs/sample_event.json
rename to test/packages/parallel/aws/data_stream/ebs/sample_event.json
diff --git a/test/packages/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log b/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log
rename to test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log
diff --git a/test/packages/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json b/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json
rename to test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json
diff --git a/test/packages/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs
rename to test/packages/parallel/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs
diff --git a/test/packages/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/aws/data_stream/ec2_logs/fields/agent.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/ec2_logs/fields/agent.yml
diff --git a/test/packages/aws/data_stream/ec2_logs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/ec2_logs/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/ec2_logs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/ec2_logs/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/ec2_logs/fields/fields.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/ec2_logs/fields/fields.yml
diff --git a/test/packages/aws/data_stream/ec2_logs/manifest.yml b/test/packages/parallel/aws/data_stream/ec2_logs/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/manifest.yml
rename to test/packages/parallel/aws/data_stream/ec2_logs/manifest.yml
diff --git a/test/packages/aws/data_stream/ec2_logs/sample_event.json b/test/packages/parallel/aws/data_stream/ec2_logs/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/ec2_logs/sample_event.json
rename to test/packages/parallel/aws/data_stream/ec2_logs/sample_event.json
diff --git a/test/packages/aws/data_stream/ec2_metrics/_dev/deploy/tf/env.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/_dev/deploy/tf/env.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/_dev/deploy/tf/env.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/_dev/deploy/tf/env.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/_dev/deploy/tf/main.tf b/test/packages/parallel/aws/data_stream/ec2_metrics/_dev/deploy/tf/main.tf
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/_dev/deploy/tf/main.tf
rename to test/packages/parallel/aws/data_stream/ec2_metrics/_dev/deploy/tf/main.tf
diff --git a/test/packages/aws/data_stream/ec2_metrics/_dev/test/system/test-default-config.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/_dev/test/system/test-default-config.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/_dev/test/system/test-default-config.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/ec2_metrics/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/ec2_metrics/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/ec2_metrics/fields/agent.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/fields/agent.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/fields/ecs.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/fields/fields.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/fields/fields.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/manifest.yml b/test/packages/parallel/aws/data_stream/ec2_metrics/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/manifest.yml
rename to test/packages/parallel/aws/data_stream/ec2_metrics/manifest.yml
diff --git a/test/packages/aws/data_stream/ec2_metrics/sample_event.json b/test/packages/parallel/aws/data_stream/ec2_metrics/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/ec2_metrics/sample_event.json
rename to test/packages/parallel/aws/data_stream/ec2_metrics/sample_event.json
diff --git a/test/packages/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
rename to test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
diff --git a/test/packages/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
rename to test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
diff --git a/test/packages/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
rename to test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
diff --git a/test/packages/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/aws/data_stream/elb_logs/fields/agent.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
diff --git a/test/packages/aws/data_stream/elb_logs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/elb_logs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/elb_logs/fields/fields.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
diff --git a/test/packages/aws/data_stream/elb_logs/manifest.yml b/test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/manifest.yml
rename to test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
diff --git a/test/packages/aws/data_stream/elb_logs/sample_event.json b/test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/elb_logs/sample_event.json
rename to test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
diff --git a/test/packages/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/elb_metrics/fields/agent.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/elb_metrics/fields/agent.yml
diff --git a/test/packages/aws/data_stream/elb_metrics/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/elb_metrics/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/elb_metrics/fields/ecs.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/elb_metrics/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/elb_metrics/fields/fields.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/elb_metrics/fields/fields.yml
diff --git a/test/packages/aws/data_stream/elb_metrics/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/elb_metrics/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/elb_metrics/manifest.yml b/test/packages/parallel/aws/data_stream/elb_metrics/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/manifest.yml
rename to test/packages/parallel/aws/data_stream/elb_metrics/manifest.yml
diff --git a/test/packages/aws/data_stream/elb_metrics/sample_event.json b/test/packages/parallel/aws/data_stream/elb_metrics/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/elb_metrics/sample_event.json
rename to test/packages/parallel/aws/data_stream/elb_metrics/sample_event.json
diff --git a/test/packages/aws/data_stream/lambda/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/lambda/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/lambda/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/lambda/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/lambda/fields/agent.yml b/test/packages/parallel/aws/data_stream/lambda/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/lambda/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/lambda/fields/agent.yml
diff --git a/test/packages/aws/data_stream/lambda/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/lambda/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/lambda/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/lambda/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/lambda/fields/ecs.yml b/test/packages/parallel/aws/data_stream/lambda/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/lambda/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/lambda/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/lambda/fields/fields.yml b/test/packages/parallel/aws/data_stream/lambda/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/lambda/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/lambda/fields/fields.yml
diff --git a/test/packages/aws/data_stream/lambda/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/lambda/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/lambda/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/lambda/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/lambda/manifest.yml b/test/packages/parallel/aws/data_stream/lambda/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/lambda/manifest.yml
rename to test/packages/parallel/aws/data_stream/lambda/manifest.yml
diff --git a/test/packages/aws/data_stream/lambda/sample_event.json b/test/packages/parallel/aws/data_stream/lambda/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/lambda/sample_event.json
rename to test/packages/parallel/aws/data_stream/lambda/sample_event.json
diff --git a/test/packages/aws/data_stream/natgateway/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/natgateway/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/natgateway/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/natgateway/fields/agent.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/natgateway/fields/agent.yml
diff --git a/test/packages/aws/data_stream/natgateway/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/natgateway/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/natgateway/fields/ecs.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/natgateway/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/natgateway/fields/fields.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/natgateway/fields/fields.yml
diff --git a/test/packages/aws/data_stream/natgateway/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/natgateway/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/natgateway/manifest.yml b/test/packages/parallel/aws/data_stream/natgateway/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/manifest.yml
rename to test/packages/parallel/aws/data_stream/natgateway/manifest.yml
diff --git a/test/packages/aws/data_stream/natgateway/sample_event.json b/test/packages/parallel/aws/data_stream/natgateway/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/natgateway/sample_event.json
rename to test/packages/parallel/aws/data_stream/natgateway/sample_event.json
diff --git a/test/packages/aws/data_stream/rds/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/rds/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/rds/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/rds/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/rds/fields/agent.yml b/test/packages/parallel/aws/data_stream/rds/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/rds/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/rds/fields/agent.yml
diff --git a/test/packages/aws/data_stream/rds/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/rds/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/rds/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/rds/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/rds/fields/ecs.yml b/test/packages/parallel/aws/data_stream/rds/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/rds/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/rds/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/rds/fields/fields.yml b/test/packages/parallel/aws/data_stream/rds/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/rds/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/rds/fields/fields.yml
diff --git a/test/packages/aws/data_stream/rds/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/rds/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/rds/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/rds/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/rds/manifest.yml b/test/packages/parallel/aws/data_stream/rds/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/rds/manifest.yml
rename to test/packages/parallel/aws/data_stream/rds/manifest.yml
diff --git a/test/packages/aws/data_stream/rds/sample_event.json b/test/packages/parallel/aws/data_stream/rds/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/rds/sample_event.json
rename to test/packages/parallel/aws/data_stream/rds/sample_event.json
diff --git a/test/packages/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/s3_daily_storage/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/fields/agent.yml
diff --git a/test/packages/aws/data_stream/s3_daily_storage/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/s3_daily_storage/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/s3_daily_storage/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/fields/fields.yml
diff --git a/test/packages/aws/data_stream/s3_daily_storage/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/s3_daily_storage/manifest.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/manifest.yml
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/manifest.yml
diff --git a/test/packages/aws/data_stream/s3_daily_storage/sample_event.json b/test/packages/parallel/aws/data_stream/s3_daily_storage/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/s3_daily_storage/sample_event.json
rename to test/packages/parallel/aws/data_stream/s3_daily_storage/sample_event.json
diff --git a/test/packages/aws/data_stream/s3_request/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/s3_request/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/s3_request/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/s3_request/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/s3_request/fields/agent.yml
diff --git a/test/packages/aws/data_stream/s3_request/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/s3_request/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/s3_request/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/s3_request/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/s3_request/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/s3_request/fields/fields.yml
diff --git a/test/packages/aws/data_stream/s3_request/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/s3_request/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/s3_request/manifest.yml b/test/packages/parallel/aws/data_stream/s3_request/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/manifest.yml
rename to test/packages/parallel/aws/data_stream/s3_request/manifest.yml
diff --git a/test/packages/aws/data_stream/s3_request/sample_event.json b/test/packages/parallel/aws/data_stream/s3_request/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/s3_request/sample_event.json
rename to test/packages/parallel/aws/data_stream/s3_request/sample_event.json
diff --git a/test/packages/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/s3_storage_lens/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/fields/agent.yml
diff --git a/test/packages/aws/data_stream/s3_storage_lens/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/s3_storage_lens/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/s3_storage_lens/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/fields/fields.yml
diff --git a/test/packages/aws/data_stream/s3_storage_lens/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/s3_storage_lens/manifest.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/manifest.yml
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/manifest.yml
diff --git a/test/packages/aws/data_stream/s3_storage_lens/sample_event.json b/test/packages/parallel/aws/data_stream/s3_storage_lens/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/s3_storage_lens/sample_event.json
rename to test/packages/parallel/aws/data_stream/s3_storage_lens/sample_event.json
diff --git a/test/packages/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log b/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log
similarity index 100%
rename from test/packages/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log
rename to test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log
diff --git a/test/packages/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json b/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json
rename to test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json
diff --git a/test/packages/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs
rename to test/packages/parallel/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs
diff --git a/test/packages/aws/data_stream/s3access/agent/stream/log.yml.hbs b/test/packages/parallel/aws/data_stream/s3access/agent/stream/log.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/s3access/agent/stream/log.yml.hbs
rename to test/packages/parallel/aws/data_stream/s3access/agent/stream/log.yml.hbs
diff --git a/test/packages/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/aws/data_stream/s3access/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3access/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3access/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/s3access/fields/agent.yml
diff --git a/test/packages/aws/data_stream/s3access/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3access/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3access/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/s3access/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/s3access/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3access/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3access/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/s3access/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/s3access/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3access/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3access/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/s3access/fields/fields.yml
diff --git a/test/packages/aws/data_stream/s3access/manifest.yml b/test/packages/parallel/aws/data_stream/s3access/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/s3access/manifest.yml
rename to test/packages/parallel/aws/data_stream/s3access/manifest.yml
diff --git a/test/packages/aws/data_stream/s3access/sample_event.json b/test/packages/parallel/aws/data_stream/s3access/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/s3access/sample_event.json
rename to test/packages/parallel/aws/data_stream/s3access/sample_event.json
diff --git a/test/packages/aws/data_stream/sns/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/sns/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/sns/fields/agent.yml b/test/packages/parallel/aws/data_stream/sns/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/sns/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/sns/fields/agent.yml
diff --git a/test/packages/aws/data_stream/sns/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/sns/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/sns/fields/ecs.yml b/test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/sns/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/sns/fields/fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/sns/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/sns/fields/fields.yml
diff --git a/test/packages/aws/data_stream/sns/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/sns/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/sns/manifest.yml b/test/packages/parallel/aws/data_stream/sns/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/sns/manifest.yml
rename to test/packages/parallel/aws/data_stream/sns/manifest.yml
diff --git a/test/packages/aws/data_stream/sns/sample_event.json b/test/packages/parallel/aws/data_stream/sns/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/sns/sample_event.json
rename to test/packages/parallel/aws/data_stream/sns/sample_event.json
diff --git a/test/packages/aws/data_stream/sqs/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/sqs/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/sqs/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/sqs/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/sqs/fields/agent.yml b/test/packages/parallel/aws/data_stream/sqs/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/sqs/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/sqs/fields/agent.yml
diff --git a/test/packages/aws/data_stream/sqs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/sqs/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/sqs/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/sqs/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/sqs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/sqs/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/sqs/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/sqs/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/sqs/fields/fields.yml b/test/packages/parallel/aws/data_stream/sqs/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/sqs/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/sqs/fields/fields.yml
diff --git a/test/packages/aws/data_stream/sqs/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/sqs/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/sqs/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/sqs/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/sqs/manifest.yml b/test/packages/parallel/aws/data_stream/sqs/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/sqs/manifest.yml
rename to test/packages/parallel/aws/data_stream/sqs/manifest.yml
diff --git a/test/packages/aws/data_stream/sqs/sample_event.json b/test/packages/parallel/aws/data_stream/sqs/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/sqs/sample_event.json
rename to test/packages/parallel/aws/data_stream/sqs/sample_event.json
diff --git a/test/packages/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/transitgateway/fields/agent.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/transitgateway/fields/agent.yml
diff --git a/test/packages/aws/data_stream/transitgateway/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/transitgateway/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/transitgateway/fields/ecs.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/transitgateway/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/transitgateway/fields/fields.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/transitgateway/fields/fields.yml
diff --git a/test/packages/aws/data_stream/transitgateway/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/transitgateway/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/transitgateway/manifest.yml b/test/packages/parallel/aws/data_stream/transitgateway/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/manifest.yml
rename to test/packages/parallel/aws/data_stream/transitgateway/manifest.yml
diff --git a/test/packages/aws/data_stream/transitgateway/sample_event.json b/test/packages/parallel/aws/data_stream/transitgateway/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/transitgateway/sample_event.json
rename to test/packages/parallel/aws/data_stream/transitgateway/sample_event.json
diff --git a/test/packages/aws/data_stream/usage/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/usage/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/usage/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/usage/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/usage/fields/agent.yml b/test/packages/parallel/aws/data_stream/usage/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/usage/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/usage/fields/agent.yml
diff --git a/test/packages/aws/data_stream/usage/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/usage/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/usage/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/usage/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/usage/fields/ecs.yml b/test/packages/parallel/aws/data_stream/usage/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/usage/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/usage/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/usage/fields/fields.yml b/test/packages/parallel/aws/data_stream/usage/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/usage/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/usage/fields/fields.yml
diff --git a/test/packages/aws/data_stream/usage/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/usage/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/usage/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/usage/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/usage/manifest.yml b/test/packages/parallel/aws/data_stream/usage/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/usage/manifest.yml
rename to test/packages/parallel/aws/data_stream/usage/manifest.yml
diff --git a/test/packages/aws/data_stream/usage/sample_event.json b/test/packages/parallel/aws/data_stream/usage/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/usage/sample_event.json
rename to test/packages/parallel/aws/data_stream/usage/sample_event.json
diff --git a/test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log
rename to test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log
diff --git a/test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json
rename to test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json
diff --git a/test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log
rename to test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log
diff --git a/test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json
rename to test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json
diff --git a/test/packages/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs
rename to test/packages/parallel/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs
diff --git a/test/packages/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/aws/data_stream/vpcflow/fields/agent.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/vpcflow/fields/agent.yml
diff --git a/test/packages/aws/data_stream/vpcflow/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/vpcflow/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/vpcflow/fields/ecs.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/vpcflow/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/vpcflow/fields/fields.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/vpcflow/fields/fields.yml
diff --git a/test/packages/aws/data_stream/vpcflow/manifest.yml b/test/packages/parallel/aws/data_stream/vpcflow/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/manifest.yml
rename to test/packages/parallel/aws/data_stream/vpcflow/manifest.yml
diff --git a/test/packages/aws/data_stream/vpcflow/sample_event.json b/test/packages/parallel/aws/data_stream/vpcflow/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/vpcflow/sample_event.json
rename to test/packages/parallel/aws/data_stream/vpcflow/sample_event.json
diff --git a/test/packages/aws/data_stream/vpn/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/vpn/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/vpn/agent/stream/stream.yml.hbs
rename to test/packages/parallel/aws/data_stream/vpn/agent/stream/stream.yml.hbs
diff --git a/test/packages/aws/data_stream/vpn/fields/agent.yml b/test/packages/parallel/aws/data_stream/vpn/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpn/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/vpn/fields/agent.yml
diff --git a/test/packages/aws/data_stream/vpn/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/vpn/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpn/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/vpn/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/vpn/fields/ecs.yml b/test/packages/parallel/aws/data_stream/vpn/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpn/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/vpn/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/vpn/fields/fields.yml b/test/packages/parallel/aws/data_stream/vpn/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpn/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/vpn/fields/fields.yml
diff --git a/test/packages/aws/data_stream/vpn/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/vpn/fields/package-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpn/fields/package-fields.yml
rename to test/packages/parallel/aws/data_stream/vpn/fields/package-fields.yml
diff --git a/test/packages/aws/data_stream/vpn/manifest.yml b/test/packages/parallel/aws/data_stream/vpn/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/vpn/manifest.yml
rename to test/packages/parallel/aws/data_stream/vpn/manifest.yml
diff --git a/test/packages/aws/data_stream/vpn/sample_event.json b/test/packages/parallel/aws/data_stream/vpn/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/vpn/sample_event.json
rename to test/packages/parallel/aws/data_stream/vpn/sample_event.json
diff --git a/test/packages/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/aws/data_stream/waf/_dev/test/pipeline/test-waf.log b/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log
similarity index 100%
rename from test/packages/aws/data_stream/waf/_dev/test/pipeline/test-waf.log
rename to test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log
diff --git a/test/packages/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json b/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json
similarity index 100%
rename from test/packages/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json
rename to test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json
diff --git a/test/packages/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs
rename to test/packages/parallel/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs
diff --git a/test/packages/aws/data_stream/waf/agent/stream/log.yml.hbs b/test/packages/parallel/aws/data_stream/waf/agent/stream/log.yml.hbs
similarity index 100%
rename from test/packages/aws/data_stream/waf/agent/stream/log.yml.hbs
rename to test/packages/parallel/aws/data_stream/waf/agent/stream/log.yml.hbs
diff --git a/test/packages/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/aws/data_stream/waf/fields/agent.yml b/test/packages/parallel/aws/data_stream/waf/fields/agent.yml
similarity index 100%
rename from test/packages/aws/data_stream/waf/fields/agent.yml
rename to test/packages/parallel/aws/data_stream/waf/fields/agent.yml
diff --git a/test/packages/aws/data_stream/waf/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/waf/fields/base-fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/waf/fields/base-fields.yml
rename to test/packages/parallel/aws/data_stream/waf/fields/base-fields.yml
diff --git a/test/packages/aws/data_stream/waf/fields/ecs.yml b/test/packages/parallel/aws/data_stream/waf/fields/ecs.yml
similarity index 100%
rename from test/packages/aws/data_stream/waf/fields/ecs.yml
rename to test/packages/parallel/aws/data_stream/waf/fields/ecs.yml
diff --git a/test/packages/aws/data_stream/waf/fields/fields.yml b/test/packages/parallel/aws/data_stream/waf/fields/fields.yml
similarity index 100%
rename from test/packages/aws/data_stream/waf/fields/fields.yml
rename to test/packages/parallel/aws/data_stream/waf/fields/fields.yml
diff --git a/test/packages/aws/data_stream/waf/manifest.yml b/test/packages/parallel/aws/data_stream/waf/manifest.yml
similarity index 100%
rename from test/packages/aws/data_stream/waf/manifest.yml
rename to test/packages/parallel/aws/data_stream/waf/manifest.yml
diff --git a/test/packages/aws/data_stream/waf/sample_event.json b/test/packages/parallel/aws/data_stream/waf/sample_event.json
similarity index 100%
rename from test/packages/aws/data_stream/waf/sample_event.json
rename to test/packages/parallel/aws/data_stream/waf/sample_event.json
diff --git a/test/packages/aws/docs/README.md b/test/packages/parallel/aws/docs/README.md
similarity index 100%
rename from test/packages/aws/docs/README.md
rename to test/packages/parallel/aws/docs/README.md
diff --git a/test/packages/aws/docs/billing.md b/test/packages/parallel/aws/docs/billing.md
similarity index 100%
rename from test/packages/aws/docs/billing.md
rename to test/packages/parallel/aws/docs/billing.md
diff --git a/test/packages/aws/docs/cloudtrail.md b/test/packages/parallel/aws/docs/cloudtrail.md
similarity index 100%
rename from test/packages/aws/docs/cloudtrail.md
rename to test/packages/parallel/aws/docs/cloudtrail.md
diff --git a/test/packages/aws/docs/cloudwatch.md b/test/packages/parallel/aws/docs/cloudwatch.md
similarity index 100%
rename from test/packages/aws/docs/cloudwatch.md
rename to test/packages/parallel/aws/docs/cloudwatch.md
diff --git a/test/packages/aws/docs/dynamodb.md b/test/packages/parallel/aws/docs/dynamodb.md
similarity index 100%
rename from test/packages/aws/docs/dynamodb.md
rename to test/packages/parallel/aws/docs/dynamodb.md
diff --git a/test/packages/aws/docs/ebs.md b/test/packages/parallel/aws/docs/ebs.md
similarity index 100%
rename from test/packages/aws/docs/ebs.md
rename to test/packages/parallel/aws/docs/ebs.md
diff --git a/test/packages/aws/docs/ec2.md b/test/packages/parallel/aws/docs/ec2.md
similarity index 100%
rename from test/packages/aws/docs/ec2.md
rename to test/packages/parallel/aws/docs/ec2.md
diff --git a/test/packages/aws/docs/elb.md b/test/packages/parallel/aws/docs/elb.md
similarity index 100%
rename from test/packages/aws/docs/elb.md
rename to test/packages/parallel/aws/docs/elb.md
diff --git a/test/packages/aws/docs/lambda.md b/test/packages/parallel/aws/docs/lambda.md
similarity index 100%
rename from test/packages/aws/docs/lambda.md
rename to test/packages/parallel/aws/docs/lambda.md
diff --git a/test/packages/aws/docs/natgateway.md b/test/packages/parallel/aws/docs/natgateway.md
similarity index 100%
rename from test/packages/aws/docs/natgateway.md
rename to test/packages/parallel/aws/docs/natgateway.md
diff --git a/test/packages/aws/docs/rds.md b/test/packages/parallel/aws/docs/rds.md
similarity index 100%
rename from test/packages/aws/docs/rds.md
rename to test/packages/parallel/aws/docs/rds.md
diff --git a/test/packages/aws/docs/s3.md b/test/packages/parallel/aws/docs/s3.md
similarity index 100%
rename from test/packages/aws/docs/s3.md
rename to test/packages/parallel/aws/docs/s3.md
diff --git a/test/packages/aws/docs/s3_storage_lens.md b/test/packages/parallel/aws/docs/s3_storage_lens.md
similarity index 100%
rename from test/packages/aws/docs/s3_storage_lens.md
rename to test/packages/parallel/aws/docs/s3_storage_lens.md
diff --git a/test/packages/aws/docs/sns.md b/test/packages/parallel/aws/docs/sns.md
similarity index 100%
rename from test/packages/aws/docs/sns.md
rename to test/packages/parallel/aws/docs/sns.md
diff --git a/test/packages/aws/docs/sqs.md b/test/packages/parallel/aws/docs/sqs.md
similarity index 100%
rename from test/packages/aws/docs/sqs.md
rename to test/packages/parallel/aws/docs/sqs.md
diff --git a/test/packages/aws/docs/transitgateway.md b/test/packages/parallel/aws/docs/transitgateway.md
similarity index 100%
rename from test/packages/aws/docs/transitgateway.md
rename to test/packages/parallel/aws/docs/transitgateway.md
diff --git a/test/packages/aws/docs/usage.md b/test/packages/parallel/aws/docs/usage.md
similarity index 100%
rename from test/packages/aws/docs/usage.md
rename to test/packages/parallel/aws/docs/usage.md
diff --git a/test/packages/aws/docs/vpcflow.md b/test/packages/parallel/aws/docs/vpcflow.md
similarity index 100%
rename from test/packages/aws/docs/vpcflow.md
rename to test/packages/parallel/aws/docs/vpcflow.md
diff --git a/test/packages/aws/docs/vpn.md b/test/packages/parallel/aws/docs/vpn.md
similarity index 100%
rename from test/packages/aws/docs/vpn.md
rename to test/packages/parallel/aws/docs/vpn.md
diff --git a/test/packages/aws/docs/waf.md b/test/packages/parallel/aws/docs/waf.md
similarity index 100%
rename from test/packages/aws/docs/waf.md
rename to test/packages/parallel/aws/docs/waf.md
diff --git a/test/packages/aws/img/filebeat-aws-cloudtrail.png b/test/packages/parallel/aws/img/filebeat-aws-cloudtrail.png
similarity index 100%
rename from test/packages/aws/img/filebeat-aws-cloudtrail.png
rename to test/packages/parallel/aws/img/filebeat-aws-cloudtrail.png
diff --git a/test/packages/aws/img/filebeat-aws-elb-overview.png b/test/packages/parallel/aws/img/filebeat-aws-elb-overview.png
similarity index 100%
rename from test/packages/aws/img/filebeat-aws-elb-overview.png
rename to test/packages/parallel/aws/img/filebeat-aws-elb-overview.png
diff --git a/test/packages/aws/img/filebeat-aws-s3access-overview.png b/test/packages/parallel/aws/img/filebeat-aws-s3access-overview.png
similarity index 100%
rename from test/packages/aws/img/filebeat-aws-s3access-overview.png
rename to test/packages/parallel/aws/img/filebeat-aws-s3access-overview.png
diff --git a/test/packages/aws/img/filebeat-aws-vpcflow-overview.png b/test/packages/parallel/aws/img/filebeat-aws-vpcflow-overview.png
similarity index 100%
rename from test/packages/aws/img/filebeat-aws-vpcflow-overview.png
rename to test/packages/parallel/aws/img/filebeat-aws-vpcflow-overview.png
diff --git a/test/packages/aws/img/logo_aws.svg b/test/packages/parallel/aws/img/logo_aws.svg
similarity index 100%
rename from test/packages/aws/img/logo_aws.svg
rename to test/packages/parallel/aws/img/logo_aws.svg
diff --git a/test/packages/aws/img/logo_billing.svg b/test/packages/parallel/aws/img/logo_billing.svg
similarity index 100%
rename from test/packages/aws/img/logo_billing.svg
rename to test/packages/parallel/aws/img/logo_billing.svg
diff --git a/test/packages/aws/img/logo_cloudtrail.svg b/test/packages/parallel/aws/img/logo_cloudtrail.svg
similarity index 100%
rename from test/packages/aws/img/logo_cloudtrail.svg
rename to test/packages/parallel/aws/img/logo_cloudtrail.svg
diff --git a/test/packages/aws/img/logo_cloudwatch.svg b/test/packages/parallel/aws/img/logo_cloudwatch.svg
similarity index 100%
rename from test/packages/aws/img/logo_cloudwatch.svg
rename to test/packages/parallel/aws/img/logo_cloudwatch.svg
diff --git a/test/packages/aws/img/logo_dynamodb.svg b/test/packages/parallel/aws/img/logo_dynamodb.svg
similarity index 100%
rename from test/packages/aws/img/logo_dynamodb.svg
rename to test/packages/parallel/aws/img/logo_dynamodb.svg
diff --git a/test/packages/aws/img/logo_ebs.svg b/test/packages/parallel/aws/img/logo_ebs.svg
similarity index 100%
rename from test/packages/aws/img/logo_ebs.svg
rename to test/packages/parallel/aws/img/logo_ebs.svg
diff --git a/test/packages/aws/img/logo_ec2.svg b/test/packages/parallel/aws/img/logo_ec2.svg
similarity index 100%
rename from test/packages/aws/img/logo_ec2.svg
rename to test/packages/parallel/aws/img/logo_ec2.svg
diff --git a/test/packages/aws/img/logo_elb.svg b/test/packages/parallel/aws/img/logo_elb.svg
similarity index 100%
rename from test/packages/aws/img/logo_elb.svg
rename to test/packages/parallel/aws/img/logo_elb.svg
diff --git a/test/packages/aws/img/logo_lambda.svg b/test/packages/parallel/aws/img/logo_lambda.svg
similarity index 100%
rename from test/packages/aws/img/logo_lambda.svg
rename to test/packages/parallel/aws/img/logo_lambda.svg
diff --git a/test/packages/aws/img/logo_natgateway.svg b/test/packages/parallel/aws/img/logo_natgateway.svg
similarity index 100%
rename from test/packages/aws/img/logo_natgateway.svg
rename to test/packages/parallel/aws/img/logo_natgateway.svg
diff --git a/test/packages/aws/img/logo_rds.svg b/test/packages/parallel/aws/img/logo_rds.svg
similarity index 100%
rename from test/packages/aws/img/logo_rds.svg
rename to test/packages/parallel/aws/img/logo_rds.svg
diff --git a/test/packages/aws/img/logo_s3.svg b/test/packages/parallel/aws/img/logo_s3.svg
similarity index 100%
rename from test/packages/aws/img/logo_s3.svg
rename to test/packages/parallel/aws/img/logo_s3.svg
diff --git a/test/packages/aws/img/logo_s3_storage_lens.svg b/test/packages/parallel/aws/img/logo_s3_storage_lens.svg
similarity index 100%
rename from test/packages/aws/img/logo_s3_storage_lens.svg
rename to test/packages/parallel/aws/img/logo_s3_storage_lens.svg
diff --git a/test/packages/aws/img/logo_sns.svg b/test/packages/parallel/aws/img/logo_sns.svg
similarity index 100%
rename from test/packages/aws/img/logo_sns.svg
rename to test/packages/parallel/aws/img/logo_sns.svg
diff --git a/test/packages/aws/img/logo_sqs.svg b/test/packages/parallel/aws/img/logo_sqs.svg
similarity index 100%
rename from test/packages/aws/img/logo_sqs.svg
rename to test/packages/parallel/aws/img/logo_sqs.svg
diff --git a/test/packages/aws/img/logo_transitgateway.svg b/test/packages/parallel/aws/img/logo_transitgateway.svg
similarity index 100%
rename from test/packages/aws/img/logo_transitgateway.svg
rename to test/packages/parallel/aws/img/logo_transitgateway.svg
diff --git a/test/packages/aws/img/logo_vpcflow.svg b/test/packages/parallel/aws/img/logo_vpcflow.svg
similarity index 100%
rename from test/packages/aws/img/logo_vpcflow.svg
rename to test/packages/parallel/aws/img/logo_vpcflow.svg
diff --git a/test/packages/aws/img/logo_vpn.svg b/test/packages/parallel/aws/img/logo_vpn.svg
similarity index 100%
rename from test/packages/aws/img/logo_vpn.svg
rename to test/packages/parallel/aws/img/logo_vpn.svg
diff --git a/test/packages/aws/img/logo_waf.svg b/test/packages/parallel/aws/img/logo_waf.svg
similarity index 100%
rename from test/packages/aws/img/logo_waf.svg
rename to test/packages/parallel/aws/img/logo_waf.svg
diff --git a/test/packages/aws/img/metricbeat-aws-billing-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-billing-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-billing-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-billing-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-dynamodb-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-dynamodb-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-dynamodb-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-dynamodb-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-ebs-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-ebs-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-ebs-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-ebs-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-ec2-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-ec2-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-ec2-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-ec2-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-elb-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-elb-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-elb-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-elb-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-lambda-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-lambda-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-lambda-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-lambda-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-rds-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-rds-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-rds-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-rds-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-s3-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-s3-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-s3-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-s3-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-s3-storage-lens-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-s3-storage-lens-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-s3-storage-lens-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-s3-storage-lens-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-sns-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-sns-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-sns-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-sns-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-sqs-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-sqs-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-sqs-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-sqs-overview.png
diff --git a/test/packages/aws/img/metricbeat-aws-usage-overview.png b/test/packages/parallel/aws/img/metricbeat-aws-usage-overview.png
similarity index 100%
rename from test/packages/aws/img/metricbeat-aws-usage-overview.png
rename to test/packages/parallel/aws/img/metricbeat-aws-usage-overview.png
diff --git a/test/packages/aws/kibana/dashboard/aws-0eb5a6a0-694f-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/dashboard/aws-0eb5a6a0-694f-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-0eb5a6a0-694f-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-0eb5a6a0-694f-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/dashboard/aws-15503340-4488-11ea-ad63-791a5dc86f10.json b/test/packages/parallel/aws/kibana/dashboard/aws-15503340-4488-11ea-ad63-791a5dc86f10.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-15503340-4488-11ea-ad63-791a5dc86f10.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-15503340-4488-11ea-ad63-791a5dc86f10.json
diff --git a/test/packages/aws/kibana/dashboard/aws-234aeda0-43b7-11e9-8697-530f39afc6eb.json b/test/packages/parallel/aws/kibana/dashboard/aws-234aeda0-43b7-11e9-8697-530f39afc6eb.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-234aeda0-43b7-11e9-8697-530f39afc6eb.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-234aeda0-43b7-11e9-8697-530f39afc6eb.json
diff --git a/test/packages/aws/kibana/dashboard/aws-3367c170-921f-11e9-aa19-159bf182e06f.json b/test/packages/parallel/aws/kibana/dashboard/aws-3367c170-921f-11e9-aa19-159bf182e06f.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-3367c170-921f-11e9-aa19-159bf182e06f.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-3367c170-921f-11e9-aa19-159bf182e06f.json
diff --git a/test/packages/aws/kibana/dashboard/aws-3af47420-3e7b-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/dashboard/aws-3af47420-3e7b-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-3af47420-3e7b-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-3af47420-3e7b-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/dashboard/aws-44ce4680-b7ba-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/dashboard/aws-44ce4680-b7ba-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-44ce4680-b7ba-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-44ce4680-b7ba-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/dashboard/aws-4746e000-bacd-11e9-9f70-1f7bda85a5eb.json b/test/packages/parallel/aws/kibana/dashboard/aws-4746e000-bacd-11e9-9f70-1f7bda85a5eb.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-4746e000-bacd-11e9-9f70-1f7bda85a5eb.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-4746e000-bacd-11e9-9f70-1f7bda85a5eb.json
diff --git a/test/packages/aws/kibana/dashboard/aws-67c9f900-693e-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/dashboard/aws-67c9f900-693e-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-67c9f900-693e-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-67c9f900-693e-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/dashboard/aws-68ba7bd0-20b6-11ea-8f72-2f8d21e50b0c.json b/test/packages/parallel/aws/kibana/dashboard/aws-68ba7bd0-20b6-11ea-8f72-2f8d21e50b0c.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-68ba7bd0-20b6-11ea-8f72-2f8d21e50b0c.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-68ba7bd0-20b6-11ea-8f72-2f8d21e50b0c.json
diff --git a/test/packages/aws/kibana/dashboard/aws-7ac8e1d0-28d2-11ea-ba6c-49a884eb104f.json b/test/packages/parallel/aws/kibana/dashboard/aws-7ac8e1d0-28d2-11ea-ba6c-49a884eb104f.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-7ac8e1d0-28d2-11ea-ba6c-49a884eb104f.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-7ac8e1d0-28d2-11ea-ba6c-49a884eb104f.json
diff --git a/test/packages/aws/kibana/dashboard/aws-80ed1380-41a6-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/dashboard/aws-80ed1380-41a6-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-80ed1380-41a6-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-80ed1380-41a6-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/dashboard/aws-917a07b0-178e-11ea-8650-fb606deb5be4.json b/test/packages/parallel/aws/kibana/dashboard/aws-917a07b0-178e-11ea-8650-fb606deb5be4.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-917a07b0-178e-11ea-8650-fb606deb5be4.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-917a07b0-178e-11ea-8650-fb606deb5be4.json
diff --git a/test/packages/aws/kibana/dashboard/aws-9c09cd20-7399-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/dashboard/aws-9c09cd20-7399-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-9c09cd20-7399-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-9c09cd20-7399-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/dashboard/aws-a096b830-4762-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/dashboard/aws-a096b830-4762-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-a096b830-4762-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-a096b830-4762-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/dashboard/aws-c2b1cbc0-6891-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/dashboard/aws-c2b1cbc0-6891-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-c2b1cbc0-6891-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-c2b1cbc0-6891-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/dashboard/aws-c5846400-f7fb-11e8-af03-c999c9dea608.json b/test/packages/parallel/aws/kibana/dashboard/aws-c5846400-f7fb-11e8-af03-c999c9dea608.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-c5846400-f7fb-11e8-af03-c999c9dea608.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-c5846400-f7fb-11e8-af03-c999c9dea608.json
diff --git a/test/packages/aws/kibana/dashboard/aws-d17b1000-17a4-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/dashboard/aws-d17b1000-17a4-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-d17b1000-17a4-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-d17b1000-17a4-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/dashboard/aws-e6776b10-1534-11ea-841c-01bf20a6c8ba.json b/test/packages/parallel/aws/kibana/dashboard/aws-e6776b10-1534-11ea-841c-01bf20a6c8ba.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-e6776b10-1534-11ea-841c-01bf20a6c8ba.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-e6776b10-1534-11ea-841c-01bf20a6c8ba.json
diff --git a/test/packages/aws/kibana/dashboard/aws-e74bf320-b3ce-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/dashboard/aws-e74bf320-b3ce-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-e74bf320-b3ce-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-e74bf320-b3ce-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/dashboard/aws-fac28650-7349-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/dashboard/aws-fac28650-7349-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/dashboard/aws-fac28650-7349-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/dashboard/aws-fac28650-7349-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/lens/aws-0d511340-41a1-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-0d511340-41a1-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-0d511340-41a1-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-0d511340-41a1-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-1a1508a0-41a8-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-1a1508a0-41a8-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-1a1508a0-41a8-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-1a1508a0-41a8-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-30e707b0-41a1-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-30e707b0-41a1-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-30e707b0-41a1-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-30e707b0-41a1-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-30fd4e40-f0a1-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-30fd4e40-f0a1-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-30fd4e40-f0a1-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-30fd4e40-f0a1-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-352dd3f0-41b3-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-352dd3f0-41b3-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-352dd3f0-41b3-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-352dd3f0-41b3-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-41e37710-f09d-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-41e37710-f09d-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-41e37710-f09d-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-41e37710-f09d-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-6445e130-41b5-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-6445e130-41b5-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-6445e130-41b5-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-6445e130-41b5-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-68f36fb0-f0a0-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-68f36fb0-f0a0-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-68f36fb0-f0a0-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-68f36fb0-f0a0-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-7543b3e0-41b5-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-7543b3e0-41b5-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-7543b3e0-41b5-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-7543b3e0-41b5-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-8560b400-f096-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-8560b400-f096-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-8560b400-f096-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-8560b400-f096-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-8614f2f0-41a2-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-8614f2f0-41a2-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-8614f2f0-41a2-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-8614f2f0-41a2-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-8721fb80-41b5-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-8721fb80-41b5-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-8721fb80-41b5-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-8721fb80-41b5-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-8d42b050-41a5-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-8d42b050-41a5-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-8d42b050-41a5-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-8d42b050-41a5-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-955b2000-41a1-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-955b2000-41a1-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-955b2000-41a1-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-955b2000-41a1-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-9a64ca30-427b-11ec-9b39-b9df88395505.json b/test/packages/parallel/aws/kibana/lens/aws-9a64ca30-427b-11ec-9b39-b9df88395505.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-9a64ca30-427b-11ec-9b39-b9df88395505.json
rename to test/packages/parallel/aws/kibana/lens/aws-9a64ca30-427b-11ec-9b39-b9df88395505.json
diff --git a/test/packages/aws/kibana/lens/aws-9fb44b60-41b2-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-9fb44b60-41b2-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-9fb44b60-41b2-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-9fb44b60-41b2-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-b0077d10-f09b-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-b0077d10-f09b-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-b0077d10-f09b-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-b0077d10-f09b-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-bbc80900-f09e-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-bbc80900-f09e-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-bbc80900-f09e-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-bbc80900-f09e-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-c4419a90-f091-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-c4419a90-f091-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-c4419a90-f091-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-c4419a90-f091-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-cd0300c0-41a8-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-cd0300c0-41a8-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-cd0300c0-41a8-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-cd0300c0-41a8-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-d33fa860-41a0-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-d33fa860-41a0-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-d33fa860-41a0-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-d33fa860-41a0-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-ed494970-41b2-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-ed494970-41b2-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-ed494970-41b2-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-ed494970-41b2-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-f757eba0-f0a0-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-f757eba0-f0a0-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-f757eba0-f0a0-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-f757eba0-f0a0-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/lens/aws-f8d829f0-41a8-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/lens/aws-f8d829f0-41a8-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-f8d829f0-41a8-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/lens/aws-f8d829f0-41a8-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/lens/aws-f9ff3450-f094-11eb-b61f-a53cb4913361.json b/test/packages/parallel/aws/kibana/lens/aws-f9ff3450-f094-11eb-b61f-a53cb4913361.json
similarity index 100%
rename from test/packages/aws/kibana/lens/aws-f9ff3450-f094-11eb-b61f-a53cb4913361.json
rename to test/packages/parallel/aws/kibana/lens/aws-f9ff3450-f094-11eb-b61f-a53cb4913361.json
diff --git a/test/packages/aws/kibana/map/aws-0edf0640-3e7e-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/map/aws-0edf0640-3e7e-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/map/aws-0edf0640-3e7e-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/map/aws-0edf0640-3e7e-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/map/aws-513a3d70-4482-11ea-ad63-791a5dc86f10.json b/test/packages/parallel/aws/kibana/map/aws-513a3d70-4482-11ea-ad63-791a5dc86f10.json
similarity index 100%
rename from test/packages/aws/kibana/map/aws-513a3d70-4482-11ea-ad63-791a5dc86f10.json
rename to test/packages/parallel/aws/kibana/map/aws-513a3d70-4482-11ea-ad63-791a5dc86f10.json
diff --git a/test/packages/aws/kibana/map/aws-dae24080-739a-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/map/aws-dae24080-739a-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/map/aws-dae24080-739a-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/map/aws-dae24080-739a-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/search/aws-30ccde50-7397-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/search/aws-30ccde50-7397-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/search/aws-30ccde50-7397-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/search/aws-30ccde50-7397-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/search/aws-5e5a3c90-bac0-11e9-9f70-1f7bda85a5eb.json b/test/packages/parallel/aws/kibana/search/aws-5e5a3c90-bac0-11e9-9f70-1f7bda85a5eb.json
similarity index 100%
rename from test/packages/aws/kibana/search/aws-5e5a3c90-bac0-11e9-9f70-1f7bda85a5eb.json
rename to test/packages/parallel/aws/kibana/search/aws-5e5a3c90-bac0-11e9-9f70-1f7bda85a5eb.json
diff --git a/test/packages/aws/kibana/search/aws-c1aee600-4487-11ea-ad63-791a5dc86f10.json b/test/packages/parallel/aws/kibana/search/aws-c1aee600-4487-11ea-ad63-791a5dc86f10.json
similarity index 100%
rename from test/packages/aws/kibana/search/aws-c1aee600-4487-11ea-ad63-791a5dc86f10.json
rename to test/packages/parallel/aws/kibana/search/aws-c1aee600-4487-11ea-ad63-791a5dc86f10.json
diff --git a/test/packages/aws/kibana/visualization/aws-007ceec0-694c-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-007ceec0-694c-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-007ceec0-694c-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-007ceec0-694c-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-00b29040-921d-11e9-aa19-159bf182e06f.json b/test/packages/parallel/aws/kibana/visualization/aws-00b29040-921d-11e9-aa19-159bf182e06f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-00b29040-921d-11e9-aa19-159bf182e06f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-00b29040-921d-11e9-aa19-159bf182e06f.json
diff --git a/test/packages/aws/kibana/visualization/aws-01ed5990-694a-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-01ed5990-694a-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-01ed5990-694a-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-01ed5990-694a-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-08645080-6891-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-08645080-6891-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-08645080-6891-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-08645080-6891-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-09857a20-180f-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-09857a20-180f-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-09857a20-180f-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-09857a20-180f-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-09db13f0-2bdd-11e9-9fe1-cde861544141.json b/test/packages/parallel/aws/kibana/visualization/aws-09db13f0-2bdd-11e9-9fe1-cde861544141.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-09db13f0-2bdd-11e9-9fe1-cde861544141.json
rename to test/packages/parallel/aws/kibana/visualization/aws-09db13f0-2bdd-11e9-9fe1-cde861544141.json
diff --git a/test/packages/aws/kibana/visualization/aws-0a36b590-694c-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-0a36b590-694c-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-0a36b590-694c-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-0a36b590-694c-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-0f056420-739e-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/visualization/aws-0f056420-739e-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-0f056420-739e-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/visualization/aws-0f056420-739e-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/visualization/aws-10e0f270-694c-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-10e0f270-694c-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-10e0f270-694c-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-10e0f270-694c-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-11f4e0d0-42a9-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-11f4e0d0-42a9-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-11f4e0d0-42a9-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-11f4e0d0-42a9-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-1235fe50-41e7-11e9-b7a0-c99d9d127b61.json b/test/packages/parallel/aws/kibana/visualization/aws-1235fe50-41e7-11e9-b7a0-c99d9d127b61.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-1235fe50-41e7-11e9-b7a0-c99d9d127b61.json
rename to test/packages/parallel/aws/kibana/visualization/aws-1235fe50-41e7-11e9-b7a0-c99d9d127b61.json
diff --git a/test/packages/aws/kibana/visualization/aws-128fd450-734e-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-128fd450-734e-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-128fd450-734e-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-128fd450-734e-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-12eff7e0-b7b9-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-12eff7e0-b7b9-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-12eff7e0-b7b9-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-12eff7e0-b7b9-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-13e624c0-180e-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-13e624c0-180e-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-13e624c0-180e-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-13e624c0-180e-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-142ad600-693b-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-142ad600-693b-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-142ad600-693b-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-142ad600-693b-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-15818fd0-f7f9-11e8-af03-c999c9dea608.json b/test/packages/parallel/aws/kibana/visualization/aws-15818fd0-f7f9-11e8-af03-c999c9dea608.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-15818fd0-f7f9-11e8-af03-c999c9dea608.json
rename to test/packages/parallel/aws/kibana/visualization/aws-15818fd0-f7f9-11e8-af03-c999c9dea608.json
diff --git a/test/packages/aws/kibana/visualization/aws-17fcda50-921b-11e9-aa19-159bf182e06f.json b/test/packages/parallel/aws/kibana/visualization/aws-17fcda50-921b-11e9-aa19-159bf182e06f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-17fcda50-921b-11e9-aa19-159bf182e06f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-17fcda50-921b-11e9-aa19-159bf182e06f.json
diff --git a/test/packages/aws/kibana/visualization/aws-1f3f00c0-28d1-11ea-ba6c-49a884eb104f.json b/test/packages/parallel/aws/kibana/visualization/aws-1f3f00c0-28d1-11ea-ba6c-49a884eb104f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-1f3f00c0-28d1-11ea-ba6c-49a884eb104f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-1f3f00c0-28d1-11ea-ba6c-49a884eb104f.json
diff --git a/test/packages/aws/kibana/visualization/aws-1f528f50-b3ce-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-1f528f50-b3ce-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-1f528f50-b3ce-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-1f528f50-b3ce-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-219c1850-3e82-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-219c1850-3e82-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-219c1850-3e82-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-219c1850-3e82-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-21f30090-b3ca-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-21f30090-b3ca-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-21f30090-b3ca-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-21f30090-b3ca-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-233b3400-f7f9-11e8-af03-c999c9dea608.json b/test/packages/parallel/aws/kibana/visualization/aws-233b3400-f7f9-11e8-af03-c999c9dea608.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-233b3400-f7f9-11e8-af03-c999c9dea608.json
rename to test/packages/parallel/aws/kibana/visualization/aws-233b3400-f7f9-11e8-af03-c999c9dea608.json
diff --git a/test/packages/aws/kibana/visualization/aws-247e2990-4699-11ea-ad63-791a5dc86f10.json b/test/packages/parallel/aws/kibana/visualization/aws-247e2990-4699-11ea-ad63-791a5dc86f10.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-247e2990-4699-11ea-ad63-791a5dc86f10.json
rename to test/packages/parallel/aws/kibana/visualization/aws-247e2990-4699-11ea-ad63-791a5dc86f10.json
diff --git a/test/packages/aws/kibana/visualization/aws-25384bf0-b7b9-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-25384bf0-b7b9-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-25384bf0-b7b9-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-25384bf0-b7b9-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-26b73e50-6943-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-26b73e50-6943-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-26b73e50-6943-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-26b73e50-6943-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-2929edb0-178e-11ea-8650-fb606deb5be4.json b/test/packages/parallel/aws/kibana/visualization/aws-2929edb0-178e-11ea-8650-fb606deb5be4.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-2929edb0-178e-11ea-8650-fb606deb5be4.json
rename to test/packages/parallel/aws/kibana/visualization/aws-2929edb0-178e-11ea-8650-fb606deb5be4.json
diff --git a/test/packages/aws/kibana/visualization/aws-2b2d58b0-4762-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/visualization/aws-2b2d58b0-4762-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-2b2d58b0-4762-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/visualization/aws-2b2d58b0-4762-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/visualization/aws-2dbb8f90-4760-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/visualization/aws-2dbb8f90-4760-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-2dbb8f90-4760-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/visualization/aws-2dbb8f90-4760-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/visualization/aws-2e265070-42a6-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-2e265070-42a6-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-2e265070-42a6-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-2e265070-42a6-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-2ee7f420-6943-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-2ee7f420-6943-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-2ee7f420-6943-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-2ee7f420-6943-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-31a4ea90-152b-11ea-841c-01bf20a6c8ba.json b/test/packages/parallel/aws/kibana/visualization/aws-31a4ea90-152b-11ea-841c-01bf20a6c8ba.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-31a4ea90-152b-11ea-841c-01bf20a6c8ba.json
rename to test/packages/parallel/aws/kibana/visualization/aws-31a4ea90-152b-11ea-841c-01bf20a6c8ba.json
diff --git a/test/packages/aws/kibana/visualization/aws-31ad4090-2003-11ea-8f72-2f8d21e50b0c.json b/test/packages/parallel/aws/kibana/visualization/aws-31ad4090-2003-11ea-8f72-2f8d21e50b0c.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-31ad4090-2003-11ea-8f72-2f8d21e50b0c.json
rename to test/packages/parallel/aws/kibana/visualization/aws-31ad4090-2003-11ea-8f72-2f8d21e50b0c.json
diff --git a/test/packages/aws/kibana/visualization/aws-37aeedc0-42a9-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-37aeedc0-42a9-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-37aeedc0-42a9-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-37aeedc0-42a9-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-396089c0-7399-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/visualization/aws-396089c0-7399-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-396089c0-7399-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/visualization/aws-396089c0-7399-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/visualization/aws-398d12d0-7352-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-398d12d0-7352-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-398d12d0-7352-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-398d12d0-7352-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-39dfc8d0-28cf-11ea-ba6c-49a884eb104f.json b/test/packages/parallel/aws/kibana/visualization/aws-39dfc8d0-28cf-11ea-ba6c-49a884eb104f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-39dfc8d0-28cf-11ea-ba6c-49a884eb104f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-39dfc8d0-28cf-11ea-ba6c-49a884eb104f.json
diff --git a/test/packages/aws/kibana/visualization/aws-3a3914d0-4761-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/visualization/aws-3a3914d0-4761-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-3a3914d0-4761-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/visualization/aws-3a3914d0-4761-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/visualization/aws-3c08b9b0-42a3-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-3c08b9b0-42a3-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-3c08b9b0-42a3-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-3c08b9b0-42a3-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-3dee68c0-7b0c-11ea-9bb4-e958b64b5685.json b/test/packages/parallel/aws/kibana/visualization/aws-3dee68c0-7b0c-11ea-9bb4-e958b64b5685.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-3dee68c0-7b0c-11ea-9bb4-e958b64b5685.json
rename to test/packages/parallel/aws/kibana/visualization/aws-3dee68c0-7b0c-11ea-9bb4-e958b64b5685.json
diff --git a/test/packages/aws/kibana/visualization/aws-415fed40-694f-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-415fed40-694f-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-415fed40-694f-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-415fed40-694f-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-41f5aaf0-42ac-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-41f5aaf0-42ac-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-41f5aaf0-42ac-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-41f5aaf0-42ac-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-42016bf0-728f-11e9-9a7b-4d62d5bcf4fc.json b/test/packages/parallel/aws/kibana/visualization/aws-42016bf0-728f-11e9-9a7b-4d62d5bcf4fc.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-42016bf0-728f-11e9-9a7b-4d62d5bcf4fc.json
rename to test/packages/parallel/aws/kibana/visualization/aws-42016bf0-728f-11e9-9a7b-4d62d5bcf4fc.json
diff --git a/test/packages/aws/kibana/visualization/aws-4658f540-734a-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-4658f540-734a-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-4658f540-734a-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-4658f540-734a-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-49379b70-7b07-11ea-9bb4-e958b64b5685.json b/test/packages/parallel/aws/kibana/visualization/aws-49379b70-7b07-11ea-9bb4-e958b64b5685.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-49379b70-7b07-11ea-9bb4-e958b64b5685.json
rename to test/packages/parallel/aws/kibana/visualization/aws-49379b70-7b07-11ea-9bb4-e958b64b5685.json
diff --git a/test/packages/aws/kibana/visualization/aws-4bf0a740-28d1-11ea-ba6c-49a884eb104f.json b/test/packages/parallel/aws/kibana/visualization/aws-4bf0a740-28d1-11ea-ba6c-49a884eb104f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-4bf0a740-28d1-11ea-ba6c-49a884eb104f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-4bf0a740-28d1-11ea-ba6c-49a884eb104f.json
diff --git a/test/packages/aws/kibana/visualization/aws-4bf62a10-8310-11e9-ac83-47df3568ff90.json b/test/packages/parallel/aws/kibana/visualization/aws-4bf62a10-8310-11e9-ac83-47df3568ff90.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-4bf62a10-8310-11e9-ac83-47df3568ff90.json
rename to test/packages/parallel/aws/kibana/visualization/aws-4bf62a10-8310-11e9-ac83-47df3568ff90.json
diff --git a/test/packages/aws/kibana/visualization/aws-4c23e4c0-739a-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/visualization/aws-4c23e4c0-739a-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-4c23e4c0-739a-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/visualization/aws-4c23e4c0-739a-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/visualization/aws-526a1ba0-42a7-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-526a1ba0-42a7-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-526a1ba0-42a7-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-526a1ba0-42a7-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-53730d20-437e-11e9-8697-530f39afc6eb.json b/test/packages/parallel/aws/kibana/visualization/aws-53730d20-437e-11e9-8697-530f39afc6eb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-53730d20-437e-11e9-8697-530f39afc6eb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-53730d20-437e-11e9-8697-530f39afc6eb.json
diff --git a/test/packages/aws/kibana/visualization/aws-54e88a40-734e-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-54e88a40-734e-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-54e88a40-734e-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-54e88a40-734e-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-572d40e0-b3ca-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-572d40e0-b3ca-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-572d40e0-b3ca-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-572d40e0-b3ca-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-57b610a0-41ad-11ec-a605-bff67d9b7872.json b/test/packages/parallel/aws/kibana/visualization/aws-57b610a0-41ad-11ec-a605-bff67d9b7872.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-57b610a0-41ad-11ec-a605-bff67d9b7872.json
rename to test/packages/parallel/aws/kibana/visualization/aws-57b610a0-41ad-11ec-a605-bff67d9b7872.json
diff --git a/test/packages/aws/kibana/visualization/aws-58e17c10-7349-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-58e17c10-7349-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-58e17c10-7349-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-58e17c10-7349-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-58f5a3c0-6943-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-58f5a3c0-6943-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-58f5a3c0-6943-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-58f5a3c0-6943-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-59defc90-17a5-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-59defc90-17a5-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-59defc90-17a5-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-59defc90-17a5-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-59e2e110-178d-11ea-8650-fb606deb5be4.json b/test/packages/parallel/aws/kibana/visualization/aws-59e2e110-178d-11ea-8650-fb606deb5be4.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-59e2e110-178d-11ea-8650-fb606deb5be4.json
rename to test/packages/parallel/aws/kibana/visualization/aws-59e2e110-178d-11ea-8650-fb606deb5be4.json
diff --git a/test/packages/aws/kibana/visualization/aws-5c586e80-427c-11ec-9b39-b9df88395505.json b/test/packages/parallel/aws/kibana/visualization/aws-5c586e80-427c-11ec-9b39-b9df88395505.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-5c586e80-427c-11ec-9b39-b9df88395505.json
rename to test/packages/parallel/aws/kibana/visualization/aws-5c586e80-427c-11ec-9b39-b9df88395505.json
diff --git a/test/packages/aws/kibana/visualization/aws-5c93cd10-bac3-11e9-9f70-1f7bda85a5eb.json b/test/packages/parallel/aws/kibana/visualization/aws-5c93cd10-bac3-11e9-9f70-1f7bda85a5eb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-5c93cd10-bac3-11e9-9f70-1f7bda85a5eb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-5c93cd10-bac3-11e9-9f70-1f7bda85a5eb.json
diff --git a/test/packages/aws/kibana/visualization/aws-6392bc30-b3c9-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-6392bc30-b3c9-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-6392bc30-b3c9-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-6392bc30-b3c9-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-67f43080-b7b9-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-67f43080-b7b9-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-67f43080-b7b9-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-67f43080-b7b9-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-681aab60-178c-11ea-8650-fb606deb5be4.json b/test/packages/parallel/aws/kibana/visualization/aws-681aab60-178c-11ea-8650-fb606deb5be4.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-681aab60-178c-11ea-8650-fb606deb5be4.json
rename to test/packages/parallel/aws/kibana/visualization/aws-681aab60-178c-11ea-8650-fb606deb5be4.json
diff --git a/test/packages/aws/kibana/visualization/aws-68970b10-6890-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-68970b10-6890-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-68970b10-6890-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-68970b10-6890-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-6e3285d0-4763-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/visualization/aws-6e3285d0-4763-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-6e3285d0-4763-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/visualization/aws-6e3285d0-4763-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/visualization/aws-6f7f7680-180c-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-6f7f7680-180c-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-6f7f7680-180c-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-6f7f7680-180c-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-6fc1efd0-b3c9-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-6fc1efd0-b3c9-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-6fc1efd0-b3c9-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-6fc1efd0-b3c9-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-73970bc0-3e86-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-73970bc0-3e86-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-73970bc0-3e86-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-73970bc0-3e86-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-749cd470-1530-11ea-841c-01bf20a6c8ba.json b/test/packages/parallel/aws/kibana/visualization/aws-749cd470-1530-11ea-841c-01bf20a6c8ba.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-749cd470-1530-11ea-841c-01bf20a6c8ba.json
rename to test/packages/parallel/aws/kibana/visualization/aws-749cd470-1530-11ea-841c-01bf20a6c8ba.json
diff --git a/test/packages/aws/kibana/visualization/aws-75853f20-4484-11ea-ad63-791a5dc86f10.json b/test/packages/parallel/aws/kibana/visualization/aws-75853f20-4484-11ea-ad63-791a5dc86f10.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-75853f20-4484-11ea-ad63-791a5dc86f10.json
rename to test/packages/parallel/aws/kibana/visualization/aws-75853f20-4484-11ea-ad63-791a5dc86f10.json
diff --git a/test/packages/aws/kibana/visualization/aws-7593a130-427c-11ec-9b39-b9df88395505.json b/test/packages/parallel/aws/kibana/visualization/aws-7593a130-427c-11ec-9b39-b9df88395505.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-7593a130-427c-11ec-9b39-b9df88395505.json
rename to test/packages/parallel/aws/kibana/visualization/aws-7593a130-427c-11ec-9b39-b9df88395505.json
diff --git a/test/packages/aws/kibana/visualization/aws-75ebfda0-1789-11ea-8650-fb606deb5be4.json b/test/packages/parallel/aws/kibana/visualization/aws-75ebfda0-1789-11ea-8650-fb606deb5be4.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-75ebfda0-1789-11ea-8650-fb606deb5be4.json
rename to test/packages/parallel/aws/kibana/visualization/aws-75ebfda0-1789-11ea-8650-fb606deb5be4.json
diff --git a/test/packages/aws/kibana/visualization/aws-76af8140-3e84-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-76af8140-3e84-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-76af8140-3e84-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-76af8140-3e84-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-7b93bab0-7b0a-11ea-9bb4-e958b64b5685.json b/test/packages/parallel/aws/kibana/visualization/aws-7b93bab0-7b0a-11ea-9bb4-e958b64b5685.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-7b93bab0-7b0a-11ea-9bb4-e958b64b5685.json
rename to test/packages/parallel/aws/kibana/visualization/aws-7b93bab0-7b0a-11ea-9bb4-e958b64b5685.json
diff --git a/test/packages/aws/kibana/visualization/aws-7bca4f50-739c-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/visualization/aws-7bca4f50-739c-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-7bca4f50-739c-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/visualization/aws-7bca4f50-739c-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/visualization/aws-7d1e0870-7a3f-11ea-bfa4-dfea8c457654.json b/test/packages/parallel/aws/kibana/visualization/aws-7d1e0870-7a3f-11ea-bfa4-dfea8c457654.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-7d1e0870-7a3f-11ea-bfa4-dfea8c457654.json
rename to test/packages/parallel/aws/kibana/visualization/aws-7d1e0870-7a3f-11ea-bfa4-dfea8c457654.json
diff --git a/test/packages/aws/kibana/visualization/aws-7dd7fab0-42ab-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-7dd7fab0-42ab-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-7dd7fab0-42ab-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-7dd7fab0-42ab-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-81d83c70-4762-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/visualization/aws-81d83c70-4762-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-81d83c70-4762-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/visualization/aws-81d83c70-4762-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/visualization/aws-82b8f4a0-427c-11ec-9b39-b9df88395505.json b/test/packages/parallel/aws/kibana/visualization/aws-82b8f4a0-427c-11ec-9b39-b9df88395505.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-82b8f4a0-427c-11ec-9b39-b9df88395505.json
rename to test/packages/parallel/aws/kibana/visualization/aws-82b8f4a0-427c-11ec-9b39-b9df88395505.json
diff --git a/test/packages/aws/kibana/visualization/aws-8345d580-6891-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-8345d580-6891-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-8345d580-6891-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-8345d580-6891-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-83f08eb0-1532-11ea-841c-01bf20a6c8ba.json b/test/packages/parallel/aws/kibana/visualization/aws-83f08eb0-1532-11ea-841c-01bf20a6c8ba.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-83f08eb0-1532-11ea-841c-01bf20a6c8ba.json
rename to test/packages/parallel/aws/kibana/visualization/aws-83f08eb0-1532-11ea-841c-01bf20a6c8ba.json
diff --git a/test/packages/aws/kibana/visualization/aws-8b34a100-4762-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/visualization/aws-8b34a100-4762-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-8b34a100-4762-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/visualization/aws-8b34a100-4762-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/visualization/aws-8b8a7f80-921c-11e9-aa19-159bf182e06f.json b/test/packages/parallel/aws/kibana/visualization/aws-8b8a7f80-921c-11e9-aa19-159bf182e06f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-8b8a7f80-921c-11e9-aa19-159bf182e06f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-8b8a7f80-921c-11e9-aa19-159bf182e06f.json
diff --git a/test/packages/aws/kibana/visualization/aws-8cf5fbe0-7b07-11ea-9bb4-e958b64b5685.json b/test/packages/parallel/aws/kibana/visualization/aws-8cf5fbe0-7b07-11ea-9bb4-e958b64b5685.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-8cf5fbe0-7b07-11ea-9bb4-e958b64b5685.json
rename to test/packages/parallel/aws/kibana/visualization/aws-8cf5fbe0-7b07-11ea-9bb4-e958b64b5685.json
diff --git a/test/packages/aws/kibana/visualization/aws-8ec43590-739b-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/visualization/aws-8ec43590-739b-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-8ec43590-739b-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/visualization/aws-8ec43590-739b-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/visualization/aws-9121ac90-734d-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-9121ac90-734d-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-9121ac90-734d-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-9121ac90-734d-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-915bcd50-28d1-11ea-ba6c-49a884eb104f.json b/test/packages/parallel/aws/kibana/visualization/aws-915bcd50-28d1-11ea-ba6c-49a884eb104f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-915bcd50-28d1-11ea-ba6c-49a884eb104f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-915bcd50-28d1-11ea-ba6c-49a884eb104f.json
diff --git a/test/packages/aws/kibana/visualization/aws-9202d1a0-178c-11ea-8650-fb606deb5be4.json b/test/packages/parallel/aws/kibana/visualization/aws-9202d1a0-178c-11ea-8650-fb606deb5be4.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-9202d1a0-178c-11ea-8650-fb606deb5be4.json
rename to test/packages/parallel/aws/kibana/visualization/aws-9202d1a0-178c-11ea-8650-fb606deb5be4.json
diff --git a/test/packages/aws/kibana/visualization/aws-95b322f0-734a-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-95b322f0-734a-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-95b322f0-734a-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-95b322f0-734a-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-966ae990-d979-11e9-9458-bbef63ad717b.json b/test/packages/parallel/aws/kibana/visualization/aws-966ae990-d979-11e9-9458-bbef63ad717b.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-966ae990-d979-11e9-9458-bbef63ad717b.json
rename to test/packages/parallel/aws/kibana/visualization/aws-966ae990-d979-11e9-9458-bbef63ad717b.json
diff --git a/test/packages/aws/kibana/visualization/aws-96834640-42a7-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-96834640-42a7-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-96834640-42a7-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-96834640-42a7-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-99ffdb00-bacb-11e9-9f70-1f7bda85a5eb.json b/test/packages/parallel/aws/kibana/visualization/aws-99ffdb00-bacb-11e9-9f70-1f7bda85a5eb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-99ffdb00-bacb-11e9-9f70-1f7bda85a5eb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-99ffdb00-bacb-11e9-9f70-1f7bda85a5eb.json
diff --git a/test/packages/aws/kibana/visualization/aws-9bf8e1e0-6890-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-9bf8e1e0-6890-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-9bf8e1e0-6890-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-9bf8e1e0-6890-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-9d284bc0-7b08-11ea-9bb4-e958b64b5685.json b/test/packages/parallel/aws/kibana/visualization/aws-9d284bc0-7b08-11ea-9bb4-e958b64b5685.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-9d284bc0-7b08-11ea-9bb4-e958b64b5685.json
rename to test/packages/parallel/aws/kibana/visualization/aws-9d284bc0-7b08-11ea-9bb4-e958b64b5685.json
diff --git a/test/packages/aws/kibana/visualization/aws-9e8c6030-f7f8-11e8-af03-c999c9dea608.json b/test/packages/parallel/aws/kibana/visualization/aws-9e8c6030-f7f8-11e8-af03-c999c9dea608.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-9e8c6030-f7f8-11e8-af03-c999c9dea608.json
rename to test/packages/parallel/aws/kibana/visualization/aws-9e8c6030-f7f8-11e8-af03-c999c9dea608.json
diff --git a/test/packages/aws/kibana/visualization/aws-9f0425c0-7b0a-11ea-9bb4-e958b64b5685.json b/test/packages/parallel/aws/kibana/visualization/aws-9f0425c0-7b0a-11ea-9bb4-e958b64b5685.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-9f0425c0-7b0a-11ea-9bb4-e958b64b5685.json
rename to test/packages/parallel/aws/kibana/visualization/aws-9f0425c0-7b0a-11ea-9bb4-e958b64b5685.json
diff --git a/test/packages/aws/kibana/visualization/aws-a1670af0-42a3-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-a1670af0-42a3-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-a1670af0-42a3-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-a1670af0-42a3-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-abdc7480-180b-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-abdc7480-180b-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-abdc7480-180b-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-abdc7480-180b-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-b00c4390-b7b8-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-b00c4390-b7b8-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b00c4390-b7b8-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b00c4390-b7b8-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-b0afd3e0-43b7-11e9-8697-530f39afc6eb.json b/test/packages/parallel/aws/kibana/visualization/aws-b0afd3e0-43b7-11e9-8697-530f39afc6eb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b0afd3e0-43b7-11e9-8697-530f39afc6eb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b0afd3e0-43b7-11e9-8697-530f39afc6eb.json
diff --git a/test/packages/aws/kibana/visualization/aws-b2191dd0-734c-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-b2191dd0-734c-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b2191dd0-734c-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b2191dd0-734c-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-b2ea15a0-b3c7-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-b2ea15a0-b3c7-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b2ea15a0-b3c7-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b2ea15a0-b3c7-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-b36532e0-688e-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-b36532e0-688e-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b36532e0-688e-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b36532e0-688e-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-b403f7b0-7b15-11ea-9bb4-e958b64b5685.json b/test/packages/parallel/aws/kibana/visualization/aws-b403f7b0-7b15-11ea-9bb4-e958b64b5685.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b403f7b0-7b15-11ea-9bb4-e958b64b5685.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b403f7b0-7b15-11ea-9bb4-e958b64b5685.json
diff --git a/test/packages/aws/kibana/visualization/aws-b5308940-7347-11e9-816b-07687310a99a.json b/test/packages/parallel/aws/kibana/visualization/aws-b5308940-7347-11e9-816b-07687310a99a.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b5308940-7347-11e9-816b-07687310a99a.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b5308940-7347-11e9-816b-07687310a99a.json
diff --git a/test/packages/aws/kibana/visualization/aws-b6a308f0-3e82-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-b6a308f0-3e82-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b6a308f0-3e82-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b6a308f0-3e82-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-b7f8bf90-180f-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-b7f8bf90-180f-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b7f8bf90-180f-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b7f8bf90-180f-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-b9703dd0-b3c9-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-b9703dd0-b3c9-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-b9703dd0-b3c9-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-b9703dd0-b3c9-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-bad8c910-4485-11ea-ad63-791a5dc86f10.json b/test/packages/parallel/aws/kibana/visualization/aws-bad8c910-4485-11ea-ad63-791a5dc86f10.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bad8c910-4485-11ea-ad63-791a5dc86f10.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bad8c910-4485-11ea-ad63-791a5dc86f10.json
diff --git a/test/packages/aws/kibana/visualization/aws-bb3a6cd0-b7b6-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-bb3a6cd0-b7b6-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bb3a6cd0-b7b6-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bb3a6cd0-b7b6-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-bb82c4d0-6c25-11e9-81bc-7f4cd8b3d892.json b/test/packages/parallel/aws/kibana/visualization/aws-bb82c4d0-6c25-11e9-81bc-7f4cd8b3d892.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bb82c4d0-6c25-11e9-81bc-7f4cd8b3d892.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bb82c4d0-6c25-11e9-81bc-7f4cd8b3d892.json
diff --git a/test/packages/aws/kibana/visualization/aws-bc5dcc90-688e-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-bc5dcc90-688e-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bc5dcc90-688e-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bc5dcc90-688e-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-bc8bd8f0-31fd-11ea-bcbf-59cb7eefc1f0.json b/test/packages/parallel/aws/kibana/visualization/aws-bc8bd8f0-31fd-11ea-bcbf-59cb7eefc1f0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bc8bd8f0-31fd-11ea-bcbf-59cb7eefc1f0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bc8bd8f0-31fd-11ea-bcbf-59cb7eefc1f0.json
diff --git a/test/packages/aws/kibana/visualization/aws-bd37d720-3e84-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-bd37d720-3e84-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bd37d720-3e84-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bd37d720-3e84-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-bdb8ddd0-6890-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-bdb8ddd0-6890-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bdb8ddd0-6890-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bdb8ddd0-6890-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-be6c4180-41e6-11e9-b7a0-c99d9d127b61.json b/test/packages/parallel/aws/kibana/visualization/aws-be6c4180-41e6-11e9-b7a0-c99d9d127b61.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-be6c4180-41e6-11e9-b7a0-c99d9d127b61.json
rename to test/packages/parallel/aws/kibana/visualization/aws-be6c4180-41e6-11e9-b7a0-c99d9d127b61.json
diff --git a/test/packages/aws/kibana/visualization/aws-be8828d0-f7f6-11e8-af03-c999c9dea608.json b/test/packages/parallel/aws/kibana/visualization/aws-be8828d0-f7f6-11e8-af03-c999c9dea608.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-be8828d0-f7f6-11e8-af03-c999c9dea608.json
rename to test/packages/parallel/aws/kibana/visualization/aws-be8828d0-f7f6-11e8-af03-c999c9dea608.json
diff --git a/test/packages/aws/kibana/visualization/aws-bf81e030-180e-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-bf81e030-180e-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-bf81e030-180e-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-bf81e030-180e-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-c0e32d50-b7b8-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-c0e32d50-b7b8-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c0e32d50-b7b8-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c0e32d50-b7b8-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-c186b610-688d-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-c186b610-688d-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c186b610-688d-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c186b610-688d-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-c1afd130-921e-11e9-aa19-159bf182e06f.json b/test/packages/parallel/aws/kibana/visualization/aws-c1afd130-921e-11e9-aa19-159bf182e06f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c1afd130-921e-11e9-aa19-159bf182e06f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c1afd130-921e-11e9-aa19-159bf182e06f.json
diff --git a/test/packages/aws/kibana/visualization/aws-c1db9b80-694b-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-c1db9b80-694b-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c1db9b80-694b-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c1db9b80-694b-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-c4a82470-42aa-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-c4a82470-42aa-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c4a82470-42aa-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c4a82470-42aa-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-c631dc40-42ab-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-c631dc40-42ab-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c631dc40-42ab-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c631dc40-42ab-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-c7d6cf90-688e-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-c7d6cf90-688e-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c7d6cf90-688e-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c7d6cf90-688e-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-c84ed3d0-6890-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-c84ed3d0-6890-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-c84ed3d0-6890-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-c84ed3d0-6890-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-cc3a1950-921c-11e9-aa19-159bf182e06f.json b/test/packages/parallel/aws/kibana/visualization/aws-cc3a1950-921c-11e9-aa19-159bf182e06f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-cc3a1950-921c-11e9-aa19-159bf182e06f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-cc3a1950-921c-11e9-aa19-159bf182e06f.json
diff --git a/test/packages/aws/kibana/visualization/aws-cd6419c0-6949-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-cd6419c0-6949-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-cd6419c0-6949-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-cd6419c0-6949-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-ce7445c0-688f-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-ce7445c0-688f-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-ce7445c0-688f-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-ce7445c0-688f-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-ceb7c030-3e86-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-ceb7c030-3e86-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-ceb7c030-3e86-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-ceb7c030-3e86-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-d045d120-b7b9-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-d045d120-b7b9-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-d045d120-b7b9-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-d045d120-b7b9-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-d186fd50-4763-11e9-8062-c98a86cb6f94.json b/test/packages/parallel/aws/kibana/visualization/aws-d186fd50-4763-11e9-8062-c98a86cb6f94.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-d186fd50-4763-11e9-8062-c98a86cb6f94.json
rename to test/packages/parallel/aws/kibana/visualization/aws-d186fd50-4763-11e9-8062-c98a86cb6f94.json
diff --git a/test/packages/aws/kibana/visualization/aws-d19a71b0-180e-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-d19a71b0-180e-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-d19a71b0-180e-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-d19a71b0-180e-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-d2f46190-830f-11e9-ac83-47df3568ff90.json b/test/packages/parallel/aws/kibana/visualization/aws-d2f46190-830f-11e9-ac83-47df3568ff90.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-d2f46190-830f-11e9-ac83-47df3568ff90.json
rename to test/packages/parallel/aws/kibana/visualization/aws-d2f46190-830f-11e9-ac83-47df3568ff90.json
diff --git a/test/packages/aws/kibana/visualization/aws-d560de70-b3c7-11e9-87a4-078dbbae220d.json b/test/packages/parallel/aws/kibana/visualization/aws-d560de70-b3c7-11e9-87a4-078dbbae220d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-d560de70-b3c7-11e9-87a4-078dbbae220d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-d560de70-b3c7-11e9-87a4-078dbbae220d.json
diff --git a/test/packages/aws/kibana/visualization/aws-d8b1e830-3e82-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-d8b1e830-3e82-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-d8b1e830-3e82-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-d8b1e830-3e82-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-dc5f65b0-6949-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-dc5f65b0-6949-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-dc5f65b0-6949-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-dc5f65b0-6949-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-dcd31cd0-41e5-11e9-b7a0-c99d9d127b61.json b/test/packages/parallel/aws/kibana/visualization/aws-dcd31cd0-41e5-11e9-b7a0-c99d9d127b61.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-dcd31cd0-41e5-11e9-b7a0-c99d9d127b61.json
rename to test/packages/parallel/aws/kibana/visualization/aws-dcd31cd0-41e5-11e9-b7a0-c99d9d127b61.json
diff --git a/test/packages/aws/kibana/visualization/aws-dd2f2a10-41e6-11e9-b7a0-c99d9d127b61.json b/test/packages/parallel/aws/kibana/visualization/aws-dd2f2a10-41e6-11e9-b7a0-c99d9d127b61.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-dd2f2a10-41e6-11e9-b7a0-c99d9d127b61.json
rename to test/packages/parallel/aws/kibana/visualization/aws-dd2f2a10-41e6-11e9-b7a0-c99d9d127b61.json
diff --git a/test/packages/aws/kibana/visualization/aws-deab0260-2981-11e9-86eb-a3a07a77f530.json b/test/packages/parallel/aws/kibana/visualization/aws-deab0260-2981-11e9-86eb-a3a07a77f530.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-deab0260-2981-11e9-86eb-a3a07a77f530.json
rename to test/packages/parallel/aws/kibana/visualization/aws-deab0260-2981-11e9-86eb-a3a07a77f530.json
diff --git a/test/packages/aws/kibana/visualization/aws-dffa19e0-180e-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-dffa19e0-180e-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-dffa19e0-180e-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-dffa19e0-180e-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-e06e4cf0-921e-11e9-aa19-159bf182e06f.json b/test/packages/parallel/aws/kibana/visualization/aws-e06e4cf0-921e-11e9-aa19-159bf182e06f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-e06e4cf0-921e-11e9-aa19-159bf182e06f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-e06e4cf0-921e-11e9-aa19-159bf182e06f.json
diff --git a/test/packages/aws/kibana/visualization/aws-e0e65e60-688e-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-e0e65e60-688e-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-e0e65e60-688e-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-e0e65e60-688e-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-e1c345e0-42a9-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-e1c345e0-42a9-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-e1c345e0-42a9-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-e1c345e0-42a9-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-e50c51e0-3e7f-11ea-bb0a-69c3ca1d410f.json b/test/packages/parallel/aws/kibana/visualization/aws-e50c51e0-3e7f-11ea-bb0a-69c3ca1d410f.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-e50c51e0-3e7f-11ea-bb0a-69c3ca1d410f.json
rename to test/packages/parallel/aws/kibana/visualization/aws-e50c51e0-3e7f-11ea-bb0a-69c3ca1d410f.json
diff --git a/test/packages/aws/kibana/visualization/aws-ea9e3d40-693a-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-ea9e3d40-693a-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-ea9e3d40-693a-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-ea9e3d40-693a-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-ef9717b0-427b-11ec-9b39-b9df88395505.json b/test/packages/parallel/aws/kibana/visualization/aws-ef9717b0-427b-11ec-9b39-b9df88395505.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-ef9717b0-427b-11ec-9b39-b9df88395505.json
rename to test/packages/parallel/aws/kibana/visualization/aws-ef9717b0-427b-11ec-9b39-b9df88395505.json
diff --git a/test/packages/aws/kibana/visualization/aws-f1db6ec0-f7f8-11e8-af03-c999c9dea608.json b/test/packages/parallel/aws/kibana/visualization/aws-f1db6ec0-f7f8-11e8-af03-c999c9dea608.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-f1db6ec0-f7f8-11e8-af03-c999c9dea608.json
rename to test/packages/parallel/aws/kibana/visualization/aws-f1db6ec0-f7f8-11e8-af03-c999c9dea608.json
diff --git a/test/packages/aws/kibana/visualization/aws-f58f99b0-693a-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-f58f99b0-693a-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-f58f99b0-693a-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-f58f99b0-693a-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-f6831f30-b7b6-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-f6831f30-b7b6-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-f6831f30-b7b6-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-f6831f30-b7b6-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-f74eb760-41e8-11e9-b7a0-c99d9d127b61.json b/test/packages/parallel/aws/kibana/visualization/aws-f74eb760-41e8-11e9-b7a0-c99d9d127b61.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-f74eb760-41e8-11e9-b7a0-c99d9d127b61.json
rename to test/packages/parallel/aws/kibana/visualization/aws-f74eb760-41e8-11e9-b7a0-c99d9d127b61.json
diff --git a/test/packages/aws/kibana/visualization/aws-f7c17000-6949-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-f7c17000-6949-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-f7c17000-6949-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-f7c17000-6949-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-f8b63860-739e-11ea-a345-f985c61fe654.json b/test/packages/parallel/aws/kibana/visualization/aws-f8b63860-739e-11ea-a345-f985c61fe654.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-f8b63860-739e-11ea-a345-f985c61fe654.json
rename to test/packages/parallel/aws/kibana/visualization/aws-f8b63860-739e-11ea-a345-f985c61fe654.json
diff --git a/test/packages/aws/kibana/visualization/aws-f9b2beb0-42a9-11ec-a440-675e476c18bb.json b/test/packages/parallel/aws/kibana/visualization/aws-f9b2beb0-42a9-11ec-a440-675e476c18bb.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-f9b2beb0-42a9-11ec-a440-675e476c18bb.json
rename to test/packages/parallel/aws/kibana/visualization/aws-f9b2beb0-42a9-11ec-a440-675e476c18bb.json
diff --git a/test/packages/aws/kibana/visualization/aws-fc0869c0-180e-11ea-8e91-03c7047cbb9d.json b/test/packages/parallel/aws/kibana/visualization/aws-fc0869c0-180e-11ea-8e91-03c7047cbb9d.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-fc0869c0-180e-11ea-8e91-03c7047cbb9d.json
rename to test/packages/parallel/aws/kibana/visualization/aws-fc0869c0-180e-11ea-8e91-03c7047cbb9d.json
diff --git a/test/packages/aws/kibana/visualization/aws-fcfc8d80-693e-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-fcfc8d80-693e-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-fcfc8d80-693e-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-fcfc8d80-693e-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-fd915180-6890-11ea-b0ac-95d4ecb1fecd.json b/test/packages/parallel/aws/kibana/visualization/aws-fd915180-6890-11ea-b0ac-95d4ecb1fecd.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-fd915180-6890-11ea-b0ac-95d4ecb1fecd.json
rename to test/packages/parallel/aws/kibana/visualization/aws-fd915180-6890-11ea-b0ac-95d4ecb1fecd.json
diff --git a/test/packages/aws/kibana/visualization/aws-fe0581b0-b7b8-11e9-8349-f15f850c5cd0.json b/test/packages/parallel/aws/kibana/visualization/aws-fe0581b0-b7b8-11e9-8349-f15f850c5cd0.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-fe0581b0-b7b8-11e9-8349-f15f850c5cd0.json
rename to test/packages/parallel/aws/kibana/visualization/aws-fe0581b0-b7b8-11e9-8349-f15f850c5cd0.json
diff --git a/test/packages/aws/kibana/visualization/aws-fed59380-f7f8-11e8-af03-c999c9dea608.json b/test/packages/parallel/aws/kibana/visualization/aws-fed59380-f7f8-11e8-af03-c999c9dea608.json
similarity index 100%
rename from test/packages/aws/kibana/visualization/aws-fed59380-f7f8-11e8-af03-c999c9dea608.json
rename to test/packages/parallel/aws/kibana/visualization/aws-fed59380-f7f8-11e8-af03-c999c9dea608.json
diff --git a/test/packages/aws/manifest.yml b/test/packages/parallel/aws/manifest.yml
similarity index 100%
rename from test/packages/aws/manifest.yml
rename to test/packages/parallel/aws/manifest.yml
diff --git a/test/packages/kubernetes/_dev/build/build.yml b/test/packages/parallel/nginx/_dev/build/build.yml
similarity index 100%
rename from test/packages/kubernetes/_dev/build/build.yml
rename to test/packages/parallel/nginx/_dev/build/build.yml
diff --git a/test/packages/nginx/_dev/build/docs/README.md b/test/packages/parallel/nginx/_dev/build/docs/README.md
similarity index 100%
rename from test/packages/nginx/_dev/build/docs/README.md
rename to test/packages/parallel/nginx/_dev/build/docs/README.md
diff --git a/test/packages/nginx/_dev/deploy/docker/Dockerfile b/test/packages/parallel/nginx/_dev/deploy/docker/Dockerfile
similarity index 100%
rename from test/packages/nginx/_dev/deploy/docker/Dockerfile
rename to test/packages/parallel/nginx/_dev/deploy/docker/Dockerfile
diff --git a/test/packages/nginx/_dev/deploy/docker/docker-compose.yml b/test/packages/parallel/nginx/_dev/deploy/docker/docker-compose.yml
similarity index 100%
rename from test/packages/nginx/_dev/deploy/docker/docker-compose.yml
rename to test/packages/parallel/nginx/_dev/deploy/docker/docker-compose.yml
diff --git a/test/packages/nginx/_dev/deploy/docker/nginx.conf b/test/packages/parallel/nginx/_dev/deploy/docker/nginx.conf
similarity index 100%
rename from test/packages/nginx/_dev/deploy/docker/nginx.conf
rename to test/packages/parallel/nginx/_dev/deploy/docker/nginx.conf
diff --git a/test/packages/nginx/_dev/deploy/variants.yml b/test/packages/parallel/nginx/_dev/deploy/variants.yml
similarity index 100%
rename from test/packages/nginx/_dev/deploy/variants.yml
rename to test/packages/parallel/nginx/_dev/deploy/variants.yml
diff --git a/test/packages/nginx/changelog.yml b/test/packages/parallel/nginx/changelog.yml
similarity index 100%
rename from test/packages/nginx/changelog.yml
rename to test/packages/parallel/nginx/changelog.yml
diff --git a/test/packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log b/test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-access.log
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-access.log
diff --git a/test/packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log-expected.json b/test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-access.log-expected.json
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log-expected.json
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-access.log-expected.json
diff --git a/test/packages/nginx/data_stream/access/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-common-config.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/pipeline/test-common-config.yml
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-common-config.yml
diff --git a/test/packages/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log b/test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log
diff --git a/test/packages/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log-expected.json b/test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log-expected.json
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log-expected.json
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log-expected.json
diff --git a/test/packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log b/test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log
diff --git a/test/packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log-expected.json b/test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log-expected.json
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log-expected.json
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log-expected.json
diff --git a/test/packages/nginx/data_stream/access/_dev/test/system/test-default-config.yml b/test/packages/parallel/nginx/data_stream/access/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/_dev/test/system/test-default-config.yml
rename to test/packages/parallel/nginx/data_stream/access/_dev/test/system/test-default-config.yml
diff --git a/test/packages/nginx/data_stream/access/agent/stream/httpjson.yml.hbs b/test/packages/parallel/nginx/data_stream/access/agent/stream/httpjson.yml.hbs
similarity index 100%
rename from test/packages/nginx/data_stream/access/agent/stream/httpjson.yml.hbs
rename to test/packages/parallel/nginx/data_stream/access/agent/stream/httpjson.yml.hbs
diff --git a/test/packages/nginx/data_stream/access/agent/stream/stream.yml.hbs b/test/packages/parallel/nginx/data_stream/access/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/nginx/data_stream/access/agent/stream/stream.yml.hbs
rename to test/packages/parallel/nginx/data_stream/access/agent/stream/stream.yml.hbs
diff --git a/test/packages/nginx/data_stream/access/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/nginx/data_stream/access/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/nginx/data_stream/access/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/nginx/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml b/test/packages/parallel/nginx/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml
rename to test/packages/parallel/nginx/data_stream/access/elasticsearch/ingest_pipeline/third-party.yml
diff --git a/test/packages/nginx/data_stream/access/fields/agent.yml b/test/packages/parallel/nginx/data_stream/access/fields/agent.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/fields/agent.yml
rename to test/packages/parallel/nginx/data_stream/access/fields/agent.yml
diff --git a/test/packages/nginx/data_stream/access/fields/base-fields.yml b/test/packages/parallel/nginx/data_stream/access/fields/base-fields.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/fields/base-fields.yml
rename to test/packages/parallel/nginx/data_stream/access/fields/base-fields.yml
diff --git a/test/packages/nginx/data_stream/access/fields/ecs.yml b/test/packages/parallel/nginx/data_stream/access/fields/ecs.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/fields/ecs.yml
rename to test/packages/parallel/nginx/data_stream/access/fields/ecs.yml
diff --git a/test/packages/nginx/data_stream/access/fields/fields.yml b/test/packages/parallel/nginx/data_stream/access/fields/fields.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/fields/fields.yml
rename to test/packages/parallel/nginx/data_stream/access/fields/fields.yml
diff --git a/test/packages/nginx/data_stream/access/manifest.yml b/test/packages/parallel/nginx/data_stream/access/manifest.yml
similarity index 100%
rename from test/packages/nginx/data_stream/access/manifest.yml
rename to test/packages/parallel/nginx/data_stream/access/manifest.yml
diff --git a/test/packages/nginx/data_stream/access/sample_event.json b/test/packages/parallel/nginx/data_stream/access/sample_event.json
similarity index 100%
rename from test/packages/nginx/data_stream/access/sample_event.json
rename to test/packages/parallel/nginx/data_stream/access/sample_event.json
diff --git a/test/packages/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log b/test/packages/parallel/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log
similarity index 100%
rename from test/packages/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log
rename to test/packages/parallel/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log
diff --git a/test/packages/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-config.yml b/test/packages/parallel/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-config.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-config.yml
rename to test/packages/parallel/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-config.yml
diff --git a/test/packages/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-expected.json b/test/packages/parallel/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-expected.json
similarity index 100%
rename from test/packages/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-expected.json
rename to test/packages/parallel/nginx/data_stream/error/_dev/test/pipeline/test-error-raw.log-expected.json
diff --git a/test/packages/nginx/data_stream/error/_dev/test/system/test-default-config.yml b/test/packages/parallel/nginx/data_stream/error/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/_dev/test/system/test-default-config.yml
rename to test/packages/parallel/nginx/data_stream/error/_dev/test/system/test-default-config.yml
diff --git a/test/packages/nginx/data_stream/error/agent/stream/httpjson.yml.hbs b/test/packages/parallel/nginx/data_stream/error/agent/stream/httpjson.yml.hbs
similarity index 100%
rename from test/packages/nginx/data_stream/error/agent/stream/httpjson.yml.hbs
rename to test/packages/parallel/nginx/data_stream/error/agent/stream/httpjson.yml.hbs
diff --git a/test/packages/nginx/data_stream/error/agent/stream/stream.yml.hbs b/test/packages/parallel/nginx/data_stream/error/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/nginx/data_stream/error/agent/stream/stream.yml.hbs
rename to test/packages/parallel/nginx/data_stream/error/agent/stream/stream.yml.hbs
diff --git a/test/packages/nginx/data_stream/error/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/nginx/data_stream/error/elasticsearch/ingest_pipeline/default.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/elasticsearch/ingest_pipeline/default.yml
rename to test/packages/parallel/nginx/data_stream/error/elasticsearch/ingest_pipeline/default.yml
diff --git a/test/packages/nginx/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml b/test/packages/parallel/nginx/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml
rename to test/packages/parallel/nginx/data_stream/error/elasticsearch/ingest_pipeline/third-party.yml
diff --git a/test/packages/nginx/data_stream/error/fields/agent.yml b/test/packages/parallel/nginx/data_stream/error/fields/agent.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/fields/agent.yml
rename to test/packages/parallel/nginx/data_stream/error/fields/agent.yml
diff --git a/test/packages/nginx/data_stream/error/fields/base-fields.yml b/test/packages/parallel/nginx/data_stream/error/fields/base-fields.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/fields/base-fields.yml
rename to test/packages/parallel/nginx/data_stream/error/fields/base-fields.yml
diff --git a/test/packages/nginx/data_stream/error/fields/ecs.yml b/test/packages/parallel/nginx/data_stream/error/fields/ecs.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/fields/ecs.yml
rename to test/packages/parallel/nginx/data_stream/error/fields/ecs.yml
diff --git a/test/packages/nginx/data_stream/error/fields/fields.yml b/test/packages/parallel/nginx/data_stream/error/fields/fields.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/fields/fields.yml
rename to test/packages/parallel/nginx/data_stream/error/fields/fields.yml
diff --git a/test/packages/nginx/data_stream/error/manifest.yml b/test/packages/parallel/nginx/data_stream/error/manifest.yml
similarity index 100%
rename from test/packages/nginx/data_stream/error/manifest.yml
rename to test/packages/parallel/nginx/data_stream/error/manifest.yml
diff --git a/test/packages/nginx/data_stream/error/sample_event.json b/test/packages/parallel/nginx/data_stream/error/sample_event.json
similarity index 100%
rename from test/packages/nginx/data_stream/error/sample_event.json
rename to test/packages/parallel/nginx/data_stream/error/sample_event.json
diff --git a/test/packages/nginx/data_stream/stubstatus/_dev/test/system/test-default-config.yml b/test/packages/parallel/nginx/data_stream/stubstatus/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/nginx/data_stream/stubstatus/_dev/test/system/test-default-config.yml
rename to test/packages/parallel/nginx/data_stream/stubstatus/_dev/test/system/test-default-config.yml
diff --git a/test/packages/nginx/data_stream/stubstatus/agent/stream/stream.yml.hbs b/test/packages/parallel/nginx/data_stream/stubstatus/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/nginx/data_stream/stubstatus/agent/stream/stream.yml.hbs
rename to test/packages/parallel/nginx/data_stream/stubstatus/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/apiserver/fields/agent.yml b/test/packages/parallel/nginx/data_stream/stubstatus/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/fields/agent.yml
rename to test/packages/parallel/nginx/data_stream/stubstatus/fields/agent.yml
diff --git a/test/packages/nginx/data_stream/stubstatus/fields/base-fields.yml b/test/packages/parallel/nginx/data_stream/stubstatus/fields/base-fields.yml
similarity index 100%
rename from test/packages/nginx/data_stream/stubstatus/fields/base-fields.yml
rename to test/packages/parallel/nginx/data_stream/stubstatus/fields/base-fields.yml
diff --git a/test/packages/nginx/data_stream/stubstatus/fields/ecs.yml b/test/packages/parallel/nginx/data_stream/stubstatus/fields/ecs.yml
similarity index 100%
rename from test/packages/nginx/data_stream/stubstatus/fields/ecs.yml
rename to test/packages/parallel/nginx/data_stream/stubstatus/fields/ecs.yml
diff --git a/test/packages/nginx/data_stream/stubstatus/fields/fields.yml b/test/packages/parallel/nginx/data_stream/stubstatus/fields/fields.yml
similarity index 100%
rename from test/packages/nginx/data_stream/stubstatus/fields/fields.yml
rename to test/packages/parallel/nginx/data_stream/stubstatus/fields/fields.yml
diff --git a/test/packages/nginx/data_stream/stubstatus/manifest.yml b/test/packages/parallel/nginx/data_stream/stubstatus/manifest.yml
similarity index 100%
rename from test/packages/nginx/data_stream/stubstatus/manifest.yml
rename to test/packages/parallel/nginx/data_stream/stubstatus/manifest.yml
diff --git a/test/packages/nginx/data_stream/stubstatus/sample_event.json b/test/packages/parallel/nginx/data_stream/stubstatus/sample_event.json
similarity index 100%
rename from test/packages/nginx/data_stream/stubstatus/sample_event.json
rename to test/packages/parallel/nginx/data_stream/stubstatus/sample_event.json
diff --git a/test/packages/nginx/docs/README.md b/test/packages/parallel/nginx/docs/README.md
similarity index 100%
rename from test/packages/nginx/docs/README.md
rename to test/packages/parallel/nginx/docs/README.md
diff --git a/test/packages/nginx/img/logo_nginx.svg b/test/packages/parallel/nginx/img/logo_nginx.svg
similarity index 100%
rename from test/packages/nginx/img/logo_nginx.svg
rename to test/packages/parallel/nginx/img/logo_nginx.svg
diff --git a/test/packages/nginx/img/nginx-logs-access-error.png b/test/packages/parallel/nginx/img/nginx-logs-access-error.png
similarity index 100%
rename from test/packages/nginx/img/nginx-logs-access-error.png
rename to test/packages/parallel/nginx/img/nginx-logs-access-error.png
diff --git a/test/packages/nginx/img/nginx-logs-overview.png b/test/packages/parallel/nginx/img/nginx-logs-overview.png
similarity index 100%
rename from test/packages/nginx/img/nginx-logs-overview.png
rename to test/packages/parallel/nginx/img/nginx-logs-overview.png
diff --git a/test/packages/nginx/img/nginx-metrics-overview.png b/test/packages/parallel/nginx/img/nginx-metrics-overview.png
similarity index 100%
rename from test/packages/nginx/img/nginx-metrics-overview.png
rename to test/packages/parallel/nginx/img/nginx-metrics-overview.png
diff --git a/test/packages/nginx/kibana/dashboard/nginx-023d2930-f1a5-11e7-a9ef-93c69af7b129.json b/test/packages/parallel/nginx/kibana/dashboard/nginx-023d2930-f1a5-11e7-a9ef-93c69af7b129.json
similarity index 100%
rename from test/packages/nginx/kibana/dashboard/nginx-023d2930-f1a5-11e7-a9ef-93c69af7b129.json
rename to test/packages/parallel/nginx/kibana/dashboard/nginx-023d2930-f1a5-11e7-a9ef-93c69af7b129.json
diff --git a/test/packages/nginx/kibana/dashboard/nginx-046212a0-a2a1-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/dashboard/nginx-046212a0-a2a1-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/dashboard/nginx-046212a0-a2a1-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/dashboard/nginx-046212a0-a2a1-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/dashboard/nginx-55a9e6e0-a29e-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/dashboard/nginx-55a9e6e0-a29e-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/dashboard/nginx-55a9e6e0-a29e-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/dashboard/nginx-55a9e6e0-a29e-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/ml_module/nginx-Logs-ml.json b/test/packages/parallel/nginx/kibana/ml_module/nginx-Logs-ml.json
similarity index 100%
rename from test/packages/nginx/kibana/ml_module/nginx-Logs-ml.json
rename to test/packages/parallel/nginx/kibana/ml_module/nginx-Logs-ml.json
diff --git a/test/packages/nginx/kibana/search/nginx-6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/search/nginx-6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/search/nginx-6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/search/nginx-6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/search/nginx-9eb25600-a1f0-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/search/nginx-9eb25600-a1f0-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/search/nginx-9eb25600-a1f0-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/search/nginx-9eb25600-a1f0-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/search/nginx-Logs-Nginx-integration.json b/test/packages/parallel/nginx/kibana/search/nginx-Logs-Nginx-integration.json
similarity index 100%
rename from test/packages/nginx/kibana/search/nginx-Logs-Nginx-integration.json
rename to test/packages/parallel/nginx/kibana/search/nginx-Logs-Nginx-integration.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-0dd6f320-a29f-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/visualization/nginx-0dd6f320-a29f-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-0dd6f320-a29f-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-0dd6f320-a29f-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/visualization/nginx-1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-46322e50-a1f6-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/visualization/nginx-46322e50-a1f6-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-46322e50-a1f6-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-46322e50-a1f6-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-47a8e0f0-f1a4-11e7-a9ef-93c69af7b129.json b/test/packages/parallel/nginx/kibana/visualization/nginx-47a8e0f0-f1a4-11e7-a9ef-93c69af7b129.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-47a8e0f0-f1a4-11e7-a9ef-93c69af7b129.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-47a8e0f0-f1a4-11e7-a9ef-93c69af7b129.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-555df8a0-f1a1-11e7-a9ef-93c69af7b129.json b/test/packages/parallel/nginx/kibana/visualization/nginx-555df8a0-f1a1-11e7-a9ef-93c69af7b129.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-555df8a0-f1a1-11e7-a9ef-93c69af7b129.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-555df8a0-f1a1-11e7-a9ef-93c69af7b129.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-7cc9ea40-3af8-11eb-94b7-0dab91df36a6.json b/test/packages/parallel/nginx/kibana/visualization/nginx-7cc9ea40-3af8-11eb-94b7-0dab91df36a6.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-7cc9ea40-3af8-11eb-94b7-0dab91df36a6.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-7cc9ea40-3af8-11eb-94b7-0dab91df36a6.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-823b3c80-3af9-11eb-94b7-0dab91df36a6.json b/test/packages/parallel/nginx/kibana/visualization/nginx-823b3c80-3af9-11eb-94b7-0dab91df36a6.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-823b3c80-3af9-11eb-94b7-0dab91df36a6.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-823b3c80-3af9-11eb-94b7-0dab91df36a6.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-9184fa00-a1f5-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/visualization/nginx-9184fa00-a1f5-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-9184fa00-a1f5-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-9184fa00-a1f5-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-9484ecf0-3af5-11eb-94b7-0dab91df36a6.json b/test/packages/parallel/nginx/kibana/visualization/nginx-9484ecf0-3af5-11eb-94b7-0dab91df36a6.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-9484ecf0-3af5-11eb-94b7-0dab91df36a6.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-9484ecf0-3af5-11eb-94b7-0dab91df36a6.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-97109780-a2a5-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/visualization/nginx-97109780-a2a5-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-97109780-a2a5-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-97109780-a2a5-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-Access-Browsers.json b/test/packages/parallel/nginx/kibana/visualization/nginx-Access-Browsers.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-Access-Browsers.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-Access-Browsers.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-Access-Map.json b/test/packages/parallel/nginx/kibana/visualization/nginx-Access-Map.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-Access-Map.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-Access-Map.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-Access-OSes.json b/test/packages/parallel/nginx/kibana/visualization/nginx-Access-OSes.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-Access-OSes.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-Access-OSes.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-a1d92240-f1a1-11e7-a9ef-93c69af7b129.json b/test/packages/parallel/nginx/kibana/visualization/nginx-a1d92240-f1a1-11e7-a9ef-93c69af7b129.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-a1d92240-f1a1-11e7-a9ef-93c69af7b129.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-a1d92240-f1a1-11e7-a9ef-93c69af7b129.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-b70b1b20-a1f4-11e7-928f-5dbe6f6f5519.json b/test/packages/parallel/nginx/kibana/visualization/nginx-b70b1b20-a1f4-11e7-928f-5dbe6f6f5519.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-b70b1b20-a1f4-11e7-928f-5dbe6f6f5519.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-b70b1b20-a1f4-11e7-928f-5dbe6f6f5519.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-d763a570-f1a1-11e7-a9ef-93c69af7b129.json b/test/packages/parallel/nginx/kibana/visualization/nginx-d763a570-f1a1-11e7-a9ef-93c69af7b129.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-d763a570-f1a1-11e7-a9ef-93c69af7b129.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-d763a570-f1a1-11e7-a9ef-93c69af7b129.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-dcbffe30-f1a4-11e7-a9ef-93c69af7b129.json b/test/packages/parallel/nginx/kibana/visualization/nginx-dcbffe30-f1a4-11e7-a9ef-93c69af7b129.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-dcbffe30-f1a4-11e7-a9ef-93c69af7b129.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-dcbffe30-f1a4-11e7-a9ef-93c69af7b129.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-e302b5a0-3afb-11eb-94b7-0dab91df36a6.json b/test/packages/parallel/nginx/kibana/visualization/nginx-e302b5a0-3afb-11eb-94b7-0dab91df36a6.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-e302b5a0-3afb-11eb-94b7-0dab91df36a6.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-e302b5a0-3afb-11eb-94b7-0dab91df36a6.json
diff --git a/test/packages/nginx/kibana/visualization/nginx-ea7f9e10-3af6-11eb-94b7-0dab91df36a6.json b/test/packages/parallel/nginx/kibana/visualization/nginx-ea7f9e10-3af6-11eb-94b7-0dab91df36a6.json
similarity index 100%
rename from test/packages/nginx/kibana/visualization/nginx-ea7f9e10-3af6-11eb-94b7-0dab91df36a6.json
rename to test/packages/parallel/nginx/kibana/visualization/nginx-ea7f9e10-3af6-11eb-94b7-0dab91df36a6.json
diff --git a/test/packages/nginx/manifest.yml b/test/packages/parallel/nginx/manifest.yml
similarity index 100%
rename from test/packages/nginx/manifest.yml
rename to test/packages/parallel/nginx/manifest.yml
diff --git a/test/packages/nginx/_dev/build/build.yml b/test/packages/with-kind/kubernetes/_dev/build/build.yml
similarity index 100%
rename from test/packages/nginx/_dev/build/build.yml
rename to test/packages/with-kind/kubernetes/_dev/build/build.yml
diff --git a/test/packages/kubernetes/_dev/build/docs/README.md b/test/packages/with-kind/kubernetes/_dev/build/docs/README.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/README.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/README.md
diff --git a/test/packages/kubernetes/_dev/build/docs/container-logs.md b/test/packages/with-kind/kubernetes/_dev/build/docs/container-logs.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/container-logs.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/container-logs.md
diff --git a/test/packages/kubernetes/_dev/build/docs/events.md b/test/packages/with-kind/kubernetes/_dev/build/docs/events.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/events.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/events.md
diff --git a/test/packages/kubernetes/_dev/build/docs/kube-apiserver.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-apiserver.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/kube-apiserver.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/kube-apiserver.md
diff --git a/test/packages/kubernetes/_dev/build/docs/kube-controller-manager.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-controller-manager.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/kube-controller-manager.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/kube-controller-manager.md
diff --git a/test/packages/kubernetes/_dev/build/docs/kube-proxy.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-proxy.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/kube-proxy.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/kube-proxy.md
diff --git a/test/packages/kubernetes/_dev/build/docs/kube-scheduler.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-scheduler.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/kube-scheduler.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/kube-scheduler.md
diff --git a/test/packages/kubernetes/_dev/build/docs/kube-state-metrics.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-state-metrics.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/kube-state-metrics.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/kube-state-metrics.md
diff --git a/test/packages/kubernetes/_dev/build/docs/kubelet.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kubelet.md
similarity index 100%
rename from test/packages/kubernetes/_dev/build/docs/kubelet.md
rename to test/packages/with-kind/kubernetes/_dev/build/docs/kubelet.md
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/cluster-role-binding.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/cluster-role-binding.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/cluster-role-binding.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/cluster-role-binding.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/cluster-role.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/cluster-role.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/cluster-role.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/cluster-role.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/conrjob.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/conrjob.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/conrjob.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/conrjob.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/deployment.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/deployment.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/deployment.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/deployment.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/example-redis-config.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/example-redis-config.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/example-redis-config.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/example-redis-config.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/job.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/job.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/job.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/job.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/pv.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/pv.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/pv.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/pv.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/pvc.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/pvc.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/pvc.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/pvc.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/rq.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/rq.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/rq.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/rq.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/service-account.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/service-account.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/service-account.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/service-account.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/service.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/service.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/service.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/service.yaml
diff --git a/test/packages/kubernetes/_dev/deploy/k8s/ss.yaml b/test/packages/with-kind/kubernetes/_dev/deploy/k8s/ss.yaml
similarity index 100%
rename from test/packages/kubernetes/_dev/deploy/k8s/ss.yaml
rename to test/packages/with-kind/kubernetes/_dev/deploy/k8s/ss.yaml
diff --git a/test/packages/kubernetes/changelog.yml b/test/packages/with-kind/kubernetes/changelog.yml
similarity index 100%
rename from test/packages/kubernetes/changelog.yml
rename to test/packages/with-kind/kubernetes/changelog.yml
diff --git a/test/packages/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/controllermanager/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/apiserver/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/apiserver/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/apiserver/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/apiserver/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/apiserver/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/apiserver/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/apiserver/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/apiserver/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/container/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/container/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/container/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/container/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/container/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/container/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/container/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/container/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/container/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/container/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/container/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/container/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/container/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/container/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/container/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/container/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/container/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/container/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/container/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/container/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/container/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/container_logs/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container_logs/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/container_logs/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/container_logs/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container_logs/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/container_logs/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/container_logs/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container_logs/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/container_logs/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/container_logs/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/container_logs/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/container_logs/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/event/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/event/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/controllermanager/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/controllermanager/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/controllermanager/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/controllermanager/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/controllermanager/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/controllermanager/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/controllermanager/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/controllermanager/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/event/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/event/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/event/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/event/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/node/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/event/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/event/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/event/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/event/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/event/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/event/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/event/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/event/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/event/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/event/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/event/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/event/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/event/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/event/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/event/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/event/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/event/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/event/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/node/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/node/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/node/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/node/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/node/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/node/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/pod/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/node/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/node/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/node/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/node/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/node/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/node/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/node/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/node/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/node/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/node/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/node/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/node/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/node/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/node/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/pod/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/pod/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/pod/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/pod/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/pod/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/pod/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/pod/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/pod/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/pod/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/proxy/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/pod/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/pod/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/pod/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/pod/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/pod/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/pod/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/pod/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/pod/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/pod/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/pod/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/pod/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/pod/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/pod/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/pod/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/pod/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/pod/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/pod/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/pod/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/scheduler/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/proxy/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/proxy/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/proxy/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/proxy/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/proxy/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/proxy/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/proxy/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/proxy/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/proxy/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/proxy/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/proxy/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/proxy/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/proxy/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/scheduler/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/scheduler/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/scheduler/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/scheduler/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/scheduler/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/scheduler/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/scheduler/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/scheduler/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_container/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_container/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_container/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_container/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_container/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_container/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_container/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_container/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_container/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_container/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_container/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_container/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_container/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_container/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_cronjob/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_cronjob/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_cronjob/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_deployment/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_daemonset/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_daemonset/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_daemonset/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_job/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_deployment/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_deployment/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_deployment/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_deployment/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_deployment/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_deployment/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_deployment/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_deployment/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_node/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_job/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_job/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_job/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_job/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_job/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_job/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_job/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_job/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_job/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_job/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_job/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_job/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_job/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_node/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_node/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_node/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_node/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_node/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_node/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_node/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_node/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_node/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_node/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_node/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_node/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_node/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolume/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolume/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_pod/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_pod/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_pod/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_pod/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_pod/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_pod/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_pod/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_pod/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_pod/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_replicaset/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_replicaset/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_replicaset/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_service/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_service/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_resourcequota/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_resourcequota/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_resourcequota/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_service/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_service/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_service/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_service/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_service/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_service/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_service/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_service/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_service/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_service/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_service/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_service/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_service/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_service/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_service/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_service/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_service/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_statefulset/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_statefulset/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_statefulset/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/system/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/state_storageclass/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/state_storageclass/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/state_storageclass/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/system/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/system/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/system/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/system/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/system/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/system/agent/stream/stream.yml.hbs
diff --git a/test/packages/kubernetes/data_stream/volume/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/agent.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/system/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/system/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/system/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/system/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/system/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/system/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/system/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/system/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/system/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/system/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/system/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/system/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/system/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/system/sample_event.json
diff --git a/test/packages/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty
rename to test/packages/with-kind/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty
diff --git a/test/packages/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml
rename to test/packages/with-kind/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml
diff --git a/test/packages/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs
rename to test/packages/with-kind/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs
diff --git a/test/packages/log/data_stream/log/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/agent.yml
similarity index 100%
rename from test/packages/log/data_stream/log/fields/agent.yml
rename to test/packages/with-kind/kubernetes/data_stream/volume/fields/agent.yml
diff --git a/test/packages/kubernetes/data_stream/volume/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/base-fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/fields/base-fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/volume/fields/base-fields.yml
diff --git a/test/packages/kubernetes/data_stream/volume/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/ecs.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/fields/ecs.yml
rename to test/packages/with-kind/kubernetes/data_stream/volume/fields/ecs.yml
diff --git a/test/packages/kubernetes/data_stream/volume/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/fields.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/fields/fields.yml
rename to test/packages/with-kind/kubernetes/data_stream/volume/fields/fields.yml
diff --git a/test/packages/kubernetes/data_stream/volume/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/volume/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/manifest.yml
rename to test/packages/with-kind/kubernetes/data_stream/volume/manifest.yml
diff --git a/test/packages/kubernetes/data_stream/volume/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/volume/sample_event.json
similarity index 100%
rename from test/packages/kubernetes/data_stream/volume/sample_event.json
rename to test/packages/with-kind/kubernetes/data_stream/volume/sample_event.json
diff --git a/test/packages/kubernetes/docs/README.md b/test/packages/with-kind/kubernetes/docs/README.md
similarity index 100%
rename from test/packages/kubernetes/docs/README.md
rename to test/packages/with-kind/kubernetes/docs/README.md
diff --git a/test/packages/kubernetes/docs/container-logs.md b/test/packages/with-kind/kubernetes/docs/container-logs.md
similarity index 100%
rename from test/packages/kubernetes/docs/container-logs.md
rename to test/packages/with-kind/kubernetes/docs/container-logs.md
diff --git a/test/packages/kubernetes/docs/events.md b/test/packages/with-kind/kubernetes/docs/events.md
similarity index 100%
rename from test/packages/kubernetes/docs/events.md
rename to test/packages/with-kind/kubernetes/docs/events.md
diff --git a/test/packages/kubernetes/docs/kube-apiserver.md b/test/packages/with-kind/kubernetes/docs/kube-apiserver.md
similarity index 100%
rename from test/packages/kubernetes/docs/kube-apiserver.md
rename to test/packages/with-kind/kubernetes/docs/kube-apiserver.md
diff --git a/test/packages/kubernetes/docs/kube-controller-manager.md b/test/packages/with-kind/kubernetes/docs/kube-controller-manager.md
similarity index 100%
rename from test/packages/kubernetes/docs/kube-controller-manager.md
rename to test/packages/with-kind/kubernetes/docs/kube-controller-manager.md
diff --git a/test/packages/kubernetes/docs/kube-proxy.md b/test/packages/with-kind/kubernetes/docs/kube-proxy.md
similarity index 100%
rename from test/packages/kubernetes/docs/kube-proxy.md
rename to test/packages/with-kind/kubernetes/docs/kube-proxy.md
diff --git a/test/packages/kubernetes/docs/kube-scheduler.md b/test/packages/with-kind/kubernetes/docs/kube-scheduler.md
similarity index 100%
rename from test/packages/kubernetes/docs/kube-scheduler.md
rename to test/packages/with-kind/kubernetes/docs/kube-scheduler.md
diff --git a/test/packages/kubernetes/docs/kube-state-metrics.md b/test/packages/with-kind/kubernetes/docs/kube-state-metrics.md
similarity index 100%
rename from test/packages/kubernetes/docs/kube-state-metrics.md
rename to test/packages/with-kind/kubernetes/docs/kube-state-metrics.md
diff --git a/test/packages/kubernetes/docs/kubelet.md b/test/packages/with-kind/kubernetes/docs/kubelet.md
similarity index 100%
rename from test/packages/kubernetes/docs/kubelet.md
rename to test/packages/with-kind/kubernetes/docs/kubelet.md
diff --git a/test/packages/kubernetes/img/logo_kubernetes.svg b/test/packages/with-kind/kubernetes/img/logo_kubernetes.svg
similarity index 100%
rename from test/packages/kubernetes/img/logo_kubernetes.svg
rename to test/packages/with-kind/kubernetes/img/logo_kubernetes.svg
diff --git a/test/packages/kubernetes/img/metricbeat-kubernetes-controllermanager.png b/test/packages/with-kind/kubernetes/img/metricbeat-kubernetes-controllermanager.png
similarity index 100%
rename from test/packages/kubernetes/img/metricbeat-kubernetes-controllermanager.png
rename to test/packages/with-kind/kubernetes/img/metricbeat-kubernetes-controllermanager.png
diff --git a/test/packages/kubernetes/img/metricbeat-kubernetes-proxy.png b/test/packages/with-kind/kubernetes/img/metricbeat-kubernetes-proxy.png
similarity index 100%
rename from test/packages/kubernetes/img/metricbeat-kubernetes-proxy.png
rename to test/packages/with-kind/kubernetes/img/metricbeat-kubernetes-proxy.png
diff --git a/test/packages/kubernetes/img/metricbeat_kubernetes_overview.png b/test/packages/with-kind/kubernetes/img/metricbeat_kubernetes_overview.png
similarity index 100%
rename from test/packages/kubernetes/img/metricbeat_kubernetes_overview.png
rename to test/packages/with-kind/kubernetes/img/metricbeat_kubernetes_overview.png
diff --git a/test/packages/kubernetes/img/metricbeat_kubernetes_scheduler.png b/test/packages/with-kind/kubernetes/img/metricbeat_kubernetes_scheduler.png
similarity index 100%
rename from test/packages/kubernetes/img/metricbeat_kubernetes_scheduler.png
rename to test/packages/with-kind/kubernetes/img/metricbeat_kubernetes_scheduler.png
diff --git a/test/packages/kubernetes/kibana/dashboard/kubernetes-5e649d60-9901-11e9-ba57-b7ab4e2d4b58.json b/test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-5e649d60-9901-11e9-ba57-b7ab4e2d4b58.json
similarity index 100%
rename from test/packages/kubernetes/kibana/dashboard/kubernetes-5e649d60-9901-11e9-ba57-b7ab4e2d4b58.json
rename to test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-5e649d60-9901-11e9-ba57-b7ab4e2d4b58.json
diff --git a/test/packages/kubernetes/kibana/dashboard/kubernetes-97312060-9c1b-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-97312060-9c1b-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/dashboard/kubernetes-97312060-9c1b-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-97312060-9c1b-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/dashboard/kubernetes-AV4RGUqo5NkDleZmzKuZ.json b/test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-AV4RGUqo5NkDleZmzKuZ.json
similarity index 100%
rename from test/packages/kubernetes/kibana/dashboard/kubernetes-AV4RGUqo5NkDleZmzKuZ.json
rename to test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-AV4RGUqo5NkDleZmzKuZ.json
diff --git a/test/packages/kubernetes/kibana/dashboard/kubernetes-af7225b0-5794-11e8-afa2-e9067ea62228.json b/test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-af7225b0-5794-11e8-afa2-e9067ea62228.json
similarity index 100%
rename from test/packages/kubernetes/kibana/dashboard/kubernetes-af7225b0-5794-11e8-afa2-e9067ea62228.json
rename to test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-af7225b0-5794-11e8-afa2-e9067ea62228.json
diff --git a/test/packages/kubernetes/kibana/dashboard/kubernetes-f5ab5510-9c94-11e9-94fd-c91206cd5249.json b/test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-f5ab5510-9c94-11e9-94fd-c91206cd5249.json
similarity index 100%
rename from test/packages/kubernetes/kibana/dashboard/kubernetes-f5ab5510-9c94-11e9-94fd-c91206cd5249.json
rename to test/packages/with-kind/kubernetes/kibana/dashboard/kubernetes-f5ab5510-9c94-11e9-94fd-c91206cd5249.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-022a54c0-2bf5-11e7-859b-f78b612cde28.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-022a54c0-2bf5-11e7-859b-f78b612cde28.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-022a54c0-2bf5-11e7-859b-f78b612cde28.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-022a54c0-2bf5-11e7-859b-f78b612cde28.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-09b404f0-99af-11e9-ba57-b7ab4e2d4b58.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-09b404f0-99af-11e9-ba57-b7ab4e2d4b58.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-09b404f0-99af-11e9-ba57-b7ab4e2d4b58.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-09b404f0-99af-11e9-ba57-b7ab4e2d4b58.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-0ca95350-9c24-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-0ca95350-9c24-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-0ca95350-9c24-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-0ca95350-9c24-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-15bd4420-9c9b-11e9-94fd-c91206cd5249.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-15bd4420-9c9b-11e9-94fd-c91206cd5249.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-15bd4420-9c9b-11e9-94fd-c91206cd5249.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-15bd4420-9c9b-11e9-94fd-c91206cd5249.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-16fa4470-2bfd-11e7-859b-f78b612cde28.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-16fa4470-2bfd-11e7-859b-f78b612cde28.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-16fa4470-2bfd-11e7-859b-f78b612cde28.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-16fa4470-2bfd-11e7-859b-f78b612cde28.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-174a6ad0-30e0-11e7-8df8-6d3604a72912.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-174a6ad0-30e0-11e7-8df8-6d3604a72912.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-174a6ad0-30e0-11e7-8df8-6d3604a72912.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-174a6ad0-30e0-11e7-8df8-6d3604a72912.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-294546b0-30d6-11e7-8df8-6d3604a72912.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-294546b0-30d6-11e7-8df8-6d3604a72912.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-294546b0-30d6-11e7-8df8-6d3604a72912.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-294546b0-30d6-11e7-8df8-6d3604a72912.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-2ba628e0-9c2a-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-2ba628e0-9c2a-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-2ba628e0-9c2a-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-2ba628e0-9c2a-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-382ace30-9d98-11e9-b2ae-49acc4cbcea9.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-382ace30-9d98-11e9-b2ae-49acc4cbcea9.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-382ace30-9d98-11e9-b2ae-49acc4cbcea9.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-382ace30-9d98-11e9-b2ae-49acc4cbcea9.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-3dbf6230-9c20-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-3dbf6230-9c20-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-3dbf6230-9c20-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-3dbf6230-9c20-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-3e1e1fd0-9c27-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-3e1e1fd0-9c27-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-3e1e1fd0-9c27-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-3e1e1fd0-9c27-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-408fccf0-30d6-11e7-8df8-6d3604a72912.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-408fccf0-30d6-11e7-8df8-6d3604a72912.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-408fccf0-30d6-11e7-8df8-6d3604a72912.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-408fccf0-30d6-11e7-8df8-6d3604a72912.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-44f12b40-2bf4-11e7-859b-f78b612cde28.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-44f12b40-2bf4-11e7-859b-f78b612cde28.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-44f12b40-2bf4-11e7-859b-f78b612cde28.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-44f12b40-2bf4-11e7-859b-f78b612cde28.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-485c8550-9c3a-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-485c8550-9c3a-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-485c8550-9c3a-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-485c8550-9c3a-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-58e644f0-30d6-11e7-8df8-6d3604a72912.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-58e644f0-30d6-11e7-8df8-6d3604a72912.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-58e644f0-30d6-11e7-8df8-6d3604a72912.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-58e644f0-30d6-11e7-8df8-6d3604a72912.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-7aac4fd0-30e0-11e7-8df8-6d3604a72912.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-7aac4fd0-30e0-11e7-8df8-6d3604a72912.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-7aac4fd0-30e0-11e7-8df8-6d3604a72912.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-7aac4fd0-30e0-11e7-8df8-6d3604a72912.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-7cbeb750-5794-11e8-afa2-e9067ea62228.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-7cbeb750-5794-11e8-afa2-e9067ea62228.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-7cbeb750-5794-11e8-afa2-e9067ea62228.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-7cbeb750-5794-11e8-afa2-e9067ea62228.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-7d80f790-9d96-11e9-b2ae-49acc4cbcea9.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-7d80f790-9d96-11e9-b2ae-49acc4cbcea9.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-7d80f790-9d96-11e9-b2ae-49acc4cbcea9.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-7d80f790-9d96-11e9-b2ae-49acc4cbcea9.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-826d80c0-9c97-11e9-94fd-c91206cd5249.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-826d80c0-9c97-11e9-94fd-c91206cd5249.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-826d80c0-9c97-11e9-94fd-c91206cd5249.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-826d80c0-9c97-11e9-94fd-c91206cd5249.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-84d9b200-9d98-11e9-b2ae-49acc4cbcea9.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-84d9b200-9d98-11e9-b2ae-49acc4cbcea9.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-84d9b200-9d98-11e9-b2ae-49acc4cbcea9.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-84d9b200-9d98-11e9-b2ae-49acc4cbcea9.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-8a95de50-9c38-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-8a95de50-9c38-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-8a95de50-9c38-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-8a95de50-9c38-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-8c6c2690-9bd8-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-8c6c2690-9bd8-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-8c6c2690-9bd8-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-8c6c2690-9bd8-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-95595810-9ca8-11e9-94fd-c91206cd5249.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-95595810-9ca8-11e9-94fd-c91206cd5249.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-95595810-9ca8-11e9-94fd-c91206cd5249.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-95595810-9ca8-11e9-94fd-c91206cd5249.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-95a7f110-57a2-11e8-afa2-e9067ea62228.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-95a7f110-57a2-11e8-afa2-e9067ea62228.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-95a7f110-57a2-11e8-afa2-e9067ea62228.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-95a7f110-57a2-11e8-afa2-e9067ea62228.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-a4c9d360-30df-11e7-8df8-6d3604a72912.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-a4c9d360-30df-11e7-8df8-6d3604a72912.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-a4c9d360-30df-11e7-8df8-6d3604a72912.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-a4c9d360-30df-11e7-8df8-6d3604a72912.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-b8a24790-9bf0-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-b8a24790-9bf0-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-b8a24790-9bf0-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-b8a24790-9bf0-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-ba7bf750-9bf5-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-ba7bf750-9bf5-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-ba7bf750-9bf5-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-ba7bf750-9bf5-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-bcb194a0-9bf8-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-bcb194a0-9bf8-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-bcb194a0-9bf8-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-bcb194a0-9bf8-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-cac89fb0-9906-11e9-ba57-b7ab4e2d4b58.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-cac89fb0-9906-11e9-ba57-b7ab4e2d4b58.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-cac89fb0-9906-11e9-ba57-b7ab4e2d4b58.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-cac89fb0-9906-11e9-ba57-b7ab4e2d4b58.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-cd059410-2bfb-11e7-859b-f78b612cde28.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-cd059410-2bfb-11e7-859b-f78b612cde28.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-cd059410-2bfb-11e7-859b-f78b612cde28.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-cd059410-2bfb-11e7-859b-f78b612cde28.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-d6564360-2bfc-11e7-859b-f78b612cde28.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-d6564360-2bfc-11e7-859b-f78b612cde28.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-d6564360-2bfc-11e7-859b-f78b612cde28.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-d6564360-2bfc-11e7-859b-f78b612cde28.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-d86b2da0-9c20-11e9-9dc8-fd27291d427f.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-d86b2da0-9c20-11e9-9dc8-fd27291d427f.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-d86b2da0-9c20-11e9-9dc8-fd27291d427f.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-d86b2da0-9c20-11e9-9dc8-fd27291d427f.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-d9fc1b80-9c9c-11e9-94fd-c91206cd5249.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-d9fc1b80-9c9c-11e9-94fd-c91206cd5249.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-d9fc1b80-9c9c-11e9-94fd-c91206cd5249.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-d9fc1b80-9c9c-11e9-94fd-c91206cd5249.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-da1ff7c0-30ed-11e7-b9e5-2b5b07213ab3.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-e0ddd3e0-98fe-11e9-ba57-b7ab4e2d4b58.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-e0ddd3e0-98fe-11e9-ba57-b7ab4e2d4b58.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-e0ddd3e0-98fe-11e9-ba57-b7ab4e2d4b58.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-e0ddd3e0-98fe-11e9-ba57-b7ab4e2d4b58.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-e1018b90-2bfb-11e7-859b-f78b612cde28.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-e1018b90-2bfb-11e7-859b-f78b612cde28.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-e1018b90-2bfb-11e7-859b-f78b612cde28.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-e1018b90-2bfb-11e7-859b-f78b612cde28.json
diff --git a/test/packages/kubernetes/kibana/visualization/kubernetes-ec360ff0-57a0-11e8-afa2-e9067ea62228.json b/test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-ec360ff0-57a0-11e8-afa2-e9067ea62228.json
similarity index 100%
rename from test/packages/kubernetes/kibana/visualization/kubernetes-ec360ff0-57a0-11e8-afa2-e9067ea62228.json
rename to test/packages/with-kind/kubernetes/kibana/visualization/kubernetes-ec360ff0-57a0-11e8-afa2-e9067ea62228.json
diff --git a/test/packages/kubernetes/manifest.yml b/test/packages/with-kind/kubernetes/manifest.yml
similarity index 100%
rename from test/packages/kubernetes/manifest.yml
rename to test/packages/with-kind/kubernetes/manifest.yml

From 79414cc28d6a8a09616b89dc555080766faeb0bb Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 13:00:27 +0100
Subject: [PATCH 02/16] Parallelize test to short total time

---
 .ci/Jenkinsfile | 51 +++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 49 insertions(+), 2 deletions(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index 82d664bca..76eccfe71 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -96,8 +96,7 @@ pipeline {
                     'stack-command-8x': generateTestCommandStage(command: 'test-stack-command-8x', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'check-packages-with-kind': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'check-packages-other': generateTestCommandStage(command: 'test-check-packages-other', artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
-                    'check-packages-parallel': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
-
+                    'check-packages-parallel': generateTestCheckPackagesParallelStage(artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'build-zip': generateTestCommandStage(command: 'test-build-zip', artifacts: ['build/elastic-stack-dump/build-zip/logs/*.log', 'build/integrations/*.sig']),
                     'profiles-command': generateTestCommandStage(command: 'test-profiles-command'),
                   ])
@@ -140,6 +139,54 @@ def cleanup(){
   unstash 'source'
 }
 
+def generateTestCheckPackagesParallelStage(Map args = [:]) {
+  def artifacts = args.get('artifacts') ? args.get('artifacts') : []
+  def junitArtifacts = args.get('junitArtifacts') ? args.get('junitArtifacts') : false
+  def publishCoverage = args.get('publishCoverage') ? args.get('publishCoverage') : false
+
+  return {
+    dir("${BASE_DIR}/test/packages/parallel") {
+      def integrations = [:]
+      // Include hack to skip temporary files with "@tmp" suffix.
+      // For reference: https://issues.jenkins.io/browse/JENKINS-52750
+      findFiles()?.findAll{ !it.name.endsWith('@tmp') }?.collect{ it.name }?.sort()?.each {
+        integrations[it] = {
+         withNode(labels: "ubuntu-20 && immutable", sleepMax: 20, forceWorkspace: true) {
+           cleanup()
+           try {
+             dir("${BASE_DIR}"){
+               withMageEnv(){
+                 withCloudTestEnv() {
+                   sh(label: 'Build elastic-package',script: "make build")
+                   sh(label: 'Build elastic-package',script: "make PACKAGE_UNDER_TEST=${it} test-check-packages-with-parallel")
+                 }
+               }
+             }
+           } finally {
+             dir("${BASE_DIR}") {
+               artifacts.each { artifact ->
+                 archiveArtifacts(allowEmptyArchive: true, artifacts: "${artifact}")
+               }
+
+               if (junitArtifacts) {
+                 junit(allowEmptyResults: true,
+                  keepLongStdio: true,
+                  testResults: "build/test-results/*.xml")
+               }
+
+               if (publishCoverage) {
+                 stashCoverageReport()
+               }
+             }
+           }
+         }
+        }
+      }
+      parallel integrations
+    }
+  }
+}
+
 def generateTestCommandStage(Map args = [:]){
   def command = args.get('command')
   def artifacts = args.get('artifacts') ? args.get('artifacts') : []

From 51fd25d354b02e3d551a137d6a058da6bc5cfa69 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 13:17:21 +0100
Subject: [PATCH 03/16] Fix: unit tests

---
 internal/fields/validate_test.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/internal/fields/validate_test.go b/internal/fields/validate_test.go
index f6e0fc176..9b46936b5 100644
--- a/internal/fields/validate_test.go
+++ b/internal/fields/validate_test.go
@@ -17,11 +17,11 @@ type results struct {
 }
 
 func TestValidate_NoWildcardFields(t *testing.T) {
-	validator, err := CreateValidatorForDataStream("../../test/packages/aws/data_stream/elb_logs")
+	validator, err := CreateValidatorForDataStream("../../test/packages/parallel/aws/data_stream/elb_logs")
 	require.NoError(t, err)
 	require.NotNil(t, validator)
 
-	f := readTestResults(t, "../../test/packages/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json")
+	f := readTestResults(t, "../../test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json")
 	for _, e := range f.Expected {
 		errs := validator.ValidateDocumentBody(e)
 		require.Empty(t, errs)
@@ -29,11 +29,11 @@ func TestValidate_NoWildcardFields(t *testing.T) {
 }
 
 func TestValidate_WithWildcardFields(t *testing.T) {
-	validator, err := CreateValidatorForDataStream("../../test/packages/aws/data_stream/sns")
+	validator, err := CreateValidatorForDataStream("../../test/packages/parallel/aws/data_stream/sns")
 	require.NoError(t, err)
 	require.NotNil(t, validator)
 
-	e := readSampleEvent(t, "../../test/packages/aws/data_stream/sns/sample_event.json")
+	e := readSampleEvent(t, "../../test/packages/parallel/aws/data_stream/sns/sample_event.json")
 	errs := validator.ValidateDocumentBody(e)
 	require.Empty(t, errs)
 }
@@ -240,12 +240,12 @@ func readSampleEvent(t *testing.T, path string) json.RawMessage {
 }
 
 func TestValidate_geo_point(t *testing.T) {
-	validator, err := CreateValidatorForDataStream("../../test/packages/fields_tests/data_stream/first")
+	validator, err := CreateValidatorForDataStream("../../test/packages/other/fields_tests/data_stream/first")
 
 	require.NoError(t, err)
 	require.NotNil(t, validator)
 
-	e := readSampleEvent(t, "../../test/packages/fields_tests/data_stream/first/sample_event.json")
+	e := readSampleEvent(t, "../../test/packages/other/fields_tests/data_stream/first/sample_event.json")
 	errs := validator.ValidateDocumentBody(e)
 	require.Empty(t, errs)
 }

From 8bfae9889a33a0a952e3d973a237809dbb2f50f8 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 13:24:06 +0100
Subject: [PATCH 04/16] Use node ubuntu-20

---
 .ci/Jenkinsfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index 76eccfe71..e1c4e0b92 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -48,7 +48,7 @@ pipeline {
         /**
         Check the source code.
         */
-        stage('Check') {
+        stage('Check static') {
           steps {
             cleanup()
             dir("${BASE_DIR}"){
@@ -194,7 +194,7 @@ def generateTestCommandStage(Map args = [:]){
   def publishCoverage = args.get('publishCoverage') ? args.get('publishCoverage') : false
 
   return {
-    withNode(labels: "ubuntu-18 && immutable", sleepMax: 20, forceWorkspace: true) {
+    withNode(labels: "ubuntu-20 && immutable", sleepMax: 20, forceWorkspace: true) {
       cleanup()
       try {
         dir("${BASE_DIR}"){

From 1207315b2e8284952858c5b2e554ca62b43cce6e Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 14:58:37 +0100
Subject: [PATCH 05/16] Fix: parallel

---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 1a8152082..5cc17ff9e 100644
--- a/Makefile
+++ b/Makefile
@@ -62,7 +62,7 @@ test-check-packages-with-other:
 	PACKAGE_TEST_TYPE=other ./scripts/test-check-packages.sh
 
 test-check-packages-with-parallel:
-	PACKAGE_TEST_TYPE=other ./scripts/test-check-packages.sh
+	PACKAGE_TEST_TYPE=parallel ./scripts/test-check-packages.sh
 
 test-build-zip:
 	./scripts/test-build-zip.sh

From d3c1fbb4d68761553a1bbc4e2498c3cef4156ea6 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 16:26:20 +0100
Subject: [PATCH 06/16] Refactor

---
 .ci/Jenkinsfile | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index e1c4e0b92..06343bc89 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -90,16 +90,19 @@ pipeline {
               cleanup()
               dir("${BASE_DIR}") {
                 script {
-                  parallel([
+                  def basicTasks = [
                     'stack-command-default': generateTestCommandStage(command: 'test-stack-command-default', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'stack-command-7x': generateTestCommandStage(command: 'test-stack-command-7x', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'stack-command-8x': generateTestCommandStage(command: 'test-stack-command-8x', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'check-packages-with-kind': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'check-packages-other': generateTestCommandStage(command: 'test-check-packages-other', artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
-                    'check-packages-parallel': generateTestCheckPackagesParallelStage(artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'build-zip': generateTestCommandStage(command: 'test-build-zip', artifacts: ['build/elastic-stack-dump/build-zip/logs/*.log', 'build/integrations/*.sig']),
                     'profiles-command': generateTestCommandStage(command: 'test-profiles-command'),
                   ])
+
+                  def checkSinglePackageTasks = generateTestCheckSinglePackageStage(artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true)
+                  def tasks = basicTasks + checkSinglePackageTasks
+                  parallel tasks
                 }
               }
             }
@@ -139,14 +142,13 @@ def cleanup(){
   unstash 'source'
 }
 
-def generateTestCheckPackagesParallelStage(Map args = [:]) {
+def generateTestCheckSinglePackageStage(Map args = [:]) {
   def artifacts = args.get('artifacts') ? args.get('artifacts') : []
   def junitArtifacts = args.get('junitArtifacts') ? args.get('junitArtifacts') : false
   def publishCoverage = args.get('publishCoverage') ? args.get('publishCoverage') : false
 
-  return {
-    dir("${BASE_DIR}/test/packages/parallel") {
-      def integrations = [:]
+  def integrations = [:]
+  dir("${BASE_DIR}/test/packages/parallel") {
       // Include hack to skip temporary files with "@tmp" suffix.
       // For reference: https://issues.jenkins.io/browse/JENKINS-52750
       findFiles()?.findAll{ !it.name.endsWith('@tmp') }?.collect{ it.name }?.sort()?.each {
@@ -182,9 +184,8 @@ def generateTestCheckPackagesParallelStage(Map args = [:]) {
          }
         }
       }
-      parallel integrations
-    }
   }
+  return integrations
 }
 
 def generateTestCommandStage(Map args = [:]){

From 7fadec35c4a75d2f49b98e78ab57551cdf3e0caa Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 16:30:32 +0100
Subject: [PATCH 07/16] Fix

---
 .ci/Jenkinsfile                | 6 +++---
 scripts/test-check-packages.sh | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index 06343bc89..e7a0084cc 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -94,13 +94,13 @@ pipeline {
                     'stack-command-default': generateTestCommandStage(command: 'test-stack-command-default', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'stack-command-7x': generateTestCommandStage(command: 'test-stack-command-7x', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
                     'stack-command-8x': generateTestCommandStage(command: 'test-stack-command-8x', artifacts: ['build/elastic-stack-dump/stack/*/logs/*.log', 'build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*']),
-                    'check-packages-with-kind': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
-                    'check-packages-other': generateTestCommandStage(command: 'test-check-packages-other', artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
+                    'check-packages-with-kind': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
+                    'check-packages-other': generateTestCommandStage(command: 'test-check-packages-other', artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'build-zip': generateTestCommandStage(command: 'test-build-zip', artifacts: ['build/elastic-stack-dump/build-zip/logs/*.log', 'build/integrations/*.sig']),
                     'profiles-command': generateTestCommandStage(command: 'test-profiles-command'),
                   ])
 
-                  def checkSinglePackageTasks = generateTestCheckSinglePackageStage(artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check/logs/*.log', 'build/elastic-stack-dump/check/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true)
+                  def checkSinglePackageTasks = generateTestCheckSinglePackageStage(artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true)
                   def tasks = basicTasks + checkSinglePackageTasks
                   parallel tasks
                 }
diff --git a/scripts/test-check-packages.sh b/scripts/test-check-packages.sh
index bd3d00aa6..4672c80eb 100755
--- a/scripts/test-check-packages.sh
+++ b/scripts/test-check-packages.sh
@@ -6,7 +6,7 @@ cleanup() {
   r=$?
 
   # Dump stack logs
-  elastic-package stack dump -v --output build/elastic-stack-dump/check
+  elastic-package stack dump -v --output "build/elastic-stack-dump/check-${PACKAGE_UNDER_TEST:-any}"
 
   if [ "${PACKAGE_TEST_TYPE:-other}" == "with-kind" ]; then
     # Dump kubectl details

From a0b50003600fa77a29a746ea69801463b9daf805 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 16:32:28 +0100
Subject: [PATCH 08/16] Fix

---
 .ci/Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index e7a0084cc..a8eb0c3c1 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -97,7 +97,7 @@ pipeline {
                     'check-packages-with-kind': generateTestCommandStage(command: 'test-check-packages-with-kind', artifacts: ['build/test-results/*.xml', 'build/kubectl-dump.txt', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'check-packages-other': generateTestCommandStage(command: 'test-check-packages-other', artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'build-zip': generateTestCommandStage(command: 'test-build-zip', artifacts: ['build/elastic-stack-dump/build-zip/logs/*.log', 'build/integrations/*.sig']),
-                    'profiles-command': generateTestCommandStage(command: 'test-profiles-command'),
+                    'profiles-command': generateTestCommandStage(command: 'test-profiles-command')
                   ])
 
                   def checkSinglePackageTasks = generateTestCheckSinglePackageStage(artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true)

From 5488d2ee4fc3b92445421aad47401827313902fa Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 17:08:51 +0100
Subject: [PATCH 09/16] Fix: typo

---
 .ci/Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index a8eb0c3c1..0c659d157 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -98,7 +98,7 @@ pipeline {
                     'check-packages-other': generateTestCommandStage(command: 'test-check-packages-other', artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true),
                     'build-zip': generateTestCommandStage(command: 'test-build-zip', artifacts: ['build/elastic-stack-dump/build-zip/logs/*.log', 'build/integrations/*.sig']),
                     'profiles-command': generateTestCommandStage(command: 'test-profiles-command')
-                  ])
+                  ]
 
                   def checkSinglePackageTasks = generateTestCheckSinglePackageStage(artifacts: ['build/test-results/*.xml', 'build/elastic-stack-dump/check-*/logs/*.log', 'build/elastic-stack-dump/check-*/logs/fleet-server-internal/*'], junitArtifacts: true, publishCoverage: true)
                   def tasks = basicTasks + checkSinglePackageTasks

From 6036fca5242a299f6b64041471cc8dbd6ed9686f Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 17:13:48 +0100
Subject: [PATCH 10/16] Fix: label

---
 .ci/Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index 0c659d157..a350c4380 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -152,7 +152,7 @@ def generateTestCheckSinglePackageStage(Map args = [:]) {
       // Include hack to skip temporary files with "@tmp" suffix.
       // For reference: https://issues.jenkins.io/browse/JENKINS-52750
       findFiles()?.findAll{ !it.name.endsWith('@tmp') }?.collect{ it.name }?.sort()?.each {
-        integrations[it] = {
+        integrations["check-package-${it}"] = {
          withNode(labels: "ubuntu-20 && immutable", sleepMax: 20, forceWorkspace: true) {
            cleanup()
            try {

From 947be6c467c8d93df80b2ede1995101e4bb71d53 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 17:32:01 +0100
Subject: [PATCH 11/16] Fix: missing dir

---
 .ci/Jenkinsfile               | 4 ++--
 Makefile                      | 2 +-
 scripts/test-build-zip.sh     | 6 +++---
 scripts/test-stack-command.sh | 8 --------
 4 files changed, 6 insertions(+), 14 deletions(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index a350c4380..7e9b05da8 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -82,11 +82,11 @@ pipeline {
             }
           }
         }
-        stage('Integration Tests') {
+        stage('Integration tests') {
           failFast true
           options { skipDefaultCheckout() }
           steps {
-            withGithubNotify(context: 'Integration Tests', tab: 'tests') {
+            withGithubNotify(context: 'Integration tests', tab: 'tests') {
               cleanup()
               dir("${BASE_DIR}") {
                 script {
diff --git a/Makefile b/Makefile
index 5cc17ff9e..23956aa4a 100644
--- a/Makefile
+++ b/Makefile
@@ -58,7 +58,7 @@ test-check-packages: test-check-packages-with-kind test-check-packages-with-othe
 test-check-packages-with-kind:
 	PACKAGE_TEST_TYPE=with-kind ./scripts/test-check-packages.sh
 
-test-check-packages-with-other:
+test-check-packages-other:
 	PACKAGE_TEST_TYPE=other ./scripts/test-check-packages.sh
 
 test-check-packages-with-parallel:
diff --git a/scripts/test-build-zip.sh b/scripts/test-build-zip.sh
index 33e158f6e..ab2bde529 100755
--- a/scripts/test-build-zip.sh
+++ b/scripts/test-build-zip.sh
@@ -12,7 +12,7 @@ cleanup() {
   elastic-package stack down -v
 
   # Clean used resources
-  for d in test/packages/*/; do
+  for d in test/packages/*/*/; do
     (
       cd $d
       elastic-package clean -v
@@ -29,7 +29,7 @@ OLDPWD=$PWD
 export ELASTIC_PACKAGE_SIGNER_PRIVATE_KEYFILE="$OLDPWD/scripts/gpg-private.asc"
 export ELASTIC_PACKAGE_SIGNER_PASSPHRASE=$(cat "$OLDPWD/scripts/gpg-pass.txt")
 
-for d in test/packages/*/; do
+for d in test/packages/*/*/; do
   (
     cd $d
     elastic-package build --zip --sign -v
@@ -45,7 +45,7 @@ eval "$(elastic-package stack shellinit)"
 elastic-package stack up -d -v
 
 # Install zipped packages
-for d in test/packages/*/; do
+for d in test/packages/*/*/; do
   (
     cd $d
     elastic-package install -v
diff --git a/scripts/test-stack-command.sh b/scripts/test-stack-command.sh
index c09f2bf95..b10da44d4 100755
--- a/scripts/test-stack-command.sh
+++ b/scripts/test-stack-command.sh
@@ -13,14 +13,6 @@ cleanup() {
   # Take down the stack
   elastic-package stack down -v
 
-  # Clean used resources
-  for d in test/packages/*/; do
-    (
-      cd $d
-      elastic-package clean -v
-    )
-  done
-
   exit $r
 }
 

From a391e12edfca14894a7f99bfd75218501950bdce Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 17:40:07 +0100
Subject: [PATCH 12/16] Fix: unnecessary BASE_DIR

---
 .ci/Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile
index 7e9b05da8..f25cee1be 100644
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@@ -148,7 +148,7 @@ def generateTestCheckSinglePackageStage(Map args = [:]) {
   def publishCoverage = args.get('publishCoverage') ? args.get('publishCoverage') : false
 
   def integrations = [:]
-  dir("${BASE_DIR}/test/packages/parallel") {
+  dir("test/packages/parallel") {
       // Include hack to skip temporary files with "@tmp" suffix.
       // For reference: https://issues.jenkins.io/browse/JENKINS-52750
       findFiles()?.findAll{ !it.name.endsWith('@tmp') }?.collect{ it.name }?.sort()?.each {

From 547ec00bf3a46bcfb9ca0ef123d62e2dfafa1996 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Wed, 15 Dec 2021 18:22:42 +0100
Subject: [PATCH 13/16] Fix: another default

---
 scripts/test-check-packages.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/test-check-packages.sh b/scripts/test-check-packages.sh
index 4672c80eb..1456f07a0 100755
--- a/scripts/test-check-packages.sh
+++ b/scripts/test-check-packages.sh
@@ -6,7 +6,7 @@ cleanup() {
   r=$?
 
   # Dump stack logs
-  elastic-package stack dump -v --output "build/elastic-stack-dump/check-${PACKAGE_UNDER_TEST:-any}"
+  elastic-package stack dump -v --output "build/elastic-stack-dump/check-${PACKAGE_UNDER_TEST:-${PACKAGE_TEST_TYPE:-any}}"
 
   if [ "${PACKAGE_TEST_TYPE:-other}" == "with-kind" ]; then
     # Dump kubectl details

From 65c0d73d589bc90936973e6470f120e9bee7f6c9 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Thu, 16 Dec 2021 10:28:41 +0100
Subject: [PATCH 14/16] Strip AWS

---
 .../parallel/aws/_dev/build/docs/README.md    | 111 ---
 .../parallel/aws/_dev/build/docs/billing.md   |   7 -
 .../aws/_dev/build/docs/cloudtrail.md         |  13 -
 .../aws/_dev/build/docs/cloudwatch.md         |  18 -
 .../parallel/aws/_dev/build/docs/dynamodb.md  |   7 -
 .../parallel/aws/_dev/build/docs/ebs.md       |   7 -
 .../parallel/aws/_dev/build/docs/ec2.md       |  18 -
 .../parallel/aws/_dev/build/docs/elb.md       |  25 -
 .../parallel/aws/_dev/build/docs/lambda.md    |   7 -
 .../aws/_dev/build/docs/natgateway.md         |   7 -
 .../parallel/aws/_dev/build/docs/rds.md       |   7 -
 .../parallel/aws/_dev/build/docs/s3.md        |  29 -
 .../aws/_dev/build/docs/s3_storage_lens.md    |   7 -
 .../parallel/aws/_dev/build/docs/sns.md       |   7 -
 .../parallel/aws/_dev/build/docs/sqs.md       |   7 -
 .../aws/_dev/build/docs/transitgateway.md     |   7 -
 .../parallel/aws/_dev/build/docs/usage.md     |   7 -
 .../parallel/aws/_dev/build/docs/vpcflow.md   |   7 -
 .../parallel/aws/_dev/build/docs/vpn.md       |   7 -
 .../parallel/aws/_dev/build/docs/waf.md       |   9 -
 .../billing/agent/stream/stream.yml.hbs       |  38 -
 .../aws/data_stream/billing/fields/agent.yml  | 198 -----
 .../billing/fields/base-fields.yml            |  20 -
 .../aws/data_stream/billing/fields/ecs.yml    |  24 -
 .../aws/data_stream/billing/fields/fields.yml |  86 --
 .../billing/fields/package-fields.yml         |  32 -
 .../aws/data_stream/billing/manifest.yml      |  40 -
 .../aws/data_stream/billing/sample_event.json |  60 --
 .../pipeline/test-add-user-to-group-json.log  |   1 -
 ...t-add-user-to-group-json.log-expected.json |  82 --
 .../test/pipeline/test-assume-role-json.log   |   1 -
 .../test-assume-role-json.log-expected.json   | 126 ---
 .../pipeline/test-change-password-json.log    |   2 -
 ...est-change-password-json.log-expected.json | 136 ----
 .../pipeline/test-cloudtrail-digest-json.log  |   1 -
 ...t-cloudtrail-digest-json.log-expected.json | 150 ----
 .../_dev/test/pipeline/test-common-config.yml |   7 -
 .../test/pipeline/test-console-login-json.log |   3 -
 .../test-console-login-json.log-expected.json | 317 --------
 .../pipeline/test-create-access-key-json.log  |   1 -
 ...t-create-access-key-json.log-expected.json |  91 ---
 .../test/pipeline/test-create-group-json.log  |   2 -
 .../test-create-group-json.log-expected.json  | 167 ----
 .../pipeline/test-create-key-pair-json.log    |   1 -
 ...est-create-key-pair-json.log-expected.json | 101 ---
 .../test/pipeline/test-create-trail-json.log  |   1 -
 .../test-create-trail-json.log-expected.json  |  88 --
 .../test/pipeline/test-create-user-json.log   |   1 -
 .../test-create-user-json.log-expected.json   |  89 ---
 .../test-create-virtual-mfa-device-json.log   |   1 -
 ...-virtual-mfa-device-json.log-expected.json |  84 --
 .../test-deactivate-mfa-device-json.log       |   1 -
 ...activate-mfa-device-json.log-expected.json |  82 --
 .../pipeline/test-delete-access-key-json.log  |   1 -
 ...t-delete-access-key-json.log-expected.json |  83 --
 .../test/pipeline/test-delete-bucket-json.log |   1 -
 .../test-delete-bucket-json.log-expected.json | 101 ---
 .../test/pipeline/test-delete-group-json.log  |   2 -
 .../test-delete-group-json.log-expected.json  | 156 ----
 .../test-delete-ssh-public-key-json.log       |   1 -
 ...lete-ssh-public-key-json.log-expected.json |  83 --
 .../test/pipeline/test-delete-trail-json.log  |   1 -
 .../test-delete-trail-json.log-expected.json  |  69 --
 .../test/pipeline/test-delete-user-json.log   |   1 -
 .../test-delete-user-json.log-expected.json   |  82 --
 .../test-delete-virtual-mfa-device-json.log   |   1 -
 ...-virtual-mfa-device-json.log-expected.json |  78 --
 .../pipeline/test-enable-mfa-device-json.log  |   1 -
 ...t-enable-mfa-device-json.log-expected.json |  82 --
 .../_dev/test/pipeline/test-insight-json.log  |   1 -
 .../test-insight-json.log-expected.json       |  81 --
 .../test-remove-user-from-group-json.log      |   1 -
 ...ove-user-from-group-json.log-expected.json |  86 --
 .../test/pipeline/test-start-logging-json.log |   1 -
 .../test-start-logging-json.log-expected.json |  73 --
 .../test/pipeline/test-stop-logging-json.log  |   1 -
 .../test-stop-logging-json.log-expected.json  |  73 --
 .../pipeline/test-update-access-key-json.log  |   1 -
 ...t-update-access-key-json.log-expected.json |  84 --
 ...est-update-accout-password-policy-json.log |   1 -
 ...out-password-policy-json.log-expected.json |  83 --
 .../test/pipeline/test-update-group-json.log  |   2 -
 .../test-update-group-json.log-expected.json  | 154 ----
 .../test-update-login-profile-json.log        |   1 -
 ...pdate-login-profile-json.log-expected.json |  82 --
 .../test-update-ssh-public-key-json.log       |   2 -
 ...date-ssh-public-key-json.log-expected.json | 164 ----
 .../test/pipeline/test-update-trail-json.log  |   2 -
 .../test-update-trail-json.log-expected.json  | 173 ----
 .../test/pipeline/test-update-user-json.log   |   1 -
 .../test-update-user-json.log-expected.json   |  83 --
 .../test-upload-ssh-public-key-json.log       |   1 -
 ...load-ssh-public-key-json.log-expected.json |  87 --
 .../cloudtrail/agent/stream/aws-s3.yml.hbs    |  64 --
 .../cloudtrail/agent/stream/httpjson.yml.hbs  |  63 --
 .../elasticsearch/ingest_pipeline/default.yml | 751 ------------------
 .../ingest_pipeline/third-party.yml           |  32 -
 .../data_stream/cloudtrail/fields/agent.yml   | 198 -----
 .../cloudtrail/fields/base-fields.yml         |  20 -
 .../aws/data_stream/cloudtrail/fields/ecs.yml |  90 ---
 .../data_stream/cloudtrail/fields/fields.yml  | 170 ----
 .../aws/data_stream/cloudtrail/manifest.yml   | 195 -----
 .../data_stream/cloudtrail/sample_event.json  |  85 --
 .../test/pipeline/test-cloudwatch-ec2.log     |   6 -
 .../test-cloudwatch-ec2.log-expected.json     | 112 ---
 .../_dev/test/pipeline/test-common-config.yml |   5 -
 .../agent/stream/aws-s3.yml.hbs               |  51 --
 .../elasticsearch/ingest_pipeline/default.yml |  38 -
 .../cloudwatch_logs/fields/agent.yml          | 198 -----
 .../cloudwatch_logs/fields/base-fields.yml    |  20 -
 .../cloudwatch_logs/fields/ecs.yml            |   6 -
 .../cloudwatch_logs/fields/fields.yml         |   7 -
 .../data_stream/cloudwatch_logs/manifest.yml  |  70 --
 .../cloudwatch_logs/sample_event.json         |  23 -
 .../agent/stream/stream.yml.hbs               |  35 -
 .../cloudwatch_metrics/fields/agent.yml       | 198 -----
 .../cloudwatch_metrics/fields/base-fields.yml |  20 -
 .../cloudwatch_metrics/fields/ecs.yml         |  24 -
 .../cloudwatch_metrics/fields/fields.yml      |  14 -
 .../fields/package-fields.yml                 |  19 -
 .../cloudwatch_metrics/manifest.yml           |  47 --
 .../cloudwatch_metrics/sample_event.json      |  53 --
 .../dynamodb/agent/stream/stream.yml.hbs      |  35 -
 .../aws/data_stream/dynamodb/fields/agent.yml | 198 -----
 .../dynamodb/fields/base-fields.yml           |  20 -
 .../aws/data_stream/dynamodb/fields/ecs.yml   |  24 -
 .../data_stream/dynamodb/fields/fields.yml    | 115 ---
 .../dynamodb/fields/package-fields.yml        |  19 -
 .../aws/data_stream/dynamodb/manifest.yml     |  35 -
 .../data_stream/dynamodb/sample_event.json    |  59 --
 .../ebs/agent/stream/stream.yml.hbs           |  35 -
 .../aws/data_stream/ebs/fields/agent.yml      | 198 -----
 .../data_stream/ebs/fields/base-fields.yml    |  20 -
 .../aws/data_stream/ebs/fields/ecs.yml        |  24 -
 .../aws/data_stream/ebs/fields/fields.yml     |  54 --
 .../data_stream/ebs/fields/package-fields.yml |  19 -
 .../parallel/aws/data_stream/ebs/manifest.yml |  35 -
 .../aws/data_stream/ebs/sample_event.json     |  66 --
 .../_dev/test/pipeline/test-common-config.yml |   5 -
 .../ec2_logs/_dev/test/pipeline/test-ec2.log  |   6 -
 .../test/pipeline/test-ec2.log-expected.json  | 136 ----
 .../ec2_logs/agent/stream/aws-s3.yml.hbs      |  51 --
 .../elasticsearch/ingest_pipeline/default.yml |  37 -
 .../aws/data_stream/ec2_logs/fields/agent.yml | 198 -----
 .../ec2_logs/fields/base-fields.yml           |  20 -
 .../aws/data_stream/ec2_logs/fields/ecs.yml   |   8 -
 .../data_stream/ec2_logs/fields/fields.yml    |  10 -
 .../aws/data_stream/ec2_logs/manifest.yml     |  70 --
 .../data_stream/ec2_logs/sample_event.json    |  27 -
 .../elb_logs/_dev/test/pipeline/test-alb.log  |   1 -
 .../test/pipeline/test-alb.log-expected.json  | 104 ---
 .../_dev/test/pipeline/test-common-config.yml |   5 -
 .../elb_logs/agent/stream/aws-s3.yml.hbs      |  51 --
 .../elasticsearch/ingest_pipeline/default.yml | 222 ------
 .../aws/data_stream/elb_logs/fields/agent.yml | 198 -----
 .../elb_logs/fields/base-fields.yml           |  20 -
 .../aws/data_stream/elb_logs/fields/ecs.yml   |  22 -
 .../data_stream/elb_logs/fields/fields.yml    | 197 -----
 .../aws/data_stream/elb_logs/manifest.yml     |  70 --
 .../data_stream/elb_logs/sample_event.json    | 105 ---
 .../elb_metrics/agent/stream/stream.yml.hbs   |  35 -
 .../data_stream/elb_metrics/fields/agent.yml  | 198 -----
 .../elb_metrics/fields/base-fields.yml        |  20 -
 .../data_stream/elb_metrics/fields/ecs.yml    |  24 -
 .../data_stream/elb_metrics/fields/fields.yml | 201 -----
 .../elb_metrics/fields/package-fields.yml     |  19 -
 .../aws/data_stream/elb_metrics/manifest.yml  |  35 -
 .../data_stream/elb_metrics/sample_event.json |  63 --
 .../lambda/agent/stream/stream.yml.hbs        |  35 -
 .../aws/data_stream/lambda/fields/agent.yml   | 198 -----
 .../data_stream/lambda/fields/base-fields.yml |  20 -
 .../aws/data_stream/lambda/fields/ecs.yml     |  24 -
 .../aws/data_stream/lambda/fields/fields.yml  |  66 --
 .../lambda/fields/package-fields.yml          |  19 -
 .../aws/data_stream/lambda/manifest.yml       |  35 -
 .../aws/data_stream/lambda/sample_event.json  |  58 --
 .../natgateway/agent/stream/stream.yml.hbs    |  35 -
 .../data_stream/natgateway/fields/agent.yml   | 198 -----
 .../natgateway/fields/base-fields.yml         |  20 -
 .../aws/data_stream/natgateway/fields/ecs.yml |  24 -
 .../data_stream/natgateway/fields/fields.yml  |  63 --
 .../natgateway/fields/package-fields.yml      |  19 -
 .../aws/data_stream/natgateway/manifest.yml   |  26 -
 .../data_stream/natgateway/sample_event.json  |  84 --
 .../rds/agent/stream/stream.yml.hbs           |  35 -
 .../aws/data_stream/rds/fields/agent.yml      | 198 -----
 .../data_stream/rds/fields/base-fields.yml    |  20 -
 .../aws/data_stream/rds/fields/ecs.yml        |  24 -
 .../aws/data_stream/rds/fields/fields.yml     | 351 --------
 .../data_stream/rds/fields/package-fields.yml |  19 -
 .../parallel/aws/data_stream/rds/manifest.yml |  35 -
 .../aws/data_stream/rds/sample_event.json     |  89 ---
 .../agent/stream/stream.yml.hbs               |  32 -
 .../s3_daily_storage/fields/agent.yml         | 198 -----
 .../s3_daily_storage/fields/base-fields.yml   |  20 -
 .../s3_daily_storage/fields/ecs.yml           |  24 -
 .../s3_daily_storage/fields/fields.yml        |  27 -
 .../fields/package-fields.yml                 |  19 -
 .../data_stream/s3_daily_storage/manifest.yml |  26 -
 .../s3_daily_storage/sample_event.json        |  48 --
 .../s3_request/agent/stream/stream.yml.hbs    |  32 -
 .../data_stream/s3_request/fields/agent.yml   | 198 -----
 .../s3_request/fields/base-fields.yml         |  20 -
 .../aws/data_stream/s3_request/fields/ecs.yml |  24 -
 .../data_stream/s3_request/fields/fields.yml  |  88 --
 .../s3_request/fields/package-fields.yml      |  19 -
 .../aws/data_stream/s3_request/manifest.yml   |  26 -
 .../data_stream/s3_request/sample_event.json  |  61 --
 .../agent/stream/stream.yml.hbs               | 101 ---
 .../s3_storage_lens/fields/agent.yml          | 198 -----
 .../s3_storage_lens/fields/base-fields.yml    |  20 -
 .../s3_storage_lens/fields/ecs.yml            |  24 -
 .../s3_storage_lens/fields/fields.yml         | 100 ---
 .../s3_storage_lens/fields/package-fields.yml |  19 -
 .../data_stream/s3_storage_lens/manifest.yml  |  26 -
 .../s3_storage_lens/sample_event.json         | 138 ----
 .../_dev/test/pipeline/test-common-config.yml |   5 -
 .../test/pipeline/test-s3-server-access.log   |   7 -
 .../test-s3-server-access.log-expected.json   | 665 ----------------
 .../s3access/agent/stream/aws-s3.yml.hbs      |  51 --
 .../s3access/agent/stream/log.yml.hbs         |  19 -
 .../elasticsearch/ingest_pipeline/default.yml | 212 -----
 .../aws/data_stream/s3access/fields/agent.yml | 198 -----
 .../s3access/fields/base-fields.yml           |  20 -
 .../aws/data_stream/s3access/fields/ecs.yml   |  88 --
 .../data_stream/s3access/fields/fields.yml    |  95 ---
 .../aws/data_stream/s3access/manifest.yml     |  70 --
 .../data_stream/s3access/sample_event.json    | 113 ---
 .../sns/agent/stream/stream.yml.hbs           |  35 -
 .../aws/data_stream/sns/fields/agent.yml      | 198 -----
 .../data_stream/sns/fields/base-fields.yml    |  20 -
 .../aws/data_stream/sns/fields/ecs.yml        |  24 -
 .../aws/data_stream/sns/fields/fields.yml     |  69 --
 .../data_stream/sns/fields/package-fields.yml |  19 -
 .../parallel/aws/data_stream/sns/manifest.yml |  35 -
 .../aws/data_stream/sns/sample_event.json     |  57 --
 .../sqs/agent/stream/stream.yml.hbs           |  32 -
 .../aws/data_stream/sqs/fields/agent.yml      | 198 -----
 .../data_stream/sqs/fields/base-fields.yml    |  20 -
 .../aws/data_stream/sqs/fields/ecs.yml        |  24 -
 .../aws/data_stream/sqs/fields/fields.yml     |  60 --
 .../data_stream/sqs/fields/package-fields.yml |  19 -
 .../parallel/aws/data_stream/sqs/manifest.yml |  26 -
 .../aws/data_stream/sqs/sample_event.json     |  53 --
 .../agent/stream/stream.yml.hbs               |  35 -
 .../transitgateway/fields/agent.yml           | 198 -----
 .../transitgateway/fields/base-fields.yml     |  20 -
 .../data_stream/transitgateway/fields/ecs.yml |  24 -
 .../transitgateway/fields/fields.yml          |  42 -
 .../transitgateway/fields/package-fields.yml  |  19 -
 .../data_stream/transitgateway/manifest.yml   |  26 -
 .../transitgateway/sample_event.json          |  63 --
 .../usage/agent/stream/stream.yml.hbs         |  35 -
 .../aws/data_stream/usage/fields/agent.yml    | 198 -----
 .../data_stream/usage/fields/base-fields.yml  |  20 -
 .../aws/data_stream/usage/fields/ecs.yml      |  24 -
 .../aws/data_stream/usage/fields/fields.yml   |  36 -
 .../usage/fields/package-fields.yml           |  19 -
 .../aws/data_stream/usage/manifest.yml        |  26 -
 .../aws/data_stream/usage/sample_event.json   |  51 --
 .../_dev/test/pipeline/test-common-config.yml |   5 -
 .../_dev/test/pipeline/test-extra-samples.log |   7 -
 .../test-extra-samples.log-expected.json      | 492 ------------
 .../test/pipeline/test-tcp-flag-sequence.log  |   3 -
 .../test-tcp-flag-sequence.log-expected.json  | 171 ----
 .../vpcflow/agent/stream/aws-s3.yml.hbs       |  51 --
 .../elasticsearch/ingest_pipeline/default.yml | 280 -------
 .../aws/data_stream/vpcflow/fields/agent.yml  | 198 -----
 .../vpcflow/fields/base-fields.yml            |  20 -
 .../aws/data_stream/vpcflow/fields/ecs.yml    |  94 ---
 .../aws/data_stream/vpcflow/fields/fields.yml |  56 --
 .../aws/data_stream/vpcflow/manifest.yml      |  70 --
 .../aws/data_stream/vpcflow/sample_event.json |  65 --
 .../vpn/agent/stream/stream.yml.hbs           |  35 -
 .../aws/data_stream/vpn/fields/agent.yml      | 198 -----
 .../data_stream/vpn/fields/base-fields.yml    |  20 -
 .../aws/data_stream/vpn/fields/ecs.yml        |  24 -
 .../aws/data_stream/vpn/fields/fields.yml     |  33 -
 .../data_stream/vpn/fields/package-fields.yml |  19 -
 .../parallel/aws/data_stream/vpn/manifest.yml |  35 -
 .../aws/data_stream/vpn/sample_event.json     |  51 --
 .../_dev/test/pipeline/test-common-config.yml |   5 -
 .../waf/_dev/test/pipeline/test-waf.log       |   4 -
 .../test/pipeline/test-waf.log-expected.json  | 421 ----------
 .../waf/agent/stream/aws-s3.yml.hbs           |  52 --
 .../data_stream/waf/agent/stream/log.yml.hbs  |  19 -
 .../elasticsearch/ingest_pipeline/default.yml | 204 -----
 .../aws/data_stream/waf/fields/agent.yml      | 198 -----
 .../data_stream/waf/fields/base-fields.yml    |  20 -
 .../aws/data_stream/waf/fields/ecs.yml        |  60 --
 .../aws/data_stream/waf/fields/fields.yml     |  39 -
 .../parallel/aws/data_stream/waf/manifest.yml |  70 --
 .../aws/data_stream/waf/sample_event.json     |  94 ---
 test/packages/parallel/aws/manifest.yml       | 385 ---------
 294 files changed, 20006 deletions(-)
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/README.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/billing.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/cloudtrail.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/cloudwatch.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/dynamodb.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/ebs.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/ec2.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/elb.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/lambda.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/natgateway.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/rds.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/s3.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/s3_storage_lens.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/sns.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/sqs.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/transitgateway.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/usage.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/vpcflow.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/vpn.md
 delete mode 100644 test/packages/parallel/aws/_dev/build/docs/waf.md
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/billing/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudtrail/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_logs/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/cloudwatch_metrics/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/dynamodb/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ebs/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/ec2_logs/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/elb_metrics/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/lambda/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/natgateway/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/rds/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_daily_storage/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_request/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3_storage_lens/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/agent/stream/log.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/s3access/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sns/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/sqs/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/transitgateway/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/usage/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpcflow/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/fields/package-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/vpn/sample_event.json
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/agent/stream/log.yml.hbs
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/fields/agent.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/fields/base-fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/fields/ecs.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/fields/fields.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/manifest.yml
 delete mode 100644 test/packages/parallel/aws/data_stream/waf/sample_event.json

diff --git a/test/packages/parallel/aws/_dev/build/docs/README.md b/test/packages/parallel/aws/_dev/build/docs/README.md
deleted file mode 100644
index c40242cdf..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/README.md
+++ /dev/null
@@ -1,111 +0,0 @@
-# AWS Integration
-
-This integration is used to fetches logs and metrics from 
-[Amazon Web Services](https://aws.amazon.com/).
-
-## AWS Credentials
-AWS credentials are required for running AWS integration. 
-
-### Configuration parameters
-* *access_key_id*: first part of access key.
-* *secret_access_key*: second part of access key.
-* *session_token*: required when using temporary security credentials.
-* *credential_profile_name*: profile name in shared credentials file.
-* *shared_credential_file*: directory of the shared credentials file.
-* *endpoint*: URL of the entry point for an AWS web service.
-* *role_arn*: AWS IAM Role to assume.
-
-#### Data stream specific configuration parameters
-* *latency*: Some AWS services send monitoring metrics to CloudWatch with a
-latency to process larger than Metricbeat collection period. This will cause
-data points missing or none get collected by Metricbeat. In this case, please
-specify a latency parameter so collection start time and end time will be
-shifted by the given latency amount.
-* *period*: How often the data stream is executed.
-* *regions*: Specify which AWS regions to query metrics from. If the `regions`
-is not set in the config, then by default, the integration will query metrics
-from all available AWS regions. If `endpoint` is specified, `regions` becomes a 
-required config parameter.
-* *tags_filter*: Tag key value pairs from aws resources. A tag is a label that 
-user assigns to an AWS resource.
-
-### Credential Types
-There are three types of AWS credentials can be used: access keys, temporary
-security credentials and IAM role ARN.
-
-#### Access keys
-
-`AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are the two parts of access keys.
-They are long-term credentials for an IAM user, or the AWS account root user.
-Please see [AWS Access Keys and Secret Access Keys](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys)
-for more details.
-
-#### Temporary security credentials
-
-Temporary security credentials has a limited lifetime and consists of an
-access key ID, a secret access key, and a security token which typically returned
-from `GetSessionToken`. MFA-enabled IAM users would need to submit an MFA code
-while calling `GetSessionToken`. `default_region` identifies the AWS Region
-whose servers you want to send your first API request to by default. This is
-typically the Region closest to you, but it can be any Region. Please see
-[Temporary Security Credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html)
-for more details.
-
-`sts get-session-token` AWS CLI can be used to generate temporary credentials. 
-For example. with MFA-enabled:
-```js
-aws> sts get-session-token --serial-number arn:aws:iam::1234:mfa/your-email@example.com --duration-seconds 129600 --token-code 123456
-```
-
-Because temporary security credentials are short term, after they expire, the 
-user needs to generate new ones and manually update the package configuration in
-order to continue collecting `aws` metrics. This will cause data loss if the 
-configuration is not updated with new credentials before the old ones expire. 
-
-#### IAM role ARN
-
-An IAM role is an IAM identity that you can create in your account that has
-specific permissions that determine what the identity can and cannot do in AWS.
-A role does not have standard long-term credentials such as a password or access
-keys associated with it. Instead, when you assume a role, it provides you with 
-temporary security credentials for your role session. IAM role Amazon Resource 
-Name (ARN) can be used to specify which AWS IAM role to assume to generate 
-temporary credentials. Please see 
-[AssumeRole API documentation](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html)
-for more details.
-
-### Supported Formats
-1. Use access keys: Access keys include `access_key_id`, `secret_access_key` 
-and/or `session_token`.
-2. Use `role_arn`: `role_arn` is used to specify which AWS IAM role to assume 
-for generating temporary credentials. If `role_arn` is given, the package will 
-check if access keys are given. If not, the package will check for credential 
-profile name. If neither is given, default credential profile will be used. 
-Please make sure credentials are given under either a credential profile or 
-access keys.
-3. Use `credential_profile_name` and/or `shared_credential_file`: 
-If `access_key_id`, `secret_access_key` and `role_arn` are all not given, then
-the package will check for `credential_profile_name`. If you use different 
-credentials for different tools or applications, you can use profiles to 
-configure multiple access keys in the same configuration file. If there is 
-no `credential_profile_name` given, the default profile will be used.
-`shared_credential_file` is optional to specify the directory of your shared
-credentials file. If it's empty, the default directory will be used.
-In Windows, shared credentials file is at `C:\Users\<yourUserName>\.aws\credentials`.
-For Linux, macOS or Unix, the file locates at `~/.aws/credentials`. Please see
-[Create Shared Credentials File](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/create-shared-credentials-file.html)
-for more details.
-
-## AWS Permissions
-Specific AWS permissions are required for the IAM user to make specific AWS API calls.
-In order to enable AWS integration, please make sure these permissions are given:
-
-* ec2:DescribeInstances
-* ec2:DescribeRegions
-* cloudwatch:GetMetricData
-* cloudwatch:ListMetrics
-* tag:getResources
-* sns:ListTopics
-* sqs:ListQueues
-* sts:GetCallerIdentity
-* iam:ListAccountAliases
diff --git a/test/packages/parallel/aws/_dev/build/docs/billing.md b/test/packages/parallel/aws/_dev/build/docs/billing.md
deleted file mode 100644
index 054ce727b..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/billing.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# billing
-
-## Metrics
-
-{{event "billing"}}
-
-{{fields "billing"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/cloudtrail.md b/test/packages/parallel/aws/_dev/build/docs/cloudtrail.md
deleted file mode 100644
index cbe7fb05c..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/cloudtrail.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# cloudtrail
-
-## Logs
-
-The `cloudtrail` dataset collects the AWS CloudTrail logs. CloudTrail monitors 
-events for the account. If user creates a trail, it delivers those events as log
- files to a specific Amazon S3 bucket. The `cloudtrail` dataset does not read 
- the CloudTrail Digest files that are delivered to the S3 bucket when Log File 
- Integrity is turned on, it only reads the CloudTrail logs.
-
-{{fields "cloudtrail"}}
-
-{{event "cloudtrail"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/cloudwatch.md b/test/packages/parallel/aws/_dev/build/docs/cloudwatch.md
deleted file mode 100644
index a27d5f8c8..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/cloudwatch.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# cloudwatch
-
-## Logs
-
-The `cloudwatch` dataset collects CloudWatch logs. Users can use Amazon 
-CloudWatch logs to monitor, store, and access log files from different sources. 
-Export logs from log groups to an Amazon S3 bucket which has SQS notification 
-setup already.
-
-{{fields "cloudwatch_logs"}}
-
-{{event "cloudwatch_logs"}}
-
-## Metrics
-
-{{event "cloudwatch_metrics"}}
-
-{{fields "cloudwatch_metrics"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/dynamodb.md b/test/packages/parallel/aws/_dev/build/docs/dynamodb.md
deleted file mode 100644
index eb0890de3..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/dynamodb.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# dynamodb
-
-## Metrics
-
-{{event "dynamodb"}}
-
-{{fields "dynamodb"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/ebs.md b/test/packages/parallel/aws/_dev/build/docs/ebs.md
deleted file mode 100644
index ebb1cfda0..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/ebs.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# ebs
-
-## Metrics
-
-{{event "ebs"}}
-
-{{fields "ebs"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/ec2.md b/test/packages/parallel/aws/_dev/build/docs/ec2.md
deleted file mode 100644
index f0e620507..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/ec2.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# ec2
-
-## Logs
-
-The `ec2` dataset is specifically for EC2 logs stored in AWS CloudWatch. Export logs
-from log groups to Amazon S3 bucket which has SQS notification setup already.
-With this dataset, EC2 logs will be parsed into fields like  `ip_address`
-and `process.name`. For logs from other services, please use `cloudwatch` dataset.
-
-{{fields "ec2_logs"}}
-
-{{event "ec2_logs"}}
-
-## Metrics
-
-{{event "ec2_metrics"}}
-
-{{fields "ec2_metrics"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/elb.md b/test/packages/parallel/aws/_dev/build/docs/elb.md
deleted file mode 100644
index db9413e39..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/elb.md
+++ /dev/null
@@ -1,25 +0,0 @@
-# elb
-
-## Logs
-
-The `elb` dataset collects logs from AWS ELBs. Elastic Load Balancing provides 
-access logs that capture detailed information about requests sent to the load 
-balancer. Each log contains information such as the time the request was 
-received, the client's IP address, latencies, request paths, and server 
-responses. Users can use these access logs to analyze traffic patterns and to 
-troubleshoot issues.
-
-Please follow [enable access logs for classic load balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html)
-for sending Classic ELB access logs to S3 bucket.
-For application load balancer, please follow [enable access log for application load balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#enable-access-logging).
-For network load balancer, please follow [enable access log for network load balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest//network/load-balancer-access-logs.html).
-
-{{fields "elb_logs"}}
-
-{{event "elb_logs"}} 
-
-## Metrics
-
-{{event "elb_metrics"}}
-
-{{fields "elb_metrics"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/lambda.md b/test/packages/parallel/aws/_dev/build/docs/lambda.md
deleted file mode 100644
index 0a1014033..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/lambda.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# lambda
-
-## Metrics
-
-{{event "lambda"}}
-
-{{fields "lambda"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/natgateway.md b/test/packages/parallel/aws/_dev/build/docs/natgateway.md
deleted file mode 100644
index aaa495290..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/natgateway.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# natgateway
-
-## Metrics
-
-{{event "natgateway"}}
-
-{{fields "natgateway"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/rds.md b/test/packages/parallel/aws/_dev/build/docs/rds.md
deleted file mode 100644
index 3d43dd4f3..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/rds.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# rds
-
-## Metrics
-
-{{event "rds"}}
-
-{{fields "rds"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/s3.md b/test/packages/parallel/aws/_dev/build/docs/s3.md
deleted file mode 100644
index ae3faed53..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/s3.md
+++ /dev/null
@@ -1,29 +0,0 @@
-# S3
-
-## Logs
-The `s3access` dataset collects server access logs from AWS S3. Server access 
-logging provides detailed records for the requests that are made to a bucket. 
-Server access logs are useful for many applications. For example, access log 
-information can be useful in security and access audits. It can also help users
-to learn about customer base and understand Amazon S3 bill.
-
-Please follow [how to enable server access logging](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html#server-access-logging-overview)
-for sending server access logs to S3 bucket.
-
-{{fields "s3access"}}
-
-{{event "s3access"}}
-
-## Metrics
-
-### s3_daily_storage
-
-{{event "s3_daily_storage"}}
-
-{{fields "s3_daily_storage"}}
-
-### s3_request
-
-{{event "s3_request"}}
-
-{{fields "s3_request"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/s3_storage_lens.md b/test/packages/parallel/aws/_dev/build/docs/s3_storage_lens.md
deleted file mode 100644
index 275ba3737..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/s3_storage_lens.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# s3 storage lens
-
-## Metrics
-
-{{event "s3_storage_lens"}}
-
-{{fields "s3_storage_lens"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/sns.md b/test/packages/parallel/aws/_dev/build/docs/sns.md
deleted file mode 100644
index 5d659b2a6..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/sns.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# sns
-
-## Metrics
-
-{{event "sns"}}
-
-{{fields "sns"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/sqs.md b/test/packages/parallel/aws/_dev/build/docs/sqs.md
deleted file mode 100644
index 2caee8129..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/sqs.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# sqs
-
-## Metrics
-
-{{event "sqs"}}
-
-{{fields "sqs"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/transitgateway.md b/test/packages/parallel/aws/_dev/build/docs/transitgateway.md
deleted file mode 100644
index 45bdb6ee1..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/transitgateway.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# transitgateway
-
-## Metrics
-
-{{event "transitgateway"}}
-
-{{fields "transitgateway"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/usage.md b/test/packages/parallel/aws/_dev/build/docs/usage.md
deleted file mode 100644
index bdd27653e..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/usage.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# usage
-
-## Metrics
-
-{{event "usage"}}
-
-{{fields "usage"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/vpcflow.md b/test/packages/parallel/aws/_dev/build/docs/vpcflow.md
deleted file mode 100644
index 65e7e4fc9..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/vpcflow.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# vpcflow
-
-## Logs
-
-{{fields "vpcflow"}}
-
-{{event "vpcflow"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/_dev/build/docs/vpn.md b/test/packages/parallel/aws/_dev/build/docs/vpn.md
deleted file mode 100644
index 7edfa5212..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/vpn.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# vpn
-
-## Metrics
-
-{{event "vpn"}}
-
-{{fields "vpn"}}
diff --git a/test/packages/parallel/aws/_dev/build/docs/waf.md b/test/packages/parallel/aws/_dev/build/docs/waf.md
deleted file mode 100644
index eeca8301b..000000000
--- a/test/packages/parallel/aws/_dev/build/docs/waf.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# waf
-
-## Logs
-
-The `waf` dataset is specifically for WAF logs. Export logs from Kinesis Data Firehose to Amazon S3 bucket which has SQS notification setup already.
-
-{{fields "waf"}}
-
-{{event "waf"}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/billing/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/billing/agent/stream/stream.yml.hbs
deleted file mode 100644
index 45017bd29..000000000
--- a/test/packages/parallel/aws/data_stream/billing/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,38 +0,0 @@
-metricsets: ["billing"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if lantency}}
-latency: {{latency}}
-{{/if}}
-{{#if cost_explorer_config.group_by_dimension_keys}}
-cost_explorer_config.group_by_dimension_keys:
-{{#each cost_explorer_config.group_by_dimension_keys as |dimension_key i|}}
-- {{dimension_key}}
-{{/each}}
-{{/if}}
-{{#if cost_explorer_config.group_by_tag_keys}}
-cost_explorer_config.group_by_tag_keys:
-{{#each cost_explorer_config.group_by_tag_keys as |tag_key i|}}
-- {{tag_key}}
-{{/each}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/billing/fields/agent.yml b/test/packages/parallel/aws/data_stream/billing/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/billing/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/billing/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/billing/fields/base-fields.yml
deleted file mode 100644
index f3e0e8980..000000000
--- a/test/packages/parallel/aws/data_stream/billing/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.billing
diff --git a/test/packages/parallel/aws/data_stream/billing/fields/ecs.yml b/test/packages/parallel/aws/data_stream/billing/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/billing/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/billing/fields/fields.yml b/test/packages/parallel/aws/data_stream/billing/fields/fields.yml
deleted file mode 100644
index b91f8f364..000000000
--- a/test/packages/parallel/aws/data_stream/billing/fields/fields.yml
+++ /dev/null
@@ -1,86 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: billing
-      type: group
-      fields:
-        - name: EstimatedCharges
-          type: long
-          description: Maximum estimated charges for AWS acccount.
-        - name: Currency
-          type: keyword
-          description: Currency name.
-        - name: ServiceName
-          type: keyword
-          description: AWS service name.
-        - name: AmortizedCost
-          type: group
-          fields:
-            - name: amount
-              type: double
-              description: Amortized cost amount.
-            - name: unit
-              type: keyword
-              description: Amortized cost unit.
-        - name: BlendedCost
-          type: group
-          fields:
-            - name: amount
-              type: double
-              description: Blended cost amount.
-            - name: unit
-              type: keyword
-              description: Blended cost unit.
-        - name: NormalizedUsageAmount
-          type: group
-          fields:
-            - name: amount
-              type: double
-              description: Normalized usage amount.
-            - name: unit
-              type: keyword
-              description: Normalized usage amount unit.
-        - name: UnblendedCost
-          type: group
-          fields:
-            - name: amount
-              type: double
-              description: Unblended cost amount.
-            - name: unit
-              type: keyword
-              description: Unblended cost unit.
-        - name: UsageQuantity
-          type: group
-          fields:
-            - name: amount
-              type: double
-              description: Usage quantity amount.
-            - name: unit
-              type: keyword
-              description: Usage quantity unit.
-        - name: start_date
-          type: keyword
-          description: Start date for retrieving AWS costs.
-        - name: end_date
-          type: keyword
-          description: End date for retrieving AWS costs.
-        - name: group_definition
-          type: group
-          fields:
-            - name: key
-              type: keyword
-              description: The string that represents a key for a specified group.
-            - name: type
-              type: keyword
-              description: The string that represents the type of group.
-        - name: group_by
-          type: object
-          object_type: keyword
-          object_type_mapping_type: "*"
-          description: Cost explorer group by key values.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/billing/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/billing/fields/package-fields.yml
deleted file mode 100644
index 7adc9facb..000000000
--- a/test/packages/parallel/aws/data_stream/billing/fields/package-fields.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
-    - name: linked_account
-      type: group
-      fields:
-        - name: id
-          type: keyword
-          description: >
-            ID used to identify linked account.
-
-        - name: name
-          type: keyword
-          description: >
-            Name or alias used to identify linked account.
-
diff --git a/test/packages/parallel/aws/data_stream/billing/manifest.yml b/test/packages/parallel/aws/data_stream/billing/manifest.yml
deleted file mode 100644
index dcdfb390f..000000000
--- a/test/packages/parallel/aws/data_stream/billing/manifest.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-title: AWS Billing Metrics
-release: beta
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 12h
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: cost_explorer_config.group_by_dimension_keys
-        type: text
-        title: Cost Explorer Group By Dimension Keys
-        multi: true
-        required: false
-        show_user: true
-        default:
-          - "AZ"
-          - "INSTANCE_TYPE"
-          - "SERVICE"
-          - "LINKED_ACCOUNT"
-      - name: cost_explorer_config.group_by_tag_keys
-        type: text
-        title: Cost Explorer Group By Tag Keys
-        multi: true
-        required: false
-        show_user: true
-        default:
-          - "aws:createdBy"
-    title: AWS Billing Metrics
-    description: Collect billing metrics from Amazon Web Services with Elastic Agent.
diff --git a/test/packages/parallel/aws/data_stream/billing/sample_event.json b/test/packages/parallel/aws/data_stream/billing/sample_event.json
deleted file mode 100644
index 832bb0023..000000000
--- a/test/packages/parallel/aws/data_stream/billing/sample_event.json
+++ /dev/null
@@ -1,60 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:17:06.212Z",
-    "cloud": {
-        "provider": "aws",
-        "region": "us-east-1",
-        "account": {
-            "id": "428152502467",
-            "name": "elastic-beats"
-        }
-    },
-    "event": {
-        "dataset": "aws.billing",
-        "module": "aws",
-        "duration": 1938760247
-    },
-    "metricset": {
-        "name": "billing",
-        "period": 43200000
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "aws": {
-        "billing": {
-            "Currency": "USD",
-            "EstimatedCharges": 39.26,
-            "ServiceName": "AmazonEKS",
-            "AmortizedCost": {
-                "amount": 51.6,
-                "unit": "USD"
-            },
-            "BlendedCost": {
-                "amount": 51.6,
-                "unit": "USD"
-            },
-            "NormalizedUsageAmount": {
-                "amount": 672,
-                "unit": "N/A"
-            },
-            "UnblendedCost": {
-                "amount": 51.6,
-                "unit": "USD"
-            },
-            "UsageQuantity": {
-                "amount": 168,
-                "unit": "N/A"
-            }
-        }
-    },
-    "service": {
-        "type": "aws"
-    },
-    "agent": {
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log
deleted file mode 100644
index 4c067668b..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.0","userIdentity":{"type":"IAMUser","principalId":"EX_PRINCIPAL_ID","arn":"arn:aws:iam::123456789012:user/Alice","accountId":"123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"false","creationDate":"2014-03-25T18:45:11Z"}}},"eventTime":"2014-03-25T21:08:14Z","eventSource":"iam.amazonaws.com","eventName":"AddUserToGroup","awsRegion":"us-east-2","sourceIPAddress":"127.0.0.1","userAgent":"AWSConsole","requestParameters":{"userName":"Bob","groupName":"admin"},"responseElements":null}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json
deleted file mode 100644
index 02145eb00..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-add-user-to-group-json.log-expected.json
+++ /dev/null
@@ -1,82 +0,0 @@
-{
-    "expected": [
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "@timestamp": "2014-03-25T21:08:14.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.0\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EX_PRINCIPAL_ID\",\"arn\":\"arn:aws:iam::123456789012:user/Alice\",\"accountId\":\"123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"false\",\"creationDate\":\"2014-03-25T18:45:11Z\"}}},\"eventTime\":\"2014-03-25T21:08:14Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"AddUserToGroup\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"AWSConsole\",\"requestParameters\":{\"userName\":\"Bob\",\"groupName\":\"admin\"},\"responseElements\":null}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "AddUserToGroup",
-                "type": [
-                    "group",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.0",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob",
-                            "groupName": "admin"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "session_context": {
-                            "mfa_authenticated": "false",
-                            "creation_date": "2014-03-25T18:45:11.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::123456789012:user/Alice"
-                    },
-                    "request_parameters": "{groupName=admin, userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EX_PRINCIPAL_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "AWSConsole"
-            },
-            "group": {
-                "name": "admin"
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log
deleted file mode 100644
index 90e496fc0..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"AssumedRole","principalId":"AROAIN5ATK5U7KEXAMPLE:JohnRole1","arn":"arn:aws:sts::111111111111:assumed-role/JohnDoe/JohnRole1","accountId":"111111111111","accessKeyId":"AKIAI44QH8DHBEXAMPLE","sessionContext":{"attributes":{"mfaAuthenticated":"false","creationDate":"2019-10-02T21:50:54Z"},"sessionIssuer":{"type":"Role","principalId":"AROAIN5ATK5U7KEXAMPLE","arn":"arn:aws:iam::111111111111:role/JohnRole1","accountId":"111111111111","userName":"JohnDoe"}}},"eventTime":"2019-10-02T22:12:29Z","eventSource":"sts.amazonaws.com","eventName":"AssumeRole","awsRegion":"us-east-2","sourceIPAddress":"81.2.69.144","userAgent":"aws-cli/1.16.248 Python/3.4.7 Linux/4.9.184-0.1.ac.235.83.329.metal1.x86_64 botocore/1.12.239","requestParameters":{"incomingTransitiveTags":{"Department":"Engineering"},"tags":[{"value":"johndoe@example.com","key":"Email"},{"value":"12345","key":"CostCenter"}],"roleArn":"arn:aws:iam::111111111111:role/JohnRole2","roleSessionName":"Role2WithTags","transitiveTagKeys":["Email","CostCenter"],"durationSeconds":3600},"responseElements":{"credentials":{"accessKeyId":"ASIAWHOJDLGPOEXAMPLE","expiration":"Oct 2, 2019 11:12:29 PM","sessionToken":"AgoJb3JpZ2luX2VjEB4aCXVzLXdlc3QtMSJHMEXAMPLETOKEN+//rJb8Lo30mFc5MlhFCEbubZvEj0wHB/mDMwIgSEe9gk/Zjr09tZV7F1HDTMhmEXAMPLETOKEN/iEJ/rkqngII9///////////ARABGgw0MjgzMDc4NjM5NjYiDLZjZFKwP4qxQG5sFCryASO4UPz5qE97wPPH1eLMvs7CgSDBSWfonmRTCfokm2FN1+hWUdQQH6adjbbrVLFL8c3jSsBhQ383AvxpwK5YRuDE1AI/+C+WKFZb701eiv9J5La2EXAMPLETOKEN/c7S5Iro1WUJ0q3Cxuo/8HUoSxVhQHM7zF7mWWLhXLEQ52ivL+F6q5dpXu4aTFedpMfnJa8JtkWwG9x1Axj0Ypy2ok8v5unpQGWych1vwdvj6ez1Dm8Xg1+qIzXILiEXAMPLETOKEN/vQGqu8H+nxp3kabcrtOvTFTvxX6vsc8OGwUfHhzAfYGEXAMPLETOKEN/L6v1yMM3B1OwFOrQBno1HEjf1oNI8RnQiMNFdUOtwYj7HUZIOCZmjfN8PPHq77N7GJl9lzvIZKQA0Owcjg+mc78zHCj8y0siY8C96paEXAMPLETOKEN/E3cpksxWdgs91HRzJWScjN2+r2LTGjYhyPqcmFzzo2mCE7mBNEXAMPLETOKEN/oJy+2o83YNW5tOiDmczgDzJZ4UKR84yGYOMfSnF4XcEJrDgAJ3OJFwmTcTQICAlSwLEXAMPLETOKEN"},"assumedRoleUser":{"assumedRoleId":"AROAIFR7WHDTSOYQYHFUE:Role2WithTags","arn":"arn:aws:sts::111111111111:assumed-role/test-role/Role2WithTags"}},"requestID":"b96b0e4e-e561-11e9-8b3f-7b396EXAMPLE","eventID":"1917948f-3042-46ec-98e2-62865EXAMPLE","resources":[{"ARN":"arn:aws:iam::111122223333:role/JohnRole2","accountId":"111111111111","type":"AWS::IAM::Role"}],"eventType":"AwsApiCall","recipientAccountId":"111111111111"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json
deleted file mode 100644
index e9b520569..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-assume-role-json.log-expected.json
+++ /dev/null
@@ -1,126 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "111111111111"
-                }
-            },
-            "@timestamp": "2019-10-02T22:12:29.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "GB-ENG",
-                    "city_name": "London",
-                    "country_iso_code": "GB",
-                    "country_name": "United Kingdom",
-                    "region_name": "England",
-                    "location": {
-                        "lon": -0.0931,
-                        "lat": 51.5142
-                    }
-                },
-                "address": "81.2.69.144",
-                "ip": "81.2.69.144"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"AssumedRole\",\"principalId\":\"AROAIN5ATK5U7KEXAMPLE:JohnRole1\",\"arn\":\"arn:aws:sts::111111111111:assumed-role/JohnDoe/JohnRole1\",\"accountId\":\"111111111111\",\"accessKeyId\":\"AKIAI44QH8DHBEXAMPLE\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"false\",\"creationDate\":\"2019-10-02T21:50:54Z\"},\"sessionIssuer\":{\"type\":\"Role\",\"principalId\":\"AROAIN5ATK5U7KEXAMPLE\",\"arn\":\"arn:aws:iam::111111111111:role/JohnRole1\",\"accountId\":\"111111111111\",\"userName\":\"JohnDoe\"}}},\"eventTime\":\"2019-10-02T22:12:29Z\",\"eventSource\":\"sts.amazonaws.com\",\"eventName\":\"AssumeRole\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"81.2.69.144\",\"userAgent\":\"aws-cli/1.16.248 Python/3.4.7 Linux/4.9.184-0.1.ac.235.83.329.metal1.x86_64 botocore/1.12.239\",\"requestParameters\":{\"incomingTransitiveTags\":{\"Department\":\"Engineering\"},\"tags\":[{\"value\":\"johndoe@example.com\",\"key\":\"Email\"},{\"value\":\"12345\",\"key\":\"CostCenter\"}],\"roleArn\":\"arn:aws:iam::111111111111:role/JohnRole2\",\"roleSessionName\":\"Role2WithTags\",\"transitiveTagKeys\":[\"Email\",\"CostCenter\"],\"durationSeconds\":3600},\"responseElements\":{\"credentials\":{\"accessKeyId\":\"ASIAWHOJDLGPOEXAMPLE\",\"expiration\":\"Oct 2, 2019 11:12:29 PM\",\"sessionToken\":\"AgoJb3JpZ2luX2VjEB4aCXVzLXdlc3QtMSJHMEXAMPLETOKEN+//rJb8Lo30mFc5MlhFCEbubZvEj0wHB/mDMwIgSEe9gk/Zjr09tZV7F1HDTMhmEXAMPLETOKEN/iEJ/rkqngII9///////////ARABGgw0MjgzMDc4NjM5NjYiDLZjZFKwP4qxQG5sFCryASO4UPz5qE97wPPH1eLMvs7CgSDBSWfonmRTCfokm2FN1+hWUdQQH6adjbbrVLFL8c3jSsBhQ383AvxpwK5YRuDE1AI/+C+WKFZb701eiv9J5La2EXAMPLETOKEN/c7S5Iro1WUJ0q3Cxuo/8HUoSxVhQHM7zF7mWWLhXLEQ52ivL+F6q5dpXu4aTFedpMfnJa8JtkWwG9x1Axj0Ypy2ok8v5unpQGWych1vwdvj6ez1Dm8Xg1+qIzXILiEXAMPLETOKEN/vQGqu8H+nxp3kabcrtOvTFTvxX6vsc8OGwUfHhzAfYGEXAMPLETOKEN/L6v1yMM3B1OwFOrQBno1HEjf1oNI8RnQiMNFdUOtwYj7HUZIOCZmjfN8PPHq77N7GJl9lzvIZKQA0Owcjg+mc78zHCj8y0siY8C96paEXAMPLETOKEN/E3cpksxWdgs91HRzJWScjN2+r2LTGjYhyPqcmFzzo2mCE7mBNEXAMPLETOKEN/oJy+2o83YNW5tOiDmczgDzJZ4UKR84yGYOMfSnF4XcEJrDgAJ3OJFwmTcTQICAlSwLEXAMPLETOKEN\"},\"assumedRoleUser\":{\"assumedRoleId\":\"AROAIFR7WHDTSOYQYHFUE:Role2WithTags\",\"arn\":\"arn:aws:sts::111111111111:assumed-role/test-role/Role2WithTags\"}},\"requestID\":\"b96b0e4e-e561-11e9-8b3f-7b396EXAMPLE\",\"eventID\":\"1917948f-3042-46ec-98e2-62865EXAMPLE\",\"resources\":[{\"ARN\":\"arn:aws:iam::111122223333:role/JohnRole2\",\"accountId\":\"111111111111\",\"type\":\"AWS::IAM::Role\"}],\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"111111111111\"}",
-                "provider": "sts.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "AssumeRole",
-                "id": "1917948f-3042-46ec-98e2-62865EXAMPLE",
-                "type": [
-                    "info"
-                ],
-                "category": [
-                    "authentication"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "incomingTransitiveTags": {
-                                "Department": "Engineering"
-                            },
-                            "transitiveTagKeys": [
-                                "Email",
-                                "CostCenter"
-                            ],
-                            "durationSeconds": 3600,
-                            "roleArn": "arn:aws:iam::111111111111:role/JohnRole2",
-                            "roleSessionName": "Role2WithTags",
-                            "tags": [
-                                {
-                                    "value": "johndoe@example.com",
-                                    "key": "Email"
-                                },
-                                {
-                                    "value": "12345",
-                                    "key": "CostCenter"
-                                }
-                            ]
-                        },
-                        "response_elements": {
-                            "assumedRoleUser": {
-                                "assumedRoleId": "AROAIFR7WHDTSOYQYHFUE:Role2WithTags",
-                                "arn": "arn:aws:sts::111111111111:assumed-role/test-role/Role2WithTags"
-                            },
-                            "credentials": {
-                                "accessKeyId": "ASIAWHOJDLGPOEXAMPLE",
-                                "sessionToken": "AgoJb3JpZ2luX2VjEB4aCXVzLXdlc3QtMSJHMEXAMPLETOKEN+//rJb8Lo30mFc5MlhFCEbubZvEj0wHB/mDMwIgSEe9gk/Zjr09tZV7F1HDTMhmEXAMPLETOKEN/iEJ/rkqngII9///////////ARABGgw0MjgzMDc4NjM5NjYiDLZjZFKwP4qxQG5sFCryASO4UPz5qE97wPPH1eLMvs7CgSDBSWfonmRTCfokm2FN1+hWUdQQH6adjbbrVLFL8c3jSsBhQ383AvxpwK5YRuDE1AI/+C+WKFZb701eiv9J5La2EXAMPLETOKEN/c7S5Iro1WUJ0q3Cxuo/8HUoSxVhQHM7zF7mWWLhXLEQ52ivL+F6q5dpXu4aTFedpMfnJa8JtkWwG9x1Axj0Ypy2ok8v5unpQGWych1vwdvj6ez1Dm8Xg1+qIzXILiEXAMPLETOKEN/vQGqu8H+nxp3kabcrtOvTFTvxX6vsc8OGwUfHhzAfYGEXAMPLETOKEN/L6v1yMM3B1OwFOrQBno1HEjf1oNI8RnQiMNFdUOtwYj7HUZIOCZmjfN8PPHq77N7GJl9lzvIZKQA0Owcjg+mc78zHCj8y0siY8C96paEXAMPLETOKEN/E3cpksxWdgs91HRzJWScjN2+r2LTGjYhyPqcmFzzo2mCE7mBNEXAMPLETOKEN/oJy+2o83YNW5tOiDmczgDzJZ4UKR84yGYOMfSnF4XcEJrDgAJ3OJFwmTcTQICAlSwLEXAMPLETOKEN",
-                                "expiration": "Oct 2, 2019 11:12:29 PM"
-                            }
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "AKIAI44QH8DHBEXAMPLE",
-                        "session_context": {
-                            "mfa_authenticated": "false",
-                            "session_issuer": {
-                                "account_id": "111111111111",
-                                "type": "Role",
-                                "arn": "arn:aws:iam::111111111111:role/JohnRole1",
-                                "principal_id": "AROAIN5ATK5U7KEXAMPLE"
-                            },
-                            "creation_date": "2019-10-02T21:50:54.000Z"
-                        },
-                        "type": "AssumedRole",
-                        "arn": "arn:aws:sts::111111111111:assumed-role/JohnDoe/JohnRole1"
-                    },
-                    "recipient_account_id": "111111111111",
-                    "request_parameters": "{incomingTransitiveTags={Department=Engineering}, transitiveTagKeys=[Email, CostCenter], durationSeconds=3600, roleArn=arn:aws:iam::111111111111:role/JohnRole2, roleSessionName=Role2WithTags, tags=[{value=johndoe@example.com, key=Email}, {value=12345, key=CostCenter}]}",
-                    "response_elements": "{assumedRoleUser={assumedRoleId=AROAIFR7WHDTSOYQYHFUE:Role2WithTags, arn=arn:aws:sts::111111111111:assumed-role/test-role/Role2WithTags}, credentials={accessKeyId=ASIAWHOJDLGPOEXAMPLE, sessionToken=AgoJb3JpZ2luX2VjEB4aCXVzLXdlc3QtMSJHMEXAMPLETOKEN+//rJb8Lo30mFc5MlhFCEbubZvEj0wHB/mDMwIgSEe9gk/Zjr09tZV7F1HDTMhmEXAMPLETOKEN/iEJ/rkqngII9///////////ARABGgw0MjgzMDc4NjM5NjYiDLZjZFKwP4qxQG5sFCryASO4UPz5qE97wPPH1eLMvs7CgSDBSWfonmRTCfokm2FN1+hWUdQQH6adjbbrVLFL8c3jSsBhQ383AvxpwK5YRuDE1AI/+C+WKFZb701eiv9J5La2EXAMPLETOKEN/c7S5Iro1WUJ0q3Cxuo/8HUoSxVhQHM7zF7mWWLhXLEQ52ivL+F6q5dpXu4aTFedpMfnJa8JtkWwG9x1Axj0Ypy2ok8v5unpQGWych1vwdvj6ez1Dm8Xg1+qIzXILiEXAMPLETOKEN/vQGqu8H+nxp3kabcrtOvTFTvxX6vsc8OGwUfHhzAfYGEXAMPLETOKEN/L6v1yMM3B1OwFOrQBno1HEjf1oNI8RnQiMNFdUOtwYj7HUZIOCZmjfN8PPHq77N7GJl9lzvIZKQA0Owcjg+mc78zHCj8y0siY8C96paEXAMPLETOKEN/E3cpksxWdgs91HRzJWScjN2+r2LTGjYhyPqcmFzzo2mCE7mBNEXAMPLETOKEN/oJy+2o83YNW5tOiDmczgDzJZ4UKR84yGYOMfSnF4XcEJrDgAJ3OJFwmTcTQICAlSwLEXAMPLETOKEN, expiration=Oct 2, 2019 11:12:29 PM}}"
-                }
-            },
-            "user": {
-                "name": "JohnDoe",
-                "id": "AROAIN5ATK5U7KEXAMPLE:JohnRole1"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.248 Python/3.4.7 Linux/4.9.184-0.1.ac.235.83.329.metal1.x86_64 botocore/1.12.239",
-                "os": {
-                    "name": "Linux",
-                    "version": "4.9.184",
-                    "full": "Linux 4.9.184"
-                },
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.248"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log
deleted file mode 100644
index b3c1f2a10..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log
+++ /dev/null
@@ -1,2 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"0123456789012","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice"},"eventTime":"2020-01-09T00:09:33Z","eventSource":"iam.amazonaws.com","eventName":"ChangePassword","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","errorCode":"AccessDeniedException","errorMessage":"An unknown error occurred","requestParameters":null,"responseElements":null,"requestID":"EXAMPLE-5204-4fed-9c60-9c6EXAMPLE","eventID":"EXAMPLE-b92f-48bb-8c4c-efeEXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"0123456789012","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice"},"eventTime":"2020-01-09T00:03:36Z","eventSource":"iam.amazonaws.com","eventName":"ChangePassword","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","requestParameters":null,"responseElements":null,"requestID":"EXAMPLE-5c16-4eda-9724-EXAMPLE","eventID":"EXAMPLE-35a7-4c25-9fc7-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json
deleted file mode 100644
index 6b314e7ee..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-change-password-json.log-expected.json
+++ /dev/null
@@ -1,136 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T00:09:33.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"0123456789012\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-09T00:09:33Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"ChangePassword\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"errorCode\":\"AccessDeniedException\",\"errorMessage\":\"An unknown error occurred\",\"requestParameters\":null,\"responseElements\":null,\"requestID\":\"EXAMPLE-5204-4fed-9c60-9c6EXAMPLE\",\"eventID\":\"EXAMPLE-b92f-48bb-8c4c-efeEXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "ChangePassword",
-                "id": "EXAMPLE-b92f-48bb-8c4c-efeEXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "failure"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "error_message": "An unknown error occurred",
-                    "flattened": {},
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "error_code": "AccessDeniedException",
-                    "recipient_account_id": "0123456789012"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "0123456789012"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T00:03:36.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"0123456789012\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-09T00:03:36Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"ChangePassword\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"requestParameters\":null,\"responseElements\":null,\"requestID\":\"EXAMPLE-5c16-4eda-9724-EXAMPLE\",\"eventID\":\"EXAMPLE-35a7-4c25-9fc7-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "ChangePassword",
-                "id": "EXAMPLE-35a7-4c25-9fc7-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {},
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "0123456789012"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log
deleted file mode 100644
index f3393babc..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"awsAccountId":"123456789123","digestStartTime":"2020-09-11T18:36:49Z","digestEndTime":"2020-09-11T19:36:49Z","digestS3Bucket":"alice-bucket","digestS3Object":"AWSLogs/123456789123/CloudTrail-Digest/us-west-2/2020/09/11/123456789123_CloudTrail-Digest_us-west-2_leh-ct-test_us-west-2_20200911T193649Z.json.gz","digestPublicKeyFingerprint":"47aaa19f7eec22e9bd0b5e58cfade8cb","digestSignatureAlgorithm":"SHA256withRSA","newestEventTime":"2020-09-11T19:26:24Z","oldestEventTime":"2020-09-11T18:32:04Z","previousDigestS3Bucket":"alice-bucket","previousDigestS3Object":"AWSLogs/123456789123/CloudTrail-Digest/us-west-2/2020/09/11/123456789123_CloudTrail-Digest_us-west-2_leh-ct-test_us-west-2_20200911T183649Z.json.gz","previousDigestHashValue":"531914fcfa0dbacf0c9dd1475a1fdcb5dea6e85921409f3c3ec0ba39063c860","previousDigestHashAlgorithm":"SHA-256","previousDigestSignature":"10e0872f32fa1d299d0cc98e94d4c88a6a2eada9d9fc3ae6d53dfe8d54c7caf807072f1e1eec47efdeecfcc22483887f8fddfc954ae587fba43e7676b5547f432fa8722ba1c5baa6b233bcb528ce7c01e3748aab8f28c16c024de79da820128b4c9e5ce65e98a9c4e631687ecc89c224a11bb3df06ce441ff740e4ac9fbd41159e77f5863550118284121f193e357866fbd0463faffb56e194af196e35a7675c3bbd0a398f43159343c3f59129d6339a281a8fdb3192f3fffea9bd21dbb0a705ebfae1921f2133aab0ad29522aea6df0828c1780d3f3ed6b8270ab3ba24459916b0fbbe82fba6ff9677bafe7306e0f5edcc0f1508cdb4e36f3e3b30e653e9987","logFiles":[{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1930Z_l2pGqVS53QcGdAkp.json.gz","hashValue":"420784a5bbc12e9ac442451e8ec1356744fdeabf4fee0d2222508db6d448139c","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T19:26:24Z","oldestEventTime":"2020-09-11T19:26:24Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1915Z_TIKlbLnJ6IwUxqxw.json.gz","hashValue":"4e1eb2a8b41d032cbb16e5449fc8f3eac304e7d43017a391b37c788c77336196","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T19:11:18Z","oldestEventTime":"2020-09-11T19:11:18Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1835Z_OPJhVNodH1gY760s.json.gz","hashValue":"2695aeb3b4c1f021fe76e0b36f5ac15e557c41c58af6eef282d77ef056210d70","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T18:32:04Z","oldestEventTime":"2020-09-11T18:32:04Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1925Z_zJNGzQovyNAImZV9.json.gz","hashValue":"45a2906f55cbfc912584e9425f8d3d8d6fabf571a45a5ecd7d2a0f4132b81689","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T19:21:28Z","oldestEventTime":"2020-09-11T19:21:28Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1855Z_RqN9YzoKAJCKbejj.json.gz","hashValue":"515cc8be750d815266b4fc799c7600765f22502d29f5bb9d5c8969ffc5ab7097","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T18:51:21Z","oldestEventTime":"2020-09-11T18:51:21Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1850Z_jLldN7U8XrspES8p.json.gz","hashValue":"18650414e79e084dff02da66253f071347f7bb5c4863279bafe7762a980f7c0b","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T18:46:45Z","oldestEventTime":"2020-09-11T18:46:45Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1905Z_jBNdmg4bSGxZ3wC8.json.gz","hashValue":"54050ec665636f1985f5b51ae43c74a58282cb2e500492a45f20a4dc1bf8a6d5","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T19:01:06Z","oldestEventTime":"2020-09-11T19:01:06Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1920Z_bj5DRrmILF6jK23a.json.gz","hashValue":"6e0d8fcbd712d3f6d1caf4a872681f4290b05ed8a8f1c9450a0a6db92ccab4d7","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T19:16:12Z","oldestEventTime":"2020-09-11T19:16:12Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1900Z_6LjrkrhsLQMzCiSN.json.gz","hashValue":"b2b0e2804d1c6b92d76eee203d7eba32d3d003e6967f175723a83ecc2d7ad4ba","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T18:56:05Z","oldestEventTime":"2020-09-11T18:56:05Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1910Z_DLyqye8LaeoD204N.json.gz","hashValue":"4397a13565a67d9ed6e57737b98eb7e61ca52bb191c9b5da0423136dfc5581c7","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T19:06:31Z","oldestEventTime":"2020-09-11T19:06:31Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1845Z_TSDKyASOn2ejOq5n.json.gz","hashValue":"94f09d2398632c7b0c0066ed5d56768632dd2e06ed9c80af9d0c2c5f59bd60b6","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T18:41:58Z","oldestEventTime":"2020-09-11T18:41:58Z"},{"s3Bucket":"alice-bucket","s3Object":"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1840Z_btJydJ2t7hCRnjsN.json.gz","hashValue":"9044f9a05d70688bc6f6048d5f8d00764ab65e132b8ffefb193b22ca4394d771","hashAlgorithm":"SHA-256","newestEventTime":"2020-09-11T18:37:10Z","oldestEventTime":"2020-09-11T18:37:10Z"}]}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json
deleted file mode 100644
index 0c1cc9a2c..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-cloudtrail-digest-json.log-expected.json
+++ /dev/null
@@ -1,150 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "account": {
-                    "id": "123456789123"
-                }
-            },
-            "@timestamp": "2020-09-11T19:36:49.000Z",
-            "file": {
-                "path": "AWSLogs/123456789123/CloudTrail-Digest/us-west-2/2020/09/11/123456789123_CloudTrail-Digest_us-west-2_leh-ct-test_us-west-2_20200911T183649Z.json.gz",
-                "hash": {
-                    "sha256": "10e0872f32fa1d299d0cc98e94d4c88a6a2eada9d9fc3ae6d53dfe8d54c7caf807072f1e1eec47efdeecfcc22483887f8fddfc954ae587fba43e7676b5547f432fa8722ba1c5baa6b233bcb528ce7c01e3748aab8f28c16c024de79da820128b4c9e5ce65e98a9c4e631687ecc89c224a11bb3df06ce441ff740e4ac9fbd41159e77f5863550118284121f193e357866fbd0463faffb56e194af196e35a7675c3bbd0a398f43159343c3f59129d6339a281a8fdb3192f3fffea9bd21dbb0a705ebfae1921f2133aab0ad29522aea6df0828c1780d3f3ed6b8270ab3ba24459916b0fbbe82fba6ff9677bafe7306e0f5edcc0f1508cdb4e36f3e3b30e653e9987"
-                }
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "hash": [
-                    "10e0872f32fa1d299d0cc98e94d4c88a6a2eada9d9fc3ae6d53dfe8d54c7caf807072f1e1eec47efdeecfcc22483887f8fddfc954ae587fba43e7676b5547f432fa8722ba1c5baa6b233bcb528ce7c01e3748aab8f28c16c024de79da820128b4c9e5ce65e98a9c4e631687ecc89c224a11bb3df06ce441ff740e4ac9fbd41159e77f5863550118284121f193e357866fbd0463faffb56e194af196e35a7675c3bbd0a398f43159343c3f59129d6339a281a8fdb3192f3fffea9bd21dbb0a705ebfae1921f2133aab0ad29522aea6df0828c1780d3f3ed6b8270ab3ba24459916b0fbbe82fba6ff9677bafe7306e0f5edcc0f1508cdb4e36f3e3b30e653e9987"
-                ]
-            },
-            "event": {
-                "original": "{\"awsAccountId\":\"123456789123\",\"digestStartTime\":\"2020-09-11T18:36:49Z\",\"digestEndTime\":\"2020-09-11T19:36:49Z\",\"digestS3Bucket\":\"alice-bucket\",\"digestS3Object\":\"AWSLogs/123456789123/CloudTrail-Digest/us-west-2/2020/09/11/123456789123_CloudTrail-Digest_us-west-2_leh-ct-test_us-west-2_20200911T193649Z.json.gz\",\"digestPublicKeyFingerprint\":\"47aaa19f7eec22e9bd0b5e58cfade8cb\",\"digestSignatureAlgorithm\":\"SHA256withRSA\",\"newestEventTime\":\"2020-09-11T19:26:24Z\",\"oldestEventTime\":\"2020-09-11T18:32:04Z\",\"previousDigestS3Bucket\":\"alice-bucket\",\"previousDigestS3Object\":\"AWSLogs/123456789123/CloudTrail-Digest/us-west-2/2020/09/11/123456789123_CloudTrail-Digest_us-west-2_leh-ct-test_us-west-2_20200911T183649Z.json.gz\",\"previousDigestHashValue\":\"531914fcfa0dbacf0c9dd1475a1fdcb5dea6e85921409f3c3ec0ba39063c860\",\"previousDigestHashAlgorithm\":\"SHA-256\",\"previousDigestSignature\":\"10e0872f32fa1d299d0cc98e94d4c88a6a2eada9d9fc3ae6d53dfe8d54c7caf807072f1e1eec47efdeecfcc22483887f8fddfc954ae587fba43e7676b5547f432fa8722ba1c5baa6b233bcb528ce7c01e3748aab8f28c16c024de79da820128b4c9e5ce65e98a9c4e631687ecc89c224a11bb3df06ce441ff740e4ac9fbd41159e77f5863550118284121f193e357866fbd0463faffb56e194af196e35a7675c3bbd0a398f43159343c3f59129d6339a281a8fdb3192f3fffea9bd21dbb0a705ebfae1921f2133aab0ad29522aea6df0828c1780d3f3ed6b8270ab3ba24459916b0fbbe82fba6ff9677bafe7306e0f5edcc0f1508cdb4e36f3e3b30e653e9987\",\"logFiles\":[{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1930Z_l2pGqVS53QcGdAkp.json.gz\",\"hashValue\":\"420784a5bbc12e9ac442451e8ec1356744fdeabf4fee0d2222508db6d448139c\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T19:26:24Z\",\"oldestEventTime\":\"2020-09-11T19:26:24Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1915Z_TIKlbLnJ6IwUxqxw.json.gz\",\"hashValue\":\"4e1eb2a8b41d032cbb16e5449fc8f3eac304e7d43017a391b37c788c77336196\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T19:11:18Z\",\"oldestEventTime\":\"2020-09-11T19:11:18Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1835Z_OPJhVNodH1gY760s.json.gz\",\"hashValue\":\"2695aeb3b4c1f021fe76e0b36f5ac15e557c41c58af6eef282d77ef056210d70\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T18:32:04Z\",\"oldestEventTime\":\"2020-09-11T18:32:04Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1925Z_zJNGzQovyNAImZV9.json.gz\",\"hashValue\":\"45a2906f55cbfc912584e9425f8d3d8d6fabf571a45a5ecd7d2a0f4132b81689\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T19:21:28Z\",\"oldestEventTime\":\"2020-09-11T19:21:28Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1855Z_RqN9YzoKAJCKbejj.json.gz\",\"hashValue\":\"515cc8be750d815266b4fc799c7600765f22502d29f5bb9d5c8969ffc5ab7097\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T18:51:21Z\",\"oldestEventTime\":\"2020-09-11T18:51:21Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1850Z_jLldN7U8XrspES8p.json.gz\",\"hashValue\":\"18650414e79e084dff02da66253f071347f7bb5c4863279bafe7762a980f7c0b\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T18:46:45Z\",\"oldestEventTime\":\"2020-09-11T18:46:45Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1905Z_jBNdmg4bSGxZ3wC8.json.gz\",\"hashValue\":\"54050ec665636f1985f5b51ae43c74a58282cb2e500492a45f20a4dc1bf8a6d5\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T19:01:06Z\",\"oldestEventTime\":\"2020-09-11T19:01:06Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1920Z_bj5DRrmILF6jK23a.json.gz\",\"hashValue\":\"6e0d8fcbd712d3f6d1caf4a872681f4290b05ed8a8f1c9450a0a6db92ccab4d7\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T19:16:12Z\",\"oldestEventTime\":\"2020-09-11T19:16:12Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1900Z_6LjrkrhsLQMzCiSN.json.gz\",\"hashValue\":\"b2b0e2804d1c6b92d76eee203d7eba32d3d003e6967f175723a83ecc2d7ad4ba\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T18:56:05Z\",\"oldestEventTime\":\"2020-09-11T18:56:05Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1910Z_DLyqye8LaeoD204N.json.gz\",\"hashValue\":\"4397a13565a67d9ed6e57737b98eb7e61ca52bb191c9b5da0423136dfc5581c7\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T19:06:31Z\",\"oldestEventTime\":\"2020-09-11T19:06:31Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1845Z_TSDKyASOn2ejOq5n.json.gz\",\"hashValue\":\"94f09d2398632c7b0c0066ed5d56768632dd2e06ed9c80af9d0c2c5f59bd60b6\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T18:41:58Z\",\"oldestEventTime\":\"2020-09-11T18:41:58Z\"},{\"s3Bucket\":\"alice-bucket\",\"s3Object\":\"AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1840Z_btJydJ2t7hCRnjsN.json.gz\",\"hashValue\":\"9044f9a05d70688bc6f6048d5f8d00764ab65e132b8ffefb193b22ca4394d771\",\"hashAlgorithm\":\"SHA-256\",\"newestEventTime\":\"2020-09-11T18:37:10Z\",\"oldestEventTime\":\"2020-09-11T18:37:10Z\"}]}",
-                "type": "info",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "flattened": {
-                        "digest": {
-                            "start_time": "2020-09-11T18:36:49.000Z",
-                            "previous_s3_bucket": "alice-bucket",
-                            "log_files": [
-                                {
-                                    "newestEventTime": "2020-09-11T19:26:24Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1930Z_l2pGqVS53QcGdAkp.json.gz",
-                                    "oldestEventTime": "2020-09-11T19:26:24Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "420784a5bbc12e9ac442451e8ec1356744fdeabf4fee0d2222508db6d448139c",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T19:11:18Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1915Z_TIKlbLnJ6IwUxqxw.json.gz",
-                                    "oldestEventTime": "2020-09-11T19:11:18Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "4e1eb2a8b41d032cbb16e5449fc8f3eac304e7d43017a391b37c788c77336196",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T18:32:04Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1835Z_OPJhVNodH1gY760s.json.gz",
-                                    "oldestEventTime": "2020-09-11T18:32:04Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "2695aeb3b4c1f021fe76e0b36f5ac15e557c41c58af6eef282d77ef056210d70",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T19:21:28Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1925Z_zJNGzQovyNAImZV9.json.gz",
-                                    "oldestEventTime": "2020-09-11T19:21:28Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "45a2906f55cbfc912584e9425f8d3d8d6fabf571a45a5ecd7d2a0f4132b81689",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T18:51:21Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1855Z_RqN9YzoKAJCKbejj.json.gz",
-                                    "oldestEventTime": "2020-09-11T18:51:21Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "515cc8be750d815266b4fc799c7600765f22502d29f5bb9d5c8969ffc5ab7097",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T18:46:45Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1850Z_jLldN7U8XrspES8p.json.gz",
-                                    "oldestEventTime": "2020-09-11T18:46:45Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "18650414e79e084dff02da66253f071347f7bb5c4863279bafe7762a980f7c0b",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T19:01:06Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1905Z_jBNdmg4bSGxZ3wC8.json.gz",
-                                    "oldestEventTime": "2020-09-11T19:01:06Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "54050ec665636f1985f5b51ae43c74a58282cb2e500492a45f20a4dc1bf8a6d5",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T19:16:12Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1920Z_bj5DRrmILF6jK23a.json.gz",
-                                    "oldestEventTime": "2020-09-11T19:16:12Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "6e0d8fcbd712d3f6d1caf4a872681f4290b05ed8a8f1c9450a0a6db92ccab4d7",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T18:56:05Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1900Z_6LjrkrhsLQMzCiSN.json.gz",
-                                    "oldestEventTime": "2020-09-11T18:56:05Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "b2b0e2804d1c6b92d76eee203d7eba32d3d003e6967f175723a83ecc2d7ad4ba",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T19:06:31Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1910Z_DLyqye8LaeoD204N.json.gz",
-                                    "oldestEventTime": "2020-09-11T19:06:31Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "4397a13565a67d9ed6e57737b98eb7e61ca52bb191c9b5da0423136dfc5581c7",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T18:41:58Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1845Z_TSDKyASOn2ejOq5n.json.gz",
-                                    "oldestEventTime": "2020-09-11T18:41:58Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "94f09d2398632c7b0c0066ed5d56768632dd2e06ed9c80af9d0c2c5f59bd60b6",
-                                    "hashAlgorithm": "SHA-256"
-                                },
-                                {
-                                    "newestEventTime": "2020-09-11T18:37:10Z",
-                                    "s3Object": "AWSLogs/123456789123/CloudTrail/us-west-2/2020/09/11/123456789123_CloudTrail_us-west-2_20200911T1840Z_btJydJ2t7hCRnjsN.json.gz",
-                                    "oldestEventTime": "2020-09-11T18:37:10Z",
-                                    "s3Bucket": "alice-bucket",
-                                    "hashValue": "9044f9a05d70688bc6f6048d5f8d00764ab65e132b8ffefb193b22ca4394d771",
-                                    "hashAlgorithm": "SHA-256"
-                                }
-                            ],
-                            "newest_event_time": "2020-09-11T19:26:24.000Z",
-                            "previous_hash_algorithm": "SHA-256",
-                            "end_time": "2020-09-11T19:36:49.000Z",
-                            "signature_algorithm": "SHA256withRSA",
-                            "s3_bucket": "alice-bucket",
-                            "oldest_event_time": "2020-09-11T18:32:04.000Z"
-                        }
-                    }
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml
deleted file mode 100644
index e8c22fb0e..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-common-config.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-dynamic_fields:
-  event.ingested: ".*"
-fields:
-  # Simulate @timestamp value from Filebeat.
-  '@timestamp': '2021-11-11T01:02:03.123456789Z'
-  tags:
-    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log
deleted file mode 100644
index 315e72e60..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log
+++ /dev/null
@@ -1,3 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"AIDACKCEVSQ6C2EXAMPLE","arn":"arn:aws:iam::111122223333:user/JohnDoe","accountId":"111122223333","userName":"JohnDoe"},"eventTime":"2014-07-16T15:49:27Z","eventSource":"signin.amazonaws.com","eventName":"ConsoleLogin","awsRegion":"us-east-2","sourceIPAddress":"89.160.20.156","userAgent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0","requestParameters":null,"responseElements":{"ConsoleLogin":"Success"},"additionalEventData":{"MobileVersion":"No","LoginTo":"https://console.aws.amazon.com/s3/","MFAUsed":"No"},"eventID":"3fcfb182-98f8-4744-bd45-10aEXAMPLE"}
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"AIDACKCEVSQ6C2EXAMPLE","arn":"arn:aws:iam::111122223333:user/JaneDoe","accountId":"111122223333","userName":"JaneDoe"},"eventTime":"2014-07-08T17:35:27Z","eventSource":"signin.amazonaws.com","eventName":"ConsoleLogin","awsRegion":"us-east-2","sourceIPAddress":"89.160.20.156","userAgent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0","errorMessage":"Failed authentication","requestParameters":null,"responseElements":{"ConsoleLogin":"Failure"},"additionalEventData":{"MobileVersion":"No","LoginTo":"https://console.aws.amazon.com/sns","MFAUsed":"No"},"eventID":"11ea990b-4678-4bcd-8fbe-625EXAMPLE"}
-{"eventVersion":"1.05","userIdentity":{"type":"AssumedRole","principalId":"AROAIDPPEZS35WEXAMPLE:AssumedRoleSessionName","arn":"arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed/MySessionName","accountId":"123456789012","accessKeyId":"AKIAIOSFODNN7EXAMPLE","sessionContext":{"attributes":{"mfaAuthenticated":"false","creationDate":"20131102T010628Z"},"sessionIssuer":{"type":"Role","principalId":"AROAIDPPEZS35WEXAMPLE","arn":"arn:aws:iam::123456789012:role/RoleToBeAssumed","accountId":"123456789012","userName":"RoleToBeAssumed"}}},"eventTime":"2014-07-08T17:35:27Z","eventSource":"signin.amazonaws.com","eventName":"ConsoleLogin","awsRegion":"us-east-2","sourceIPAddress":"89.160.20.156","userAgent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0","errorMessage":"Failed authentication","requestParameters":null,"responseElements":{"ConsoleLogin":"Failure"},"additionalEventData":{"MobileVersion":"No","LoginTo":"https://console.aws.amazon.com/sns","MFAUsed":"No"},"eventID":"11ea990b-4678-4bcd-8fbe-625EXAMPLE"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json
deleted file mode 100644
index 516369230..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-console-login-json.log-expected.json
+++ /dev/null
@@ -1,317 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "111122223333"
-                }
-            },
-            "@timestamp": "2014-07-16T15:49:27.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "JohnDoe"
-                ]
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"AIDACKCEVSQ6C2EXAMPLE\",\"arn\":\"arn:aws:iam::111122223333:user/JohnDoe\",\"accountId\":\"111122223333\",\"userName\":\"JohnDoe\"},\"eventTime\":\"2014-07-16T15:49:27Z\",\"eventSource\":\"signin.amazonaws.com\",\"eventName\":\"ConsoleLogin\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"89.160.20.156\",\"userAgent\":\"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0\",\"requestParameters\":null,\"responseElements\":{\"ConsoleLogin\":\"Success\"},\"additionalEventData\":{\"MobileVersion\":\"No\",\"LoginTo\":\"https://console.aws.amazon.com/s3/\",\"MFAUsed\":\"No\"},\"eventID\":\"3fcfb182-98f8-4744-bd45-10aEXAMPLE\"}",
-                "provider": "signin.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "ConsoleLogin",
-                "id": "3fcfb182-98f8-4744-bd45-10aEXAMPLE",
-                "type": [
-                    "info"
-                ],
-                "category": [
-                    "authentication"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "additional_eventdata": {
-                            "LoginTo": "https://console.aws.amazon.com/s3/",
-                            "MobileVersion": "No",
-                            "MFAUsed": "No"
-                        },
-                        "response_elements": {
-                            "ConsoleLogin": "Success"
-                        }
-                    },
-                    "user_identity": {
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::111122223333:user/JohnDoe"
-                    },
-                    "additional_eventdata": "{LoginTo=https://console.aws.amazon.com/s3/, MobileVersion=No, MFAUsed=No}",
-                    "console_login": {
-                        "additional_eventdata": {
-                            "login_to": "https://console.aws.amazon.com/s3/",
-                            "mobile_version": false,
-                            "mfa_used": false
-                        }
-                    },
-                    "response_elements": "{ConsoleLogin=Success}"
-                }
-            },
-            "user": {
-                "name": "JohnDoe",
-                "id": "AIDACKCEVSQ6C2EXAMPLE"
-            },
-            "user_agent": {
-                "name": "Firefox",
-                "original": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0",
-                "os": {
-                    "name": "Windows",
-                    "version": "7",
-                    "full": "Windows 7"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "24.0."
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "111122223333"
-                }
-            },
-            "@timestamp": "2014-07-08T17:35:27.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "JaneDoe"
-                ]
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"AIDACKCEVSQ6C2EXAMPLE\",\"arn\":\"arn:aws:iam::111122223333:user/JaneDoe\",\"accountId\":\"111122223333\",\"userName\":\"JaneDoe\"},\"eventTime\":\"2014-07-08T17:35:27Z\",\"eventSource\":\"signin.amazonaws.com\",\"eventName\":\"ConsoleLogin\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"89.160.20.156\",\"userAgent\":\"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0\",\"errorMessage\":\"Failed authentication\",\"requestParameters\":null,\"responseElements\":{\"ConsoleLogin\":\"Failure\"},\"additionalEventData\":{\"MobileVersion\":\"No\",\"LoginTo\":\"https://console.aws.amazon.com/sns\",\"MFAUsed\":\"No\"},\"eventID\":\"11ea990b-4678-4bcd-8fbe-625EXAMPLE\"}",
-                "provider": "signin.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "ConsoleLogin",
-                "id": "11ea990b-4678-4bcd-8fbe-625EXAMPLE",
-                "type": [
-                    "info"
-                ],
-                "category": [
-                    "authentication"
-                ],
-                "outcome": "failure"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "error_message": "Failed authentication",
-                    "flattened": {
-                        "additional_eventdata": {
-                            "LoginTo": "https://console.aws.amazon.com/sns",
-                            "MobileVersion": "No",
-                            "MFAUsed": "No"
-                        },
-                        "response_elements": {
-                            "ConsoleLogin": "Failure"
-                        }
-                    },
-                    "additional_eventdata": "{LoginTo=https://console.aws.amazon.com/sns, MobileVersion=No, MFAUsed=No}",
-                    "console_login": {
-                        "additional_eventdata": {
-                            "login_to": "https://console.aws.amazon.com/sns",
-                            "mobile_version": false,
-                            "mfa_used": false
-                        }
-                    },
-                    "user_identity": {
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::111122223333:user/JaneDoe"
-                    },
-                    "response_elements": "{ConsoleLogin=Failure}"
-                }
-            },
-            "user": {
-                "name": "JaneDoe",
-                "id": "AIDACKCEVSQ6C2EXAMPLE"
-            },
-            "user_agent": {
-                "name": "Firefox",
-                "original": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0",
-                "os": {
-                    "name": "Windows",
-                    "version": "7",
-                    "full": "Windows 7"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "24.0."
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "@timestamp": "2014-07-08T17:35:27.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"AssumedRole\",\"principalId\":\"AROAIDPPEZS35WEXAMPLE:AssumedRoleSessionName\",\"arn\":\"arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed/MySessionName\",\"accountId\":\"123456789012\",\"accessKeyId\":\"AKIAIOSFODNN7EXAMPLE\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"false\",\"creationDate\":\"20131102T010628Z\"},\"sessionIssuer\":{\"type\":\"Role\",\"principalId\":\"AROAIDPPEZS35WEXAMPLE\",\"arn\":\"arn:aws:iam::123456789012:role/RoleToBeAssumed\",\"accountId\":\"123456789012\",\"userName\":\"RoleToBeAssumed\"}}},\"eventTime\":\"2014-07-08T17:35:27Z\",\"eventSource\":\"signin.amazonaws.com\",\"eventName\":\"ConsoleLogin\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"89.160.20.156\",\"userAgent\":\"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0\",\"errorMessage\":\"Failed authentication\",\"requestParameters\":null,\"responseElements\":{\"ConsoleLogin\":\"Failure\"},\"additionalEventData\":{\"MobileVersion\":\"No\",\"LoginTo\":\"https://console.aws.amazon.com/sns\",\"MFAUsed\":\"No\"},\"eventID\":\"11ea990b-4678-4bcd-8fbe-625EXAMPLE\"}",
-                "provider": "signin.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "ConsoleLogin",
-                "id": "11ea990b-4678-4bcd-8fbe-625EXAMPLE",
-                "type": [
-                    "info"
-                ],
-                "category": [
-                    "authentication"
-                ],
-                "outcome": "failure"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "error_message": "Failed authentication",
-                    "flattened": {
-                        "additional_eventdata": {
-                            "LoginTo": "https://console.aws.amazon.com/sns",
-                            "MobileVersion": "No",
-                            "MFAUsed": "No"
-                        },
-                        "response_elements": {
-                            "ConsoleLogin": "Failure"
-                        }
-                    },
-                    "additional_eventdata": "{LoginTo=https://console.aws.amazon.com/sns, MobileVersion=No, MFAUsed=No}",
-                    "console_login": {
-                        "additional_eventdata": {
-                            "login_to": "https://console.aws.amazon.com/sns",
-                            "mobile_version": false,
-                            "mfa_used": false
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "AKIAIOSFODNN7EXAMPLE",
-                        "session_context": {
-                            "mfa_authenticated": "false",
-                            "session_issuer": {
-                                "account_id": "123456789012",
-                                "type": "Role",
-                                "arn": "arn:aws:iam::123456789012:role/RoleToBeAssumed",
-                                "principal_id": "AROAIDPPEZS35WEXAMPLE"
-                            }
-                        },
-                        "type": "AssumedRole",
-                        "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed/MySessionName"
-                    },
-                    "response_elements": "{ConsoleLogin=Failure}"
-                }
-            },
-            "user": {
-                "name": "RoleToBeAssumed",
-                "id": "AROAIDPPEZS35WEXAMPLE:AssumedRoleSessionName"
-            },
-            "user_agent": {
-                "name": "Firefox",
-                "original": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0",
-                "os": {
-                    "name": "Windows",
-                    "version": "7",
-                    "full": "Windows 7"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "24.0."
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log
deleted file mode 100644
index d18fcffb9..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-08T15:12:16Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-08T20:43:06Z","eventSource":"iam.amazonaws.com","eventName":"CreateAccessKey","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"userName":"Bob"},"responseElements":{"accessKey":{"accessKeyId":"EXAMPLE_KEY_ID","status":"Active","userName":"Bob","createDate":"Jan 8, 2020 8:43:06 PM"}},"requestID":"EXAMPLE-823a-48dc-8fa9-EXAMPLE","eventID":"EXAMPLE-3cab-40f8-938b-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json
deleted file mode 100644
index 0ffe55825..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-access-key-json.log-expected.json
+++ /dev/null
@@ -1,91 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-08T20:43:06.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-08T15:12:16Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-08T20:43:06Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"CreateAccessKey\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"userName\":\"Bob\"},\"responseElements\":{\"accessKey\":{\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"status\":\"Active\",\"userName\":\"Bob\",\"createDate\":\"Jan 8, 2020 8:43:06 PM\"}},\"requestID\":\"EXAMPLE-823a-48dc-8fa9-EXAMPLE\",\"eventID\":\"EXAMPLE-3cab-40f8-938b-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "CreateAccessKey",
-                "id": "EXAMPLE-3cab-40f8-938b-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob"
-                        },
-                        "response_elements": {
-                            "accessKey": {
-                                "accessKeyId": "EXAMPLE_KEY_ID",
-                                "userName": "Bob",
-                                "status": "Active",
-                                "createDate": "Jan 8, 2020 8:43:06 PM"
-                            }
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-08T15:12:16.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{userName=Bob}",
-                    "response_elements": "{accessKey={accessKeyId=EXAMPLE_KEY_ID, userName=Bob, status=Active, createDate=Jan 8, 2020 8:43:06 PM}}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log
deleted file mode 100644
index f46f6d474..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log
+++ /dev/null
@@ -1,2 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"0123456789012","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-08T15:12:16Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-09T01:48:44Z","eventSource":"iam.amazonaws.com","eventName":"CreateGroup","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"groupName":"TEST-GROUP"},"responseElements":{"group":{"createDate":"Jan 9, 2020 1:48:44 AM","path":"/","arn":"arn:aws:iam::0123456789012:group/TEST-GROUP","groupName":"TEST-GROUP","groupId":"EXAMPLE_ID"}},"requestID":"EXAMPLE-769d-4a61-b731-EXAMPLE","eventID":"EXAMPLE-37ec-425a-a7ef-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"0123456789012","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice"},"eventTime":"2020-01-09T02:22:03Z","eventSource":"iam.amazonaws.com","eventName":"CreateGroup","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","errorCode":"EntityAlreadyExistsException","errorMessage":"Group with name TEST-GROUP already exists.","requestParameters":{"groupName":"TEST-GROUP"},"responseElements":null,"requestID":"EXAMPLE-c8ae-44dc-8114-EXAMPLE","eventID":"EXAMPLE-09c6-4745-af70-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json
deleted file mode 100644
index e8a8378aa..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-group-json.log-expected.json
+++ /dev/null
@@ -1,167 +0,0 @@
-{
-    "expected": [
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T01:48:44.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"0123456789012\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-08T15:12:16Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-09T01:48:44Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"CreateGroup\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"groupName\":\"TEST-GROUP\"},\"responseElements\":{\"group\":{\"createDate\":\"Jan 9, 2020 1:48:44 AM\",\"path\":\"/\",\"arn\":\"arn:aws:iam::0123456789012:group/TEST-GROUP\",\"groupName\":\"TEST-GROUP\",\"groupId\":\"EXAMPLE_ID\"}},\"requestID\":\"EXAMPLE-769d-4a61-b731-EXAMPLE\",\"eventID\":\"EXAMPLE-37ec-425a-a7ef-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "CreateGroup",
-                "id": "EXAMPLE-37ec-425a-a7ef-EXAMPLE",
-                "type": [
-                    "group",
-                    "creation"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "groupName": "TEST-GROUP"
-                        },
-                        "response_elements": {
-                            "group": {
-                                "path": "/",
-                                "groupName": "TEST-GROUP",
-                                "arn": "arn:aws:iam::0123456789012:group/TEST-GROUP",
-                                "groupId": "EXAMPLE_ID",
-                                "createDate": "Jan 9, 2020 1:48:44 AM"
-                            }
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-08T15:12:16.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{groupName=TEST-GROUP}",
-                    "response_elements": "{group={path=/, groupName=TEST-GROUP, groupId=EXAMPLE_ID, arn=arn:aws:iam::0123456789012:group/TEST-GROUP, createDate=Jan 9, 2020 1:48:44 AM}}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "0123456789012"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "group": {
-                "name": "TEST-GROUP",
-                "id": "EXAMPLE_ID"
-            }
-        },
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T02:22:03.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"0123456789012\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-09T02:22:03Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"CreateGroup\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"errorCode\":\"EntityAlreadyExistsException\",\"errorMessage\":\"Group with name TEST-GROUP already exists.\",\"requestParameters\":{\"groupName\":\"TEST-GROUP\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-c8ae-44dc-8114-EXAMPLE\",\"eventID\":\"EXAMPLE-09c6-4745-af70-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "CreateGroup",
-                "id": "EXAMPLE-09c6-4745-af70-EXAMPLE",
-                "type": [
-                    "group",
-                    "creation"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "failure"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "error_message": "Group with name TEST-GROUP already exists.",
-                    "flattened": {
-                        "request_parameters": {
-                            "groupName": "TEST-GROUP"
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "error_code": "EntityAlreadyExistsException",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{groupName=TEST-GROUP}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "0123456789012"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "group": {
-                "name": "TEST-GROUP"
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log
deleted file mode 100644
index 81f2d0107..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.0","userIdentity":{"type":"IAMUser","principalId":"EX_PRINCIPAL_ID","arn":"arn:aws:iam::123456789012:user/Alice","accountId":"123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"false","creationDate":"2014-03-06T15:15:06Z"}}},"eventTime":"2014-03-06T17:10:34Z","eventSource":"ec2.amazonaws.com","eventName":"CreateKeyPair","awsRegion":"us-east-2","sourceIPAddress":"89.160.20.156","userAgent":"EC2ConsoleBackend, aws-sdk-java/Linux/x.xx.fleetxen Java_HotSpot(TM)_64-Bit_Server_VM/xx","requestParameters":{"keyName":"mykeypair"},"responseElements":{"keyName":"mykeypair","keyFingerprint":"30:1d:46:d0:5b:ad:7e:1b:b6:70:62:8b:ff:38:b5:e9:ab:5d:b8:21","keyMaterial":"<sensitiveDataRemoved>"}}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json
deleted file mode 100644
index ce1c161bf..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-key-pair-json.log-expected.json
+++ /dev/null
@@ -1,101 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "@timestamp": "2014-03-06T17:10:34.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.0\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EX_PRINCIPAL_ID\",\"arn\":\"arn:aws:iam::123456789012:user/Alice\",\"accountId\":\"123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"false\",\"creationDate\":\"2014-03-06T15:15:06Z\"}}},\"eventTime\":\"2014-03-06T17:10:34Z\",\"eventSource\":\"ec2.amazonaws.com\",\"eventName\":\"CreateKeyPair\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"89.160.20.156\",\"userAgent\":\"EC2ConsoleBackend, aws-sdk-java/Linux/x.xx.fleetxen Java_HotSpot(TM)_64-Bit_Server_VM/xx\",\"requestParameters\":{\"keyName\":\"mykeypair\"},\"responseElements\":{\"keyName\":\"mykeypair\",\"keyFingerprint\":\"30:1d:46:d0:5b:ad:7e:1b:b6:70:62:8b:ff:38:b5:e9:ab:5d:b8:21\",\"keyMaterial\":\"\u003csensitiveDataRemoved\u003e\"}}",
-                "provider": "ec2.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "CreateKeyPair",
-                "type": [
-                    "admin",
-                    "creation"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.0",
-                    "flattened": {
-                        "request_parameters": {
-                            "keyName": "mykeypair"
-                        },
-                        "response_elements": {
-                            "keyMaterial": "\u003csensitiveDataRemoved\u003e",
-                            "keyName": "mykeypair",
-                            "keyFingerprint": "30:1d:46:d0:5b:ad:7e:1b:b6:70:62:8b:ff:38:b5:e9:ab:5d:b8:21"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "session_context": {
-                            "mfa_authenticated": "false",
-                            "creation_date": "2014-03-06T15:15:06.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::123456789012:user/Alice"
-                    },
-                    "request_parameters": "{keyName=mykeypair}",
-                    "response_elements": "{keyMaterial=\u003csensitiveDataRemoved\u003e, keyFingerprint=30:1d:46:d0:5b:ad:7e:1b:b6:70:62:8b:ff:38:b5:e9:ab:5d:b8:21, keyName=mykeypair}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EX_PRINCIPAL_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "original": "EC2ConsoleBackend, aws-sdk-java/Linux/x.xx.fleetxen Java_HotSpot(TM)_64-Bit_Server_VM/xx",
-                "os": {
-                    "name": "Linux"
-                },
-                "device": {
-                    "name": "Other"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log
deleted file mode 100644
index ebc0c708b..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"sessionIssuer":{},"webIdFederationData":{},"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-08T15:12:16Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-08T15:30:25Z","eventSource":"cloudtrail.amazonaws.com","eventName":"CreateTrail","awsRegion":"us-west-2","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"name":"TEST-trail","s3BucketName":"TEST-cloudtrail-bucket","includeGlobalServiceEvents":true,"isMultiRegionTrail":true,"enableLogFileValidation":true,"kmsKeyId":"","isOrganizationTrail":false},"responseElements":{"name":"TEST-trail","s3BucketName":"TEST-cloudtrail-bucket","includeGlobalServiceEvents":true,"isMultiRegionTrail":true,"trailARN":"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail","logFileValidationEnabled":true,"isOrganizationTrail":false},"requestID":"EXAMPLE-5149-4cf2-be99-EXAMPLE","eventID":"EXAMPLE-d04b-4eff-833a-EXAMPLE","readOnly":false,"eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json
deleted file mode 100644
index b86259807..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-trail-json.log-expected.json
+++ /dev/null
@@ -1,88 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-west-2",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-08T15:30:25.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"sessionIssuer\":{},\"webIdFederationData\":{},\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-08T15:12:16Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-08T15:30:25Z\",\"eventSource\":\"cloudtrail.amazonaws.com\",\"eventName\":\"CreateTrail\",\"awsRegion\":\"us-west-2\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"name\":\"TEST-trail\",\"s3BucketName\":\"TEST-cloudtrail-bucket\",\"includeGlobalServiceEvents\":true,\"isMultiRegionTrail\":true,\"enableLogFileValidation\":true,\"kmsKeyId\":\"\",\"isOrganizationTrail\":false},\"responseElements\":{\"name\":\"TEST-trail\",\"s3BucketName\":\"TEST-cloudtrail-bucket\",\"includeGlobalServiceEvents\":true,\"isMultiRegionTrail\":true,\"trailARN\":\"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail\",\"logFileValidationEnabled\":true,\"isOrganizationTrail\":false},\"requestID\":\"EXAMPLE-5149-4cf2-be99-EXAMPLE\",\"eventID\":\"EXAMPLE-d04b-4eff-833a-EXAMPLE\",\"readOnly\":false,\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "cloudtrail.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "CreateTrail",
-                "id": "EXAMPLE-d04b-4eff-833a-EXAMPLE",
-                "type": "info",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "name": "TEST-trail",
-                            "enableLogFileValidation": true,
-                            "isOrganizationTrail": false,
-                            "isMultiRegionTrail": true,
-                            "includeGlobalServiceEvents": true,
-                            "s3BucketName": "TEST-cloudtrail-bucket"
-                        },
-                        "response_elements": {
-                            "logFileValidationEnabled": true,
-                            "isMultiRegionTrail": true,
-                            "s3BucketName": "TEST-cloudtrail-bucket",
-                            "name": "TEST-trail",
-                            "trailARN": "arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail",
-                            "isOrganizationTrail": false,
-                            "includeGlobalServiceEvents": true
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "read_only": false,
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-08T15:12:16.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{isMultiRegionTrail=true, s3BucketName=TEST-cloudtrail-bucket, name=TEST-trail, enableLogFileValidation=true, isOrganizationTrail=false, includeGlobalServiceEvents=true}",
-                    "response_elements": "{logFileValidationEnabled=true, isMultiRegionTrail=true, s3BucketName=TEST-cloudtrail-bucket, name=TEST-trail, trailARN=arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail, isOrganizationTrail=false, includeGlobalServiceEvents=true}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log
deleted file mode 100644
index 37e60f3f8..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.0","userIdentity":{"type":"IAMUser","principalId":"EX_PRINCIPAL_ID","arn":"arn:aws:iam::123456789012:user/Alice","accountId":"123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice"},"eventTime":"2014-03-24T21:11:59Z","eventSource":"iam.amazonaws.com","eventName":"CreateUser","awsRegion":"us-east-2","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.3.2 Python/2.7.5 Windows/7","requestParameters":{"userName":"Bob"},"responseElements":{"user":{"createDate":"Mar 24, 2014 9:11:59 PM","userName":"Bob","arn":"arn:aws:iam::123456789012:user/Bob","path":"/","userId":"EXAMPLEUSERID"}}}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json
deleted file mode 100644
index 413dc250e..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-user-json.log-expected.json
+++ /dev/null
@@ -1,89 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "@timestamp": "2014-03-24T21:11:59.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.0\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EX_PRINCIPAL_ID\",\"arn\":\"arn:aws:iam::123456789012:user/Alice\",\"accountId\":\"123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\"},\"eventTime\":\"2014-03-24T21:11:59Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"CreateUser\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.3.2 Python/2.7.5 Windows/7\",\"requestParameters\":{\"userName\":\"Bob\"},\"responseElements\":{\"user\":{\"createDate\":\"Mar 24, 2014 9:11:59 PM\",\"userName\":\"Bob\",\"arn\":\"arn:aws:iam::123456789012:user/Bob\",\"path\":\"/\",\"userId\":\"EXAMPLEUSERID\"}}}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "CreateUser",
-                "type": [
-                    "user",
-                    "creation"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.0",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob"
-                        },
-                        "response_elements": {
-                            "user": {
-                                "path": "/",
-                                "userName": "Bob",
-                                "arn": "arn:aws:iam::123456789012:user/Bob",
-                                "userId": "EXAMPLEUSERID",
-                                "createDate": "Mar 24, 2014 9:11:59 PM"
-                            }
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::123456789012:user/Alice"
-                    },
-                    "request_parameters": "{userName=Bob}",
-                    "response_elements": "{user={path=/, userName=Bob, arn=arn:aws:iam::123456789012:user/Bob, userId=EXAMPLEUSERID, createDate=Mar 24, 2014 9:11:59 PM}}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EX_PRINCIPAL_ID",
-                "target": {
-                    "name": "Bob",
-                    "id": "EXAMPLEUSERID"
-                }
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.3.2 Python/2.7.5 Windows/7",
-                "os": {
-                    "name": "Windows"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "1.3.2"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log
deleted file mode 100644
index 5d33cd1ae..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"false","creationDate":"2019-11-27T15:07:22Z"}}},"eventTime":"2019-11-27T15:10:15Z","eventSource":"iam.amazonaws.com","eventName":"CreateVirtualMFADevice","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"console.amazonaws.com","requestParameters":{"virtualMFADeviceName":"Alice","path":"/"},"responseElements":{"virtualMFADevice":{"serialNumber":"arn:aws:iam::0123456789012:mfa/Alice"}},"requestID":"EXAMPLE-303b-4b0e-a8c7-EXAMPLE","eventID":"EXAMPLE-351c-472a-b089-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json
deleted file mode 100644
index 1884ebe14..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-create-virtual-mfa-device-json.log-expected.json
+++ /dev/null
@@ -1,84 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2019-11-27T15:10:15.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"false\",\"creationDate\":\"2019-11-27T15:07:22Z\"}}},\"eventTime\":\"2019-11-27T15:10:15Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"CreateVirtualMFADevice\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"console.amazonaws.com\",\"requestParameters\":{\"virtualMFADeviceName\":\"Alice\",\"path\":\"/\"},\"responseElements\":{\"virtualMFADevice\":{\"serialNumber\":\"arn:aws:iam::0123456789012:mfa/Alice\"}},\"requestID\":\"EXAMPLE-303b-4b0e-a8c7-EXAMPLE\",\"eventID\":\"EXAMPLE-351c-472a-b089-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "CreateVirtualMFADevice",
-                "id": "EXAMPLE-351c-472a-b089-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "path": "/",
-                            "virtualMFADeviceName": "Alice"
-                        },
-                        "response_elements": {
-                            "virtualMFADevice": {
-                                "serialNumber": "arn:aws:iam::0123456789012:mfa/Alice"
-                            }
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "session_context": {
-                            "mfa_authenticated": "false",
-                            "creation_date": "2019-11-27T15:07:22.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{path=/, virtualMFADeviceName=Alice}",
-                    "response_elements": "{virtualMFADevice={serialNumber=arn:aws:iam::0123456789012:mfa/Alice}}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "console.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log
deleted file mode 100644
index bc8b0627f..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-09T16:36:17Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T00:34:02Z","eventSource":"iam.amazonaws.com","eventName":"DeactivateMFADevice","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"userName":"Alice","serialNumber":"arn:aws:iam::0123456789012:mfa/Alice"},"responseElements":null,"requestID":"EXAMPLE-801a-4624-8fa0-EXAMPLE","eventID":"EXAMPLE-1889-416b-ace9-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json
deleted file mode 100644
index b30f8843b..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-deactivate-mfa-device-json.log-expected.json
+++ /dev/null
@@ -1,82 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T00:34:02.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-09T16:36:17Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T00:34:02Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"DeactivateMFADevice\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"userName\":\"Alice\",\"serialNumber\":\"arn:aws:iam::0123456789012:mfa/Alice\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-801a-4624-8fa0-EXAMPLE\",\"eventID\":\"EXAMPLE-1889-416b-ace9-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeactivateMFADevice",
-                "id": "EXAMPLE-1889-416b-ace9-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Alice",
-                            "serialNumber": "arn:aws:iam::0123456789012:mfa/Alice"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_ID",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-09T16:36:17.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{serialNumber=arn:aws:iam::0123456789012:mfa/Alice, userName=Alice}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Alice"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log
deleted file mode 100644
index 63799766f..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-08T15:12:16Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-08T19:09:36Z","eventSource":"iam.amazonaws.com","eventName":"DeleteAccessKey","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"userName":"Bob","accessKeyId":"EXAMPLE_ID"},"responseElements":null,"requestID":"EXAMPLE-3bea-41fa-a0b4-EXAMPLE","eventID":"EXAMPLE-0698-46bd-998d-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json
deleted file mode 100644
index aa9e820ad..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-access-key-json.log-expected.json
+++ /dev/null
@@ -1,83 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-08T19:09:36.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-08T15:12:16Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-08T19:09:36Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"DeleteAccessKey\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"userName\":\"Bob\",\"accessKeyId\":\"EXAMPLE_ID\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-3bea-41fa-a0b4-EXAMPLE\",\"eventID\":\"EXAMPLE-0698-46bd-998d-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteAccessKey",
-                "id": "EXAMPLE-0698-46bd-998d-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "accessKeyId": "EXAMPLE_ID",
-                            "userName": "Bob"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_ID",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-08T15:12:16.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{accessKeyId=EXAMPLE_ID, userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log
deleted file mode 100644
index ab5c34153..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.04","userIdentity":{"type":"AssumedRole","principalId":"AIDAQRSTUVWXYZEXAMPLE:devdsk","arn":"arn:aws:sts::777788889999:assumed-role/AssumeNothing/devdsk","accountId":"777788889999","accessKeyId":"AKIAQRSTUVWXYZEXAMPLE","sessionContext":{"attributes":{"mfaAuthenticated":"false","creationDate":"2016-11-14T17:25:26Z"},"sessionIssuer":{"type":"Role","principalId":"AIDAQRSTUVWXYZEXAMPLE","arn":"arn:aws:iam::777788889999:role/AssumeNothing","accountId":"777788889999","userName":"AssumeNothing"}}},"eventTime":"2016-11-14T17:25:45Z","eventSource":"s3.amazonaws.com","eventName":"DeleteBucket","awsRegion":"us-east-2","sourceIPAddress":"89.160.20.156","userAgent":"[aws-cli/1.11.10 Python/2.7.8 Linux/3.2.45-0.6.wd.865.49.315.metal1.x86_64 botocore/1.4.67]","requestParameters":{"bucketName":"my-test-bucket-cross-account"},"responseElements":null,"requestID":"EXAMPLE463D56D4C","eventID":"dEXAMPLE-265a-41e0-9352-4401bEXAMPLE","eventType":"AwsApiCall","recipientAccountId":"777788889999"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json
deleted file mode 100644
index ce237efc6..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-bucket-json.log-expected.json
+++ /dev/null
@@ -1,101 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "777788889999"
-                }
-            },
-            "@timestamp": "2016-11-14T17:25:45.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.04\",\"userIdentity\":{\"type\":\"AssumedRole\",\"principalId\":\"AIDAQRSTUVWXYZEXAMPLE:devdsk\",\"arn\":\"arn:aws:sts::777788889999:assumed-role/AssumeNothing/devdsk\",\"accountId\":\"777788889999\",\"accessKeyId\":\"AKIAQRSTUVWXYZEXAMPLE\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"false\",\"creationDate\":\"2016-11-14T17:25:26Z\"},\"sessionIssuer\":{\"type\":\"Role\",\"principalId\":\"AIDAQRSTUVWXYZEXAMPLE\",\"arn\":\"arn:aws:iam::777788889999:role/AssumeNothing\",\"accountId\":\"777788889999\",\"userName\":\"AssumeNothing\"}}},\"eventTime\":\"2016-11-14T17:25:45Z\",\"eventSource\":\"s3.amazonaws.com\",\"eventName\":\"DeleteBucket\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"89.160.20.156\",\"userAgent\":\"[aws-cli/1.11.10 Python/2.7.8 Linux/3.2.45-0.6.wd.865.49.315.metal1.x86_64 botocore/1.4.67]\",\"requestParameters\":{\"bucketName\":\"my-test-bucket-cross-account\"},\"responseElements\":null,\"requestID\":\"EXAMPLE463D56D4C\",\"eventID\":\"dEXAMPLE-265a-41e0-9352-4401bEXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"777788889999\"}",
-                "provider": "s3.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteBucket",
-                "id": "dEXAMPLE-265a-41e0-9352-4401bEXAMPLE",
-                "type": [
-                    "deletion"
-                ],
-                "category": [
-                    "file"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.04",
-                    "flattened": {
-                        "request_parameters": {
-                            "bucketName": "my-test-bucket-cross-account"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "AKIAQRSTUVWXYZEXAMPLE",
-                        "session_context": {
-                            "mfa_authenticated": "false",
-                            "session_issuer": {
-                                "account_id": "777788889999",
-                                "type": "Role",
-                                "arn": "arn:aws:iam::777788889999:role/AssumeNothing",
-                                "principal_id": "AIDAQRSTUVWXYZEXAMPLE"
-                            },
-                            "creation_date": "2016-11-14T17:25:26.000Z"
-                        },
-                        "type": "AssumedRole",
-                        "arn": "arn:aws:sts::777788889999:assumed-role/AssumeNothing/devdsk"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "777788889999",
-                    "request_parameters": "{bucketName=my-test-bucket-cross-account}"
-                }
-            },
-            "user": {
-                "name": "AssumeNothing",
-                "id": "AIDAQRSTUVWXYZEXAMPLE:devdsk"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "[aws-cli/1.11.10 Python/2.7.8 Linux/3.2.45-0.6.wd.865.49.315.metal1.x86_64 botocore/1.4.67]",
-                "os": {
-                    "name": "Linux",
-                    "version": "3.2.45",
-                    "full": "Linux 3.2.45"
-                },
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.11.10"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log
deleted file mode 100644
index 97e75c9ab..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log
+++ /dev/null
@@ -1,2 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"0123456789012","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-08T15:12:16Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-09T02:25:44Z","eventSource":"iam.amazonaws.com","eventName":"DeleteGroup","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"groupName":"TEST-GROUP"},"responseElements":null,"requestID":"EXAMPLE-66cb-4775-a203-EXAMPLE","eventID":"EXAMPLE-cbc2-4cc3-8bbc-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_PRINCIPLE","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice"},"eventTime":"2020-01-09T02:25:11Z","eventSource":"iam.amazonaws.com","eventName":"DeleteGroup","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","errorCode":"DeleteConflictException","errorMessage":"Cannot delete entity, must detach all policies first.","requestParameters":{"groupName":"TEST-GROUP"},"responseElements":null,"requestID":"EXAMPLE-2a3c-4a94-b24f-EXAMPLE","eventID":"EXAMPLE-5aa2-4b5f-a52a-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json
deleted file mode 100644
index 4495b77d4..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-group-json.log-expected.json
+++ /dev/null
@@ -1,156 +0,0 @@
-{
-    "expected": [
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T02:25:44.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"0123456789012\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-08T15:12:16Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-09T02:25:44Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"DeleteGroup\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"groupName\":\"TEST-GROUP\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-66cb-4775-a203-EXAMPLE\",\"eventID\":\"EXAMPLE-cbc2-4cc3-8bbc-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteGroup",
-                "id": "EXAMPLE-cbc2-4cc3-8bbc-EXAMPLE",
-                "type": [
-                    "group",
-                    "deletion"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "groupName": "TEST-GROUP"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-08T15:12:16.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{groupName=TEST-GROUP}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "0123456789012"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "group": {
-                "name": "TEST-GROUP"
-            }
-        },
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T02:25:11.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_PRINCIPLE\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-09T02:25:11Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"DeleteGroup\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"errorCode\":\"DeleteConflictException\",\"errorMessage\":\"Cannot delete entity, must detach all policies first.\",\"requestParameters\":{\"groupName\":\"TEST-GROUP\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-2a3c-4a94-b24f-EXAMPLE\",\"eventID\":\"EXAMPLE-5aa2-4b5f-a52a-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteGroup",
-                "id": "EXAMPLE-5aa2-4b5f-a52a-EXAMPLE",
-                "type": [
-                    "group",
-                    "deletion"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "failure"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "error_message": "Cannot delete entity, must detach all policies first.",
-                    "flattened": {
-                        "request_parameters": {
-                            "groupName": "TEST-GROUP"
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "error_code": "DeleteConflictException",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{groupName=TEST-GROUP}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_PRINCIPLE"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "group": {
-                "name": "TEST-GROUP"
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log
deleted file mode 100644
index 47451dfe3..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-10T14:38:30Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T16:07:08Z","eventSource":"iam.amazonaws.com","eventName":"DeleteSSHPublicKey","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"sSHPublicKeyId":"EXAMPLE_KEY_ID","userName":"Bob"},"responseElements":null,"requestID":"EXAMPLE-7b34-44ae-a22f-EXAMPLE","eventID":"EXAMPLE-72ff-4d4f-9a8d-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json
deleted file mode 100644
index 253d4c6b7..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-ssh-public-key-json.log-expected.json
+++ /dev/null
@@ -1,83 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T16:07:08.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-10T14:38:30Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T16:07:08Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"DeleteSSHPublicKey\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"sSHPublicKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Bob\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-7b34-44ae-a22f-EXAMPLE\",\"eventID\":\"EXAMPLE-72ff-4d4f-9a8d-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteSSHPublicKey",
-                "id": "EXAMPLE-72ff-4d4f-9a8d-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob",
-                            "sSHPublicKeyId": "EXAMPLE_KEY_ID"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-10T14:38:30.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{sSHPublicKeyId=EXAMPLE_KEY_ID, userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log
deleted file mode 100644
index f747ff2c1..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice"},"eventTime":"2020-01-09T20:09:51Z","eventSource":"cloudtrail.amazonaws.com","eventName":"DeleteTrail","awsRegion":"us-west-2","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","requestParameters":{"name":"arn:aws:cloudtrail:us-west-2:0123456789012:trail/test-trail"},"responseElements":null,"requestID":"EXAMPLE-d44f-4a2a-966f-EXAMPLE","eventID":"EXAMPLE-3f9d-4634-8ff1-EXAMPLE","readOnly":false,"eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json
deleted file mode 100644
index ae6e0fb9e..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-trail-json.log-expected.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-west-2",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T20:09:51.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-09T20:09:51Z\",\"eventSource\":\"cloudtrail.amazonaws.com\",\"eventName\":\"DeleteTrail\",\"awsRegion\":\"us-west-2\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"requestParameters\":{\"name\":\"arn:aws:cloudtrail:us-west-2:0123456789012:trail/test-trail\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-d44f-4a2a-966f-EXAMPLE\",\"eventID\":\"EXAMPLE-3f9d-4634-8ff1-EXAMPLE\",\"readOnly\":false,\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "cloudtrail.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteTrail",
-                "id": "EXAMPLE-3f9d-4634-8ff1-EXAMPLE",
-                "type": "info",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "name": "arn:aws:cloudtrail:us-west-2:0123456789012:trail/test-trail"
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "read_only": false,
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{name=arn:aws:cloudtrail:us-west-2:0123456789012:trail/test-trail}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log
deleted file mode 100644
index ce00f5a11..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EX_PRINCIPAL_ID","arn":"arn:aws:iam::123456789012:user/Alice","accountId":"123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-03T15:26:38Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-03T15:50:52Z","eventSource":"iam.amazonaws.com","eventName":"DeleteUser","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"userName":"Bob"},"responseElements":null,"requestID":"0e794d53-cdb5-4f7d-b7db-5EXAMPLE","eventID":"b89eb34b-8fcb-4cba-8439-d4EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json
deleted file mode 100644
index 6026a18f9..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-user-json.log-expected.json
+++ /dev/null
@@ -1,82 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "@timestamp": "2020-01-03T15:50:52.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EX_PRINCIPAL_ID\",\"arn\":\"arn:aws:iam::123456789012:user/Alice\",\"accountId\":\"123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-03T15:26:38Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-03T15:50:52Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"DeleteUser\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"userName\":\"Bob\"},\"responseElements\":null,\"requestID\":\"0e794d53-cdb5-4f7d-b7db-5EXAMPLE\",\"eventID\":\"b89eb34b-8fcb-4cba-8439-d4EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteUser",
-                "id": "b89eb34b-8fcb-4cba-8439-d4EXAMPLE",
-                "type": [
-                    "user",
-                    "deletion"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-03T15:26:38.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "123456789012",
-                    "request_parameters": "{userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EX_PRINCIPAL_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log
deleted file mode 100644
index ad22f5168..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-09T16:36:17Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T00:34:02Z","eventSource":"iam.amazonaws.com","eventName":"DeleteVirtualMFADevice","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"serialNumber":"arn:aws:iam::0123456789012:mfa/Alice"},"responseElements":null,"requestID":"EXAMPLE-af91-4d1a-aaf2-EXAMPLE","eventID":"EXAMPLE-f8e6-4d5f-8525-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json
deleted file mode 100644
index 86319a3d4..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-delete-virtual-mfa-device-json.log-expected.json
+++ /dev/null
@@ -1,78 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T00:34:02.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-09T16:36:17Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T00:34:02Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"DeleteVirtualMFADevice\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"serialNumber\":\"arn:aws:iam::0123456789012:mfa/Alice\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-af91-4d1a-aaf2-EXAMPLE\",\"eventID\":\"EXAMPLE-f8e6-4d5f-8525-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "DeleteVirtualMFADevice",
-                "id": "EXAMPLE-f8e6-4d5f-8525-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "serialNumber": "arn:aws:iam::0123456789012:mfa/Alice"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-09T16:36:17.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{serialNumber=arn:aws:iam::0123456789012:mfa/Alice}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log
deleted file mode 100644
index 67cdd3ad6..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"false","creationDate":"2019-11-27T15:07:22Z"}}},"eventTime":"2019-11-27T15:11:09Z","eventSource":"iam.amazonaws.com","eventName":"EnableMFADevice","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"console.amazonaws.com","requestParameters":{"userName":"Bob","serialNumber":"arn:aws:iam::0123456789012:mfa/Bob"},"responseElements":null,"requestID":"EXAMPLE-adea-490a-a806-EXAMPLE","eventID":"EXAMPLE-3fdc-4b2a-9885-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json
deleted file mode 100644
index 9ac93b966..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-enable-mfa-device-json.log-expected.json
+++ /dev/null
@@ -1,82 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2019-11-27T15:11:09.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"false\",\"creationDate\":\"2019-11-27T15:07:22Z\"}}},\"eventTime\":\"2019-11-27T15:11:09Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"EnableMFADevice\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"console.amazonaws.com\",\"requestParameters\":{\"userName\":\"Bob\",\"serialNumber\":\"arn:aws:iam::0123456789012:mfa/Bob\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-adea-490a-a806-EXAMPLE\",\"eventID\":\"EXAMPLE-3fdc-4b2a-9885-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "EnableMFADevice",
-                "id": "EXAMPLE-3fdc-4b2a-9885-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob",
-                            "serialNumber": "arn:aws:iam::0123456789012:mfa/Bob"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "session_context": {
-                            "mfa_authenticated": "false",
-                            "creation_date": "2019-11-27T15:07:22.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{serialNumber=arn:aws:iam::0123456789012:mfa/Bob, userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "console.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log
deleted file mode 100644
index c5c536fe7..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.07","eventTime":"2020-09-09T23:00:00Z","awsRegion":"us-east-1","eventID":"41ed77ca-d659-b45a-8e9a-74e504300007","eventType":"AwsCloudTrailInsight","recipientAccountId":"123456789012","sharedEventID":"e672c2b1-e71a-4779-f96c-02da7bb30d2e","insightDetails":{"state":"End","eventSource":"iam.amazonaws.com","eventName":"AttachUserPolicy","insightType":"ApiCallRateInsight","insffightContext":{"statistics":{"baseline":{"average":0.0},"insight":{"average":2.0},"insightDuration":1,"baselineDuration":11459},"attributions":[{"attribute":"userIdentityArn","insight":[{"value":"arn:aws:iam::123456789012:user/Alice","average":2.0}],"baseline":[]},{"attribute":"userAgent","insight":[{"value":"console.amazonaws.com","average":2.0}],"baseline":[]},{"attribute":"errorCode","insight":[{"value":"null","average":2.0}],"baseline":[]}]}},"eventCategory":"Insight"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json
deleted file mode 100644
index f8a1c9b1f..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-insight-json.log-expected.json
+++ /dev/null
@@ -1,81 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1"
-            },
-            "@timestamp": "2020-09-09T23:00:00.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.07\",\"eventTime\":\"2020-09-09T23:00:00Z\",\"awsRegion\":\"us-east-1\",\"eventID\":\"41ed77ca-d659-b45a-8e9a-74e504300007\",\"eventType\":\"AwsCloudTrailInsight\",\"recipientAccountId\":\"123456789012\",\"sharedEventID\":\"e672c2b1-e71a-4779-f96c-02da7bb30d2e\",\"insightDetails\":{\"state\":\"End\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"AttachUserPolicy\",\"insightType\":\"ApiCallRateInsight\",\"insffightContext\":{\"statistics\":{\"baseline\":{\"average\":0.0},\"insight\":{\"average\":2.0},\"insightDuration\":1,\"baselineDuration\":11459},\"attributions\":[{\"attribute\":\"userIdentityArn\",\"insight\":[{\"value\":\"arn:aws:iam::123456789012:user/Alice\",\"average\":2.0}],\"baseline\":[]},{\"attribute\":\"userAgent\",\"insight\":[{\"value\":\"console.amazonaws.com\",\"average\":2.0}],\"baseline\":[]},{\"attribute\":\"errorCode\",\"insight\":[{\"value\":\"null\",\"average\":2.0}],\"baseline\":[]}]}},\"eventCategory\":\"Insight\"}",
-                "id": "41ed77ca-d659-b45a-8e9a-74e504300007",
-                "type": "info",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.07",
-                    "flattened": {
-                        "insight_details": {
-                            "eventSource": "iam.amazonaws.com",
-                            "eventName": "AttachUserPolicy",
-                            "state": "End",
-                            "insightType": "ApiCallRateInsight",
-                            "insffightContext": {
-                                "attributions": [
-                                    {
-                                        "insight": [
-                                            {
-                                                "average": 2.0,
-                                                "value": "arn:aws:iam::123456789012:user/Alice"
-                                            }
-                                        ],
-                                        "attribute": "userIdentityArn"
-                                    },
-                                    {
-                                        "insight": [
-                                            {
-                                                "average": 2.0,
-                                                "value": "console.amazonaws.com"
-                                            }
-                                        ],
-                                        "attribute": "userAgent"
-                                    },
-                                    {
-                                        "insight": [
-                                            {
-                                                "average": 2.0,
-                                                "value": "null"
-                                            }
-                                        ],
-                                        "attribute": "errorCode"
-                                    }
-                                ],
-                                "statistics": {
-                                    "baselineDuration": 11459,
-                                    "insight": {
-                                        "average": 2.0
-                                    },
-                                    "insightDuration": 1,
-                                    "baseline": {
-                                        "average": 0.0
-                                    }
-                                }
-                            }
-                        }
-                    },
-                    "event_type": "AwsCloudTrailInsight",
-                    "recipient_account_id": "123456789012",
-                    "event_category": "Insight"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log
deleted file mode 100644
index 93c180dfe..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-06T14:36:28Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-06T15:19:50Z","eventSource":"iam.amazonaws.com","eventName":"RemoveUserFromGroup","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"groupName":"Admin","userName":"Bob"},"responseElements":null,"requestID":"EXAMPLE-0bf0-47be-bc80-EXAMPLE","eventID":"EXAMPLE-6e8b-431a-94f4-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json
deleted file mode 100644
index f3ade51a5..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-remove-user-from-group-json.log-expected.json
+++ /dev/null
@@ -1,86 +0,0 @@
-{
-    "expected": [
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-06T15:19:50.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-06T14:36:28Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-06T15:19:50Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"RemoveUserFromGroup\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"groupName\":\"Admin\",\"userName\":\"Bob\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-0bf0-47be-bc80-EXAMPLE\",\"eventID\":\"EXAMPLE-6e8b-431a-94f4-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "RemoveUserFromGroup",
-                "id": "EXAMPLE-6e8b-431a-94f4-EXAMPLE",
-                "type": [
-                    "group",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob",
-                            "groupName": "Admin"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-06T14:36:28.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{groupName=Admin, userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "group": {
-                "name": "Admin"
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log
deleted file mode 100644
index e03d924e9..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"sessionIssuer":{},"webIdFederationData":{},"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-08T15:12:16Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-08T15:30:25Z","eventSource":"cloudtrail.amazonaws.com","eventName":"StartLogging","awsRegion":"us-west-2","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"name":"TEST-trail"},"responseElements":null,"requestID":"EXAMPLE-1c30-4f43-9763-EXAMPLE","eventID":"EXAMPLE-aa78-4a84-a27f-EXAMPLE","readOnly":false,"eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json
deleted file mode 100644
index 39c81506b..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-start-logging-json.log-expected.json
+++ /dev/null
@@ -1,73 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-west-2",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-08T15:30:25.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"sessionIssuer\":{},\"webIdFederationData\":{},\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-08T15:12:16Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-08T15:30:25Z\",\"eventSource\":\"cloudtrail.amazonaws.com\",\"eventName\":\"StartLogging\",\"awsRegion\":\"us-west-2\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"name\":\"TEST-trail\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-1c30-4f43-9763-EXAMPLE\",\"eventID\":\"EXAMPLE-aa78-4a84-a27f-EXAMPLE\",\"readOnly\":false,\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "cloudtrail.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "StartLogging",
-                "id": "EXAMPLE-aa78-4a84-a27f-EXAMPLE",
-                "type": "info",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "name": "TEST-trail"
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "read_only": false,
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-08T15:12:16.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{name=TEST-trail}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log
deleted file mode 100644
index b2c96b814..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"sessionIssuer":{},"webIdFederationData":{},"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-09T16:36:17Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-09T16:46:16Z","eventSource":"cloudtrail.amazonaws.com","eventName":"StopLogging","awsRegion":"us-west-2","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"name":"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail"},"responseElements":null,"requestID":"EXAMPLE-869f-4fec-86f9-EXAMPLE","eventID":"EXAMPLE-8cc3-42db-9a0d-EXAMPLE","readOnly":false,"eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json
deleted file mode 100644
index 47da07903..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-stop-logging-json.log-expected.json
+++ /dev/null
@@ -1,73 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-west-2",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T16:46:16.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"sessionIssuer\":{},\"webIdFederationData\":{},\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-09T16:36:17Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-09T16:46:16Z\",\"eventSource\":\"cloudtrail.amazonaws.com\",\"eventName\":\"StopLogging\",\"awsRegion\":\"us-west-2\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"name\":\"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-869f-4fec-86f9-EXAMPLE\",\"eventID\":\"EXAMPLE-8cc3-42db-9a0d-EXAMPLE\",\"readOnly\":false,\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "cloudtrail.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "StopLogging",
-                "id": "EXAMPLE-8cc3-42db-9a0d-EXAMPLE",
-                "type": "info",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "name": "arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail"
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "read_only": false,
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-09T16:36:17.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{name=arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log
deleted file mode 100644
index ed2b823cf..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-10T14:38:30Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T15:01:23Z","eventSource":"iam.amazonaws.com","eventName":"UpdateAccessKey","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"status":"Inactive","accessKeyId":"EXAMPLE_KEY_ID","userName":"Bob"},"responseElements":null,"requestID":"EXAMPLE-7d0c-45f4-b25b-EXAMPLE","eventID":"EXAMPLE-0ef0-42cd-8551-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json
deleted file mode 100644
index 5ae9bff98..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-access-key-json.log-expected.json
+++ /dev/null
@@ -1,84 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T15:01:23.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-10T14:38:30Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T15:01:23Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateAccessKey\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"status\":\"Inactive\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Bob\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-7d0c-45f4-b25b-EXAMPLE\",\"eventID\":\"EXAMPLE-0ef0-42cd-8551-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateAccessKey",
-                "id": "EXAMPLE-0ef0-42cd-8551-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "accessKeyId": "EXAMPLE_KEY_ID",
-                            "userName": "Bob",
-                            "status": "Inactive"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-10T14:38:30.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{accessKeyId=EXAMPLE_KEY_ID, userName=Bob, status=Inactive}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log
deleted file mode 100644
index 24094717e..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-10T14:38:30Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T18:05:33Z","eventSource":"iam.amazonaws.com","eventName":"UpdateAccountPasswordPolicy","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"requireLowercaseCharacters":true,"requireSymbols":true,"requireNumbers":true,"minimumPasswordLength":12,"requireUppercaseCharacters":true,"allowUsersToChangePassword":true},"responseElements":null,"requestID":"EXAMPLE-5ebf-4bc3-a349-EXAMPLE","eventID":"EXAMPLE-91f9-49f3-948c-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json
deleted file mode 100644
index 27ceafa8f..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-accout-password-policy-json.log-expected.json
+++ /dev/null
@@ -1,83 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T18:05:33.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-10T14:38:30Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T18:05:33Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateAccountPasswordPolicy\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"requireLowercaseCharacters\":true,\"requireSymbols\":true,\"requireNumbers\":true,\"minimumPasswordLength\":12,\"requireUppercaseCharacters\":true,\"allowUsersToChangePassword\":true},\"responseElements\":null,\"requestID\":\"EXAMPLE-5ebf-4bc3-a349-EXAMPLE\",\"eventID\":\"EXAMPLE-91f9-49f3-948c-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateAccountPasswordPolicy",
-                "id": "EXAMPLE-91f9-49f3-948c-EXAMPLE",
-                "type": [
-                    "admin",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "requireLowercaseCharacters": true,
-                            "minimumPasswordLength": 12,
-                            "requireNumbers": true,
-                            "requireSymbols": true,
-                            "requireUppercaseCharacters": true,
-                            "allowUsersToChangePassword": true
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-10T14:38:30.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{minimumPasswordLength=12, requireSymbols=true, allowUsersToChangePassword=true, requireLowercaseCharacters=true, requireNumbers=true, requireUppercaseCharacters=true}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log
deleted file mode 100644
index 27f9733a7..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log
+++ /dev/null
@@ -1,2 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"0123456789012","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice"},"eventTime":"2020-01-09T02:23:11Z","eventSource":"iam.amazonaws.com","eventName":"UpdateGroup","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","requestParameters":{"newGroupName":"TEST-GROUP2","groupName":"TEST-GROUP"},"responseElements":null,"requestID":"EXAMPLE-c22d-4fca-b40a-EXAMPLE","eventID":"EXAMPLE-c3aa-487b-b05e-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"0123456789012","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice"},"eventTime":"2020-01-09T02:24:35Z","eventSource":"iam.amazonaws.com","eventName":"UpdateGroup","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","errorCode":"EntityAlreadyExistsException","errorMessage":"Group with name TEST-GROUP already exists.","requestParameters":{"newGroupName":"TEST-GROUP","groupName":"TEST-GROUP2"},"responseElements":null,"requestID":"EXAMPLE-f673-4ce7-8529-EXAMPLE","eventID":"EXAMPLE-6a0b-475c-b5db-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json
deleted file mode 100644
index 7b75f3b3e..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-group-json.log-expected.json
+++ /dev/null
@@ -1,154 +0,0 @@
-{
-    "expected": [
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T02:23:11.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"0123456789012\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-09T02:23:11Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateGroup\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"requestParameters\":{\"newGroupName\":\"TEST-GROUP2\",\"groupName\":\"TEST-GROUP\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-c22d-4fca-b40a-EXAMPLE\",\"eventID\":\"EXAMPLE-c3aa-487b-b05e-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateGroup",
-                "id": "EXAMPLE-c3aa-487b-b05e-EXAMPLE",
-                "type": [
-                    "group",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "groupName": "TEST-GROUP",
-                            "newGroupName": "TEST-GROUP2"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{groupName=TEST-GROUP, newGroupName=TEST-GROUP2}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "0123456789012"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "group": {
-                "name": "TEST-GROUP"
-            }
-        },
-        {
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-09T02:24:35.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"0123456789012\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-09T02:24:35Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateGroup\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"errorCode\":\"EntityAlreadyExistsException\",\"errorMessage\":\"Group with name TEST-GROUP already exists.\",\"requestParameters\":{\"newGroupName\":\"TEST-GROUP\",\"groupName\":\"TEST-GROUP2\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-f673-4ce7-8529-EXAMPLE\",\"eventID\":\"EXAMPLE-6a0b-475c-b5db-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateGroup",
-                "id": "EXAMPLE-6a0b-475c-b5db-EXAMPLE",
-                "type": [
-                    "group",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "failure"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "error_message": "Group with name TEST-GROUP already exists.",
-                    "flattened": {
-                        "request_parameters": {
-                            "groupName": "TEST-GROUP2",
-                            "newGroupName": "TEST-GROUP"
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "error_code": "EntityAlreadyExistsException",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{groupName=TEST-GROUP2, newGroupName=TEST-GROUP}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "0123456789012"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "group": {
-                "name": "TEST-GROUP2"
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log
deleted file mode 100644
index 5dc6e47cb..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-10T14:38:30Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T18:25:42Z","eventSource":"iam.amazonaws.com","eventName":"UpdateLoginProfile","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"userName":"Bob"},"responseElements":null,"requestID":"EXAMPLE-0dc6-447a-8859-EXAMPLE","eventID":"EXAMPLE-c3b6-4498-b818-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json
deleted file mode 100644
index a4d54bfee..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-login-profile-json.log-expected.json
+++ /dev/null
@@ -1,82 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T18:25:42.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-10T14:38:30Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T18:25:42Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateLoginProfile\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"userName\":\"Bob\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-0dc6-447a-8859-EXAMPLE\",\"eventID\":\"EXAMPLE-c3b6-4498-b818-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateLoginProfile",
-                "id": "EXAMPLE-c3b6-4498-b818-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-10T14:38:30.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log
deleted file mode 100644
index 6a31d001b..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log
+++ /dev/null
@@ -1,2 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-10T14:38:30Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T16:06:54Z","eventSource":"iam.amazonaws.com","eventName":"UpdateSSHPublicKey","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"status":"Inactive","userName":"Bob","sSHPublicKeyId":"EXAMPLE_KEY_ID"},"responseElements":null,"requestID":"EXAMPLE-32f3-4a92-82e1-EXAMPLE","eventID":"EXAMPLE-5c88-4652-9ee9-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-10T14:38:30Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T16:06:54Z","eventSource":"iam.amazonaws.com","eventName":"UpdateSSHPublicKey","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"status":"Inactive","userName":"Bob","sSHPublicKeyId":"EXAMPLE_KEY_ID"},"responseElements":null,"requestID":"EXAMPLE-32f3-4a92-82e1-EXAMPLE","eventID":"EXAMPLE-5c88-4652-9ee9-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json
deleted file mode 100644
index 913be656a..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-ssh-public-key-json.log-expected.json
+++ /dev/null
@@ -1,164 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T16:06:54.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-10T14:38:30Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T16:06:54Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateSSHPublicKey\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"status\":\"Inactive\",\"userName\":\"Bob\",\"sSHPublicKeyId\":\"EXAMPLE_KEY_ID\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-32f3-4a92-82e1-EXAMPLE\",\"eventID\":\"EXAMPLE-5c88-4652-9ee9-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateSSHPublicKey",
-                "id": "EXAMPLE-5c88-4652-9ee9-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob",
-                            "sSHPublicKeyId": "EXAMPLE_KEY_ID",
-                            "status": "Inactive"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-10T14:38:30.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{sSHPublicKeyId=EXAMPLE_KEY_ID, userName=Bob, status=Inactive}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T16:06:54.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-10T14:38:30Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T16:06:54Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateSSHPublicKey\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"status\":\"Inactive\",\"userName\":\"Bob\",\"sSHPublicKeyId\":\"EXAMPLE_KEY_ID\"},\"responseElements\":null,\"requestID\":\"EXAMPLE-32f3-4a92-82e1-EXAMPLE\",\"eventID\":\"EXAMPLE-5c88-4652-9ee9-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateSSHPublicKey",
-                "id": "EXAMPLE-5c88-4652-9ee9-EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob",
-                            "sSHPublicKeyId": "EXAMPLE_KEY_ID",
-                            "status": "Inactive"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-10T14:38:30.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{sSHPublicKeyId=EXAMPLE_KEY_ID, userName=Bob, status=Inactive}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log
deleted file mode 100644
index 9b440298c..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log
+++ /dev/null
@@ -1,2 +0,0 @@
-{"eventVersion":"1.04","userIdentity":{"type":"IAMUser","principalId":"EX_PRINCIPAL_ID","arn":"arn:aws:iam::123456789012:user/Alice","accountId":"123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice"},"eventTime":"2016-07-14T19:15:45Z","eventSource":"cloudtrail.amazonaws.com","eventName":"UpdateTrail","awsRegion":"us-east-2","sourceIPAddress":"89.160.20.156","userAgent":"aws-cli/1.10.32 Python/2.7.9 Windows/7 botocore/1.4.22","errorCode":"TrailNotFoundException","errorMessage":"Unknown trail: myTrail2 for the user: 123456789012","requestParameters":{"name":"myTrail2"},"responseElements":null,"requestID":"5d40662a-49f7-11e6-97e4-dEXAMPLE","eventID":"b7d4398e-b2f0-4faa-9c76-e2EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"123456789012"}
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"sessionIssuer":{},"webIdFederationData":{},"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-08T15:12:16Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-08T20:58:45Z","eventSource":"cloudtrail.amazonaws.com","eventName":"UpdateTrail","awsRegion":"us-west-2","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"name":"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail","s3BucketName":"test-cloudtrail-bucket","snsTopicName":"","isMultiRegionTrail":true,"enableLogFileValidation":false,"kmsKeyId":""},"responseElements":{"name":"TEST-trail","s3BucketName":"test-cloudtrail-bucket","snsTopicName":"","snsTopicARN":"","includeGlobalServiceEvents":true,"isMultiRegionTrail":true,"trailARN":"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail","logFileValidationEnabled":false,"isOrganizationTrail":false},"requestID":"EXAMPLE-f3da-42d1-84f5-EXAMPLE","eventID":"EXAMPLE-b5e9-4846-8407-EXAMPLE","readOnly":false,"eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json
deleted file mode 100644
index 2b62a062c..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-trail-json.log-expected.json
+++ /dev/null
@@ -1,173 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-2",
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "@timestamp": "2016-07-14T19:15:45.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.04\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EX_PRINCIPAL_ID\",\"arn\":\"arn:aws:iam::123456789012:user/Alice\",\"accountId\":\"123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\"},\"eventTime\":\"2016-07-14T19:15:45Z\",\"eventSource\":\"cloudtrail.amazonaws.com\",\"eventName\":\"UpdateTrail\",\"awsRegion\":\"us-east-2\",\"sourceIPAddress\":\"89.160.20.156\",\"userAgent\":\"aws-cli/1.10.32 Python/2.7.9 Windows/7 botocore/1.4.22\",\"errorCode\":\"TrailNotFoundException\",\"errorMessage\":\"Unknown trail: myTrail2 for the user: 123456789012\",\"requestParameters\":{\"name\":\"myTrail2\"},\"responseElements\":null,\"requestID\":\"5d40662a-49f7-11e6-97e4-dEXAMPLE\",\"eventID\":\"b7d4398e-b2f0-4faa-9c76-e2EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"123456789012\"}",
-                "provider": "cloudtrail.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateTrail",
-                "id": "b7d4398e-b2f0-4faa-9c76-e2EXAMPLE",
-                "type": "info",
-                "outcome": "failure"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.04",
-                    "error_message": "Unknown trail: myTrail2 for the user: 123456789012",
-                    "flattened": {
-                        "request_parameters": {
-                            "name": "myTrail2"
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::123456789012:user/Alice"
-                    },
-                    "error_code": "TrailNotFoundException",
-                    "recipient_account_id": "123456789012",
-                    "request_parameters": "{name=myTrail2}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EX_PRINCIPAL_ID"
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.10.32 Python/2.7.9 Windows/7 botocore/1.4.22",
-                "os": {
-                    "name": "Windows"
-                },
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.10.32"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "region": "us-west-2",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-08T20:58:45.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"sessionIssuer\":{},\"webIdFederationData\":{},\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-08T15:12:16Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-08T20:58:45Z\",\"eventSource\":\"cloudtrail.amazonaws.com\",\"eventName\":\"UpdateTrail\",\"awsRegion\":\"us-west-2\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"name\":\"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail\",\"s3BucketName\":\"test-cloudtrail-bucket\",\"snsTopicName\":\"\",\"isMultiRegionTrail\":true,\"enableLogFileValidation\":false,\"kmsKeyId\":\"\"},\"responseElements\":{\"name\":\"TEST-trail\",\"s3BucketName\":\"test-cloudtrail-bucket\",\"snsTopicName\":\"\",\"snsTopicARN\":\"\",\"includeGlobalServiceEvents\":true,\"isMultiRegionTrail\":true,\"trailARN\":\"arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail\",\"logFileValidationEnabled\":false,\"isOrganizationTrail\":false},\"requestID\":\"EXAMPLE-f3da-42d1-84f5-EXAMPLE\",\"eventID\":\"EXAMPLE-b5e9-4846-8407-EXAMPLE\",\"readOnly\":false,\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "cloudtrail.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateTrail",
-                "id": "EXAMPLE-b5e9-4846-8407-EXAMPLE",
-                "type": "info",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "name": "arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail",
-                            "enableLogFileValidation": false,
-                            "isMultiRegionTrail": true,
-                            "s3BucketName": "test-cloudtrail-bucket"
-                        },
-                        "response_elements": {
-                            "logFileValidationEnabled": false,
-                            "isMultiRegionTrail": true,
-                            "s3BucketName": "test-cloudtrail-bucket",
-                            "name": "TEST-trail",
-                            "trailARN": "arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail",
-                            "isOrganizationTrail": false,
-                            "includeGlobalServiceEvents": true
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "read_only": false,
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-08T15:12:16.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{isMultiRegionTrail=true, s3BucketName=test-cloudtrail-bucket, name=arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail, enableLogFileValidation=false}",
-                    "response_elements": "{logFileValidationEnabled=false, isMultiRegionTrail=true, s3BucketName=test-cloudtrail-bucket, name=TEST-trail, trailARN=arn:aws:cloudtrail:us-west-2:0123456789012:trail/TEST-trail, isOrganizationTrail=false, includeGlobalServiceEvents=true}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID"
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log
deleted file mode 100644
index f4ec7b890..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EX_PRINCIPAL_ID","arn":"arn:aws:iam::123456789012:user/Alice","accountId":"123456789012","accessKeyId":"EXAMPLE_KEY_ID","userName":"Alice"},"eventTime":"2020-01-08T20:53:12Z","eventSource":"iam.amazonaws.com","eventName":"UpdateUser","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46","requestParameters":{"userName":"Bob","newUserName":"Robert"},"responseElements":null,"requestID":"3a6b3260-739d-465e-9406-bcEXAMPLE","eventID":"9150d546-3564-4262-8e62-110EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"123456789012"}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json
deleted file mode 100644
index b9fcec54d..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-update-user-json.log-expected.json
+++ /dev/null
@@ -1,83 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "@timestamp": "2020-01-08T20:53:12.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice",
-                    "Bob",
-                    "Robert"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EX_PRINCIPAL_ID\",\"arn\":\"arn:aws:iam::123456789012:user/Alice\",\"accountId\":\"123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-08T20:53:12Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateUser\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"requestParameters\":{\"userName\":\"Bob\",\"newUserName\":\"Robert\"},\"responseElements\":null,\"requestID\":\"3a6b3260-739d-465e-9406-bcEXAMPLE\",\"eventID\":\"9150d546-3564-4262-8e62-110EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UpdateUser",
-                "id": "9150d546-3564-4262-8e62-110EXAMPLE",
-                "type": [
-                    "user",
-                    "change"
-                ],
-                "category": [
-                    "iam"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Bob",
-                            "newUserName": "Robert"
-                        }
-                    },
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY_ID",
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::123456789012:user/Alice"
-                    },
-                    "event_type": "AwsApiCall",
-                    "recipient_account_id": "123456789012",
-                    "request_parameters": "{newUserName=Robert, userName=Bob}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "changes": {
-                    "name": "Robert"
-                },
-                "id": "EX_PRINCIPAL_ID",
-                "target": {
-                    "name": "Bob"
-                }
-            },
-            "user_agent": {
-                "name": "aws-cli",
-                "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-                "device": {
-                    "name": "Spider"
-                },
-                "version": "1.16.310"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log
deleted file mode 100644
index 0db479185..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log
+++ /dev/null
@@ -1 +0,0 @@
-{"eventVersion":"1.05","userIdentity":{"type":"IAMUser","principalId":"EXAMPLE_ID","arn":"arn:aws:iam::0123456789012:user/Alice","accountId":"0123456789012","accessKeyId":"EXAMPLE_KEY","userName":"Alice","sessionContext":{"attributes":{"mfaAuthenticated":"true","creationDate":"2020-01-10T14:38:30Z"}},"invokedBy":"signin.amazonaws.com"},"eventTime":"2020-01-10T16:06:40Z","eventSource":"iam.amazonaws.com","eventName":"UploadSSHPublicKey","awsRegion":"us-east-1","sourceIPAddress":"127.0.0.1","userAgent":"signin.amazonaws.com","requestParameters":{"sSHPublicKeyBody":"ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain","userName":"Alice"},"responseElements":{"sSHPublicKey":{"fingerprint":"de:ad:c0:de:de:ad:c0:de:de:ad:c0:de:de:ad:c0:de","status":"Active","uploadDate":"Jan 10, 2020 4:06:40 PM","userName":"Alice","sSHPublicKeyId":"EXAMPLE_KEY_ID","sSHPublicKeyBody":"ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain"}},"requestID":"EXAMPLE-44b9-41cd-90f2-EXAMPLE","eventID":"EXAMPLE-9a9d-4da4-9998-EXAMPLE","eventType":"AwsApiCall","recipientAccountId":"0123456789012"}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json b/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json
deleted file mode 100644
index 9d41f0e74..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/_dev/test/pipeline/test-upload-ssh-public-key-json.log-expected.json
+++ /dev/null
@@ -1,87 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "region": "us-east-1",
-                "account": {
-                    "id": "0123456789012"
-                }
-            },
-            "@timestamp": "2020-01-10T16:06:40.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "Alice"
-                ]
-            },
-            "source": {
-                "address": "127.0.0.1",
-                "ip": "127.0.0.1"
-            },
-            "event": {
-                "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EXAMPLE_ID\",\"arn\":\"arn:aws:iam::0123456789012:user/Alice\",\"accountId\":\"0123456789012\",\"accessKeyId\":\"EXAMPLE_KEY\",\"userName\":\"Alice\",\"sessionContext\":{\"attributes\":{\"mfaAuthenticated\":\"true\",\"creationDate\":\"2020-01-10T14:38:30Z\"}},\"invokedBy\":\"signin.amazonaws.com\"},\"eventTime\":\"2020-01-10T16:06:40Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UploadSSHPublicKey\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"signin.amazonaws.com\",\"requestParameters\":{\"sSHPublicKeyBody\":\"ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain\",\"userName\":\"Alice\"},\"responseElements\":{\"sSHPublicKey\":{\"fingerprint\":\"de:ad:c0:de:de:ad:c0:de:de:ad:c0:de:de:ad:c0:de\",\"status\":\"Active\",\"uploadDate\":\"Jan 10, 2020 4:06:40 PM\",\"userName\":\"Alice\",\"sSHPublicKeyId\":\"EXAMPLE_KEY_ID\",\"sSHPublicKeyBody\":\"ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain\"}},\"requestID\":\"EXAMPLE-44b9-41cd-90f2-EXAMPLE\",\"eventID\":\"EXAMPLE-9a9d-4da4-9998-EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"0123456789012\"}",
-                "provider": "iam.amazonaws.com",
-                "created": "2021-11-11T01:02:03.123456789Z",
-                "kind": "event",
-                "action": "UploadSSHPublicKey",
-                "id": "EXAMPLE-9a9d-4da4-9998-EXAMPLE",
-                "type": "info",
-                "outcome": "success"
-            },
-            "aws": {
-                "cloudtrail": {
-                    "event_version": "1.05",
-                    "flattened": {
-                        "request_parameters": {
-                            "userName": "Alice",
-                            "sSHPublicKeyBody": "ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain"
-                        },
-                        "response_elements": {
-                            "sSHPublicKey": {
-                                "fingerprint": "de:ad:c0:de:de:ad:c0:de:de:ad:c0:de:de:ad:c0:de",
-                                "sSHPublicKeyBody": "ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain",
-                                "sSHPublicKeyId": "EXAMPLE_KEY_ID",
-                                "uploadDate": "Jan 10, 2020 4:06:40 PM",
-                                "userName": "Alice",
-                                "status": "Active"
-                            }
-                        }
-                    },
-                    "event_type": "AwsApiCall",
-                    "user_identity": {
-                        "access_key_id": "EXAMPLE_KEY",
-                        "invoked_by": "signin.amazonaws.com",
-                        "session_context": {
-                            "mfa_authenticated": "true",
-                            "creation_date": "2020-01-10T14:38:30.000Z"
-                        },
-                        "type": "IAMUser",
-                        "arn": "arn:aws:iam::0123456789012:user/Alice"
-                    },
-                    "recipient_account_id": "0123456789012",
-                    "request_parameters": "{sSHPublicKeyBody=ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain, userName=Alice}",
-                    "response_elements": "{sSHPublicKey={sSHPublicKeyBody=ssh-rsa AAAAdeadcodedeadcode Alice@localhost.domain, sSHPublicKeyId=EXAMPLE_KEY_ID, uploadDate=Jan 10, 2020 4:06:40 PM, fingerprint=de:ad:c0:de:de:ad:c0:de:de:ad:c0:de:de:ad:c0:de, userName=Alice, status=Active}}"
-                }
-            },
-            "user": {
-                "name": "Alice",
-                "id": "EXAMPLE_ID",
-                "target": {
-                    "name": "Alice"
-                }
-            },
-            "user_agent": {
-                "name": "Other",
-                "device": {
-                    "name": "Other"
-                },
-                "original": "signin.amazonaws.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs
deleted file mode 100644
index 50ef9090b..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs
+++ /dev/null
@@ -1,64 +0,0 @@
-queue_url: {{queue_url}}
-file_selectors:
-{{#if cloudtrail_regex}}
-  - regex: {{cloudtrail_regex}}
-    expand_event_list_from_field: 'Records'
-{{/if}}
-{{#if cloudtrail_digest_regex}}
-  - regex: {{cloudtrail_digest_regex}}
-{{/if}}
-{{#if cloudtrail_insight_regex}}
-  - regex: {{cloudtrail_insight_regex}}
-    expand_event_list_from_field: 'Records'
-{{/if}}
-expand_event_list_from_field: Records
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if visibility_timeout}}
-visibility_timeout: {{visibility_timeout}}
-{{/if}}
-{{#if api_timeout}}
-api_timeout: {{api_timeout}}
-{{/if}}
-{{#if max_number_of_messages}}
-max_number_of_messages: {{max_number_of_messages}}
-{{/if}}
-{{#if endpoint}}
-endpoint: {{endpoint}}
-{{/if}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if fips_enabled}}
-fips_enabled: {{fips_enabled}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs b/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs
deleted file mode 100644
index 27d1775b5..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/agent/stream/httpjson.yml.hbs
+++ /dev/null
@@ -1,63 +0,0 @@
-config_version: 2
-interval: {{interval}}
-{{#unless token}}
-{{#if username}}
-{{#if password}}
-auth.basic.user: {{username}}
-auth.basic.password: {{password}}
-{{/if}}
-{{/if}}
-{{/unless}}
-cursor:
-  index_earliest:
-    value: '[[.last_event.result.max_indextime]]'
-request.url: {{url}}/services/search/jobs/export
-{{#if ssl}}
-request.ssl: {{ssl}}
-{{/if}}
-request.method: POST
-request.transforms:
-  - set:
-      target: url.params.search
-      value: {{search}} | streamstats max(_indextime) AS max_indextime
-  - set:
-      target: url.params.output_mode
-      value: "json"
-  - set:
-      target: url.params.index_earliest
-      value: '[[ .cursor.index_earliest ]]'
-      default: '[[(now (parseDuration "-{{interval}}")).Unix]]'
-  - set:
-      target: url.params.index_latest
-      value: '[[(now).Unix]]'
-  - set:
-      target: header.Content-Type
-      value: application/x-www-form-urlencoded
-{{#unless username}}
-{{#unless password}}
-{{#if token}}
-  - set:
-      target: header.Authorization
-      value: {{token}}
-{{/if}}
-{{/unless}}
-{{/unless}}
-response.decode_as: application/x-ndjson
-response.split:
-  target: body.result._raw
-  type: string
-  delimiter: "\n"
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml
deleted file mode 100644
index bbc66f7fa..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml
+++ /dev/null
@@ -1,751 +0,0 @@
----
-description: Pipeline for AWS CloudTrail Logs
-processors:
-  - rename:
-      field: message
-      target_field: event.original
-  - set:
-      if: ctx['@timestamp'] != null
-      field: event.created
-      copy_from: '@timestamp'
-  - json:
-      field: event.original
-      target_field: json
-  - pipeline:
-      if: ctx?.json?.preview != null
-      name: '{{ IngestPipeline "third-party" }}'
-  - set:
-      field: ecs.version
-      value: '1.12.0'
-  - date:
-      field: json.eventTime
-      target_field: "@timestamp"
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - script:
-      description: Drops null/empty values recursively
-      lang: painless
-      source: |
-        boolean drop(Object o) {
-          if (o == null || o == "") {
-            return true;
-          } else if (o instanceof Map) {
-            ((Map) o).values().removeIf(v -> drop(v));
-            return (((Map) o).size() == 0);
-          } else if (o instanceof List) {
-            ((List) o).removeIf(v -> drop(v));
-            return (((List) o).length == 0);
-          }
-          return false;
-        }
-        drop(ctx);
-  - rename:
-      field: json.eventVersion
-      target_field: aws.cloudtrail.event_version
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.type
-      target_field: aws.cloudtrail.user_identity.type
-      ignore_failure: true
-  - append:
-      field: related.user
-      value: '{{json.userIdentity.userName}}'
-      allow_duplicates: false
-      if: ctx.json?.userIdentity?.userName != null
-  - rename:
-      field: json.userIdentity.userName
-      target_field: user.name
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.principalId
-      target_field: user.id
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.arn
-      target_field: aws.cloudtrail.user_identity.arn
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.accountId
-      target_field: cloud.account.id
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.accessKeyId
-      target_field: aws.cloudtrail.user_identity.access_key_id
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.sessionContext.attributes.mfaAuthenticated
-      target_field: aws.cloudtrail.user_identity.session_context.mfa_authenticated
-      ignore_failure: true
-  - date:
-      field: json.userIdentity.sessionContext.attributes.creationDate
-      target_field: aws.cloudtrail.user_identity.session_context.creation_date
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - rename:
-      field: json.userIdentity.sessionContext.sessionIssuer.type
-      target_field: aws.cloudtrail.user_identity.session_context.session_issuer.type
-      ignore_failure: true
-  # userIdentity.sessionIssuer.userName is only set with assumed roles.
-  - rename:
-      field: json.userIdentity.sessionContext.sessionIssuer.userName
-      target_field: user.name
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.sessionContext.sessionIssuer.principalId
-      target_field: aws.cloudtrail.user_identity.session_context.session_issuer.principal_id
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.sessionContext.sessionIssuer.arn
-      target_field: aws.cloudtrail.user_identity.session_context.session_issuer.arn
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.sessionContext.sessionIssuer.accountId
-      target_field: aws.cloudtrail.user_identity.session_context.session_issuer.account_id
-      ignore_failure: true
-  - rename:
-      field: json.userIdentity.invokedBy
-      target_field: aws.cloudtrail.user_identity.invoked_by
-      ignore_failure: true
-  - rename:
-      field: json.eventSource
-      target_field: event.provider
-      ignore_failure: true
-  - set:
-      field: event.action
-      value: '{{json.eventName}}'
-      ignore_failure: true
-      ignore_empty_value: true
-  - rename:
-      field: json.eventCategory
-      target_field: aws.cloudtrail.event_category
-      ignore_failure: true
-  - rename:
-      field: json.awsRegion
-      target_field: cloud.region
-      ignore_failure: true
-  - rename:
-      field: json.sourceIPAddress
-      target_field: source.address
-      ignore_failure: true
-  - grok:
-      field: source.address
-      ignore_failure: true
-      patterns:
-        - ^%{IP:source.ip}$
-  - geoip:
-      field: source.ip
-      target_field: source.geo
-      ignore_failure: true
-      ignore_missing: true
-  - geoip:
-      database_file: GeoLite2-ASN.mmdb
-      field: source.ip
-      target_field: source.as
-      properties:
-        - asn
-        - organization_name
-      ignore_missing: true
-  - rename:
-      field: source.as.asn
-      target_field: source.as.number
-      ignore_missing: true
-  - rename:
-      field: source.as.organization_name
-      target_field: source.as.organization.name
-      ignore_missing: true
-  - user_agent:
-      field: json.userAgent
-      target_field: user_agent
-      on_failure:
-        - rename:
-            field: json.userAgent
-            target_field: user_agent.original
-            ignore_failure: true
-  - rename:
-      field: json.errorCode
-      target_field: aws.cloudtrail.error_code
-      ignore_failure: true
-  - rename:
-      field: json.errorMessage
-      target_field: aws.cloudtrail.error_message
-      ignore_failure: true
-  - script:
-      lang: painless
-      source: |
-        if (ctx.aws.cloudtrail?.flattened == null) {
-            Map map = new HashMap();
-            ctx.aws.cloudtrail.put("flattened", map);
-          }
-        if (ctx.json?.requestParameters != null) {
-          ctx.aws.cloudtrail.request_parameters = ctx.json.requestParameters.toString();
-          if (ctx.aws.cloudtrail.request_parameters.length() < 32766) {
-            ctx.aws.cloudtrail.flattened.put("request_parameters", ctx.json.requestParameters);
-          }
-        }
-        if (ctx.json?.responseElements != null) {
-          ctx.aws.cloudtrail.response_elements = ctx.json.responseElements.toString();
-          if (ctx.aws.cloudtrail.response_elements.length() < 32766) {
-            ctx.aws.cloudtrail.flattened.put("response_elements", ctx.json.responseElements);
-          }
-        }
-        if (ctx.json?.additionalEventData != null) {
-          ctx.aws.cloudtrail.additional_eventdata = ctx.json.additionalEventData.toString();
-          if (ctx.aws.cloudtrail.additional_eventdata.length() < 32766) {
-            ctx.aws.cloudtrail.flattened.put("additional_eventdata", ctx.json.additionalEventData);
-          }
-        }
-        if (ctx.json?.serviceEventDetails != null) {
-          ctx.aws.cloudtrail.service_event_details = ctx.json.serviceEventDetails.toString();
-          if (ctx.aws.cloudtrail.service_event_details.length() < 32766) {
-            ctx.aws.cloudtrail.flattened.put("service_event_details", ctx.json.serviceEventDetails);
-          }
-        }
-      ignore_failure: true
-  - rename:
-      field: json.requestId
-      target_field: aws.cloudtrail.request_id
-      ignore_failure: true
-  - rename:
-      field: json.eventID
-      target_field: event.id
-      ignore_failure: true
-  - rename:
-      field: json.eventType
-      target_field: aws.cloudtrail.event_type
-      ignore_failure: true
-  - rename:
-      field: json.apiVersion
-      target_field: aws.cloudtrail.api_version
-      ignore_failure: true
-  - rename:
-      field: json.managementEvent
-      target_field: aws.cloudtrail.management_event
-      ignore_failure: true
-  - rename:
-      field: json.readOnly
-      target_field: aws.cloudtrail.read_only
-      ignore_failure: true
-  - rename:
-      field: json.resources.ARN
-      target_field: aws.cloudtrail.resources.arn
-      ignore_failure: true
-  - rename:
-      field: json.resources.accountId
-      target_field: aws.cloudtrail.resources.account_id
-      ignore_failure: true
-  - rename:
-      field: json.resources.type
-      target_field: aws.cloudtrail.resources.type
-      ignore_failure: true
-  - rename:
-      field: json.recipientAccountId
-      target_field: aws.cloudtrail.recipient_account_id
-      ignore_failure: true
-  - rename:
-      field: json.sharedEventId
-      target_field: aws.cloudtrail.shared_event_id
-      ignore_failure: true
-  - rename:
-      field: json.vpcEndpointId
-      target_field: aws.cloudtrail.vpc_endpoint_id
-      ignore_failure: true
-  - append:
-      field: related.user
-      value: '{{aws.cloudtrail.flattened.request_parameters.userName}}'
-      allow_duplicates: false
-      if: ctx.aws?.cloudtrail?.flattened?.request_parameters?.userName != null
-  - append:
-      field: related.user
-      value: '{{aws.cloudtrail.flattened.request_parameters.newUserName}}'
-      allow_duplicates: false
-      if: ctx.aws?.cloudtrail?.flattened?.request_parameters?.newUserName != null
-  - script:
-      lang: painless
-      ignore_failure: true
-      source: >-
-        if (ctx.json?.eventName != 'ConsoleLogin') {
-          return;
-        }
-        Map aed_map = new HashMap();
-        if (ctx?.aws?.cloudtrail?.flattened?.additional_eventdata?.MobileVersion != null) {
-          if (ctx.aws.cloudtrail.flattened.additional_eventdata.MobileVersion == 'No') {
-            aed_map.put("mobile_version", false);
-          } else {
-            aed_map.put("mobile_version", true);
-          }
-        }
-        if (ctx?.aws?.cloudtrail?.flattened?.additional_eventdata?.LoginTo != null) {
-          aed_map.put("login_to", ctx.aws.cloudtrail.flattened.additional_eventdata.LoginTo);
-        }
-        if (ctx?.aws?.cloudtrail?.flattened?.additional_eventdata?.MFAUsed != null) {
-          if (ctx.aws.cloudtrail.flattened.additional_eventdata.MFAUsed == 'No') {
-            aed_map.put("mfa_used", false);
-          } else {
-            aed_map.put("mfa_used", true);
-          }
-        }
-        if (aed_map.size() > 0) {
-          Map cl_map = new HashMap();
-          cl_map.put("additional_eventdata", aed_map);
-          ctx.aws.cloudtrail.put("console_login", cl_map);
-        }
-  - script:
-      lang: painless
-      tag: Add ECS categorization
-      params:
-        AddUserToGroup:
-          category:
-            - iam
-          type:
-            - group
-            - change
-        AssumeRole:
-          category:
-            - authentication
-          type:
-            - info
-        AttachGroupPolicy:
-          category:
-            - iam
-          type:
-            - group
-            - change
-        AttachUserPolicy:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        ChangePassword:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        ConsoleLogin:
-          category:
-            - authentication
-          type:
-            - info
-        CreateAccessKey:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        CreateBucket:
-          category:
-            - file
-          type:
-            - creation
-        CreateGroup:
-          category:
-            - iam
-          type:
-            - group
-            - creation
-        CreateKeyPair:
-          category:
-            - iam
-          type:
-            - admin
-            - creation
-        CreateUser:
-          category:
-            - iam
-          type:
-            - user
-            - creation
-        CreateVirtualMFADevice:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        DeactivateMFADevice:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        DeleteAccessKey:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        DeleteBucket:
-          category:
-            - file
-          type:
-            - deletion
-        DeleteGroup:
-          category:
-            - iam
-          type:
-            - group
-            - deletion
-        DeleteGroupPolicy:
-          category:
-            - iam
-          type:
-            - group
-            - change
-        DeleteSSHPublicKey:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        DeleteUser:
-          category:
-            - iam
-          type:
-            - user
-            - deletion
-        DeleteUserPermissionsBoundary:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        DeleteUserPolicy:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        DeleteVirtualMFADevice:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        DetachGroupPolicy:
-          category:
-            - iam
-          type:
-            - group
-            - change
-        DetachUserPolicy:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        EnableMFADevice:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        GetGroup:
-          category:
-            - iam
-          type:
-            - group
-            - info
-        GetGroupPolicy:
-          category:
-            - iam
-          type:
-            - group
-            - info
-        GetUser:
-          category:
-            - iam
-          type:
-            - user
-            - info
-        GetUserPolicy:
-          category:
-            - iam
-          type:
-            - user
-            - info
-        ListAttachedGroupPolicies:
-          category:
-            - iam
-          type:
-            - group
-            - info
-        ListAttachedUserPolicies:
-          category:
-            - iam
-          type:
-            - user
-            - info
-        ListGroupPolicies:
-          category:
-            - iam
-          type:
-            - group
-            - info
-        ListGroups:
-          category:
-            - iam
-          type:
-            - group
-            - info
-        ListGroupsForUser:
-          category:
-            - iam
-          type:
-            - user
-            - info
-        ListUserPolicies:
-          category:
-            - iam
-          type:
-            - user
-            - info
-        ListUsers:
-          category:
-            - iam
-          type:
-            - user
-            - info
-        ListUserTags:
-          category:
-            - iam
-          type:
-            - user
-            - info
-        PutGroupPolicy:
-          category:
-            - iam
-          type:
-            - group
-            - change
-        PutUserPermissionsBoundary:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        PutUserPolicy:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        RemoveUserFromGroup:
-          category:
-            - iam
-          type:
-            - group
-            - change
-        SetDefaultPolicyVersion:
-          category:
-            - iam
-          type:
-            - admin
-            - change
-        SetSecurityTokenServicePreferences:
-          category:
-            - iam
-          type:
-            - admin
-            - change
-        TagUser:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        UntagUser:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        UpdateAccessKey:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        UpdateAccountPasswordPolicy:
-          category:
-            - iam
-          type:
-            - admin
-            - change
-        UpdateGroup:
-          category:
-            - iam
-          type:
-            - group
-            - change
-        UpdateLoginProfile:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        UpdateRole:
-          category:
-            - iam
-          type:
-            - admin
-            - change
-        UpdateSSHPublicKey:
-          category:
-            - iam
-          type:
-            - user
-            - change
-        UpdateUser:
-          category:
-            - iam
-          type:
-            - user
-            - change
-      source: >-
-        ctx.event.kind = 'event';
-        ctx.event.type = 'info';
-
-        if (ctx?.aws?.cloudtrail?.error_code != null || ctx?.aws?.cloudtrail?.error_message != null) {
-            ctx.event.outcome = 'failure'
-        } else {
-            ctx.event.outcome = 'success'
-        }
-
-        if (ctx?.event?.action == null) {
-            return;
-        }
-
-        if (ctx.event.action == 'ConsoleLogin' && ctx?.aws?.cloudtrail?.flattened?.response_elements.ConsoleLogin != null) {
-            ctx.event.outcome = Processors.lowercase(ctx.aws.cloudtrail.flattened.response_elements.ConsoleLogin);
-        }
-
-        if (params.get(ctx.event.action) == null) {
-            return;
-        }
-
-        def hm = new HashMap(params.get(ctx.event.action));
-        hm.forEach((k, v) -> ctx.event[k] = v);
-
-  - rename:
-      field: json.awsAccountId
-      target_field: cloud.account.id
-      ignore_failure: true
-  - rename:
-      field: json.previousDigestS3Object
-      target_field: file.path
-      ignore_failure: true
-  - rename:
-      field: json.previousDigestSignature
-      target_field: file.hash.sha256
-      if: >-
-        ctx.json?.previousDigestHashAlgorithm != null && ctx.json?.previousDigestHashAlgorithm == 'SHA-256'
-  - append:
-      field: related.hash
-      value: '{{file.hash.sha256}}'
-      if: ctx.file?.hash?.sha256 != null
-  - rename:
-      field: json.logFiles
-      target_field: aws.cloudtrail.digest.log_files
-      ignore_failure: true
-  - date:
-      field: json.digestStartTime
-      target_field: aws.cloudtrail.digest.start_time
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - date:
-      field: json.digestEndTime
-      target_field: "@timestamp"
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - date:
-      field: json.digestEndTime
-      target_field: aws.cloudtrail.digest.end_time
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - rename:
-      field: json.digestS3Bucket
-      target_field: aws.cloudtrail.digest.s3_bucket
-      ignore_failure: true
-  - date:
-      field: json.newestEventTime
-      target_field: aws.cloudtrail.digest.newest_event_time
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - date:
-      field: json.oldestEventTime
-      target_field: aws.cloudtrail.digest.oldest_event_time
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - rename:
-      field: json.previousDigestS3Bucket
-      target_field: aws.cloudtrail.digest.previous_s3_bucket
-      ignore_failure: true
-  - rename:
-      field: json.previousDigestHashAlgorithm
-      target_field: aws.cloudtrail.digest.previous_hash_algorithm
-      ignore_failure: true
-  - rename:
-      field: json.publicKeyFingerprint
-      target_field: aws.cloudtrail.digest.public_key_fingerprint
-      ignore_failure: true
-  - rename:
-      field: json.digestSignatureAlgorithm
-      target_field: aws.cloudtrail.digest.signature_algorithm
-      ignore_failure: true
-  - rename:
-      field: json.insightDetails
-      target_field: aws.cloudtrail.insight_details
-      ignore_failure: true
-  - set:
-      field: group.id
-      value: '{{aws.cloudtrail.flattened.response_elements.group.groupId}}'
-      ignore_empty_value: true
-      ignore_failure: true
-  - set:
-      field: user.target.id
-      value: '{{aws.cloudtrail.flattened.response_elements.user.userId}}'
-      ignore_empty_value: true
-      ignore_failure: true
-  - set:
-      field: user.changes.name
-      value: '{{aws.cloudtrail.flattened.request_parameters.newUserName}}'
-      ignore_empty_value: true
-      ignore_failure: true
-  - set:
-      field: group.name
-      value: '{{aws.cloudtrail.flattened.request_parameters.groupName}}'
-      ignore_empty_value: true
-      ignore_failure: true
-  - set:
-      field: user.target.name
-      value: '{{aws.cloudtrail.flattened.request_parameters.userName}}'
-      ignore_empty_value: true
-      ignore_failure: true
-  - rename:
-      field: aws.cloudtrail.digest
-      target_field: aws.cloudtrail.flattened.digest
-      ignore_missing: true
-  - rename:
-      field: aws.cloudtrail.insight_details
-      target_field: aws.cloudtrail.flattened.insight_details
-      ignore_missing: true
-  - remove:
-      field: json
-      ignore_missing: true
-  - remove:
-      field: event.original
-      if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
-      ignore_failure: true
-      ignore_missing: true
-on_failure:
-  - set:
-      field: error.message
-      value: |-
-        Processor "{{ _ingest.on_failure_processor_type }}" with tag "{{ _ingest.on_failure_processor_tag }}" in pipeline "{{ _ingest.on_failure_pipeline }}" failed with message "{{ _ingest.on_failure_message }}"
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml b/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml
deleted file mode 100644
index 4fc9012b3..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/third-party.yml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-description: Pipeline for parsing CloudTrail logs from third party api
-processors:
-  - drop:
-      if: ctx?.json?._raw == null
-      description: JSON doesn't have CloudTrail data
-  - fingerprint:
-      fields:
-        - _temp_.result._cd
-        - _temp_.result._indextime
-        - _temp_.result._raw
-        - _temp_.result._time
-      target_field: '_id'
-      ignore_missing: true
-  - set:
-      field: event.original
-      copy_from: json.result._raw
-      ignore_empty_value: true
-  - remove:
-      field: json
-      ignore_missing: true
-  - json:
-      field: event.original
-      target_field: json
-on_failure:
-  - append:
-      field: error.message
-      value: >-
-        error in third party api pipeline:
-        error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}}
-        with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}}
-        {{ _ingest.on_failure_message }}
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/fields/agent.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/base-fields.yml
deleted file mode 100644
index 436bcaec7..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.cloudtrail
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/fields/ecs.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/ecs.yml
deleted file mode 100644
index f420f22b6..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/fields/ecs.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error.message
-- external: ecs
-  name: event.action
-- external: ecs
-  name: event.created
-- external: ecs
-  name: event.ingested
-- external: ecs
-  name: event.kind
-- external: ecs
-  name: event.original
-- external: ecs
-  name: event.provider
-- external: ecs
-  name: event.type
-- external: ecs
-  name: file.hash.md5
-- external: ecs
-  name: file.hash.sha1
-- external: ecs
-  name: file.hash.sha256
-- external: ecs
-  name: file.hash.sha512
-- external: ecs
-  name: file.path
-- external: ecs
-  name: group.id
-- external: ecs
-  name: group.name
-- external: ecs
-  name: related.hash
-- external: ecs
-  name: related.user
-- external: ecs
-  name: source.address
-- external: ecs
-  name: source.as.number
-- external: ecs
-  name: source.as.organization.name
-- external: ecs
-  name: source.geo.city_name
-- external: ecs
-  name: source.geo.continent_name
-- external: ecs
-  name: source.geo.country_iso_code
-- external: ecs
-  name: source.geo.country_name
-- description: Longitude and latitude.
-  level: core
-  name: source.geo.location
-  type: geo_point
-- external: ecs
-  name: source.geo.region_iso_code
-- external: ecs
-  name: source.geo.region_name
-- external: ecs
-  name: source.ip
-- external: ecs
-  name: tags
-- external: ecs
-  name: user.changes.name
-- external: ecs
-  name: user.id
-- external: ecs
-  name: user.name
-- external: ecs
-  name: user.target.id
-- external: ecs
-  name: user.target.name
-- external: ecs
-  name: user_agent.device.name
-- external: ecs
-  name: user_agent.name
-- external: ecs
-  name: user_agent.original
-- external: ecs
-  name: user_agent.os.full
-- external: ecs
-  name: user_agent.os.name
-- external: ecs
-  name: user_agent.os.version
-- external: ecs
-  name: user_agent.version
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/fields/fields.yml b/test/packages/parallel/aws/data_stream/cloudtrail/fields/fields.yml
deleted file mode 100644
index 5b59153c9..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/fields/fields.yml
+++ /dev/null
@@ -1,170 +0,0 @@
-- name: aws.cloudtrail
-  type: group
-  fields:
-    - name: event_version
-      type: keyword
-      description: |
-        The CloudTrail version of the log event format.
-    - name: event_category
-      type: keyword
-      description: |
-        The CloudTrail event category.
-    - name: user_identity
-      type: group
-      fields:
-        - name: type
-          type: keyword
-          description: |
-            The type of the identity
-        - name: arn
-          type: keyword
-          description: The Amazon Resource Name (ARN) of the principal that made the call.
-        - name: access_key_id
-          type: keyword
-          description: The access key ID that was used to sign the request.
-        - name: session_context
-          type: group
-          fields:
-            - name: mfa_authenticated
-              type: keyword
-              description: The value is true if the root user or IAM user whose credentials were used for the request also was authenticated with an MFA device; otherwise, false.
-            - name: creation_date
-              type: date
-              description: The date and time when the temporary security credentials were issued.
-            - name: session_issuer
-              type: group
-              fields:
-                - name: type
-                  type: keyword
-                  description: >-
-                    The source of the temporary security credentials, such as Root, IAMUser, or Role.
-                - name: principal_id
-                  type: keyword
-                  description: >-
-                    The internal ID of the entity that was used to get credentials.
-                - name: arn
-                  type: keyword
-                  description: >-
-                    The ARN of the source (account, IAM user, or role) that was used to get temporary security credentials.
-                - name: account_id
-                  type: keyword
-                  description: >-
-                    The account that owns the entity that was used to get credentials.
-        - name: invoked_by
-          type: keyword
-          description: The name of the AWS service that made the request, such as Amazon EC2 Auto Scaling or AWS Elastic Beanstalk.
-    - name: error_code
-      type: keyword
-      description: The AWS service error if the request returns an error.
-    - name: error_message
-      type: keyword
-      description: If the request returns an error, the description of the error.
-    - name: request_parameters
-      type: keyword
-      description: The parameters, if any, that were sent with the request.
-      multi_fields:
-        - name: text
-          type: text
-          default_field: false
-    - name: response_elements
-      type: keyword
-      description: The response element for actions that make changes (create, update, or delete actions).
-      multi_fields:
-        - name: text
-          type: text
-          default_field: false
-    - name: additional_eventdata
-      type: keyword
-      description: Additional data about the event that was not part of the request or response.
-      multi_fields:
-        - name: text
-          type: text
-          default_field: false
-    - name: request_id
-      type: keyword
-      description: The value that identifies the request. The service being called generates this value.
-    - name: event_type
-      type: keyword
-      description: Identifies the type of event that generated the event record.
-    - name: api_version
-      type: keyword
-      description: Identifies the API version associated with the AwsApiCall eventType value.
-    - name: management_event
-      type: keyword
-      description: A Boolean value that identifies whether the event is a management event.
-    - name: read_only
-      type: boolean
-      description: Identifies whether this operation is a read-only operation.
-    - name: resources
-      type: group
-      fields:
-        - name: arn
-          type: keyword
-          description: Resource ARNs
-        - name: account_id
-          type: keyword
-          description: Account ID of the resource owner
-        - name: type
-          type: keyword
-          description: 'Resource type identifier in the format: AWS::aws-service-name::data-type-name'
-    - name: recipient_account_id
-      type: keyword
-      description: Represents the account ID that received this event.
-    - name: service_event_details
-      type: keyword
-      description: Identifies the service event, including what triggered the event and the result.
-      multi_fields:
-        - name: text
-          type: text
-          default_field: false
-    - name: shared_event_id
-      type: keyword
-      description: GUID generated by CloudTrail to uniquely identify CloudTrail events from the same AWS action that is sent to different AWS accounts.
-    - name: vpc_endpoint_id
-      type: keyword
-      description: Identifies the VPC endpoint in which requests were made from a VPC to another AWS service, such as Amazon S3.
-    - name: console_login
-      type: group
-      fields:
-        - name: additional_eventdata
-          type: group
-          fields:
-            - name: mobile_version
-              type: boolean
-              description: Identifies whether ConsoleLogin was from mobile version
-            - name: login_to
-              type: keyword
-              description: URL for ConsoleLogin
-            - name: mfa_used
-              type: boolean
-              description: Identifies whether multi factor authentication was used during ConsoleLogin
-    - name: flattened
-      type: group
-      description: >-
-        ES flattened datatype for objects where the subfields aren't known in advance.
-      fields:
-        - name: additional_eventdata
-          type: flattened
-          description: >
-            Additional data about the event that was not part of the request or response.
-
-        - name: request_parameters
-          type: flattened
-          description: >-
-            The parameters, if any, that were sent with the request.
-        - name: response_elements
-          type: flattened
-          description: >-
-            The response element for actions that make changes (create, update, or delete actions).
-        - name: service_event_details
-          type: flattened
-          description: >-
-            Identifies the service event, including what triggered the event and the result.
-        - name: digest
-          type: flattened
-          description: >-
-            Additional digest information.
-        - name: insight_details
-          type: flattened
-          description: >-
-            Additional insight details.
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/manifest.yml b/test/packages/parallel/aws/data_stream/cloudtrail/manifest.yml
deleted file mode 100644
index 5db302b0f..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/manifest.yml
+++ /dev/null
@@ -1,195 +0,0 @@
-title: AWS CloudTrail Logs
-type: logs
-streams:
-  - input: aws-s3
-    template_path: aws-s3.yml.hbs
-    title: AWS CloudTrail Logs
-    description: Collect AWS CloudTrail logs using s3 input
-    vars:
-      - name: visibility_timeout
-        type: text
-        title: Visibility Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
-      - name: api_timeout
-        type: text
-        title: API Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
-      - name: queue_url
-        type: text
-        title: Queue URL
-        multi: false
-        required: true
-        show_user: true
-        description: URL of the AWS SQS queue that messages will be received from.
-      - name: fips_enabled
-        type: bool
-        title: Enable S3 FIPS
-        default: false
-        multi: false
-        required: false
-        show_user: false
-        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-cloudtrail
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
-      - name: cloudtrail_regex
-        type: text
-        title: CloudTrail Logs regex
-        default: '/CloudTrail/'
-        required: false
-        show_user: false
-        description: |
-          Regex to match path of CloudTrail S3 Objects.  If blank
-          CloudTrail logs will be skipped.
-      - name: cloudtrail_digest_regex
-        type: text
-        title: CloudTrail Digest Logs regex
-        default: '/CloudTrail-Digest/'
-        required: false
-        show_user: false
-        description: |
-          Regex to match path of CloudTrail Digest S3 Objects.  If
-          blank CloudTrail Digest logs will be skipped.
-      - name: cloudtrail_insight_regex
-        type: text
-        title: CloudTrail Insight Logs regex
-        default: '/CloudTrail-Insight/'
-        required: false
-        show_user: false
-        description: |
-          Regex to match path of CloudTrail Insight S3 Objects.  If
-          blank CloudTrail Insight logs will be skipped.
-      - name: max_number_of_messages
-        type: integer
-        title: Maximum Concurrent SQS Messages
-        description: The maximum number of SQS messages that can be inflight at any time.
-        default: 5
-        required: false
-        show_user: false
-  - input: httpjson
-    title: AWS CloudTrail Logs via Splunk Enterprise REST API
-    description: Collect AWS CloudTrail logs via Splunk Enterprise REST API
-    enabled: false
-    template_path: httpjson.yml.hbs
-    vars:
-      - name: url
-        type: text
-        title: URL of Splunk Enterprise Server
-        description: i.e. scheme://host:port, path is automatic
-        show_user: true
-        required: true
-        default: https://server.example.com:8089
-      - name: username
-        type: text
-        title: Splunk REST API Username
-        show_user: true
-        required: false
-      - name: password
-        type: password
-        title: Splunk REST API Password
-        required: false
-        show_user: true
-      - name: token
-        type: password
-        title: Splunk Authorization Token
-        description: |
-          Bearer Token or Session Key, e.g. "Bearer eyJFd3e46..."
-          or "Splunk 192fd3e...".  Cannot be used with username
-          and password.
-        show_user: true
-        required: false
-      - name: ssl
-        type: yaml
-        title: SSL Configuration
-        multi: false
-        required: false
-        show_user: false
-        description: i.e. certificate_authorities, supported_protocols, verification_mode etc.
-        default: |
-          #certificate_authorities:
-          #  - |
-          #    -----BEGIN CERTIFICATE-----
-          #    MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF
-          #    ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2
-          #    MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
-          #    BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n
-          #    fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl
-          #    94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t
-          #    /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP
-          #    PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41
-          #    CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O
-          #    BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux
-          #    8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D
-          #    874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw
-          #    3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA
-          #    H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu
-          #    8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0
-          #    yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk
-          #    sxSmbIUfc2SGJGCJD4I=
-          #    -----END CERTIFICATE-----
-      - name: interval
-        type: text
-        title: Interval to query Splunk Enterprise REST API
-        description: Go Duration syntax (eg. 10s)
-        show_user: true
-        required: true
-        default: 10s
-      - name: search
-        type: text
-        title: Splunk search string
-        show_user: true
-        required: true
-        default: "search sourcetype=aws:cloudtrail"
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-cloudtrail
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
diff --git a/test/packages/parallel/aws/data_stream/cloudtrail/sample_event.json b/test/packages/parallel/aws/data_stream/cloudtrail/sample_event.json
deleted file mode 100644
index 0c8df40b3..000000000
--- a/test/packages/parallel/aws/data_stream/cloudtrail/sample_event.json
+++ /dev/null
@@ -1,85 +0,0 @@
-{
-    "data_stream": {
-        "namespace": "default",
-        "type": "logs",
-        "dataset": "aws.cloudtrail"
-    },
-    "source": {
-        "address": "127.0.0.1",
-        "ip": "127.0.0.1"
-    },
-    "tags": [
-        "preserve_original_event"
-    ],
-    "cloud": {
-        "region": "us-east-1",
-        "account": {
-            "id": "123456789012"
-        }
-    },
-    "@timestamp": "2020-01-08T20:53:12.000Z",
-    "ecs": {
-        "version": "1.12.0"
-    },
-    "related": {
-        "user": [
-            "Alice",
-            "Bob",
-            "Robert"
-        ]
-    },
-    "event": {
-        "ingested": "2021-10-05T23:06:12.229540200Z",
-        "original": "{\"eventVersion\":\"1.05\",\"userIdentity\":{\"type\":\"IAMUser\",\"principalId\":\"EX_PRINCIPAL_ID\",\"arn\":\"arn:aws:iam::123456789012:user/Alice\",\"accountId\":\"123456789012\",\"accessKeyId\":\"EXAMPLE_KEY_ID\",\"userName\":\"Alice\"},\"eventTime\":\"2020-01-08T20:53:12Z\",\"eventSource\":\"iam.amazonaws.com\",\"eventName\":\"UpdateUser\",\"awsRegion\":\"us-east-1\",\"sourceIPAddress\":\"127.0.0.1\",\"userAgent\":\"aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46\",\"requestParameters\":{\"userName\":\"Bob\",\"newUserName\":\"Robert\"},\"responseElements\":null,\"requestID\":\"3a6b3260-739d-465e-9406-bcEXAMPLE\",\"eventID\":\"9150d546-3564-4262-8e62-110EXAMPLE\",\"eventType\":\"AwsApiCall\",\"recipientAccountId\":\"123456789012\"}",
-        "provider": "iam.amazonaws.com",
-        "created": "2020-01-08T20:53:12.000Z",
-        "kind": "event",
-        "action": "UpdateUser",
-        "id": "9150d546-3564-4262-8e62-110EXAMPLE",
-        "type": [
-            "user",
-            "change"
-        ],
-        "category": [
-            "iam"
-        ],
-        "outcome": "success"
-    },
-    "aws": {
-        "cloudtrail": {
-            "event_version": "1.05",
-            "flattened": {
-                "request_parameters": {
-                    "userName": "Bob",
-                    "newUserName": "Robert"
-                }
-            },
-            "user_identity": {
-                "access_key_id": "EXAMPLE_KEY_ID",
-                "type": "IAMUser",
-                "arn": "arn:aws:iam::123456789012:user/Alice"
-            },
-            "event_type": "AwsApiCall",
-            "recipient_account_id": "123456789012",
-            "request_parameters": "{newUserName=Robert, userName=Bob}"
-        }
-    },
-    "user": {
-        "name": "Alice",
-        "changes": {
-            "name": "Robert"
-        },
-        "id": "EX_PRINCIPAL_ID",
-        "target": {
-            "name": "Bob"
-        }
-    },
-    "user_agent": {
-        "name": "aws-cli",
-        "original": "aws-cli/1.16.310 Python/3.8.1 Darwin/18.7.0 botocore/1.13.46",
-        "device": {
-            "name": "Spider"
-        },
-        "version": "1.16.310"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log b/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log
deleted file mode 100644
index 4487fdf08..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log
+++ /dev/null
@@ -1,6 +0,0 @@
-2020-02-20T07:01:01.000Z Feb 20 07:01:01 ip-172-31-81-156 systemd: Stopping User Slice of root.
-2020-02-20T07:02:18.000Z Feb 20 07:02:18 ip-172-31-81-156 dhclient[3000]: XMT: Solicit on eth0, interval 125240ms.
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPREQUEST on eth0 to 172.31.80.1 port 67 (xid=0x4575af22)
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPACK from 172.31.80.1 (xid=0x4575af22)
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: bound to 172.31.81.156 -- renewal in 1599 seconds.
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json b/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json
deleted file mode 100644
index 3dfb5a831..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-cloudwatch-ec2.log-expected.json
+++ /dev/null
@@ -1,112 +0,0 @@
-{
-    "expected": [
-        {
-            "@timestamp": "2020-02-20T07:01:01.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:54.939936200Z",
-                "original": "2020-02-20T07:01:01.000Z Feb 20 07:01:01 ip-172-31-81-156 systemd: Stopping User Slice of root."
-            },
-            "aws": {
-                "cloudwatch": {
-                    "message": "ip-172-31-81-156 systemd: Stopping User Slice of root."
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "@timestamp": "2020-02-20T07:02:18.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:54.939952100Z",
-                "original": "2020-02-20T07:02:18.000Z Feb 20 07:02:18 ip-172-31-81-156 dhclient[3000]: XMT: Solicit on eth0, interval 125240ms."
-            },
-            "aws": {
-                "cloudwatch": {
-                    "message": "ip-172-31-81-156 dhclient[3000]: XMT: Solicit on eth0, interval 125240ms."
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:54.939961600Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPREQUEST on eth0 to 172.31.80.1 port 67 (xid=0x4575af22)"
-            },
-            "aws": {
-                "cloudwatch": {
-                    "message": "ip-172-31-81-156 dhclient[2898]: DHCPREQUEST on eth0 to 172.31.80.1 port 67 (xid=0x4575af22)"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:54.940028500Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPACK from 172.31.80.1 (xid=0x4575af22)"
-            },
-            "aws": {
-                "cloudwatch": {
-                    "message": "ip-172-31-81-156 dhclient[2898]: DHCPACK from 172.31.80.1 (xid=0x4575af22)"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:54.940036600Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: bound to 172.31.81.156 -- renewal in 1599 seconds."
-            },
-            "aws": {
-                "cloudwatch": {
-                    "message": "ip-172-31-81-156 dhclient[2898]: bound to 172.31.81.156 -- renewal in 1599 seconds."
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:54.940044900Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s"
-            },
-            "aws": {
-                "cloudwatch": {
-                    "message": "ip-172-31-81-156 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml
deleted file mode 100644
index 5622947e4..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/_dev/test/pipeline/test-common-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-dynamic_fields:
-  event.ingested: ".*"
-fields:
-  tags:
-    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs
deleted file mode 100644
index ccf43bcdd..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/agent/stream/aws-s3.yml.hbs
+++ /dev/null
@@ -1,51 +0,0 @@
-queue_url: {{queue_url}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if visibility_timeout}}
-visibility_timeout: {{visibility_timeout}}
-{{/if}}
-{{#if api_timeout}}
-api_timeout: {{api_timeout}}
-{{/if}}
-{{#if max_number_of_messages}}
-max_number_of_messages: {{max_number_of_messages}}
-{{/if}}
-{{#if endpoint}}
-endpoint: {{endpoint}}
-{{/if}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if fips_enabled}}
-fips_enabled: {{fips_enabled}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml
deleted file mode 100644
index af65d9c1a..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/elasticsearch/ingest_pipeline/default.yml
+++ /dev/null
@@ -1,38 +0,0 @@
----
-description: "Pipeline for CloudWatch logs"
-
-processors:
-  - set:
-      field: event.ingested
-      value: '{{_ingest.timestamp}}'
-  - set:
-      field: ecs.version
-      value: '1.12.0'
-  - rename:
-      field: message
-      target_field: event.original
-      ignore_missing: true
-  - grok:
-      field: event.original
-      patterns:
-        - '%{TIMESTAMP_ISO8601:_tmp.timestamp} %{SYSLOGTIMESTAMP:_tmp.syslog_timestamp} %{GREEDYDATA:aws.cloudwatch.message}'
-        - '%{TIMESTAMP_ISO8601:_tmp.timestamp} %{GREEDYDATA:aws.cloudwatch.message}'
-  - date:
-      field: _tmp.timestamp
-      target_field: "@timestamp"
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - remove:
-      field:
-        - _tmp
-      ignore_missing: true
-  - remove:
-      field: event.original
-      if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
-      ignore_failure: true
-      ignore_missing: true
-on_failure:
-  - set:
-      field: error.message
-      value: '{{ _ingest.on_failure_message }}'
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/agent.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/base-fields.yml
deleted file mode 100644
index 4fbeaa06a..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.cloudwatch_logs
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/ecs.yml
deleted file mode 100644
index def0bf767..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/ecs.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error.message
-- external: ecs
-  name: tags
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/fields.yml
deleted file mode 100644
index d4d4e1925..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/fields/fields.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: aws.cloudwatch
-  type: group
-  fields:
-    - name: message
-      type: text
-      description: |
-        CloudWatch log message.
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/manifest.yml b/test/packages/parallel/aws/data_stream/cloudwatch_logs/manifest.yml
deleted file mode 100644
index 7608cf403..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/manifest.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-title: AWS CloudWatch logs
-type: logs
-streams:
-  - input: aws-s3
-    template_path: aws-s3.yml.hbs
-    title: AWS CloudWatch logs
-    description: Collect AWS CloudWatch logs using s3 input
-    vars:
-      - name: visibility_timeout
-        type: text
-        title: Visibility Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
-      - name: api_timeout
-        type: text
-        title: API Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
-      - name: queue_url
-        type: text
-        title: Queue URL
-        multi: false
-        required: true
-        show_user: true
-        description: URL of the AWS SQS queue that messages will be received from.
-      - name: fips_enabled
-        type: bool
-        title: Enable S3 FIPS
-        default: false
-        multi: false
-        required: false
-        show_user: false
-        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        required: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-cloudwatch-logs
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
-      - name: max_number_of_messages
-        type: integer
-        title: Maximum Concurrent SQS Messages
-        description: The maximum number of SQS messages that can be inflight at any time.
-        default: 5
-        required: false
-        show_user: false
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_logs/sample_event.json b/test/packages/parallel/aws/data_stream/cloudwatch_logs/sample_event.json
deleted file mode 100644
index b41878aaf..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_logs/sample_event.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "@timestamp": "2020-02-20T07:02:37.000Z",
-    "data_stream": {
-        "namespace": "default",
-        "type": "logs",
-        "dataset": "aws.cloudwatch_logs"
-    },
-    "ecs": {
-        "version": "1.12.0"
-    },
-    "event": {
-        "ingested": "2021-07-19T21:47:04.696803300Z",
-        "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s"
-    },
-    "aws": {
-        "cloudwatch": {
-            "message": "ip-172-31-81-156 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s"
-        }
-    },
-    "tags": [
-        "preserve_original_event"
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs
deleted file mode 100644
index 71d53c29a..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["cloudwatch"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if metrics}}
-metrics: {{metrics}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/agent.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml
deleted file mode 100644
index 901d85d43..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.cloudwatch_metrics
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/ecs.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/fields.yml
deleted file mode 100644
index 0422c9afe..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/fields.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: Metric dimensions.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/manifest.yml b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/manifest.yml
deleted file mode 100644
index 543c24a8c..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/manifest.yml
+++ /dev/null
@@ -1,47 +0,0 @@
-title: AWS CloudWatch metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 300s
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: metrics
-        type: yaml
-        title: Metrics
-        multi: false
-        required: true
-        show_user: true
-        default: |
-          - namespace: AWS/EC2
-            resource_type: ec2:instance
-            name:
-              - CPUUtilization
-              - DiskWriteOps
-            statistic:
-              - Average
-              - Maximum
-            # dimensions:
-             # - name: InstanceId
-                # value: i-123456
-            # tags:
-              # - key: created-by
-                # value: foo
-    title: AWS CloudWatch metrics
-    description: Collect AWS CloudWatch metrics
diff --git a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/sample_event.json b/test/packages/parallel/aws/data_stream/cloudwatch_metrics/sample_event.json
deleted file mode 100644
index bf25e887b..000000000
--- a/test/packages/parallel/aws/data_stream/cloudwatch_metrics/sample_event.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:17:02.812Z",
-    "event": {
-        "duration": 14119105951,
-        "dataset": "aws.cloudwatch_metrics",
-        "module": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "agent": {
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    },
-    "service": {
-        "type": "aws"
-    },
-    "cloud": {
-        "provider": "aws",
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        }
-    },
-    "aws": {
-        "dimensions": {
-            "InstanceId": "i-0830bfecfa7173cbe"
-        },
-        "ec2": {
-            "metrics": {
-                "DiskWriteOps": {
-                    "avg": 0,
-                    "max": 0
-                },
-                "CPUUtilization": {
-                    "avg": 0.7661943132361363,
-                    "max": 0.833333333333333
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/EC2"
-        }
-    },
-    "metricset": {
-        "period": 300000,
-        "name": "cloudwatch"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs
deleted file mode 100644
index f6662fd6c..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["dynamodb"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/fields/agent.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/base-fields.yml
deleted file mode 100644
index f4dcea38b..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.dynamodb
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/fields/ecs.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/fields/fields.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/fields.yml
deleted file mode 100644
index abd232950..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/fields/fields.yml
+++ /dev/null
@@ -1,115 +0,0 @@
-- name: aws.dynamodb
-  type: group
-  fields:
-    - name: metrics
-      type: group
-      fields:
-        - name: SuccessfulRequestLatency
-          type: group
-          fields:
-            - name: avg
-              type: double
-            - name: max
-              type: double
-        - name: OnlineIndexPercentageProgress.avg
-          type: double
-          description: |
-            The percentage of completion when a new global secondary index is being added to a table.
-        - name: ProvisionedWriteCapacityUnits.avg
-          type: double
-          description: |
-            The number of provisioned write capacity units for a table or a global secondary index.
-        - name: ProvisionedReadCapacityUnits.avg
-          type: double
-          description: |
-            The number of provisioned read capacity units for a table or a global secondary index.
-        - name: ConsumedReadCapacityUnits
-          type: group
-          fields:
-            - name: avg
-              type: double
-            - name: sum
-              type: long
-        - name: ConsumedWriteCapacityUnits
-          type: group
-          fields:
-            - name: avg
-              type: double
-            - name: sum
-              type: long
-        - name: ReplicationLatency
-          type: group
-          fields:
-            - name: avg
-              type: double
-            - name: max
-              type: double
-        - name: TransactionConflict
-          type: group
-          fields:
-            - name: avg
-              type: double
-            - name: sum
-              type: long
-        - name: AccountProvisionedReadCapacityUtilization.avg
-          type: double
-          description: |
-            The average percentage of provisioned read capacity units utilized by the account.
-        - name: AccountProvisionedWriteCapacityUtilization.avg
-          type: double
-          description: |
-            The average percentage of provisioned write capacity units utilized by the account.
-        - name: SystemErrors.sum
-          type: long
-          description: |
-            The requests to DynamoDB or Amazon DynamoDB Streams that generate an HTTP 500 status code during the specified time period.
-        - name: ConditionalCheckFailedRequests.sum
-          type: long
-          description: |
-            The number of failed attempts to perform conditional writes.
-        - name: PendingReplicationCount.sum
-          type: long
-          description: |
-            The number of item updates that are written to one replica table, but that have not yet been written to another replica in the global table.
-        - name: ReadThrottleEvents.sum
-          type: long
-          description: |
-            Requests to DynamoDB that exceed the provisioned read capacity units for a table or a global secondary index.
-        - name: ThrottledRequests.sum
-          type: long
-          description: |
-            Requests to DynamoDB that exceed the provisioned throughput limits on a resource (such as a table or an index).
-        - name: WriteThrottleEvents.sum
-          type: long
-          description: |
-            Requests to DynamoDB that exceed the provisioned write capacity units for a table or a global secondary index.
-        - name: AccountMaxReads.max
-          type: long
-          description: |
-            The maximum number of read capacity units that can be used by an account. This limit does not apply to on-demand tables or global secondary indexes.
-        - name: AccountMaxTableLevelReads.max
-          type: long
-          description: |
-            The maximum number of read capacity units that can be used by a table or global secondary index of an account. For on-demand tables this limit caps the maximum read request units a table or a global secondary index can use.
-        - name: AccountMaxTableLevelWrites.max
-          type: long
-          description: |
-            The maximum number of write capacity units that can be used by a table or global secondary index of an account. For on-demand tables this limit caps the maximum write request units a table or a global secondary index can use.
-        - name: AccountMaxWrites.max
-          type: long
-          description: |
-            The maximum number of write capacity units that can be used by an account. This limit does not apply to on-demand tables or global secondary indexes.
-        - name: MaxProvisionedTableReadCapacityUtilization.max
-          type: double
-          description: |
-            The percentage of provisioned read capacity units utilized by the highest provisioned read table or global secondary index of an account.
-        - name: MaxProvisionedTableWriteCapacityUtilization.max
-          type: double
-          description: |
-            The percentage of provisioned write capacity utilized by the highest provisioned write table or global secondary index of an account.
-- name: aws.cloudwatch
-  type: group
-  fields:
-    - name: namespace
-      type: keyword
-      description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/dynamodb/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/manifest.yml b/test/packages/parallel/aws/data_stream/dynamodb/manifest.yml
deleted file mode 100644
index 437195fae..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/manifest.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: AWS DynamoDB metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 5m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: tags_filter
-        type: yaml
-        title: Tags Filter
-        multi: false
-        required: false
-        show_user: false
-        default: |
-          # - key: "created-by"
-            # value: "foo"
-    title: AWS DynamoDB metrics
-    description: Collect AWS DynamoDB metrics
diff --git a/test/packages/parallel/aws/data_stream/dynamodb/sample_event.json b/test/packages/parallel/aws/data_stream/dynamodb/sample_event.json
deleted file mode 100644
index 6973aa2c9..000000000
--- a/test/packages/parallel/aws/data_stream/dynamodb/sample_event.json
+++ /dev/null
@@ -1,59 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:17:08.666Z",
-    "agent": {
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    },
-    "event": {
-        "dataset": "aws.dynamodb",
-        "module": "aws",
-        "duration": 10266182336
-    },
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "cloud": {
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws",
-        "region": "eu-central-1"
-    },
-    "aws": {
-        "dimensions": {
-            "TableName": "TryDaxTable3"
-        },
-        "dynamodb": {
-            "metrics": {
-                "ProvisionedWriteCapacityUnits": {
-                    "avg": 1
-                },
-                "ProvisionedReadCapacityUnits": {
-                    "avg": 1
-                },
-                "ConsumedWriteCapacityUnits": {
-                    "avg": 0,
-                    "sum": 0
-                },
-                "ConsumedReadCapacityUnits": {
-                    "avg": 0,
-                    "sum": 0
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/DynamoDB"
-        }
-    },
-    "metricset": {
-        "name": "dynamodb",
-        "period": 300000
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/ebs/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/ebs/agent/stream/stream.yml.hbs
deleted file mode 100644
index df4b1aaf0..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["ebs"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/ebs/fields/agent.yml b/test/packages/parallel/aws/data_stream/ebs/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/ebs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/ebs/fields/base-fields.yml
deleted file mode 100644
index 85dfe5c90..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.ebs
diff --git a/test/packages/parallel/aws/data_stream/ebs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/ebs/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/ebs/fields/fields.yml b/test/packages/parallel/aws/data_stream/ebs/fields/fields.yml
deleted file mode 100644
index c230284e0..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/fields/fields.yml
+++ /dev/null
@@ -1,54 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: VolumeId
-          type: keyword
-          description: Amazon EBS volume ID
-    - name: ebs
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: VolumeReadBytes.avg
-              type: double
-              description: Average size of each read operation during the period, except on volumes attached to a Nitro-based instance, where the average represents the average over the specified period.
-            - name: VolumeWriteBytes.avg
-              type: double
-              description: Average size of each write operation during the period, except on volumes attached to a Nitro-based instance, where the average represents the average over the specified period.
-            - name: VolumeReadOps.avg
-              type: double
-              description: The total number of read operations in a specified period of time.
-            - name: VolumeWriteOps.avg
-              type: double
-              description: The total number of write operations in a specified period of time.
-            - name: VolumeQueueLength.avg
-              type: double
-              description: The number of read and write operation requests waiting to be completed in a specified period of time.
-            - name: VolumeThroughputPercentage.avg
-              type: double
-              description: The percentage of I/O operations per second (IOPS) delivered of the total IOPS provisioned for an Amazon EBS volume. Used with Provisioned IOPS SSD volumes only.
-            - name: VolumeConsumedReadWriteOps.avg
-              type: double
-              description: The total amount of read and write operations (normalized to 256K capacity units) consumed in a specified period of time. Used with Provisioned IOPS SSD volumes only.
-            - name: BurstBalance.avg
-              type: double
-              description: Used with General Purpose SSD (gp2), Throughput Optimized HDD (st1), and Cold HDD (sc1) volumes only. Provides information about the percentage of I/O credits (for gp2) or throughput credits (for st1 and sc1) remaining in the burst bucket.
-            - name: VolumeTotalReadTime.sum
-              type: double
-              description: The total number of seconds spent by all read operations that completed in a specified period of time.
-            - name: VolumeTotalWriteTime.sum
-              type: double
-              description: The total number of seconds spent by all write operations that completed in a specified period of time.
-            - name: VolumeIdleTime.sum
-              type: double
-              description: The total number of seconds in a specified period of time when no read or write operations were submitted.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/ebs/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/ebs/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/ebs/manifest.yml b/test/packages/parallel/aws/data_stream/ebs/manifest.yml
deleted file mode 100644
index 483fb237a..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/manifest.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: AWS EBS metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 5m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: tags_filter
-        type: yaml
-        title: Tags Filter
-        multi: false
-        required: false
-        show_user: false
-        default: |
-          # - key: "created-by"
-            # value: "foo"
-    title: AWS EBS metrics
-    description: Collect AWS EBS metrics
diff --git a/test/packages/parallel/aws/data_stream/ebs/sample_event.json b/test/packages/parallel/aws/data_stream/ebs/sample_event.json
deleted file mode 100644
index ce81b383a..000000000
--- a/test/packages/parallel/aws/data_stream/ebs/sample_event.json
+++ /dev/null
@@ -1,66 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:57:22.450Z",
-    "service": {
-        "type": "aws"
-    },
-    "aws": {
-        "ebs": {
-            "metrics": {
-                "VolumeReadOps": {
-                    "avg": 0
-                },
-                "VolumeQueueLength": {
-                    "avg": 0.0000666666666666667
-                },
-                "VolumeWriteOps": {
-                    "avg": 29
-                },
-                "VolumeTotalWriteTime": {
-                    "sum": 0.02
-                },
-                "BurstBalance": {
-                    "avg": 100
-                },
-                "VolumeWriteBytes": {
-                    "avg": 14406.620689655172
-                },
-                "VolumeIdleTime": {
-                    "sum": 299.98
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/EBS"
-        },
-        "dimensions": {
-            "VolumeId": "vol-03370a204cc8b0a2f"
-        }
-    },
-    "agent": {
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "cloud": {
-        "provider": "aws",
-        "region": "eu-central-1",
-        "account": {
-            "id": "428152502467",
-            "name": "elastic-beats"
-        }
-    },
-    "event": {
-        "dataset": "aws.ebs",
-        "module": "aws",
-        "duration": 10488314037
-    },
-    "metricset": {
-        "period": 300000,
-        "name": "ebs"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml
deleted file mode 100644
index 5622947e4..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-common-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-dynamic_fields:
-  event.ingested: ".*"
-fields:
-  tags:
-    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log b/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log
deleted file mode 100644
index 4487fdf08..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log
+++ /dev/null
@@ -1,6 +0,0 @@
-2020-02-20T07:01:01.000Z Feb 20 07:01:01 ip-172-31-81-156 systemd: Stopping User Slice of root.
-2020-02-20T07:02:18.000Z Feb 20 07:02:18 ip-172-31-81-156 dhclient[3000]: XMT: Solicit on eth0, interval 125240ms.
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPREQUEST on eth0 to 172.31.80.1 port 67 (xid=0x4575af22)
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPACK from 172.31.80.1 (xid=0x4575af22)
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: bound to 172.31.81.156 -- renewal in 1599 seconds.
-2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json b/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json
deleted file mode 100644
index 645fed765..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/_dev/test/pipeline/test-ec2.log-expected.json
+++ /dev/null
@@ -1,136 +0,0 @@
-{
-    "expected": [
-        {
-            "process": {
-                "name": "systemd"
-            },
-            "@timestamp": "2020-02-20T07:01:01.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.125028Z",
-                "original": "2020-02-20T07:01:01.000Z Feb 20 07:01:01 ip-172-31-81-156 systemd: Stopping User Slice of root."
-            },
-            "aws": {
-                "ec2": {
-                    "ip_address": "ip-172-31-81-156"
-                }
-            },
-            "message": "Stopping User Slice of root.",
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "process": {
-                "name": "dhclient[3000]"
-            },
-            "@timestamp": "2020-02-20T07:02:18.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.125040800Z",
-                "original": "2020-02-20T07:02:18.000Z Feb 20 07:02:18 ip-172-31-81-156 dhclient[3000]: XMT: Solicit on eth0, interval 125240ms."
-            },
-            "aws": {
-                "ec2": {
-                    "ip_address": "ip-172-31-81-156"
-                }
-            },
-            "message": "XMT: Solicit on eth0, interval 125240ms.",
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "process": {
-                "name": "dhclient[2898]"
-            },
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.125047800Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPREQUEST on eth0 to 172.31.80.1 port 67 (xid=0x4575af22)"
-            },
-            "aws": {
-                "ec2": {
-                    "ip_address": "ip-172-31-81-156"
-                }
-            },
-            "message": "DHCPREQUEST on eth0 to 172.31.80.1 port 67 (xid=0x4575af22)",
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "process": {
-                "name": "dhclient[2898]"
-            },
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.125052700Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: DHCPACK from 172.31.80.1 (xid=0x4575af22)"
-            },
-            "aws": {
-                "ec2": {
-                    "ip_address": "ip-172-31-81-156"
-                }
-            },
-            "message": "DHCPACK from 172.31.80.1 (xid=0x4575af22)",
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "process": {
-                "name": "dhclient[2898]"
-            },
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.125057100Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 dhclient[2898]: bound to 172.31.81.156 -- renewal in 1599 seconds."
-            },
-            "aws": {
-                "ec2": {
-                    "ip_address": "ip-172-31-81-156"
-                }
-            },
-            "message": "bound to 172.31.81.156 -- renewal in 1599 seconds.",
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "process": {
-                "name": "ec2net"
-            },
-            "@timestamp": "2020-02-20T07:02:37.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.125063600Z",
-                "original": "2020-02-20T07:02:37.000Z Feb 20 07:02:37 ip-172-31-81-156 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s"
-            },
-            "aws": {
-                "ec2": {
-                    "ip_address": "ip-172-31-81-156"
-                }
-            },
-            "message": "[get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/12:e2:a9:95:8b:97/local-ipv4s",
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs
deleted file mode 100644
index ccf43bcdd..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs
+++ /dev/null
@@ -1,51 +0,0 @@
-queue_url: {{queue_url}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if visibility_timeout}}
-visibility_timeout: {{visibility_timeout}}
-{{/if}}
-{{#if api_timeout}}
-api_timeout: {{api_timeout}}
-{{/if}}
-{{#if max_number_of_messages}}
-max_number_of_messages: {{max_number_of_messages}}
-{{/if}}
-{{#if endpoint}}
-endpoint: {{endpoint}}
-{{/if}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if fips_enabled}}
-fips_enabled: {{fips_enabled}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml
deleted file mode 100644
index db6732f5e..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/elasticsearch/ingest_pipeline/default.yml
+++ /dev/null
@@ -1,37 +0,0 @@
----
-description: "Pipeline for EC2 logs in CloudWatch"
-
-processors:
-  - set:
-      field: event.ingested
-      value: '{{_ingest.timestamp}}'
-  - set:
-      field: ecs.version
-      value: '1.12.0'
-  - rename:
-      field: message
-      target_field: event.original
-      ignore_missing: true
-  - grok:
-      field: event.original
-      patterns:
-        - '%{TIMESTAMP_ISO8601:_tmp.timestamp} %{SYSLOGTIMESTAMP:_tmp.syslog_timestamp} %{IPORHOST:aws.ec2.ip_address} %{DATA:process.name}(?:\\[%{POSINT:process.pid}\\])?: %{GREEDYDATA:message}'
-  - date:
-      field: _tmp.timestamp
-      target_field: '@timestamp'
-      ignore_failure: true
-      formats:
-        - ISO8601
-  - remove:
-      field:
-        - _tmp
-      ignore_missing: true
-  - remove:
-      field: event.original
-      if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
-      ignore_failure: true
-      ignore_missing: true
-on_failure:
-  - set:
-      field: 'error.message'
-      value: '{{ _ingest.on_failure_message }}'
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/fields/agent.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/base-fields.yml
deleted file mode 100644
index 1cb7e4882..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.ec2_logs
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/ecs.yml
deleted file mode 100644
index b19093837..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/fields/ecs.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error.message
-- external: ecs
-  name: message
-- external: ecs
-  name: tags
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/fields/fields.yml b/test/packages/parallel/aws/data_stream/ec2_logs/fields/fields.yml
deleted file mode 100644
index cf7d5a878..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/fields/fields.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- name: aws.ec2
-  type: group
-  fields:
-    - name: ip_address
-      type: keyword
-      description: |
-        The internet address of the requester.
-- name: process.name
-  type: keyword
-  description: Process name.
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/manifest.yml b/test/packages/parallel/aws/data_stream/ec2_logs/manifest.yml
deleted file mode 100644
index 3c7e8961c..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/manifest.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-title: AWS EC2 logs
-type: logs
-streams:
-  - input: aws-s3
-    template_path: aws-s3.yml.hbs
-    title: AWS EC2 logs
-    description: Collect AWS EC2 logs using s3 input
-    vars:
-      - name: visibility_timeout
-        type: text
-        title: Visibility Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
-      - name: api_timeout
-        type: text
-        title: API Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
-      - name: queue_url
-        type: text
-        title: Queue URL
-        multi: false
-        required: true
-        show_user: true
-        description: URL of the AWS SQS queue that messages will be received from.
-      - name: fips_enabled
-        type: bool
-        title: Enable S3 FIPS
-        default: false
-        multi: false
-        required: false
-        show_user: false
-        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        required: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-ec2-logs
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
-      - name: max_number_of_messages
-        type: integer
-        title: Maximum Concurrent SQS Messages
-        description: The maximum number of SQS messages that can be inflight at any time.
-        default: 5
-        required: false
-        show_user: false
diff --git a/test/packages/parallel/aws/data_stream/ec2_logs/sample_event.json b/test/packages/parallel/aws/data_stream/ec2_logs/sample_event.json
deleted file mode 100644
index a12169471..000000000
--- a/test/packages/parallel/aws/data_stream/ec2_logs/sample_event.json
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-    "data_stream": {
-        "namespace": "default",
-        "type": "logs",
-        "dataset": "aws.ec2_logs"
-    },
-    "process": {
-        "name": "systemd"
-    },
-    "@timestamp": "2020-02-20T07:01:01.000Z",
-    "ecs": {
-        "version": "1.12.0"
-    },
-    "event": {
-        "ingested": "2021-07-19T21:47:04.871450600Z",
-        "original": "2020-02-20T07:01:01.000Z Feb 20 07:01:01 ip-172-31-81-156 systemd: Stopping User Slice of root."
-    },
-    "aws": {
-        "ec2": {
-            "ip_address": "ip-172-31-81-156"
-        }
-    },
-    "message": "Stopping User Slice of root.",
-    "tags": [
-        "preserve_original_event"
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
deleted file mode 100644
index dcb5b8563..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
+++ /dev/null
@@ -1 +0,0 @@
-http 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 "GET http://www.example.com:80/ HTTP/1.1" "curl/7.46.0" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337262-36d228ad5d99923122bbe354" "-" "-" 0 2018-07-02T22:22:48.364000Z "forward,redirect" "-" "-" "10.0.0.1:80" "200" "-" "-"
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
deleted file mode 100644
index 6cd73ba7a..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
+++ /dev/null
@@ -1,104 +0,0 @@
-{
-    "expected": [
-        {
-            "tracing": {
-                "trace": {
-                    "id": "Root=1-58337262-36d228ad5d99923122bbe354"
-                }
-            },
-            "source": {
-                "port": "2817",
-                "ip": "192.168.131.39"
-            },
-            "url": {
-                "path": "/",
-                "original": "http://www.example.com:80/",
-                "scheme": "http",
-                "port": 80,
-                "domain": "www.example.com"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "cloud": {
-                "provider": "aws"
-            },
-            "@timestamp": "2018-07-02T22:23:00.186Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "http": {
-                "request": {
-                    "method": "get",
-                    "body": {
-                        "bytes": 34
-                    }
-                },
-                "version": "1.1",
-                "response": {
-                    "body": {
-                        "bytes": 366
-                    },
-                    "status_code": 200
-                }
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.337187600Z",
-                "original": "http 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 \"GET http://www.example.com:80/ HTTP/1.1\" \"curl/7.46.0\" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 \"Root=1-58337262-36d228ad5d99923122bbe354\" \"-\" \"-\" 0 2018-07-02T22:22:48.364000Z \"forward,redirect\" \"-\" \"-\" \"10.0.0.1:80\" \"200\" \"-\" \"-\"",
-                "kind": "event",
-                "start": "2018-07-02T22:22:48.364000Z",
-                "end": "2018-07-02T22:23:00.186Z",
-                "category": "web",
-                "outcome": "success"
-            },
-            "aws": {
-                "elb": {
-                    "trace_id": "Root=1-58337262-36d228ad5d99923122bbe354",
-                    "matched_rule_priority": "0",
-                    "type": "http",
-                    "request_processing_time": {
-                        "sec": 0.0
-                    },
-                    "response_processing_time": {
-                        "sec": 0.0
-                    },
-                    "target_port": [
-                        "10.0.0.1:80"
-                    ],
-                    "protocol": "http",
-                    "target_status_code": [
-                        "200"
-                    ],
-                    "name": "app/my-loadbalancer/50dc6c495c0c9188",
-                    "backend": {
-                        "port": "80",
-                        "http": {
-                            "response": {
-                                "status_code": 200
-                            }
-                        },
-                        "ip": "10.0.0.1"
-                    },
-                    "target_group": {
-                        "arn": "arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067"
-                    },
-                    "backend_processing_time": {
-                        "sec": 0.001
-                    },
-                    "action_executed": [
-                        "forward",
-                        "redirect"
-                    ]
-                }
-            },
-            "user_agent": {
-                "name": "curl",
-                "original": "curl/7.46.0",
-                "device": {
-                    "name": "Other"
-                },
-                "version": "7.46.0"
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
deleted file mode 100644
index 5622947e4..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-dynamic_fields:
-  event.ingested: ".*"
-fields:
-  tags:
-    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
deleted file mode 100644
index ccf43bcdd..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
+++ /dev/null
@@ -1,51 +0,0 @@
-queue_url: {{queue_url}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if visibility_timeout}}
-visibility_timeout: {{visibility_timeout}}
-{{/if}}
-{{#if api_timeout}}
-api_timeout: {{api_timeout}}
-{{/if}}
-{{#if max_number_of_messages}}
-max_number_of_messages: {{max_number_of_messages}}
-{{/if}}
-{{#if endpoint}}
-endpoint: {{endpoint}}
-{{/if}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if fips_enabled}}
-fips_enabled: {{fips_enabled}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
deleted file mode 100644
index 10dbec91e..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
+++ /dev/null
@@ -1,222 +0,0 @@
----
-description: "Pipeline for ELB logs"
-
-processors:
-  - set:
-      field: event.ingested
-      value: '{{_ingest.timestamp}}'
-  - set:
-      field: ecs.version
-      value: '1.12.0'
-  - rename:
-      field: message
-      target_field: event.original
-      ignore_missing: true
-  - grok:
-      field: event.original
-      # Classic ELB patterns documented in https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/access-log-collection.html
-      # ELB v2 Application load balancers https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
-      # ELB v2 Netwwork load balancers https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-access-logs.html
-      #
-      patterns:
-        # HTTP (Classic ELB)
-        - >-
-          %{ELBHTTPLOG}
-
-        # TCP (Classic ELB)
-        - >-
-          %{ELBTCPLOG}
-
-        # HTTP from Application Load Balancers (v2 Load Balancers)
-        - >-
-          %{ELBV2TYPE}
-          %{ELBHTTPLOG}
-          %{NOTSPACE:aws.elb.target_group.arn}
-          \"%{DATA:aws.elb.trace_id}\"
-          \"(?:-|%{DATA:destination.domain})\"
-          \"(?:-|%{DATA:aws.elb.chosen_cert.arn})\"
-          (?:-1|%{NUMBER:aws.elb.matched_rule_priority})
-          %{TIMESTAMP_ISO8601:event.start}
-          \"(?:-|%{DATA:_tmp.actions_executed})\"
-          \"(?:-|%{DATA:aws.elb.redirect_url})\"
-          \"(?:-|%{DATA:aws.elb.error.reason})\"( \"(?:-|%{DATA:_tmp.target_port})\")?( \"(?:-|%{DATA:_tmp.target_status_code})\")?( \"(?:-|%{DATA:aws.elb.classification})\")?( \"(?:-|%{DATA:aws.elb.classification_reason})\")?
-
-        # TCP from Network Load Balancers (v2 Load Balancers)
-        - >-
-          %{ELBV2TYPE}
-          %{ELBV2LOGVERSION}
-          %{ELBTIMESTAMP}
-          %{ELBNAME}
-          %{NOTSPACE:aws.elb.listener}
-          %{ELBSOURCE}
-          %{ELBBACKEND}
-          %{NUMBER:aws.elb.connection_time.ms:float}
-          %{NUMBER:aws.elb.tls_handshake_time.ms:float}
-          %{NUMBER:source.bytes:long}
-          %{NUMBER:destination.bytes:long}
-          (?:-|%{NUMBER:aws.elb.incoming_tls_alert})
-          (?:-|%{NOTSPACE:aws.elb.chosen_cert.arn})
-          (?:-|%{NOTSPACE:aws.elb.chosen_cert.serial})
-          %{ELBSSL}
-          (?:-|%{NOTSPACE:aws.elb.ssl_named_group})
-          (?:-|%{NOTSPACE:destination.domain})
-
-      pattern_definitions:
-        ELBTIMESTAMP: '%{TIMESTAMP_ISO8601:_tmp.timestamp}'
-        ELBNAME: '%{NOTSPACE:aws.elb.name}'
-        ELBSOURCE: '%{IP:source.ip}:%{POSINT:source.port}'
-        ELBBACKEND: '(?:-|%{IP:aws.elb.backend.ip}:%{POSINT:aws.elb.backend.port})'
-        ELBPROCESSINGTIME: >-
-          (?:-1|%{NUMBER:aws.elb.request_processing_time.sec:float})
-          (?:-1|%{NUMBER:aws.elb.backend_processing_time.sec:float})
-          (?:-1|%{NUMBER:aws.elb.response_processing_time.sec:float})
-        ELBSSL: >-
-          (?:-|%{NOTSPACE:aws.elb.ssl_cipher})
-          (?:-|%{NOTSPACE:aws.elb.ssl_protocol})
-        ELBCOMMON: >-
-          %{ELBTIMESTAMP}
-          %{ELBNAME}
-          %{ELBSOURCE}
-          %{ELBBACKEND}
-          %{ELBPROCESSINGTIME}
-        ELBHTTPLOG: >-
-          %{ELBCOMMON}
-          %{NUMBER:http.response.status_code:long}
-          (?:-|%{NUMBER:aws.elb.backend.http.response.status_code:long})
-          %{NUMBER:http.request.body.bytes:long}
-          %{NUMBER:http.response.body.bytes:long}
-          \"(?:-|%{WORD:http.request.method}) (?:-|%{NOTSPACE:_tmp.uri_orig}) (?:-|HTTP/%{NOTSPACE:http.version})\"
-          \"%{DATA:_tmp.user_agent}\"
-          %{ELBSSL}
-        ELBTCPLOG: >-
-          %{ELBCOMMON}
-          -
-          -
-          %{NUMBER:source.bytes:long}
-          %{NUMBER:destination.bytes:long}
-          \"- - - \"
-          \"-\"
-          %{ELBSSL}
-        ELBV2TYPE: '%{WORD:aws.elb.type}'
-        ELBV2LOGVERSION: '%{NOTSPACE}'  # Could be used to support different log versions, only 1.0 exists now
-  - set:
-      field: event.kind
-      value: event
-  - set:
-      field: cloud.provider
-      value: aws
-  - set:
-      if: ctx.http != null
-      field: aws.elb.protocol
-      value: http
-
-  - uri_parts:
-      if: 'ctx?._tmp?.uri_orig != null'
-      field: _tmp.uri_orig
-      ignore_failure: true
-
-  - user_agent:
-      if: 'ctx?._tmp?.user_agent != null'
-      field: _tmp.user_agent
-      ignore_missing: true
-
-  - set:
-      if: ctx.http != null
-      field: event.category
-      value: web
-  - set:
-      field: aws.elb.protocol
-      value: tcp
-      if: ctx.http == null
-  - set:
-      field: event.category
-      value: network
-      if: ctx.http == null
-  - set:
-      field: event.outcome
-      value: success
-      if: 'ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400'
-  - set:
-      field: event.outcome
-      value: failure
-      if: 'ctx?.http?.response?.status_code != null && ctx.http.response.status_code >= 400'
-  - lowercase:
-      field: http.request.method
-      ignore_missing: true
-  - set:
-      field: tracing.trace.id
-      value: '{{aws.elb.trace_id}}'
-      if: ctx?.aws?.elb?.trace_id != null
-  - split:
-      field: _tmp.actions_executed
-      target_field: aws.elb.action_executed
-      separator: ','
-      ignore_missing: true
-  - split:
-      field: _tmp.target_port
-      target_field: aws.elb.target_port
-      separator: ' '
-      ignore_missing: true
-  - split:
-      field: _tmp.target_status_code
-      target_field: aws.elb.target_status_code
-      separator: ' '
-      ignore_missing: true
-  - date:
-      field: _tmp.timestamp
-      formats:
-        - ISO8601
-  - set:
-      field: event.end
-      value: '{{ @timestamp }}'
-  - geoip:
-      field: source.ip
-      target_field: source.geo
-      ignore_missing: true
-  - geoip:
-      database_file: GeoLite2-ASN.mmdb
-      field: source.ip
-      target_field: source.as
-      properties:
-        - asn
-        - organization_name
-      ignore_missing: true
-  - rename:
-      field: source.as.asn
-      target_field: source.as.number
-      ignore_missing: true
-  - rename:
-      field: source.as.organization_name
-      target_field: source.as.organization.name
-      ignore_missing: true
-  - set:
-      field: tls.cipher
-      value: '{{aws.elb.ssl_cipher}}'
-      if: ctx.aws?.elb?.ssl_cipher != null
-  - script:
-      lang: painless
-      if: ctx.aws?.elb?.ssl_protocol != null
-      source: >-
-        def parts = ctx.aws.elb.ssl_protocol.splitOnToken("v");
-        if (parts.length != 2) {
-          return;
-        }
-        if (parts[1].contains(".")) {
-          ctx.tls.version = parts[1];
-        } else {
-          ctx.tls.version = parts[1].substring(0,1) + "." + parts[1].substring(1);
-        }
-        ctx.tls.version_protocol = parts[0].toLowerCase();
-  - remove:
-      field:
-        - _tmp
-      ignore_missing: true
-  - remove:
-      field: event.original
-      if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
-      ignore_failure: true
-      ignore_missing: true
-on_failure:
-  - set:
-      field: 'error.message'
-      value: '{{ _ingest.on_failure_message }}'
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
deleted file mode 100644
index fedbf54e9..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.elb_logs
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
deleted file mode 100644
index 00a543651..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error.message
-- external: ecs
-  name: tags
-- external: ecs
-  name: url.domain
-- external: ecs
-  name: url.original
-- external: ecs
-  name: url.path
-- external: ecs
-  name: url.port
-- external: ecs
-  name: url.scheme
-- external: ecs
-  name: user_agent.device.name
-- external: ecs
-  name: user_agent.name
-- external: ecs
-  name: user_agent.version
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
deleted file mode 100644
index a93a86942..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
+++ /dev/null
@@ -1,197 +0,0 @@
-- name: aws.elb
-  type: group
-  fields:
-    - name: name
-      type: keyword
-      description: |
-        The name of the load balancer.
-    - name: type
-      type: keyword
-      description: |
-        The type of the load balancer for v2 Load Balancers.
-    - name: target_group.arn
-      type: keyword
-      description: |
-        The ARN of the target group handling the request.
-    - name: listener
-      type: keyword
-      description: |
-        The ELB listener that received the connection.
-    - name: protocol
-      type: keyword
-      description: |
-        The protocol of the load balancer (http or tcp).
-    - name: request_processing_time.sec
-      type: float
-      description: |
-        The total time in seconds since the connection or request is received until it is sent to a registered backend.
-    - name: backend_processing_time.sec
-      type: float
-      description: |
-        The total time in seconds since the connection is sent to the backend till the backend starts responding.
-    - name: response_processing_time.sec
-      type: float
-      description: |
-        The total time in seconds since the response is received from the backend till it is sent to the client.
-    - name: connection_time.ms
-      type: long
-      description: |
-        The total time of the connection in milliseconds, since it is opened till it is closed.
-    - name: tls_handshake_time.ms
-      type: long
-      description: |
-        The total time for the TLS handshake to complete in milliseconds once the connection has been established.
-    - name: backend.ip
-      type: keyword
-      description: |
-        The IP address of the backend processing this connection.
-    - name: backend.port
-      type: keyword
-      description: |
-        The port in the backend processing this connection.
-    - name: backend.http.response.status_code
-      type: long
-      description: |
-        The status code from the backend (status code sent to the client from ELB is stored in `http.response.status_code`
-    - name: ssl_cipher
-      type: keyword
-      description: |
-        The SSL cipher used in TLS/SSL connections.
-    - name: ssl_protocol
-      type: keyword
-      description: |
-        The SSL protocol used in TLS/SSL connections.
-    - name: chosen_cert.arn
-      type: keyword
-      description: |
-        The ARN of the chosen certificate presented to the client in TLS/SSL connections.
-    - name: chosen_cert.serial
-      type: keyword
-      description: |
-        The serial number of the chosen certificate presented to the client in TLS/SSL connections.
-    - name: incoming_tls_alert
-      type: keyword
-      description: |
-        The integer value of TLS alerts received by the load balancer from the client, if present.
-    - name: tls_named_group
-      type: keyword
-      description: |
-        The TLS named group.
-    - name: trace_id
-      type: keyword
-      description: |
-        The contents of the `X-Amzn-Trace-Id` header.
-    - name: matched_rule_priority
-      type: keyword
-      description: |
-        The priority value of the rule that matched the request, if a rule matched.
-    - name: action_executed
-      type: keyword
-      description: |
-        The action executed when processing the request (forward, fixed-response, authenticate...). It can contain several values.
-    - name: redirect_url
-      type: keyword
-      description: |
-        The URL used if a redirection action was executed.
-    - name: error.reason
-      type: keyword
-      description: |
-        The error reason if the executed action failed.
-    - name: target_port
-      type: keyword
-      description: >
-        List of IP addresses and ports for the targets that processed this request.
-
-    - name: target_status_code
-      type: keyword
-      description: >
-        List of status codes from the responses of the targets.
-
-    - name: classification
-      type: keyword
-      description: >
-        The classification for desync mitigation.
-
-    - name: classification_reason
-      type: keyword
-      description: >
-        The classification reason code.
-
-- name: destination.domain
-  type: keyword
-  description: Destination domain.
-- name: event.start
-  type: date
-  description: event.start contains the date when the event started or when the activity was first observed.
-- name: destination.bytes
-  type: long
-  description: Bytes sent from the destination to the source.
-- name: http.response.status_code
-  type: long
-  description: HTTP response status code.
-- name: http.request.body.bytes
-  type: long
-  description: Size in bytes of the request body.
-- name: http.response.body.bytes
-  type: long
-  description: Size in bytes of the response body.
-- name: http.request.method
-  type: keyword
-  description: HTTP request method.
-- name: http.request.referrer
-  type: keyword
-  description: Referrer for this HTTP request.
-- name: http.version
-  type: keyword
-  description: HTTP version.
-- name: user_agent.original
-  type: keyword
-  description: Unparsed user_agent string.
-- name: cloud.provider
-  type: keyword
-  description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-- name: event.kind
-  type: keyword
-  description: Event kind (e.g. event, alert, metric, state, pipeline_error, sig
-- name: event.category
-  type: keyword
-  description: Event category (e.g. database)
-- name: event.outcome
-  type: keyword
-  description: This is one of four ECS Categorization Fields, and indicates the lowest level in the ECS category hierarchy.
-- name: tracing.trace.id
-  type: keyword
-  description: Unique identifier of the trace.
-- name: event.end
-  type: date
-  description: event.end contains the date when the event ended or when the activity was last observed.
-- name: source.ip
-  type: ip
-  description: IP address of the source.
-- name: source.as.number
-  type: long
-  description: Unique number allocated to the autonomous system. The autonomous system number (ASN) uniquely identifies each network on the Internet.
-- name: source.as.organization.name
-  type: keyword
-  description: Organization name.
-- name: source.geo.city_name
-  type: keyword
-  description: City name.
-- name: source.geo.continent_name
-  type: keyword
-  description: Name of the continent.
-- name: source.geo.country_iso_code
-  type: keyword
-  description: Country ISO code.
-- name: source.geo.location
-  type: geo_point
-  description: Longitude and latitude.
-- name: source.geo.region_iso_code
-  type: keyword
-  description: Region ISO code.
-- name: source.geo.region_name
-  type: keyword
-  description: Region name.
-- name: source.port
-  type: keyword
-  description: Port of the source.
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/manifest.yml b/test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
deleted file mode 100644
index fdd4f2549..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-title: AWS ELB logs
-type: logs
-streams:
-  - input: aws-s3
-    template_path: aws-s3.yml.hbs
-    title: AWS ELB logs
-    description: Collect AWS ELB logs using s3 input
-    vars:
-      - name: visibility_timeout
-        type: text
-        title: Visibility Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
-      - name: api_timeout
-        type: text
-        title: API Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
-      - name: queue_url
-        type: text
-        title: Queue URL
-        multi: false
-        required: true
-        show_user: true
-        description: URL of the AWS SQS queue that messages will be received from.
-      - name: fips_enabled
-        type: bool
-        title: Enable S3 FIPS
-        default: false
-        multi: false
-        required: false
-        show_user: false
-        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        required: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-elb-logs
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
-      - name: max_number_of_messages
-        type: integer
-        title: Maximum Concurrent SQS Messages
-        description: The maximum number of SQS messages that can be inflight at any time.
-        default: 5
-        required: false
-        show_user: false
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/sample_event.json b/test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
deleted file mode 100644
index d0d9729d8..000000000
--- a/test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
+++ /dev/null
@@ -1,105 +0,0 @@
-{
-    "data_stream": {
-        "namespace": "default",
-        "type": "logs",
-        "dataset": "aws.elb_logs"
-    },
-    "tracing": {
-        "trace": {
-            "id": "Root=1-58337262-36d228ad5d99923122bbe354"
-        }
-    },
-    "source": {
-        "port": "2817",
-        "ip": "192.168.131.39"
-    },
-    "url": {
-        "path": "/",
-        "original": "http://www.example.com:80/",
-        "scheme": "http",
-        "port": 80,
-        "domain": "www.example.com"
-    },
-    "tags": [
-        "preserve_original_event"
-    ],
-    "cloud": {
-        "provider": "aws"
-    },
-    "@timestamp": "2018-07-02T22:23:00.186Z",
-    "ecs": {
-        "version": "1.12.0"
-    },
-    "http": {
-        "request": {
-            "method": "get",
-            "body": {
-                "bytes": 34
-            }
-        },
-        "version": "1.1",
-        "response": {
-            "body": {
-                "bytes": 366
-            },
-            "status_code": 200
-        }
-    },
-    "event": {
-        "ingested": "2021-07-19T21:47:05.084930900Z",
-        "original": "http 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 \"GET http://www.example.com:80/ HTTP/1.1\" \"curl/7.46.0\" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 \"Root=1-58337262-36d228ad5d99923122bbe354\" \"-\" \"-\" 0 2018-07-02T22:22:48.364000Z \"forward,redirect\" \"-\" \"-\" \"10.0.0.1:80\" \"200\" \"-\" \"-\"",
-        "kind": "event",
-        "start": "2018-07-02T22:22:48.364000Z",
-        "end": "2018-07-02T22:23:00.186Z",
-        "category": "web",
-        "outcome": "success"
-    },
-    "aws": {
-        "elb": {
-            "trace_id": "Root=1-58337262-36d228ad5d99923122bbe354",
-            "matched_rule_priority": "0",
-            "type": "http",
-            "request_processing_time": {
-                "sec": 0.0
-            },
-            "response_processing_time": {
-                "sec": 0.0
-            },
-            "target_port": [
-                "10.0.0.1:80"
-            ],
-            "protocol": "http",
-            "target_status_code": [
-                "200"
-            ],
-            "name": "app/my-loadbalancer/50dc6c495c0c9188",
-            "backend": {
-                "port": "80",
-                "http": {
-                    "response": {
-                        "status_code": 200
-                    }
-                },
-                "ip": "10.0.0.1"
-            },
-            "target_group": {
-                "arn": "arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067"
-            },
-            "backend_processing_time": {
-                "sec": 0.001
-            },
-            "action_executed": [
-                "forward",
-                "redirect"
-            ]
-        }
-    },
-    "user_agent": {
-        "name": "curl",
-        "original": "curl/7.46.0",
-        "device": {
-            "name": "Other"
-        },
-        "version": "7.46.0"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs
deleted file mode 100644
index 1fbf0974f..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["elb"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/fields/agent.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/base-fields.yml
deleted file mode 100644
index 63e855dee..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.elb_metrics
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/fields/ecs.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/fields/fields.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/fields.yml
deleted file mode 100644
index dd916b17f..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/fields/fields.yml
+++ /dev/null
@@ -1,201 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: elb
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: BackendConnectionErrors.sum
-              type: long
-              description: The number of connections that were not successfully established between the load balancer and the registered instances.
-            - name: HTTPCode_Backend_2XX.sum
-              type: long
-              description: The number of HTTP 2XX response code generated by registered instances.
-            - name: HTTPCode_Backend_3XX.sum
-              type: long
-              description: The number of HTTP 3XX response code generated by registered instances.
-            - name: HTTPCode_Backend_4XX.sum
-              type: long
-              description: The number of HTTP 4XX response code generated by registered instances.
-            - name: HTTPCode_Backend_5XX.sum
-              type: long
-              description: The number of HTTP 5XX response code generated by registered instances.
-            - name: HTTPCode_ELB_4XX.sum
-              type: long
-              description: The number of HTTP 4XX client error codes generated by the load balancer.
-            - name: HTTPCode_ELB_5XX.sum
-              type: long
-              description: The number of HTTP 5XX server error codes generated by the load balancer.
-            - name: RequestCount.sum
-              type: long
-              description: The number of requests completed or connections made during the specified interval.
-            - name: SpilloverCount.sum
-              type: long
-              description: The total number of requests that were rejected because the surge queue is full.
-            - name: HealthyHostCount.max
-              type: long
-              description: The number of healthy instances registered with your load balancer.
-            - name: SurgeQueueLength.max
-              type: long
-              description: The total number of requests (HTTP listener) or connections (TCP listener) that are pending routing to a healthy instance.
-            - name: UnHealthyHostCount.max
-              type: long
-              description: The number of unhealthy instances registered with your load balancer.
-            - name: Latency.avg
-              type: double
-              description: The total time elapsed, in seconds, from the time the load balancer sent the request to a registered instance until the instance started to send the response headers.
-            - name: EstimatedALBActiveConnectionCount.avg
-              type: double
-              description: The estimated number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets.
-            - name: EstimatedALBConsumedLCUs.avg
-              type: double
-              description: The estimated number of load balancer capacity units (LCU) used by an Application Load Balancer.
-            - name: EstimatedALBNewConnectionCount.avg
-              type: double
-              description: The estimated number of new TCP connections established from clients to the load balancer and from the load balancer to targets.
-            - name: EstimatedProcessedBytes.avg
-              type: double
-              description: The estimated number of bytes processed by an Application Load Balancer.
-    - name: applicationelb
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: ActiveConnectionCount.sum
-              type: long
-              description: The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets.
-            - name: ClientTLSNegotiationErrorCount.sum
-              type: long
-              description: The number of TLS connections initiated by the client that did not establish a session with the load balancer due to a TLS error.
-            - name: HTTP_Fixed_Response_Count.sum
-              type: long
-              description: The number of fixed-response actions that were successful.
-            - name: HTTP_Redirect_Count.sum
-              type: long
-              description: The number of redirect actions that were successful.
-            - name: HTTP_Redirect_Url_Limit_Exceeded_Count.sum
-              type: long
-              description: The number of redirect actions that couldn't be completed because the URL in the response location header is larger than 8K.
-            - name: HTTPCode_ELB_3XX_Count.sum
-              type: long
-              description: The number of HTTP 3XX redirection codes that originate from the load balancer.
-            - name: HTTPCode_ELB_4XX_Count.sum
-              type: long
-              description: The number of HTTP 4XX client error codes that originate from the load balancer.
-            - name: HTTPCode_ELB_5XX_Count.sum
-              type: long
-              description: The number of HTTP 5XX server error codes that originate from the load balancer.
-            - name: HTTPCode_ELB_500_Count.sum
-              type: long
-              description: The number of HTTP 500 error codes that originate from the load balancer.
-            - name: HTTPCode_ELB_502_Count.sum
-              type: long
-              description: The number of HTTP 502 error codes that originate from the load balancer.
-            - name: HTTPCode_ELB_503_Count.sum
-              type: long
-              description: The number of HTTP 503 error codes that originate from the load balancer.
-            - name: HTTPCode_ELB_504_Count.sum
-              type: long
-              description: The number of HTTP 504 error codes that originate from the load balancer.
-            - name: IPv6ProcessedBytes.sum
-              type: long
-              description: The total number of bytes processed by the load balancer over IPv6.
-            - name: IPv6RequestCount.sum
-              type: long
-              description: The number of IPv6 requests received by the load balancer.
-            - name: NewConnectionCount.sum
-              type: long
-              description: The total number of new TCP connections established from clients to the load balancer and from the load balancer to targets.
-            - name: ProcessedBytes.sum
-              type: long
-              description: The total number of bytes processed by the load balancer over IPv4 and IPv6.
-            - name: RejectedConnectionCount.sum
-              type: long
-              description: The number of connections that were rejected because the load balancer had reached its maximum number of connections.
-            - name: RequestCount.sum
-              type: long
-              description: The number of requests processed over IPv4 and IPv6.
-            - name: RuleEvaluations.sum
-              type: long
-              description: The number of rules processed by the load balancer given a request rate averaged over an hour.
-            - name: ConsumedLCUs.avg
-              type: double
-              description: The number of load balancer capacity units (LCU) used by your load balancer.
-    - name: networkelb
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: ActiveFlowCount.avg
-              type: double
-              description: The total number of concurrent flows (or connections) from clients to targets.
-            - name: ActiveFlowCount_TCP.avg
-              type: double
-              description: The total number of concurrent TCP flows (or connections) from clients to targets.
-            - name: ActiveFlowCount_TLS.avg
-              type: double
-              description: The total number of concurrent TLS flows (or connections) from clients to targets.
-            - name: ActiveFlowCount_UDP.avg
-              type: double
-              description: The total number of concurrent UDP flows (or connections) from clients to targets.
-            - name: ConsumedLCUs.avg
-              type: double
-              description: The number of load balancer capacity units (LCU) used by your load balancer.
-            - name: ClientTLSNegotiationErrorCount.sum
-              type: long
-              description: The total number of TLS handshakes that failed during negotiation between a client and a TLS listener.
-            - name: NewFlowCount.sum
-              type: long
-              description: The total number of new flows (or connections) established from clients to targets in the time period.
-            - name: NewFlowCount_TLS.sum
-              type: long
-              description: The total number of new TLS flows (or connections) established from clients to targets in the time period.
-            - name: ProcessedBytes.sum
-              type: long
-              description: The total number of bytes processed by the load balancer, including TCP/IP headers.
-            - name: ProcessedBytes_TLS.sum
-              type: long
-              description: The total number of bytes processed by TLS listeners.
-            - name: TargetTLSNegotiationErrorCount.sum
-              type: long
-              description: The total number of TLS handshakes that failed during negotiation between a TLS listener and a target.
-            - name: TCP_Client_Reset_Count.sum
-              type: long
-              description: The total number of reset (RST) packets sent from a client to a target.
-            - name: TCP_ELB_Reset_Count.sum
-              type: long
-              description: The total number of reset (RST) packets generated by the load balancer.
-            - name: TCP_Target_Reset_Count.sum
-              type: long
-              description: The total number of reset (RST) packets sent from a target to a client.
-            - name: HealthyHostCount.max
-              type: long
-              description: The number of targets that are considered healthy.
-            - name: UnHealthyHostCount.max
-              type: long
-              description: The number of targets that are considered unhealthy.
-    - name: dimensions
-      type: group
-      fields:
-        - name: AvailabilityZone
-          type: keyword
-          description: Filters the metric data by the specified Availability Zone.
-        - name: LoadBalancerName
-          type: keyword
-          description: Filters the metric data by the specified load balancer.
-        - name: LoadBalancer
-          type: keyword
-          description: Filters the metric data by load balancer.
-        - name: TargetGroup
-          type: keyword
-          description: Filters the metric data by target group.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/elb_metrics/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/manifest.yml b/test/packages/parallel/aws/data_stream/elb_metrics/manifest.yml
deleted file mode 100644
index 91ea31759..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/manifest.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: AWS ELB metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 1m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: tags_filter
-        type: yaml
-        title: Tags Filter
-        multi: false
-        required: false
-        show_user: false
-        default: |
-          # - key: "created-by"
-            # value: "foo"
-    title: AWS ELB metrics
-    description: Collect AWS ELB metrics
diff --git a/test/packages/parallel/aws/data_stream/elb_metrics/sample_event.json b/test/packages/parallel/aws/data_stream/elb_metrics/sample_event.json
deleted file mode 100644
index a2def8258..000000000
--- a/test/packages/parallel/aws/data_stream/elb_metrics/sample_event.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:30.211Z",
-    "agent": {
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "cloud": {
-        "provider": "aws",
-        "region": "eu-central-1",
-        "account": {
-            "id": "428152502467",
-            "name": "elastic-beats"
-        }
-    },
-    "aws": {
-        "elb": {
-            "metrics": {
-                "EstimatedALBNewConnectionCount": {
-                    "avg": 32
-                },
-                "EstimatedALBConsumedLCUs": {
-                    "avg": 0.00035000000000000005
-                },
-                "EstimatedProcessedBytes": {
-                    "avg": 967
-                },
-                "EstimatedALBActiveConnectionCount": {
-                    "avg": 5
-                },
-                "HealthyHostCount": {
-                    "max": 2
-                },
-                "UnHealthyHostCount": {
-                    "max": 0
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/ELB"
-        },
-        "dimensions": {
-            "LoadBalancerName": "filebeat-aws-elb-test-elb"
-        }
-    },
-    "metricset": {
-        "name": "elb",
-        "period": 60000
-    },
-    "event": {
-        "dataset": "aws.elb_metrics",
-        "module": "aws",
-        "duration": 15044430616
-    },
-    "service": {
-        "type": "aws"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/lambda/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/lambda/agent/stream/stream.yml.hbs
deleted file mode 100644
index 0819b829a..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["lambda"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/lambda/fields/agent.yml b/test/packages/parallel/aws/data_stream/lambda/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/lambda/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/lambda/fields/base-fields.yml
deleted file mode 100644
index 07320d3db..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.lambda
diff --git a/test/packages/parallel/aws/data_stream/lambda/fields/ecs.yml b/test/packages/parallel/aws/data_stream/lambda/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/lambda/fields/fields.yml b/test/packages/parallel/aws/data_stream/lambda/fields/fields.yml
deleted file mode 100644
index 5209e0d30..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/fields/fields.yml
+++ /dev/null
@@ -1,66 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: FunctionName
-          type: keyword
-          description: Lambda function name.
-        - name: Resource
-          type: keyword
-          description: Resource name.
-        - name: ExecutedVersion
-          type: keyword
-          description: Use the ExecutedVersion dimension to compare error rates for two versions of a function that are both targets of a weighted alias.
-    - name: lambda
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: Invocations.avg
-              type: double
-              description: The number of times your function code is executed, including successful executions and executions that result in a function error.
-            - name: Errors.avg
-              type: double
-              description: The number of invocations that result in a function error.
-            - name: DeadLetterErrors.avg
-              type: double
-              description: For asynchronous invocation, the number of times Lambda attempts to send an event to a dead-letter queue but fails.
-            - name: DestinationDeliveryFailures.avg
-              type: double
-              description: For asynchronous invocation, the number of times Lambda attempts to send an event to a destination but fails.
-            - name: Duration.avg
-              type: double
-              description: The amount of time that your function code spends processing an event.
-            - name: Throttles.avg
-              type: double
-              description: The number of invocation requests that are throttled.
-            - name: IteratorAge.avg
-              type: double
-              description: For event source mappings that read from streams, the age of the last record in the event.
-            - name: ConcurrentExecutions.avg
-              type: double
-              description: The number of function instances that are processing events.
-            - name: UnreservedConcurrentExecutions.avg
-              type: double
-              description: For an AWS Region, the number of events that are being processed by functions that don't have reserved concurrency.
-            - name: ProvisionedConcurrentExecutions.max
-              type: long
-              description: The number of function instances that are processing events on provisioned concurrency.
-            - name: ProvisionedConcurrencyUtilization.max
-              type: long
-              description: For a version or alias, the value of ProvisionedConcurrentExecutions divided by the total amount of provisioned concurrency allocated.
-            - name: ProvisionedConcurrencyInvocations.sum
-              type: long
-              description: The number of times your function code is executed on provisioned concurrency.
-            - name: ProvisionedConcurrencySpilloverInvocations.sum
-              type: long
-              description: The number of times your function code is executed on standard concurrency when all provisioned concurrency is in use.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/lambda/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/lambda/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/lambda/manifest.yml b/test/packages/parallel/aws/data_stream/lambda/manifest.yml
deleted file mode 100644
index 61505e42e..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/manifest.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: AWS Lambda metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 5m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: tags_filter
-        type: yaml
-        title: Tags Filter
-        multi: false
-        required: false
-        show_user: false
-        default: |
-          # - key: "created-by"
-            # value: "foo"
-    title: AWS Lambda metrics
-    description: Collect AWS Lambda metrics
diff --git a/test/packages/parallel/aws/data_stream/lambda/sample_event.json b/test/packages/parallel/aws/data_stream/lambda/sample_event.json
deleted file mode 100644
index 11d616213..000000000
--- a/test/packages/parallel/aws/data_stream/lambda/sample_event.json
+++ /dev/null
@@ -1,58 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:17:08.666Z",
-    "agent": {
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    },
-    "event": {
-        "dataset": "aws.lambda",
-        "module": "aws",
-        "duration": 10266182336
-    },
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "cloud": {
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws",
-        "region": "eu-central-1"
-    },
-    "aws": {
-        "cloudwatch": {
-            "namespace": "AWS/Lambda"
-        },
-        "dimensions": {
-            "FunctionName": "ec2-owner-tagger-serverless",
-            "Resource": "ec2-owner-tagger-serverless"
-        },
-        "lambda": {
-            "metrics": {
-                "Duration": {
-                    "avg": 8218.073333333334
-                },
-                "Errors": {
-                    "avg": 1
-                },
-                "Invocations": {
-                    "avg": 1
-                },
-                "Throttles": {
-                    "avg": 0
-                }
-            }
-        }
-    },
-    "metricset": {
-        "name": "dynamodb",
-        "period": 300000
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/natgateway/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/natgateway/agent/stream/stream.yml.hbs
deleted file mode 100644
index 23a1ed0ca..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["natgateway"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/natgateway/fields/agent.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/natgateway/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/base-fields.yml
deleted file mode 100644
index 436e8fb58..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.natgateway
diff --git a/test/packages/parallel/aws/data_stream/natgateway/fields/ecs.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/natgateway/fields/fields.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/fields.yml
deleted file mode 100644
index c3e717245..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/fields/fields.yml
+++ /dev/null
@@ -1,63 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: NatGatewayId
-          type: keyword
-          description: Filter the metric data by the NAT gateway ID.
-    - name: natgateway
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: BytesInFromDestination.sum
-              type: long
-              description: The number of bytes received by the NAT gateway from the destination.
-            - name: BytesInFromSource.sum
-              type: long
-              description: The number of bytes received by the NAT gateway from clients in your VPC.
-            - name: BytesOutToDestination.sum
-              type: long
-              description: The number of bytes sent out through the NAT gateway to the destination.
-            - name: BytesOutToSource.sum
-              type: long
-              description: The number of bytes sent through the NAT gateway to the clients in your VPC.
-            - name: ConnectionAttemptCount.sum
-              type: long
-              description: The number of connection attempts made through the NAT gateway.
-            - name: ConnectionEstablishedCount.sum
-              type: long
-              description: The number of connections established through the NAT gateway.
-            - name: ErrorPortAllocation.sum
-              type: long
-              description: The number of times the NAT gateway could not allocate a source port.
-            - name: IdleTimeoutCount.sum
-              type: long
-              description: The number of connections that transitioned from the active state to the idle state.
-            - name: PacketsDropCount.sum
-              type: long
-              description: The number of packets dropped by the NAT gateway.
-            - name: PacketsInFromDestination.sum
-              type: long
-              description: The number of packets received by the NAT gateway from the destination.
-            - name: PacketsInFromSource.sum
-              type: long
-              description: The number of packets received by the NAT gateway from clients in your VPC.
-            - name: PacketsOutToDestination.sum
-              type: long
-              description: The number of packets sent out through the NAT gateway to the destination.
-            - name: PacketsOutToSource.sum
-              type: long
-              description: The number of packets sent through the NAT gateway to the clients in your VPC.
-            - name: ActiveConnectionCount.max
-              type: long
-              description: The total number of concurrent active TCP connections through the NAT gateway.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/natgateway/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/natgateway/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/natgateway/manifest.yml b/test/packages/parallel/aws/data_stream/natgateway/manifest.yml
deleted file mode 100644
index 53dbac014..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/manifest.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: AWS NAT gateway metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 1m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-    title: AWS NAT gateway metrics
-    description: Collect AWS NAT gateway metrics
diff --git a/test/packages/parallel/aws/data_stream/natgateway/sample_event.json b/test/packages/parallel/aws/data_stream/natgateway/sample_event.json
deleted file mode 100644
index 11f136cd6..000000000
--- a/test/packages/parallel/aws/data_stream/natgateway/sample_event.json
+++ /dev/null
@@ -1,84 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:27.154Z",
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "aws": {
-        "cloudwatch": {
-            "namespace": "AWS/NATGateway"
-        },
-        "dimensions": {
-            "NatGatewayId": "nat-0a5cb7b9807908cc0"
-        },
-        "natgateway": {
-            "metrics": {
-                "ActiveConnectionCount": {
-                    "max": 0
-                },
-                "BytesInFromDestination": {
-                    "sum": 0
-                },
-                "BytesInFromSource": {
-                    "sum": 0
-                },
-                "BytesOutToDestination": {
-                    "sum": 0
-                },
-                "BytesOutToSource": {
-                    "sum": 0
-                },
-                "ConnectionAttemptCount": {
-                    "sum": 0
-                },
-                "ConnectionEstablishedCount": {
-                    "sum": 0
-                },
-                "ErrorPortAllocation": {
-                    "sum": 0
-                },
-                "PacketsDropCount": {
-                    "sum": 0
-                },
-                "PacketsInFromDestination": {
-                    "sum": 0
-                },
-                "PacketsInFromSource": {
-                    "sum": 0
-                },
-                "PacketsOutToDestination": {
-                    "sum": 0
-                },
-                "PacketsOutToSource": {
-                    "sum": 0
-                }
-            }
-        }
-    },
-    "event": {
-        "dataset": "aws.natgateway",
-        "module": "aws",
-        "duration": 10418157072
-    },
-    "metricset": {
-        "period": 60000,
-        "name": "natgateway"
-    },
-    "cloud": {
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/rds/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/rds/agent/stream/stream.yml.hbs
deleted file mode 100644
index 0bafbe98c..000000000
--- a/test/packages/parallel/aws/data_stream/rds/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["rds"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/rds/fields/agent.yml b/test/packages/parallel/aws/data_stream/rds/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/rds/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/rds/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/rds/fields/base-fields.yml
deleted file mode 100644
index 8166b56ec..000000000
--- a/test/packages/parallel/aws/data_stream/rds/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.rds
diff --git a/test/packages/parallel/aws/data_stream/rds/fields/ecs.yml b/test/packages/parallel/aws/data_stream/rds/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/rds/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/rds/fields/fields.yml b/test/packages/parallel/aws/data_stream/rds/fields/fields.yml
deleted file mode 100644
index ba79cf108..000000000
--- a/test/packages/parallel/aws/data_stream/rds/fields/fields.yml
+++ /dev/null
@@ -1,351 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: DBInstanceIdentifier
-          type: keyword
-          description: This dimension filters the data that you request for a specific DB instance.
-        - name: DBClusterIdentifier
-          type: keyword
-          description: This dimension filters the data that you request for a specific Amazon Aurora DB cluster.
-        - name: DBClusterIdentifier,Role
-          type: keyword
-          description: This dimension filters the data that you request for a specific Aurora DB cluster, aggregating the metric by instance role (WRITER/READER).
-        - name: DbClusterIdentifier, EngineName
-          type: keyword
-          description: This dimension filters the data that you request for a specific Aurora DB cluster, aggregating the metric by engine name.
-        - name: DatabaseClass
-          type: keyword
-          description: This dimension filters the data that you request for all instances in a database class.
-        - name: EngineName
-          type: keyword
-          description: This dimension filters the data that you request for the identified engine name only.
-        - name: SourceRegion
-          type: keyword
-          description: This dimension filters the data that you request for the specified region only.
-    - name: rds
-      type: group
-      fields:
-        - name: cpu.total.pct
-          type: scaled_float
-          format: percent
-          description: |
-            The percentage of CPU utilization.
-        - name: cpu.credit_usage
-          type: long
-          description: |
-            The number of CPU credits spent by the instance for CPU utilization.
-        - name: cpu.credit_balance
-          type: long
-          description: |
-            The number of earned CPU credits that an instance has accrued since it was launched or started.
-        - name: database_connections
-          type: long
-          description: |
-            The number of database connections in use.
-        - name: db_instance.arn
-          type: keyword
-          description: |
-            Amazon Resource Name(ARN) for each rds.
-        - name: db_instance.class
-          type: keyword
-          description: |
-            Contains the name of the compute and memory capacity class of the DB instance.
-        - name: db_instance.identifier
-          type: keyword
-          description: |
-            Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.
-        - name: db_instance.status
-          type: keyword
-          description: |
-            Specifies the current state of this database.
-        - name: disk_queue_depth
-          type: float
-          description: |
-            The number of outstanding IOs (read/write requests) waiting to access the disk.
-        - name: failed_sql_server_agent_jobs
-          type: long
-          description: |
-            The number of failed SQL Server Agent jobs during the last minute.
-        - name: freeable_memory.bytes
-          type: long
-          format: bytes
-          description: |
-            The amount of available random access memory.
-        - name: free_storage.bytes
-          type: long
-          format: bytes
-          description: |
-            The amount of available storage space.
-        - name: maximum_used_transaction_ids
-          type: long
-          description: |
-            The maximum transaction ID that has been used. Applies to PostgreSQL.
-        - name: oldest_replication_slot_lag.mb
-          type: long
-          description: |
-            The lagging size of the replica lagging the most in terms of WAL data received. Applies to PostgreSQL.
-        - name: read_io.ops_per_sec
-          type: float
-          description: |
-            The average number of disk read I/O operations per second.
-        - name: replica_lag.sec
-          type: long
-          format: duration
-          description: |
-            The amount of time a Read Replica DB instance lags behind the source DB instance. Applies to MySQL, MariaDB, and PostgreSQL Read Replicas.
-        - name: swap_usage.bytes
-          type: long
-          format: bytes
-          description: |
-            The amount of swap space used on the DB instance. This metric is not available for SQL Server.
-        - name: transaction_logs_generation
-          type: long
-          description: |
-            The disk space used by transaction logs. Applies to PostgreSQL.
-        - name: write_io.ops_per_sec
-          type: float
-          description: |
-            The average number of disk write I/O operations per second.
-        - name: queries
-          type: long
-          description: |
-            The average number of queries executed per second.
-        - name: deadlocks
-          type: long
-          description: |
-            The average number of deadlocks in the database per second.
-        - name: volume_used.bytes
-          type: long
-          format: bytes
-          description: |
-            The amount of storage used by your Aurora DB instance, in bytes.
-        - name: volume.read.iops
-          type: long
-          format: bytes
-          description: |
-            The number of billed read I/O operations from a cluster volume, reported at 5-minute intervals.
-        - name: volume.write.iops
-          type: long
-          format: bytes
-          description: |
-            The number of write disk I/O operations to the cluster volume, reported at 5-minute intervals.
-        - name: free_local_storage.bytes
-          type: long
-          format: bytes
-          description: |
-            The amount of storage available for temporary tables and logs, in bytes.
-        - name: login_failures
-          type: long
-          description: |
-            The average number of failed login attempts per second.
-        - name: throughput.commit
-          type: float
-          description: |
-            The average number of commit operations per second.
-        - name: throughput.delete
-          type: float
-          description: |
-            The average number of delete queries per second.
-        - name: throughput.ddl
-          type: float
-          description: |
-            The average number of DDL requests per second.
-        - name: throughput.dml
-          type: float
-          description: |
-            The average number of inserts, updates, and deletes per second.
-        - name: throughput.insert
-          type: float
-          description: |
-            The average number of insert queries per second.
-        - name: throughput.network
-          type: float
-          description: |
-            The amount of network throughput both received from and transmitted to clients by each instance in the Aurora MySQL DB cluster, in bytes per second.
-        - name: throughput.network_receive
-          type: float
-          description: |
-            The incoming (Receive) network traffic on the DB instance, including both customer database traffic and Amazon RDS traffic used for monitoring and replication.
-        - name: throughput.network_transmit
-          type: float
-          description: |
-            The outgoing (Transmit) network traffic on the DB instance, including both customer database traffic and Amazon RDS traffic used for monitoring and replication.
-        - name: throughput.read
-          type: float
-          description: |
-            The average amount of time taken per disk I/O operation.
-        - name: throughput.select
-          type: float
-          description: |
-            The average number of select queries per second.
-        - name: throughput.update
-          type: float
-          description: |
-            The average number of update queries per second.
-        - name: throughput.write
-          type: float
-          description: |
-            The average number of bytes written to disk per second.
-        - name: latency.commit
-          type: float
-          format: duration
-          description: |
-            The amount of latency for commit operations, in milliseconds.
-        - name: latency.ddl
-          type: float
-          format: duration
-          description: |
-            The amount of latency for data definition language (DDL) requests, in milliseconds.
-        - name: latency.dml
-          type: float
-          format: duration
-          description: |
-            The amount of latency for inserts, updates, and deletes, in milliseconds.
-        - name: latency.insert
-          type: float
-          format: duration
-          description: |
-            The amount of latency for insert queries, in milliseconds.
-        - name: latency.read
-          type: float
-          format: duration
-          description: |
-            The average amount of time taken per disk I/O operation.
-        - name: latency.select
-          type: float
-          format: duration
-          description: |
-            The amount of latency for select queries, in milliseconds.
-        - name: latency.update
-          type: float
-          format: duration
-          description: |
-            The amount of latency for update queries, in milliseconds.
-        - name: latency.write
-          type: float
-          format: duration
-          description: |
-            The average amount of time taken per disk I/O operation.
-        - name: latency.delete
-          type: float
-          format: duration
-          description: |
-            The amount of latency for delete queries, in milliseconds.
-        - name: disk_usage.bin_log.bytes
-          type: long
-          format: bytes
-          description: |
-            The amount of disk space occupied by binary logs on the master. Applies to MySQL read replicas.
-        - name: disk_usage.replication_slot.mb
-          type: long
-          description: |
-            The disk space used by replication slot files. Applies to PostgreSQL.
-        - name: disk_usage.transaction_logs.mb
-          type: long
-          description: |
-            The disk space used by transaction logs. Applies to PostgreSQL.
-        - name: transactions.active
-          type: long
-          description: |
-            The average number of current transactions executing on an Aurora database instance per second.
-        - name: transactions.blocked
-          type: long
-          description: |
-            The average number of transactions in the database that are blocked per second.
-        - name: db_instance.db_cluster_identifier
-          type: keyword
-          description: |
-            This identifier is the unique key that identifies a DB cluster specifically for Amazon Aurora DB cluster.
-        - name: db_instance.role
-          type: keyword
-          description: |
-            DB roles like WRITER or READER, specifically for Amazon Aurora DB cluster.
-        - name: db_instance.engine_name
-          type: keyword
-          description: |
-            Each DB instance runs a DB engine, like MySQL, MariaDB, PostgreSQL and etc.
-        - name: aurora_bin_log_replica_lag
-          type: long
-          description: |
-            The amount of time a replica DB cluster running on Aurora with MySQL compatibility lags behind the source DB cluster.
-        - name: aurora_global_db.replicated_write_io.bytes
-          type: long
-          description: |
-            In an Aurora Global Database, the number of write I/O operations replicated from the primary AWS Region to the cluster volume in a secondary AWS Region.
-        - name: aurora_global_db.data_transfer.bytes
-          type: long
-          description: |
-            In an Aurora Global Database, the amount of redo log data transferred from the master AWS Region to a secondary AWS Region.
-        - name: aurora_global_db.replication_lag.ms
-          type: long
-          description: |
-            For an Aurora Global Database, the amount of lag when replicating updates from the primary AWS Region, in milliseconds.
-        - name: aurora_replica.lag.ms
-          type: long
-          description: |
-            For an Aurora Replica, the amount of lag when replicating updates from the primary instance, in milliseconds.
-        - name: aurora_replica.lag_max.ms
-          type: long
-          description: |
-            The maximum amount of lag between the primary instance and each Aurora DB instance in the DB cluster, in milliseconds.
-        - name: aurora_replica.lag_min.ms
-          type: long
-          description: |
-            The minimum amount of lag between the primary instance and each Aurora DB instance in the DB cluster, in milliseconds.
-        - name: backtrack_change_records.creation_rate
-          type: long
-          description: |
-            The number of backtrack change records created over five minutes for your DB cluster.
-        - name: backtrack_change_records.stored
-          type: long
-          description: |
-            The actual number of backtrack change records used by your DB cluster.
-        - name: backtrack_window.actual
-          type: long
-          description: |
-            The difference between the target backtrack window and the actual backtrack window.
-        - name: backtrack_window.alert
-          type: long
-          description: |
-            The number of times that the actual backtrack window is smaller than the target backtrack window for a given period of time.
-        - name: storage_used.backup_retention_period.bytes
-          type: long
-          description: |
-            The total amount of backup storage in bytes used to support the point-in-time restore feature within the Aurora DB cluster's backup retention window.
-        - name: storage_used.snapshot.bytes
-          type: long
-          description: |
-            The total amount of backup storage in bytes consumed by all Aurora snapshots for an Aurora DB cluster outside its backup retention window.
-        - name: cache_hit_ratio.buffer
-          type: long
-          description: |
-            The percentage of requests that are served by the buffer cache.
-        - name: cache_hit_ratio.result_set
-          type: long
-          description: |
-            The percentage of requests that are served by the Resultset cache.
-        - name: engine_uptime.sec
-          type: long
-          description: |
-            The amount of time that the instance has been running, in seconds.
-        - name: rds_to_aurora_postgresql_replica_lag.sec
-          type: long
-          description: |
-            The amount of lag in seconds when replicating updates from the primary RDS PostgreSQL instance to other nodes in the cluster.
-        - name: backup_storage_billed_total.bytes
-          type: long
-          description: |
-            The total amount of backup storage in bytes for which you are billed for a given Aurora DB cluster.
-        - name: aurora_volume_left_total.bytes
-          type: long
-          description: |
-            The remaining available space for the cluster volume, measured in bytes.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/rds/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/rds/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/rds/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/rds/manifest.yml b/test/packages/parallel/aws/data_stream/rds/manifest.yml
deleted file mode 100644
index 5632176c1..000000000
--- a/test/packages/parallel/aws/data_stream/rds/manifest.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: AWS RDS metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 1m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: tags_filter
-        type: yaml
-        title: Tags Filter
-        multi: false
-        required: false
-        show_user: false
-        default: |
-          # - key: "created-by"
-            # value: "foo"
-    title: AWS RDS metrics
-    description: Collect AWS RDS metrics
diff --git a/test/packages/parallel/aws/data_stream/rds/sample_event.json b/test/packages/parallel/aws/data_stream/rds/sample_event.json
deleted file mode 100644
index 27bfc3c0b..000000000
--- a/test/packages/parallel/aws/data_stream/rds/sample_event.json
+++ /dev/null
@@ -1,89 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:34.537Z",
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "service": {
-        "type": "aws"
-    },
-    "aws": {
-        "rds": {
-            "latency": {
-                "dml": 0,
-                "insert": 0,
-                "update": 0,
-                "commit": 0,
-                "ddl": 0,
-                "delete": 0,
-                "select": 0.21927814569536422
-            },
-            "queries": 6.197934021992669,
-            "aurora_bin_log_replica_lag": 0,
-            "transactions": {
-                "blocked": 0,
-                "active": 0
-            },
-            "deadlocks": 0,
-            "login_failures": 0,
-            "throughput": {
-                "network": 1.399813358218904,
-                "insert": 0,
-                "ddl": 0,
-                "select": 2.5165408396246853,
-                "delete": 0,
-                "commit": 0,
-                "network_transmit": 0.699906679109452,
-                "update": 0,
-                "dml": 0,
-                "network_receive": 0.699906679109452
-            },
-            "cpu": {
-                "total": {
-                    "pct": 0.03
-                }
-            },
-            "db_instance": {
-                "arn": "arn:aws:rds:eu-west-1:428152502467:db:database-1-instance-1-eu-west-1a",
-                "class": "db.r5.large",
-                "identifier": "database-1-instance-1-eu-west-1a",
-                "status": "available"
-            },
-            "cache_hit_ratio.result_set": 0,
-            "aurora_replica.lag.ms": 19.576,
-            "free_local_storage.bytes": 32431271936,
-            "cache_hit_ratio.buffer": 100,
-            "disk_usage": {
-                "bin_log.bytes": 0
-            },
-            "db_instance.identifier": "database-1-instance-1-eu-west-1a",
-            "freeable_memory.bytes": 4436537344,
-            "engine_uptime.sec": 10463030,
-            "database_connections": 0
-        }
-    },
-    "cloud": {
-        "provider": "aws",
-        "region": "eu-west-1",
-        "account": {
-            "id": "428152502467",
-            "name": "elastic-beats"
-        },
-        "availability_zone": "eu-west-1a"
-    },
-    "event": {
-        "dataset": "aws.rds",
-        "module": "aws",
-        "duration": 10777919184
-    },
-    "metricset": {
-        "name": "rds",
-        "period": 60000
-    },
-    "agent": {
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs
deleted file mode 100644
index eaee06ea7..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,32 +0,0 @@
-metricsets: ["s3_daily_storage"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/base-fields.yml
deleted file mode 100644
index 57ae310ca..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.s3_daily_storage
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/fields.yml
deleted file mode 100644
index 87519c6a7..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/fields.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: BucketName
-          type: keyword
-          description: This dimension filters the data you request for the identified bucket only.
-        - name: StorageType
-          type: keyword
-          description: This dimension filters the data that you have stored in a bucket by types of storage.
-        - name: FilterId
-          type: keyword
-          description: This dimension filters metrics configurations that you specify for request metrics on a bucket, for example, a prefix or a tag.
-    - name: s3_daily_storage
-      type: group
-      fields:
-        - name: bucket.size.bytes
-          type: long
-          format: bytes
-          description: |
-            The amount of data in bytes stored in a bucket.
-        - name: number_of_objects
-          type: long
-          description: |
-            The total number of objects stored in a bucket for all storage classes.
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/manifest.yml b/test/packages/parallel/aws/data_stream/s3_daily_storage/manifest.yml
deleted file mode 100644
index f69e1889d..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/manifest.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: AWS S3 daily storage metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 24h
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-    title: AWS S3 daily storage metrics
-    description: Collect AWS S3 daily storage metrics
diff --git a/test/packages/parallel/aws/data_stream/s3_daily_storage/sample_event.json b/test/packages/parallel/aws/data_stream/s3_daily_storage/sample_event.json
deleted file mode 100644
index f3e230ff0..000000000
--- a/test/packages/parallel/aws/data_stream/s3_daily_storage/sample_event.json
+++ /dev/null
@@ -1,48 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:27.154Z",
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "aws": {
-        "s3": {
-            "bucket": {
-                "name": "test-s3-ks-2"
-            }
-        },
-        "s3_daily_storage": {
-            "bucket": {
-                "size": {
-                    "bytes": 207372
-                }
-            },
-            "number_of_objects": 128
-        }
-    },
-    "event": {
-        "dataset": "aws.s3_daily_storage",
-        "module": "aws",
-        "duration": 10418157072
-    },
-    "metricset": {
-        "period": 60000,
-        "name": "s3_daily_storage"
-    },
-    "cloud": {
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3_request/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/s3_request/agent/stream/stream.yml.hbs
deleted file mode 100644
index 80739aebc..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,32 +0,0 @@
-metricsets: ["s3_request"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3_request/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/s3_request/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/base-fields.yml
deleted file mode 100644
index e0956c2aa..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.s3_request
diff --git a/test/packages/parallel/aws/data_stream/s3_request/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/s3_request/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/fields.yml
deleted file mode 100644
index f78c0d686..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/fields/fields.yml
+++ /dev/null
@@ -1,88 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: BucketName
-          type: keyword
-          description: This dimension filters the data you request for the identified bucket only.
-        - name: StorageType
-          type: keyword
-          description: This dimension filters the data that you have stored in a bucket by types of storage.
-        - name: FilterId
-          type: keyword
-          description: This dimension filters metrics configurations that you specify for request metrics on a bucket, for example, a prefix or a tag.
-    - name: s3_request
-      type: group
-      fields:
-        - name: requests.total
-          type: long
-          description: |
-            The total number of HTTP requests made to an Amazon S3 bucket, regardless of type.
-        - name: requests.get
-          type: long
-          description: |
-            The number of HTTP GET requests made for objects in an Amazon S3 bucket.
-        - name: requests.put
-          type: long
-          description: |
-            The number of HTTP PUT requests made for objects in an Amazon S3 bucket.
-        - name: requests.delete
-          type: long
-          description: |
-            The number of HTTP DELETE requests made for objects in an Amazon S3 bucket.
-        - name: requests.head
-          type: long
-          description: |
-            The number of HTTP HEAD requests made to an Amazon S3 bucket.
-        - name: requests.post
-          type: long
-          description: |
-            The number of HTTP POST requests made to an Amazon S3 bucket.
-        - name: requests.select
-          type: long
-          description: |
-            The number of Amazon S3 SELECT Object Content requests made for objects in an Amazon S3 bucket.
-        - name: requests.select_scanned.bytes
-          type: long
-          format: bytes
-          description: |
-            The number of bytes of data scanned with Amazon S3 SELECT Object Content requests in an Amazon S3 bucket.
-        - name: requests.select_returned.bytes
-          type: long
-          format: bytes
-          description: |
-            The number of bytes of data returned with Amazon S3 SELECT Object Content requests in an Amazon S3 bucket.
-        - name: requests.list
-          type: long
-          description: |
-            The number of HTTP requests that list the contents of a bucket.
-        - name: downloaded.bytes
-          type: long
-          format: bytes
-          description: |
-            The number bytes downloaded for requests made to an Amazon S3 bucket, where the response includes a body.
-        - name: uploaded.bytes
-          type: long
-          format: bytes
-          description: |
-            The number bytes uploaded that contain a request body, made to an Amazon S3 bucket.
-        - name: errors.4xx
-          type: long
-          description: |
-            The number of HTTP 4xx client error status code requests made to an Amazon S3 bucket with a value of either 0 or 1.
-        - name: errors.5xx
-          type: long
-          description: |
-            The number of HTTP 5xx server error status code requests made to an Amazon S3 bucket with a value of either 0 or 1.
-        - name: latency.first_byte.ms
-          type: long
-          format: duration
-          description: |
-            The per-request time from the complete request being received by an Amazon S3 bucket to when the response starts to be returned.
-        - name: latency.total_request.ms
-          type: long
-          format: duration
-          description: |
-            The elapsed per-request time from the first byte received to the last byte sent to an Amazon S3 bucket.
diff --git a/test/packages/parallel/aws/data_stream/s3_request/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/s3_request/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/s3_request/manifest.yml b/test/packages/parallel/aws/data_stream/s3_request/manifest.yml
deleted file mode 100644
index d02b85864..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/manifest.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: AWS S3 request metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 1m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-    title: AWS S3 request metrics
-    description: Collect AWS S3 request metrics
diff --git a/test/packages/parallel/aws/data_stream/s3_request/sample_event.json b/test/packages/parallel/aws/data_stream/s3_request/sample_event.json
deleted file mode 100644
index 3d1822e57..000000000
--- a/test/packages/parallel/aws/data_stream/s3_request/sample_event.json
+++ /dev/null
@@ -1,61 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:27.154Z",
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "aws": {
-        "s3": {
-            "bucket": {
-                "name": "test-s3-ks-2"
-            }
-        },
-        "s3_request": {
-            "downloaded": {
-                "bytes": 534
-            },
-            "errors": {
-                "4xx": 0,
-                "5xx": 0
-            },
-            "latency": {
-                "first_byte.ms": 214,
-                "total_request.ms": 533
-            },
-            "requests": {
-                "list": 2,
-                "put": 10,
-                "total": 12
-            },
-            "uploaded": {
-                "bytes": 13572
-            }
-        }
-    },
-    "event": {
-        "dataset": "aws.s3_request",
-        "module": "aws",
-        "duration": 10418157072
-    },
-    "metricset": {
-        "period": 60000,
-        "name": "s3_request"
-    },
-    "cloud": {
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs
deleted file mode 100644
index 87fbbb280..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,101 +0,0 @@
-metricsets: ["cloudwatch"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-metrics:
-- namespace: "AWS/S3/Storage-Lens"
-  statistic: ["Average"]
-processors:
-  - rename:
-      ignore_missing: true
-      fields:
-        - from: "aws.storage-lens.metrics.4xxErrors.avg"
-          to: "aws.s3_storage_lens.metrics.4xxErrors.avg"
-        - from: "aws.storage-lens.metrics.5xxErrors.avg"
-          to: "aws.s3_storage_lens.metrics.5xxErrors.avg"
-        - from: "aws.storage-lens.metrics.AllRequests.avg"
-          to: "aws.s3_storage_lens.metrics.AllRequests.avg"
-        - from: "aws.storage-lens.metrics.BytesDownloaded.avg"
-          to: "aws.s3_storage_lens.metrics.BytesDownloaded.avg"
-        - from: "aws.storage-lens.metrics.BytesUploaded.avg"
-          to: "aws.s3_storage_lens.metrics.BytesUploaded.avg"
-        - from: "aws.storage-lens.metrics.CurrentVersionObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.CurrentVersionObjectCount.avg"
-        - from: "aws.storage-lens.metrics.CurrentVersionStorageBytes.avg"
-          to: "aws.s3_storage_lens.metrics.CurrentVersionStorageBytes.avg"
-        - from: "aws.storage-lens.metrics.DeleteMarkerObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.DeleteMarkerObjectCount.avg"
-        - from: "aws.storage-lens.metrics.DeleteRequests.avg"
-          to: "aws.s3_storage_lens.metrics.DeleteRequests.avg"
-        - from: "aws.storage-lens.metrics.EncryptedObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.EncryptedObjectCount.avg"
-        - from: "aws.storage-lens.metrics.EncryptedStorageBytes.avg"
-          to: "aws.s3_storage_lens.metrics.EncryptedStorageBytes.avg"
-        - from: "aws.storage-lens.metrics.GetRequests.avg"
-          to: "aws.s3_storage_lens.metrics.GetRequests.avg"
-        - from: "aws.storage-lens.metrics.HeadRequests.avg"
-          to: "aws.s3_storage_lens.metrics.HeadRequests.avg"
-        - from: "aws.storage-lens.metrics.IncompleteMultipartUploadObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.IncompleteMultipartUploadObjectCount.avg"
-        - from: "aws.storage-lens.metrics.IncompleteMultipartUploadStorageBytes.avg"
-          to: "aws.s3_storage_lens.metrics.IncompleteMultipartUploadStorageBytes.avg"
-        - from: "aws.storage-lens.metrics.ListRequests.avg"
-          to: "aws.s3_storage_lens.metrics.ListRequests.avg"
-        - from: "aws.storage-lens.metrics.NonCurrentVersionObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.NonCurrentVersionObjectCount.avg"
-        - from: "aws.storage-lens.metrics.NonCurrentVersionStorageBytes.avg"
-          to: "aws.s3_storage_lens.metrics.NonCurrentVersionStorageBytes.avg"
-        - from: "aws.storage-lens.metrics.ObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.ObjectCount.avg"
-        - from: "aws.storage-lens.metrics.ObjectLockEnabledObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.ObjectLockEnabledObjectCount.avg"
-        - from: "aws.storage-lens.metrics.ObjectLockEnabledStorageBytes.avg"
-          to: "aws.s3_storage_lens.metrics.ObjectLockEnabledStorageBytes.avg"
-        - from: "aws.storage-lens.metrics.PostRequests.avg"
-          to: "aws.s3_storage_lens.metrics.PostRequests.avg"
-        - from: "aws.storage-lens.metrics.PutRequests.avg"
-          to: "aws.s3_storage_lens.metrics.PutRequests.avg"
-        - from: "aws.storage-lens.metrics.ReplicatedObjectCount.avg"
-          to: "aws.s3_storage_lens.metrics.ReplicatedObjectCount.avg"
-        - from: "aws.storage-lens.metrics.ReplicatedStorageBytes.avg"
-          to: "aws.s3_storage_lens.metrics.ReplicatedStorageBytes.avg"
-        - from: "aws.storage-lens.metrics.SelectRequests.avg"
-          to: "aws.s3_storage_lens.metrics.SelectRequests.avg"
-        - from: "aws.storage-lens.metrics.SelectReturnedBytes.avg"
-          to: "aws.s3_storage_lens.metrics.SelectReturnedBytes.avg"
-        - from: "aws.storage-lens.metrics.SelectScannedBytes.avg"
-          to: "aws.s3_storage_lens.metrics.SelectScannedBytes.avg"
-        - from: "aws.storage-lens.metrics.StorageBytes.avg"
-          to: "aws.s3_storage_lens.metrics.StorageBytes.avg"
-  - drop_fields:
-      ignore_missing: true
-      fields:
-        - "aws.storage-lens"
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/base-fields.yml
deleted file mode 100644
index ed9d40b9d..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.s3_storage_lens
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/fields.yml
deleted file mode 100644
index d1230dcc5..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/fields.yml
+++ /dev/null
@@ -1,100 +0,0 @@
-- name: aws
-  type: group
-  release: experimental
-  fields:
-    - name: s3_storage_lens
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: 4xxErrors.avg
-              type: long
-              description: The total 4xx errors in scope.
-            - name: 5xxErrors.avg
-              type: long
-              description: The total 5xx errors in scope.
-            - name: AllRequests.avg
-              type: long
-              description: The total number of requests made.
-            - name: BytesDownloaded.avg
-              type: long
-              description: The number of bytes in scope that were downloaded.
-            - name: BytesUploaded.avg
-              type: long
-              description: The number of bytes uploaded.
-            - name: CurrentVersionObjectCount.avg
-              type: long
-              description: The number of objects that are a current version.
-            - name: CurrentVersionStorageBytes.avg
-              type: long
-              description: The number of bytes that are a current version.
-            - name: DeleteMarkerObjectCount.avg
-              type: long
-              description: The total number of objects with a delete marker.
-            - name: DeleteRequests.avg
-              type: long
-              description: The total number of delete requests made.
-            - name: EncryptedObjectCount.avg
-              type: long
-              description: The total object counts that are encrypted using Amazon S3 server-side encryption.
-            - name: EncryptedStorageBytes.avg
-              type: long
-              description: The total number of encrypted bytes using Amazon S3 server-side encryption.
-            - name: GetRequests.avg
-              type: long
-              description: The total number of GET requests made.
-            - name: HeadRequests.avg
-              type: long
-              description: The total number of head requests made.
-            - name: IncompleteMultipartUploadObjectCount.avg
-              type: long
-              description: The number of objects in scope that are incomplete multipart uploads.
-            - name: IncompleteMultipartUploadStorageBytes.avg
-              type: long
-              description: The total bytes in scope with incomplete multipart uploads.
-            - name: ListRequests.avg
-              type: long
-              description: The total number of list requests made.
-            - name: NonCurrentVersionObjectCount.avg
-              type: long
-              description: The count of the noncurrent version objects.
-            - name: NonCurrentVersionStorageBytes.avg
-              type: long
-              description: The number of noncurrent versioned bytes.
-            - name: ObjectCount.avg
-              type: long
-              description: The total object count.
-            - name: ObjectLockEnabledObjectCount.avg
-              type: long
-              description: The total number of objects in scope that have Object Lock enabled.
-            - name: ObjectLockEnabledStorageBytes.avg
-              type: long
-              description: The total number of bytes in scope that have Object Lock enabled.
-            - name: PostRequests.avg
-              type: long
-              description: The total number of post requests made.
-            - name: PutRequests.avg
-              type: long
-              description: The total number of PUT requests made.
-            - name: ReplicatedObjectCount.avg
-              type: long
-              description: The count of replicated objects.
-            - name: ReplicatedStorageBytes.avg
-              type: long
-              description: The total number of bytes in scope that are replicated.
-            - name: SelectRequests.avg
-              type: long
-              description: The total number of select requests.
-            - name: SelectReturnedBytes.avg
-              type: long
-              description: The number of select bytes returned.
-            - name: SelectScannedBytes.avg
-              type: long
-              description: The number of select bytes scanned.
-            - name: StorageBytes.avg
-              type: long
-              description: The total storage in bytes
-- name: aws.cloudwatch.namespace
-  type: keyword
-  description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/manifest.yml b/test/packages/parallel/aws/data_stream/s3_storage_lens/manifest.yml
deleted file mode 100644
index b325ed0cb..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/manifest.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: AWS S3 Storage Lens metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 24h
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-    title: AWS S3 Storage Lens metrics
-    description: Collect AWS S3 Storage Lens metrics
diff --git a/test/packages/parallel/aws/data_stream/s3_storage_lens/sample_event.json b/test/packages/parallel/aws/data_stream/s3_storage_lens/sample_event.json
deleted file mode 100644
index dbc4ccc9c..000000000
--- a/test/packages/parallel/aws/data_stream/s3_storage_lens/sample_event.json
+++ /dev/null
@@ -1,138 +0,0 @@
-{
-    "@timestamp": "2021-11-07T20:38:00.000Z",
-    "ecs": {
-        "version": "1.11.0"
-    },
-    "data_stream": {
-        "namespace": "default",
-        "type": "metrics",
-        "dataset": "aws.s3_storage_lens"
-    },
-    "service": {
-        "type": "aws"
-    },
-    "cloud": {
-        "provider": "aws",
-        "region": "us-east-1",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        }
-    },
-    "metricset": {
-        "period": 86400000,
-        "name": "cloudwatch"
-    },
-    "event": {
-        "duration": 22973251900,
-        "agent_id_status": "verified",
-        "ingested": "2021-11-08T20:38:37Z",
-        "module": "aws",
-        "dataset": "aws.s3_storage_lens"
-    },
-    "aws": {
-        "s3_storage_lens": {
-            "metrics": {
-                "NonCurrentVersionStorageBytes": {
-                    "avg": 0
-                },
-                "DeleteMarkerObjectCount": {
-                    "avg": 0
-                },
-                "GetRequests": {
-                    "avg": 0
-                },
-                "SelectReturnedBytes": {
-                    "avg": 0
-                },
-                "ObjectCount": {
-                    "avg": 164195
-                },
-                "HeadRequests": {
-                    "avg": 0
-                },
-                "ListRequests": {
-                    "avg": 0
-                },
-                "DeleteRequests": {
-                    "avg": 0
-                },
-                "SelectRequests": {
-                    "avg": 0
-                },
-                "5xxErrors": {
-                    "avg": 0
-                },
-                "BytesDownloaded": {
-                    "avg": 0
-                },
-                "BytesUploaded": {
-                    "avg": 82537
-                },
-                "CurrentVersionStorageBytes": {
-                    "avg": 154238334
-                },
-                "StorageBytes": {
-                    "avg": 154238334
-                },
-                "ObjectLockEnabledStorageBytes": {
-                    "avg": 0
-                },
-                "4xxErrors": {
-                    "avg": 0
-                },
-                "PutRequests": {
-                    "avg": 145
-                },
-                "ObjectLockEnabledObjectCount": {
-                    "avg": 0
-                },
-                "EncryptedObjectCount": {
-                    "avg": 164191
-                },
-                "CurrentVersionObjectCount": {
-                    "avg": 164195
-                },
-                "IncompleteMultipartUploadObjectCount": {
-                    "avg": 0
-                },
-                "ReplicatedObjectCount": {
-                    "avg": 0
-                },
-                "AllRequests": {
-                    "avg": 145
-                },
-                "PostRequests": {
-                    "avg": 0
-                },
-                "IncompleteMultipartUploadStorageBytes": {
-                    "avg": 0
-                },
-                "NonCurrentVersionObjectCount": {
-                    "avg": 0
-                },
-                "ReplicatedStorageBytes": {
-                    "avg": 0
-                },
-                "EncryptedStorageBytes": {
-                    "avg": 154237917
-                },
-                "SelectScannedBytes": {
-                    "avg": 0
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/S3/Storage-Lens"
-        },
-        "dimensions": {
-            "metrics_version": "1.0",
-            "storage_class": "STANDARD",
-            "aws_region": "eu-central-1",
-            "bucket_name": "filebeat-aws-elb-test",
-            "aws_account_number": "428152502467",
-            "configuration_id": "default-account-dashboard",
-            "record_type": "BUCKET"
-        }
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml
deleted file mode 100644
index 5622947e4..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-common-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-dynamic_fields:
-  event.ingested: ".*"
-fields:
-  tags:
-    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log b/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log
deleted file mode 100644
index bcc9f6af0..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log
+++ /dev/null
@@ -1,7 +0,0 @@
-36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:41 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 44EE8651683CB4DA REST.GET.LOCATION - "GET /test-s3-ks/?location&aws-account=627959692251 HTTP/1.1" 200 - 142 - 17 - "-" "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation" - BsCfJedfuSnds2QFoxi+E/O7M6OEWzJnw4dUaes/2hyA363sONRJKzB7EOY+Bt9DTHYUn+HoHxI= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2
-36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:42 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 E26222010BCC32B6 REST.GET.LOCATION - "GET /test-s3-ks/?location&aws-account=627959692251 HTTP/1.1" 200 - 142 - 3 - "-" "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation" - gNl/Q1IzY6nGTBygqI3rnMz/ZFOFwOTDpSMrNca+IcEmMAd6sCIs1ZRLYDekD8LB9lrj9UdQLWE= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2
-36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:43 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 4DD6D17D1C5C401C REST.GET.BUCKET - "GET /test-s3-ks/?max-keys=0&encoding-type=url&aws-account=627959692251 HTTP/1.1" 200 - 265 - 2 1 "-" "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation" - KzvchfojYQnuFC4PABYVJVxIlv/f6r17LRaTSvw7x+bxj4PkkPKT1kX9x8wbqtq40iD4PC881iE= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2
-36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:43 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 706992E2F3CC3C3D REST.GET.LOCATION - "GET /test-s3-ks/?location&aws-account=627959692251 HTTP/1.1" 200 - 142 - 4 - "-" "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation" - cIN12KTrJwx+uTBZD+opZUPE4iGypi8oG/oXGPzFk9CMuHQGuEpmAeNELdtYKDxf2TDor25Nikg= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2
-36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 jsoriano-s3-test [10/Sep/2019:15:11:07 +0000] 89.160.20.156 arn:aws:iam::123456:user/test@elastic.co 8CD7A4A71E2E5C9E BATCH.DELETE.OBJECT jolokia-war-1.5.0.war - 204 - - 344017 - - - - - IeDW5I3wefFxU8iHOcAzi5qr+O+1bdRlcQ0AO2WGjFh7JwYM6qCoKq+1TrUshrXMlBxPFtg97Vk= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.eu-central-1.amazonaws.com TLSv1.2
-36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [19/Sep/2019:17:06:39 +0000] 89.160.20.156 arn:aws:iam::123456:user/test@elastic.co 6CE38F1312D32BDD BATCH.DELETE.OBJECT Screen+Shot+2019-09-09+at+9.08.44+AM.png - 204 - - 57138 - - - - - LwRa4w6DbuU48GKQiH3jDbjfTyLCbwasFBsdttugRQ+9lH4jK8lT91+HhGZKMYI3sPyKuQ9LvU0= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2
-67797214d75628047d9c76b18a78cded1a4b069b71f2a9d5a53649c38da8770b flow-log-test [14/Jul/2021:18:57:31 +0000] - svc:delivery.logs.amazonaws.com MVGXZXEVN3IG9S24 REST.PUT.OBJECT AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-_20210713T1855Z_f12aa632.log.gz "PUT /AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-0e7c13bf00cf15bfe_20210713T1855Z_f12aa632.log.gz HTTP/1.1" 200 - - 773 103 13 "-" "-" - 02SxwfXpO5UysN0GsKGa3uGDQ6E/W7+Hwo/luRH8p1VEexULoe66RCM+nja0dEq2JqLrtgjocvVRRkVt4= SigV4 ECDHE-RSA-AES128-GCM-SHA256 AuthHeader flow-log-test.s3.us-gov-west-1.amazonaws.com TLSv1.2 -
diff --git a/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json b/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json
deleted file mode 100644
index 77f299fdd..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/_dev/test/pipeline/test-s3-server-access.log-expected.json
+++ /dev/null
@@ -1,665 +0,0 @@
-{
-    "expected": [
-        {
-            "url": {
-                "path": "/test-s3-ks/",
-                "original": "/test-s3-ks/?location\u0026aws-account=627959692251",
-                "query": "location\u0026aws-account=627959692251"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "geo": {
-                "continent_name": "Europe",
-                "region_iso_code": "SE-E",
-                "city_name": "Linköping",
-                "country_iso_code": "SE",
-                "country_name": "Sweden",
-                "region_name": "Östergötland County",
-                "location": {
-                    "lon": 15.6167,
-                    "lat": 58.4167
-                }
-            },
-            "cloud": {
-                "provider": "aws"
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2"
-                ],
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "GET"
-                },
-                "version": "1.1",
-                "response": {
-                    "body": {
-                        "bytes": 142
-                    },
-                    "status_code": 200
-                }
-            },
-            "client": {
-                "user": {
-                    "id": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9"
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "tls": {
-                "cipher": "ECDHE-RSA-AES128-SHA",
-                "version": "1.2",
-                "version_protocol": "tls"
-            },
-            "event": {
-                "duration": 17000000,
-                "ingested": "2021-12-14T10:30:56.619660100Z",
-                "original": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:41 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 44EE8651683CB4DA REST.GET.LOCATION - \"GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1\" 200 - 142 - 17 - \"-\" \"AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation\" - BsCfJedfuSnds2QFoxi+E/O7M6OEWzJnw4dUaes/2hyA363sONRJKzB7EOY+Bt9DTHYUn+HoHxI= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2",
-                "kind": "event",
-                "action": "REST.GET.LOCATION",
-                "id": "44EE8651683CB4DA",
-                "category": "web",
-                "type": [
-                    "access"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "s3access": {
-                    "requester": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9",
-                    "tls_version": "TLSv1.2",
-                    "signature_version": "SigV4",
-                    "bytes_sent": 142,
-                    "authentication_type": "AuthHeader",
-                    "request_uri": "GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1",
-                    "host_id": "BsCfJedfuSnds2QFoxi+E/O7M6OEWzJnw4dUaes/2hyA363sONRJKzB7EOY+Bt9DTHYUn+HoHxI=",
-                    "host_header": "s3.ap-southeast-1.amazonaws.com",
-                    "bucket": "test-s3-ks",
-                    "remote_ip": "89.160.20.156",
-                    "cipher_suite": "ECDHE-RSA-AES128-SHA",
-                    "http_status": 200,
-                    "total_time": 17,
-                    "bucket_owner": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2",
-                    "operation": "REST.GET.LOCATION",
-                    "request_id": "44EE8651683CB4DA",
-                    "user_agent": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation"
-                }
-            },
-            "user_agent": {
-                "name": "aws-sdk-java",
-                "original": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation",
-                "os": {
-                    "name": "Linux",
-                    "version": "4.9.137",
-                    "full": "Linux 4.9.137"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "1.11.590"
-            }
-        },
-        {
-            "url": {
-                "path": "/test-s3-ks/",
-                "original": "/test-s3-ks/?location\u0026aws-account=627959692251",
-                "query": "location\u0026aws-account=627959692251"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "geo": {
-                "continent_name": "Europe",
-                "region_iso_code": "SE-E",
-                "city_name": "Linköping",
-                "country_iso_code": "SE",
-                "country_name": "Sweden",
-                "region_name": "Östergötland County",
-                "location": {
-                    "lon": 15.6167,
-                    "lat": 58.4167
-                }
-            },
-            "cloud": {
-                "provider": "aws"
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2"
-                ],
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "GET"
-                },
-                "version": "1.1",
-                "response": {
-                    "body": {
-                        "bytes": 142
-                    },
-                    "status_code": 200
-                }
-            },
-            "client": {
-                "user": {
-                    "id": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9"
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "tls": {
-                "cipher": "ECDHE-RSA-AES128-SHA",
-                "version": "1.2",
-                "version_protocol": "tls"
-            },
-            "event": {
-                "duration": 3000000,
-                "ingested": "2021-12-14T10:30:56.619676Z",
-                "original": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:42 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 E26222010BCC32B6 REST.GET.LOCATION - \"GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1\" 200 - 142 - 3 - \"-\" \"AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation\" - gNl/Q1IzY6nGTBygqI3rnMz/ZFOFwOTDpSMrNca+IcEmMAd6sCIs1ZRLYDekD8LB9lrj9UdQLWE= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2",
-                "kind": "event",
-                "action": "REST.GET.LOCATION",
-                "id": "E26222010BCC32B6",
-                "category": "web",
-                "type": [
-                    "access"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "s3access": {
-                    "requester": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9",
-                    "tls_version": "TLSv1.2",
-                    "signature_version": "SigV4",
-                    "bytes_sent": 142,
-                    "authentication_type": "AuthHeader",
-                    "request_uri": "GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1",
-                    "host_id": "gNl/Q1IzY6nGTBygqI3rnMz/ZFOFwOTDpSMrNca+IcEmMAd6sCIs1ZRLYDekD8LB9lrj9UdQLWE=",
-                    "host_header": "s3.ap-southeast-1.amazonaws.com",
-                    "bucket": "test-s3-ks",
-                    "remote_ip": "89.160.20.156",
-                    "cipher_suite": "ECDHE-RSA-AES128-SHA",
-                    "http_status": 200,
-                    "total_time": 3,
-                    "bucket_owner": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2",
-                    "operation": "REST.GET.LOCATION",
-                    "request_id": "E26222010BCC32B6",
-                    "user_agent": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation"
-                }
-            },
-            "user_agent": {
-                "name": "aws-sdk-java",
-                "original": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation",
-                "os": {
-                    "name": "Linux",
-                    "version": "4.9.137",
-                    "full": "Linux 4.9.137"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "1.11.590"
-            }
-        },
-        {
-            "url": {
-                "path": "/test-s3-ks/",
-                "original": "/test-s3-ks/?max-keys=0\u0026encoding-type=url\u0026aws-account=627959692251",
-                "query": "max-keys=0\u0026encoding-type=url\u0026aws-account=627959692251"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "geo": {
-                "continent_name": "Europe",
-                "region_iso_code": "SE-E",
-                "city_name": "Linköping",
-                "country_iso_code": "SE",
-                "country_name": "Sweden",
-                "region_name": "Östergötland County",
-                "location": {
-                    "lon": 15.6167,
-                    "lat": 58.4167
-                }
-            },
-            "cloud": {
-                "provider": "aws"
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2"
-                ],
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "GET"
-                },
-                "version": "1.1",
-                "response": {
-                    "body": {
-                        "bytes": 265
-                    },
-                    "status_code": 200
-                }
-            },
-            "client": {
-                "user": {
-                    "id": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9"
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "tls": {
-                "cipher": "ECDHE-RSA-AES128-SHA",
-                "version": "1.2",
-                "version_protocol": "tls"
-            },
-            "event": {
-                "duration": 2000000,
-                "ingested": "2021-12-14T10:30:56.619685700Z",
-                "original": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:43 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 4DD6D17D1C5C401C REST.GET.BUCKET - \"GET /test-s3-ks/?max-keys=0\u0026encoding-type=url\u0026aws-account=627959692251 HTTP/1.1\" 200 - 265 - 2 1 \"-\" \"AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation\" - KzvchfojYQnuFC4PABYVJVxIlv/f6r17LRaTSvw7x+bxj4PkkPKT1kX9x8wbqtq40iD4PC881iE= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2",
-                "kind": "event",
-                "action": "REST.GET.BUCKET",
-                "id": "4DD6D17D1C5C401C",
-                "category": "web",
-                "type": [
-                    "access"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "s3access": {
-                    "requester": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9",
-                    "tls_version": "TLSv1.2",
-                    "signature_version": "SigV4",
-                    "turn_around_time": 1,
-                    "bytes_sent": 265,
-                    "authentication_type": "AuthHeader",
-                    "request_uri": "GET /test-s3-ks/?max-keys=0\u0026encoding-type=url\u0026aws-account=627959692251 HTTP/1.1",
-                    "host_id": "KzvchfojYQnuFC4PABYVJVxIlv/f6r17LRaTSvw7x+bxj4PkkPKT1kX9x8wbqtq40iD4PC881iE=",
-                    "host_header": "s3.ap-southeast-1.amazonaws.com",
-                    "bucket": "test-s3-ks",
-                    "remote_ip": "89.160.20.156",
-                    "cipher_suite": "ECDHE-RSA-AES128-SHA",
-                    "http_status": 200,
-                    "total_time": 2,
-                    "bucket_owner": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2",
-                    "operation": "REST.GET.BUCKET",
-                    "request_id": "4DD6D17D1C5C401C",
-                    "user_agent": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation"
-                }
-            },
-            "user_agent": {
-                "name": "aws-sdk-java",
-                "original": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation",
-                "os": {
-                    "name": "Linux",
-                    "version": "4.9.137",
-                    "full": "Linux 4.9.137"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "1.11.590"
-            }
-        },
-        {
-            "url": {
-                "path": "/test-s3-ks/",
-                "original": "/test-s3-ks/?location\u0026aws-account=627959692251",
-                "query": "location\u0026aws-account=627959692251"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "geo": {
-                "continent_name": "Europe",
-                "region_iso_code": "SE-E",
-                "city_name": "Linköping",
-                "country_iso_code": "SE",
-                "country_name": "Sweden",
-                "region_name": "Östergötland County",
-                "location": {
-                    "lon": 15.6167,
-                    "lat": 58.4167
-                }
-            },
-            "cloud": {
-                "provider": "aws"
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2"
-                ],
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "GET"
-                },
-                "version": "1.1",
-                "response": {
-                    "body": {
-                        "bytes": 142
-                    },
-                    "status_code": 200
-                }
-            },
-            "client": {
-                "user": {
-                    "id": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9"
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "tls": {
-                "cipher": "ECDHE-RSA-AES128-SHA",
-                "version": "1.2",
-                "version_protocol": "tls"
-            },
-            "event": {
-                "duration": 4000000,
-                "ingested": "2021-12-14T10:30:56.619695Z",
-                "original": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:43 +0000] 89.160.20.156 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 706992E2F3CC3C3D REST.GET.LOCATION - \"GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1\" 200 - 142 - 4 - \"-\" \"AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation\" - cIN12KTrJwx+uTBZD+opZUPE4iGypi8oG/oXGPzFk9CMuHQGuEpmAeNELdtYKDxf2TDor25Nikg= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2",
-                "kind": "event",
-                "action": "REST.GET.LOCATION",
-                "id": "706992E2F3CC3C3D",
-                "category": "web",
-                "type": [
-                    "access"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "s3access": {
-                    "requester": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9",
-                    "tls_version": "TLSv1.2",
-                    "signature_version": "SigV4",
-                    "bytes_sent": 142,
-                    "authentication_type": "AuthHeader",
-                    "request_uri": "GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1",
-                    "host_id": "cIN12KTrJwx+uTBZD+opZUPE4iGypi8oG/oXGPzFk9CMuHQGuEpmAeNELdtYKDxf2TDor25Nikg=",
-                    "host_header": "s3.ap-southeast-1.amazonaws.com",
-                    "bucket": "test-s3-ks",
-                    "remote_ip": "89.160.20.156",
-                    "cipher_suite": "ECDHE-RSA-AES128-SHA",
-                    "http_status": 200,
-                    "total_time": 4,
-                    "bucket_owner": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2",
-                    "operation": "REST.GET.LOCATION",
-                    "request_id": "706992E2F3CC3C3D",
-                    "user_agent": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation"
-                }
-            },
-            "user_agent": {
-                "name": "aws-sdk-java",
-                "original": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation",
-                "os": {
-                    "name": "Linux",
-                    "version": "4.9.137",
-                    "full": "Linux 4.9.137"
-                },
-                "device": {
-                    "name": "Other"
-                },
-                "version": "1.11.590"
-            }
-        },
-        {
-            "geo": {
-                "continent_name": "Europe",
-                "region_iso_code": "SE-E",
-                "city_name": "Linköping",
-                "country_iso_code": "SE",
-                "country_name": "Sweden",
-                "region_name": "Östergötland County",
-                "location": {
-                    "lon": 15.6167,
-                    "lat": 58.4167
-                }
-            },
-            "cloud": {
-                "provider": "aws"
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2"
-                ],
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "client": {
-                "user": {
-                    "id": "arn:aws:iam::123456:user/test@elastic.co"
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "http": {
-                "response": {
-                    "status_code": 204
-                }
-            },
-            "tls": {
-                "cipher": "ECDHE-RSA-AES128-SHA",
-                "version": "1.2",
-                "version_protocol": "tls"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.619704800Z",
-                "original": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 jsoriano-s3-test [10/Sep/2019:15:11:07 +0000] 89.160.20.156 arn:aws:iam::123456:user/test@elastic.co 8CD7A4A71E2E5C9E BATCH.DELETE.OBJECT jolokia-war-1.5.0.war - 204 - - 344017 - - - - - IeDW5I3wefFxU8iHOcAzi5qr+O+1bdRlcQ0AO2WGjFh7JwYM6qCoKq+1TrUshrXMlBxPFtg97Vk= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.eu-central-1.amazonaws.com TLSv1.2",
-                "kind": "event",
-                "action": "BATCH.DELETE.OBJECT",
-                "id": "8CD7A4A71E2E5C9E",
-                "category": "web",
-                "type": [
-                    "access"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "s3access": {
-                    "requester": "arn:aws:iam::123456:user/test@elastic.co",
-                    "tls_version": "TLSv1.2",
-                    "signature_version": "SigV4",
-                    "authentication_type": "AuthHeader",
-                    "host_id": "IeDW5I3wefFxU8iHOcAzi5qr+O+1bdRlcQ0AO2WGjFh7JwYM6qCoKq+1TrUshrXMlBxPFtg97Vk=",
-                    "host_header": "s3.eu-central-1.amazonaws.com",
-                    "bucket": "jsoriano-s3-test",
-                    "remote_ip": "89.160.20.156",
-                    "cipher_suite": "ECDHE-RSA-AES128-SHA",
-                    "http_status": 204,
-                    "bucket_owner": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2",
-                    "operation": "BATCH.DELETE.OBJECT",
-                    "request_id": "8CD7A4A71E2E5C9E",
-                    "key": "jolokia-war-1.5.0.war",
-                    "object_size": 344017
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "geo": {
-                "continent_name": "Europe",
-                "region_iso_code": "SE-E",
-                "city_name": "Linköping",
-                "country_iso_code": "SE",
-                "country_name": "Sweden",
-                "region_name": "Östergötland County",
-                "location": {
-                    "lon": 15.6167,
-                    "lat": 58.4167
-                }
-            },
-            "cloud": {
-                "provider": "aws"
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2"
-                ],
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "client": {
-                "user": {
-                    "id": "arn:aws:iam::123456:user/test@elastic.co"
-                },
-                "address": "89.160.20.156",
-                "ip": "89.160.20.156"
-            },
-            "http": {
-                "response": {
-                    "status_code": 204
-                }
-            },
-            "tls": {
-                "cipher": "ECDHE-RSA-AES128-SHA",
-                "version": "1.2",
-                "version_protocol": "tls"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:56.619767600Z",
-                "original": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [19/Sep/2019:17:06:39 +0000] 89.160.20.156 arn:aws:iam::123456:user/test@elastic.co 6CE38F1312D32BDD BATCH.DELETE.OBJECT Screen+Shot+2019-09-09+at+9.08.44+AM.png - 204 - - 57138 - - - - - LwRa4w6DbuU48GKQiH3jDbjfTyLCbwasFBsdttugRQ+9lH4jK8lT91+HhGZKMYI3sPyKuQ9LvU0= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2",
-                "kind": "event",
-                "action": "BATCH.DELETE.OBJECT",
-                "id": "6CE38F1312D32BDD",
-                "category": "web",
-                "type": [
-                    "access"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "s3access": {
-                    "requester": "arn:aws:iam::123456:user/test@elastic.co",
-                    "tls_version": "TLSv1.2",
-                    "signature_version": "SigV4",
-                    "authentication_type": "AuthHeader",
-                    "host_id": "LwRa4w6DbuU48GKQiH3jDbjfTyLCbwasFBsdttugRQ+9lH4jK8lT91+HhGZKMYI3sPyKuQ9LvU0=",
-                    "host_header": "s3.ap-southeast-1.amazonaws.com",
-                    "bucket": "test-s3-ks",
-                    "remote_ip": "89.160.20.156",
-                    "cipher_suite": "ECDHE-RSA-AES128-SHA",
-                    "http_status": 204,
-                    "bucket_owner": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2",
-                    "operation": "BATCH.DELETE.OBJECT",
-                    "request_id": "6CE38F1312D32BDD",
-                    "key": "Screen+Shot+2019-09-09+at+9.08.44+AM.png",
-                    "object_size": 57138
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "provider": "aws"
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "user": [
-                    "67797214d75628047d9c76b18a78cded1a4b069b71f2a9d5a53649c38da8770b"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "PUT"
-                },
-                "version": "1.1",
-                "response": {
-                    "status_code": 200
-                }
-            },
-            "client": {
-                "user": {
-                    "id": "svc:delivery.logs.amazonaws.com"
-                }
-            },
-            "tls": {
-                "cipher": "ECDHE-RSA-AES128-GCM-SHA256",
-                "version": "1.2",
-                "version_protocol": "tls"
-            },
-            "event": {
-                "duration": 103000000,
-                "ingested": "2021-12-14T10:30:56.619777300Z",
-                "original": "67797214d75628047d9c76b18a78cded1a4b069b71f2a9d5a53649c38da8770b flow-log-test [14/Jul/2021:18:57:31 +0000] - svc:delivery.logs.amazonaws.com MVGXZXEVN3IG9S24 REST.PUT.OBJECT AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-_20210713T1855Z_f12aa632.log.gz \"PUT /AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-0e7c13bf00cf15bfe_20210713T1855Z_f12aa632.log.gz HTTP/1.1\" 200 - - 773 103 13 \"-\" \"-\" - 02SxwfXpO5UysN0GsKGa3uGDQ6E/W7+Hwo/luRH8p1VEexULoe66RCM+nja0dEq2JqLrtgjocvVRRkVt4= SigV4 ECDHE-RSA-AES128-GCM-SHA256 AuthHeader flow-log-test.s3.us-gov-west-1.amazonaws.com TLSv1.2 -",
-                "kind": "event",
-                "action": "REST.PUT.OBJECT",
-                "id": "MVGXZXEVN3IG9S24",
-                "category": "web",
-                "type": [
-                    "access"
-                ],
-                "outcome": "success"
-            },
-            "aws": {
-                "s3access": {
-                    "requester": "svc:delivery.logs.amazonaws.com",
-                    "tls_version": "TLSv1.2",
-                    "signature_version": "SigV4",
-                    "turn_around_time": 13,
-                    "authentication_type": "AuthHeader",
-                    "request_uri": "PUT /AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-0e7c13bf00cf15bfe_20210713T1855Z_f12aa632.log.gz HTTP/1.1",
-                    "host_id": "02SxwfXpO5UysN0GsKGa3uGDQ6E/W7+Hwo/luRH8p1VEexULoe66RCM+nja0dEq2JqLrtgjocvVRRkVt4=",
-                    "host_header": "flow-log-test.s3.us-gov-west-1.amazonaws.com",
-                    "bucket": "flow-log-test",
-                    "cipher_suite": "ECDHE-RSA-AES128-GCM-SHA256",
-                    "http_status": 200,
-                    "total_time": 103,
-                    "bucket_owner": "67797214d75628047d9c76b18a78cded1a4b069b71f2a9d5a53649c38da8770b",
-                    "operation": "REST.PUT.OBJECT",
-                    "request_id": "MVGXZXEVN3IG9S24",
-                    "key": "AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-_20210713T1855Z_f12aa632.log.gz",
-                    "object_size": 773
-                }
-            },
-            "url": {
-                "path": "/AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-0e7c13bf00cf15bfe_20210713T1855Z_f12aa632.log.gz",
-                "extension": "gz",
-                "original": "/AWSLogs/000000000000/vpcflowlogs/us-gov-east-1/2021/07/13/000000000000_vpcflowlogs_us-gov-east-1_fl-0e7c13bf00cf15bfe_20210713T1855Z_f12aa632.log.gz"
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs
deleted file mode 100644
index ccf43bcdd..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs
+++ /dev/null
@@ -1,51 +0,0 @@
-queue_url: {{queue_url}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if visibility_timeout}}
-visibility_timeout: {{visibility_timeout}}
-{{/if}}
-{{#if api_timeout}}
-api_timeout: {{api_timeout}}
-{{/if}}
-{{#if max_number_of_messages}}
-max_number_of_messages: {{max_number_of_messages}}
-{{/if}}
-{{#if endpoint}}
-endpoint: {{endpoint}}
-{{/if}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if fips_enabled}}
-fips_enabled: {{fips_enabled}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3access/agent/stream/log.yml.hbs b/test/packages/parallel/aws/data_stream/s3access/agent/stream/log.yml.hbs
deleted file mode 100644
index de93a0f02..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/agent/stream/log.yml.hbs
+++ /dev/null
@@ -1,19 +0,0 @@
-paths:
-  {{#each paths as |path i|}}
-- {{path}}
-  {{/each}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-exclude_files: [".gz$"]
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml
deleted file mode 100644
index 608a80039..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/elasticsearch/ingest_pipeline/default.yml
+++ /dev/null
@@ -1,212 +0,0 @@
----
-description: "Pipeline for s3 server access logs"
-
-processors:
-  - set:
-      field: event.ingested
-      value: '{{_ingest.timestamp}}'
-  - set:
-      field: ecs.version
-      value: '1.12.0'
-  - set:
-      field: event.category
-      value: web
-  - append:
-      field: event.type
-      value: access
-  - rename:
-      field: message
-      target_field: event.original
-      ignore_missing: true
-  - grok:
-      field: event.original
-      patterns:
-        - >-
-          %{BASE16NUM:aws.s3access.bucket_owner} %{HOSTNAME:aws.s3access.bucket} \[%{HTTPDATE:_temp_.s3access_time}\]
-          (?:-|%{IP:aws.s3access.remote_ip}) (?:-|%{S3REQUESTER:aws.s3access.requester}) %{S3REQUESTID:aws.s3access.request_id}
-          %{S3OPERATION:aws.s3access.operation} (?:-|%{S3KEY:aws.s3access.key}) (?:-|\"%{DATA:aws.s3access.request_uri}\")
-          %{NUMBER:aws.s3access.http_status:long} (?:-|%{WORD:aws.s3access.error_code}) (?:-|%{NUMBER:aws.s3access.bytes_sent:long})
-          (?:-|%{NUMBER:aws.s3access.object_size:long}) (?:-|%{NUMBER:aws.s3access.total_time:long}) (?:-|%{NUMBER:aws.s3access.turn_around_time:long})
-          (?:-|\"-\"|\"%{DATA:aws.s3access.referrer}\") (?:-|\"(-|%{DATA:aws.s3access.user_agent})\") (?:-|%{S3KEY:aws.s3access.version_id})
-          (?:-|%{S3ID:aws.s3access.host_id}) (?:-|%{S3VERSION:aws.s3access.signature_version}) (?:-|%{S3KEY:aws.s3access.cipher_suite})
-          (?:-|%{WORD:aws.s3access.authentication_type}) (?:-|%{S3ID:aws.s3access.host_header}) (?:-|%{S3VERSION:aws.s3access.tls_version})
-      pattern_definitions:
-        S3REQUESTER: "[a-zA-Z0-9\\/_\\.\\-%:@]+"
-        S3REQUESTID: "[a-zA-Z0-9]+"
-        S3OPERATION: "%{WORD}.%{WORD}.%{WORD}"
-        S3KEY: "[a-zA-Z0-9\\/_\\.\\-%+]+"
-        S3ID: "[a-zA-Z0-9\\/_\\.\\-%+=]+"
-        S3VERSION: "[a-zA-Z0-9.]+"
-  - script:
-      description: Drops null/empty values recursively
-      lang: painless
-      source: |
-        boolean drop(Object o) {
-          if (o == null || o == "") {
-            return true;
-          } else if (o instanceof Map) {
-            ((Map) o).values().removeIf(v -> drop(v));
-            return (((Map) o).size() == 0);
-          } else if (o instanceof List) {
-            ((List) o).removeIf(v -> drop(v));
-            return (((List) o).length == 0);
-          }
-          return false;
-        }
-        drop(ctx);
-  - grok:
-      field: aws.s3access.request_uri
-      ignore_failure: true
-      patterns:
-        - '%{NOTSPACE:http.request.method} %{NOTSPACE:_temp_.url} [hH][tT][tT][pP]/%{NOTSPACE:http.version}'
-  - uri_parts:
-      field: _temp_.url
-      target_field: url
-      keep_original: true
-      if: ctx._temp_?.url != null
-  - append:
-      field: related.user
-      value: '{{aws.s3access.bucket_owner}}'
-      allow_duplicates: false
-      if: ctx?.aws?.s3access?.bucket_owner != null
-  #
-  # Parse the date included in s3 access logs
-  #
-  - date:
-      field: _temp_.s3access_time'
-      target_field: '@timestamp'
-      ignore_failure: true
-      formats:
-        - dd/MMM/yyyy:H:m:s Z
-  - set:
-      field: client.ip
-      value: '{{aws.s3access.remote_ip}}'
-      ignore_empty_value: true
-  - append:
-      field: related.ip
-      value: '{{aws.s3access.remote_ip}}'
-      allow_duplicates: false
-      if: ctx?.aws?.s3access?.remote_ip != null
-  - set:
-      field: client.address
-      value: '{{aws.s3access.remote_ip}}'
-      ignore_empty_value: true
-  - geoip:
-      field: aws.s3access.remote_ip
-      target_field: geo
-      if: ctx?.aws?.s3access?.remote_ip != null
-  - set:
-      field: client.user.id
-      value: '{{aws.s3access.requester}}'
-      ignore_empty_value: true
-  - set:
-      field: event.id
-      value: '{{aws.s3access.request_id}}'
-      ignore_empty_value: true
-  - set:
-      field: event.action
-      value: '{{aws.s3access.operation}}'
-      ignore_empty_value: true
-  - set:
-      field: http.response.status_code
-      value: '{{aws.s3access.http_status}}'
-      ignore_empty_value: true
-  - convert:
-      field: http.response.status_code
-      type: long
-      if: ctx?.http?.response?.status_code != null
-  - set:
-      field: event.outcome
-      value: failure
-      if: ctx?.aws?.s3access?.error_code != null
-  - set:
-      field: event.code
-      value: '{{aws.s3access.error_code}}'
-      ignore_empty_value: true
-  - set:
-      field: event.outcome
-      value: success
-      if: ctx?.aws?.s3access?.error_code == null
-  - convert:
-      field: aws.s3access.bytes_sent
-      target_field: http.response.body.bytes
-      type: long
-      ignore_failure: true
-  - convert:
-      field: aws.s3access.total_time
-      target_field: event.duration
-      type: long
-      ignore_failure: true
-  - script:
-      lang: painless
-      if: ctx.event?.duration != null
-      params:
-        MS_TO_NS: 1000000
-      source: >-
-        ctx.event.duration *= params.MS_TO_NS;
-  - set:
-      field: http.request.referrer
-      value: '{{aws.s3access.referrer}}'
-      ignore_empty_value: true
-  - user_agent:
-      if: ctx?.aws?.s3access?.user_agent != null
-      field: aws.s3access.user_agent
-  - set:
-      field: tls.cipher
-      value: '{{aws.s3access.cipher_suite}}'
-      ignore_empty_value: true
-  - script:
-      lang: painless
-      if: ctx.aws?.s3access?.tls_version != null
-      source: >-
-        def parts = ctx.aws.s3access.tls_version.toLowerCase().splitOnToken("v");
-        if (parts.length != 2) {
-          return;
-        }
-        ctx.tls.version = parts[1];
-        ctx.tls.version_protocol = parts[0]
-  - set:
-      field: cloud.provider
-      value: aws
-  - set:
-      field: event.kind
-      value: event
-  #
-  # Remove temporary fields
-  #
-  - remove:
-      field: _temp_
-      ignore_missing: true
-  - script:
-      lang: painless
-      description: This script processor iterates over the whole document to remove fields with null values.
-      source: |
-        void handleMap(Map map) {
-          for (def x : map.values()) {
-            if (x instanceof Map) {
-                handleMap(x);
-            } else if (x instanceof List) {
-                handleList(x);
-            }
-          }
-          map.values().removeIf(v -> v == null);
-        }
-        void handleList(List list) {
-          for (def x : list) {
-              if (x instanceof Map) {
-                  handleMap(x);
-              } else if (x instanceof List) {
-                  handleList(x);
-              }
-          }
-        }
-        handleMap(ctx);
-  - remove:
-      field: event.original
-      if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
-      ignore_failure: true
-      ignore_missing: true
-on_failure:
-  - set:
-      field: 'error.message'
-      value: '{{ _ingest.on_failure_message }}'
diff --git a/test/packages/parallel/aws/data_stream/s3access/fields/agent.yml b/test/packages/parallel/aws/data_stream/s3access/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/s3access/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/s3access/fields/base-fields.yml
deleted file mode 100644
index 4d53b53c1..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.s3access
diff --git a/test/packages/parallel/aws/data_stream/s3access/fields/ecs.yml b/test/packages/parallel/aws/data_stream/s3access/fields/ecs.yml
deleted file mode 100644
index ce6a6aac9..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/fields/ecs.yml
+++ /dev/null
@@ -1,88 +0,0 @@
-- external: ecs
-  name: client.address
-- external: ecs
-  name: client.ip
-- external: ecs
-  name: client.user.id
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error.message
-- external: ecs
-  name: event.action
-- external: ecs
-  name: event.code
-- external: ecs
-  name: event.duration
-- external: ecs
-  name: event.id
-- external: ecs
-  name: event.kind
-- external: ecs
-  name: event.outcome
-- external: ecs
-  name: geo.city_name
-- external: ecs
-  name: geo.continent_name
-- external: ecs
-  name: geo.country_iso_code
-- external: ecs
-  name: geo.country_name
-- description: Longitude and latitude.
-  level: core
-  name: geo.location
-  type: geo_point
-- external: ecs
-  name: geo.region_iso_code
-- external: ecs
-  name: geo.region_name
-- external: ecs
-  name: http.request.method
-- external: ecs
-  name: http.request.referrer
-- external: ecs
-  name: http.response.body.bytes
-- external: ecs
-  name: http.response.status_code
-- external: ecs
-  name: http.version
-- external: ecs
-  name: related.ip
-- external: ecs
-  name: related.user
-- external: ecs
-  name: tags
-- external: ecs
-  name: tls.cipher
-- external: ecs
-  name: tls.version
-- external: ecs
-  name: tls.version_protocol
-- external: ecs
-  name: url.domain
-- external: ecs
-  name: url.extension
-- external: ecs
-  name: url.original
-- external: ecs
-  name: url.path
-- external: ecs
-  name: url.query
-- external: ecs
-  name: url.scheme
-- external: ecs
-  name: user_agent.device.name
-- external: ecs
-  name: user_agent.name
-- external: ecs
-  name: user_agent.original
-- external: ecs
-  name: user_agent.os.full
-- external: ecs
-  name: user_agent.os.name
-- external: ecs
-  name: user_agent.os.version
-- external: ecs
-  name: user_agent.version
diff --git a/test/packages/parallel/aws/data_stream/s3access/fields/fields.yml b/test/packages/parallel/aws/data_stream/s3access/fields/fields.yml
deleted file mode 100644
index e4b8c951d..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/fields/fields.yml
+++ /dev/null
@@ -1,95 +0,0 @@
-- name: aws.s3access
-  type: group
-  fields:
-    - name: bucket_owner
-      type: keyword
-      description: |
-        The canonical user ID of the owner of the source bucket.
-    - name: bucket
-      type: keyword
-      description: |
-        The name of the bucket that the request was processed against.
-    - name: remote_ip
-      type: ip
-      description: |
-        The apparent internet address of the requester.
-    - name: requester
-      type: keyword
-      description: |
-        The canonical user ID of the requester, or a - for unauthenticated requests.
-    - name: request_id
-      type: keyword
-      description: |
-        A string generated by Amazon S3 to uniquely identify each request.
-    - name: operation
-      type: keyword
-      description: |
-        The operation listed here is declared as SOAP.operation, REST.HTTP_method.resource_type, WEBSITE.HTTP_method.resource_type, or BATCH.DELETE.OBJECT.
-    - name: key
-      type: keyword
-      description: |
-        The "key" part of the request, URL encoded, or "-" if the operation does not take a key parameter.
-    - name: request_uri
-      type: keyword
-      description: |
-        The Request-URI part of the HTTP request message.
-    - name: http_status
-      type: long
-      description: |
-        The numeric HTTP status code of the response.
-    - name: error_code
-      type: keyword
-      description: |
-        The Amazon S3 Error Code, or "-" if no error occurred.
-    - name: bytes_sent
-      type: long
-      description: |
-        The number of response bytes sent, excluding HTTP protocol overhead, or "-" if zero.
-    - name: object_size
-      type: long
-      description: |
-        The total size of the object in question.
-    - name: total_time
-      type: long
-      description: |
-        The number of milliseconds the request was in flight from the server's perspective.
-    - name: turn_around_time
-      type: long
-      description: |
-        The number of milliseconds that Amazon S3 spent processing your request.
-    - name: referrer
-      type: keyword
-      description: |
-        The value of the HTTP Referrer header, if present.
-    - name: user_agent
-      type: keyword
-      description: |
-        The value of the HTTP User-Agent header.
-    - name: version_id
-      type: keyword
-      description: |
-        The version ID in the request, or "-" if the operation does not take a versionId parameter.
-    - name: host_id
-      type: keyword
-      description: |
-        The x-amz-id-2 or Amazon S3 extended request ID.
-    - name: signature_version
-      type: keyword
-      description: |
-        The signature version, SigV2 or SigV4, that was used to authenticate the request or a - for unauthenticated requests.
-    - name: cipher_suite
-      type: keyword
-      description: |
-        The Secure Sockets Layer (SSL) cipher that was negotiated for HTTPS request or a - for HTTP.
-    - name: authentication_type
-      type: keyword
-      description: |
-        The type of request authentication used, AuthHeader for authentication headers, QueryString for query string (pre-signed URL) or a - for unauthenticated requests.
-    - name: host_header
-      type: keyword
-      description: |
-        The endpoint used to connect to Amazon S3.
-    - name: tls_version
-      type: keyword
-      description: |
-        The Transport Layer Security (TLS) version negotiated by the client.
diff --git a/test/packages/parallel/aws/data_stream/s3access/manifest.yml b/test/packages/parallel/aws/data_stream/s3access/manifest.yml
deleted file mode 100644
index b88c6ba49..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/manifest.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-title: AWS s3access logs
-type: logs
-streams:
-  - input: aws-s3
-    template_path: aws-s3.yml.hbs
-    title: AWS s3access logs
-    description: Collect AWS s3access logs using s3 input
-    vars:
-      - name: visibility_timeout
-        type: text
-        title: Visibility Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
-      - name: api_timeout
-        type: text
-        title: API Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
-      - name: queue_url
-        type: text
-        title: Queue URL
-        multi: false
-        required: true
-        show_user: true
-        description: URL of the AWS SQS queue that messages will be received from.
-      - name: fips_enabled
-        type: bool
-        title: Enable S3 FIPS
-        default: false
-        multi: false
-        required: false
-        show_user: false
-        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        required: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-s3access
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
-      - name: max_number_of_messages
-        type: integer
-        title: Maximum Concurrent SQS Messages
-        description: The maximum number of SQS messages that can be inflight at any time.
-        default: 5
-        required: false
-        show_user: false
diff --git a/test/packages/parallel/aws/data_stream/s3access/sample_event.json b/test/packages/parallel/aws/data_stream/s3access/sample_event.json
deleted file mode 100644
index 87826bf8a..000000000
--- a/test/packages/parallel/aws/data_stream/s3access/sample_event.json
+++ /dev/null
@@ -1,113 +0,0 @@
-{
-    "@timestamp": "2021-11-26T14:44:27.652Z",
-    "data_stream": {
-        "namespace": "default",
-        "type": "logs",
-        "dataset": "aws.s3access"
-    },
-    "url": {
-        "path": "/test-s3-ks/",
-        "original": "/test-s3-ks/?location\u0026aws-account=627959692251",
-        "query": "location\u0026aws-account=627959692251"
-    },
-    "tags": [
-        "preserve_original_event"
-    ],
-    "geo": {
-        "continent_name": "North America",
-        "region_iso_code": "US-VA",
-        "city_name": "Ashburn",
-        "country_iso_code": "US",
-        "country_name": "United States",
-        "region_name": "Virginia",
-        "location": {
-            "lon": -77.4728,
-            "lat": 39.0481
-        }
-    },
-    "cloud": {
-        "provider": "aws"
-    },
-    "ecs": {
-        "version": "1.12.0"
-    },
-    "related": {
-        "user": [
-            "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2"
-        ],
-        "ip": [
-            "72.21.217.31"
-        ]
-    },
-    "http": {
-        "request": {
-            "method": "GET"
-        },
-        "version": "1.1",
-        "response": {
-            "body": {
-                "bytes": 142
-            },
-            "status_code": 200
-        }
-    },
-    "client": {
-        "user": {
-            "id": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9"
-        },
-        "address": "72.21.217.31",
-        "ip": "72.21.217.31"
-    },
-    "tls": {
-        "cipher": "ECDHE-RSA-AES128-SHA",
-        "version": "1.2",
-        "version_protocol": "tls"
-    },
-    "event": {
-        "duration": 17000000,
-        "ingested": "2021-07-19T21:47:05.259665700Z",
-        "original": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2 test-s3-ks [01/Aug/2019:00:24:41 +0000] 72.21.217.31 arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9 44EE8651683CB4DA REST.GET.LOCATION - \"GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1\" 200 - 142 - 17 - \"-\" \"AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation\" - BsCfJedfuSnds2QFoxi+E/O7M6OEWzJnw4dUaes/2hyA363sONRJKzB7EOY+Bt9DTHYUn+HoHxI= SigV4 ECDHE-RSA-AES128-SHA AuthHeader s3.ap-southeast-1.amazonaws.com TLSv1.2",
-        "kind": "event",
-        "action": "REST.GET.LOCATION",
-        "id": "44EE8651683CB4DA",
-        "category": "web",
-        "type": [
-            "access"
-        ],
-        "outcome": "success"
-    },
-    "aws": {
-        "s3access": {
-            "requester": "arn:aws:sts::123456:assumed-role/AWSServiceRoleForTrustedAdvisor/TrustedAdvisor_627959692251_784ab70b-8cc9-4d37-a2ec-2ff4d0c08af9",
-            "tls_version": "TLSv1.2",
-            "signature_version": "SigV4",
-            "bytes_sent": 142,
-            "authentication_type": "AuthHeader",
-            "request_uri": "GET /test-s3-ks/?location\u0026aws-account=627959692251 HTTP/1.1",
-            "host_id": "BsCfJedfuSnds2QFoxi+E/O7M6OEWzJnw4dUaes/2hyA363sONRJKzB7EOY+Bt9DTHYUn+HoHxI=",
-            "host_header": "s3.ap-southeast-1.amazonaws.com",
-            "bucket": "test-s3-ks",
-            "remote_ip": "72.21.217.31",
-            "cipher_suite": "ECDHE-RSA-AES128-SHA",
-            "http_status": 200,
-            "total_time": 17,
-            "bucket_owner": "36c1f05b76016b78528454e6e0c60e2b7ff7aa20c0a5e4c748276e5b0a2debd2",
-            "operation": "REST.GET.LOCATION",
-            "request_id": "44EE8651683CB4DA",
-            "user_agent": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation"
-        }
-    },
-    "user_agent": {
-        "name": "aws-sdk-java",
-        "original": "AWS-Support-TrustedAdvisor, aws-internal/3 aws-sdk-java/1.11.590 Linux/4.9.137-0.1.ac.218.74.329.metal1.x86_64 OpenJDK_64-Bit_Server_VM/25.212-b03 java/1.8.0_212 vendor/Oracle_Corporation",
-        "os": {
-            "name": "Linux",
-            "version": "4.9.137",
-            "full": "Linux 4.9.137"
-        },
-        "device": {
-            "name": "Other"
-        },
-        "version": "1.11.590"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
deleted file mode 100644
index 9a1266820..000000000
--- a/test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["sns"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/agent.yml b/test/packages/parallel/aws/data_stream/sns/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/sns/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
deleted file mode 100644
index 17fbf3627..000000000
--- a/test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.sns
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/ecs.yml b/test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/fields.yml
deleted file mode 100644
index c07522553..000000000
--- a/test/packages/parallel/aws/data_stream/sns/fields/fields.yml
+++ /dev/null
@@ -1,69 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: Application
-          type: keyword
-          description: Filters on application objects, which represent an app and device registered with one of the supported push notification services, such as APNs and FCM.
-        - name: Application,Platform
-          type: keyword
-          description: Filters on application and platform objects, where the platform objects are for the supported push notification services, such as APNs and FCM.
-        - name: Country
-          type: keyword
-          description: Filters on the destination country or region of an SMS message.
-        - name: Platform
-          type: keyword
-          description: Filters on platform objects for the push notification services, such as APNs and FCM.
-        - name: TopicName
-          type: keyword
-          description: Filters on Amazon SNS topic names.
-        - name: SMSType
-          type: keyword
-          description: Filters on the message type of SMS message.
-    - name: sns
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: PublishSize.avg
-              type: double
-              description: The size of messages published.
-            - name: SMSSuccessRate.avg
-              type: double
-              description: The rate of successful SMS message deliveries.
-            - name: NumberOfMessagesPublished.sum
-              type: long
-              description: The number of messages published to your Amazon SNS topics.
-            - name: NumberOfNotificationsDelivered.sum
-              type: long
-              description: The number of messages successfully delivered from your Amazon SNS topics to subscribing endpoints.
-            - name: NumberOfNotificationsFailed.sum
-              type: long
-              description: The number of messages that Amazon SNS failed to deliver.
-            - name: NumberOfNotificationsFilteredOut.sum
-              type: long
-              description: The number of messages that were rejected by subscription filter policies.
-            - name: NumberOfNotificationsFilteredOut-InvalidAttributes.sum
-              type: long
-              description: The number of messages that were rejected by subscription filter policies because the messages' attributes are invalid - for example, because the attribute JSON is incorrectly formatted.
-            - name: NumberOfNotificationsFilteredOut-NoMessageAttributes.sum
-              type: long
-              description: The number of messages that were rejected by subscription filter policies because the messages have no attributes.
-            - name: NumberOfNotificationsRedrivenToDlq.sum
-              type: long
-              description: The number of messages that have been moved to a dead-letter queue.
-            - name: NumberOfNotificationsFailedToRedriveToDlq.sum
-              type: long
-              description: The number of messages that couldn't be moved to a dead-letter queue.
-            - name: SMSMonthToDateSpentUSD.sum
-              type: long
-              description: The charges you have accrued since the start of the current calendar month for sending SMS messages.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/sns/manifest.yml b/test/packages/parallel/aws/data_stream/sns/manifest.yml
deleted file mode 100644
index 9ec9ad0da..000000000
--- a/test/packages/parallel/aws/data_stream/sns/manifest.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: AWS SNS metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 5m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: tags_filter
-        type: yaml
-        title: Tags Filter
-        multi: false
-        required: false
-        show_user: false
-        default: |
-          # - key: "created-by"
-            # value: "foo"
-    title: AWS SNS metrics
-    description: Collect AWS SNS metrics
diff --git a/test/packages/parallel/aws/data_stream/sns/sample_event.json b/test/packages/parallel/aws/data_stream/sns/sample_event.json
deleted file mode 100644
index af48ae9aa..000000000
--- a/test/packages/parallel/aws/data_stream/sns/sample_event.json
+++ /dev/null
@@ -1,57 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:27.154Z",
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "aws": {
-        "cloudwatch": {
-            "namespace": "AWS/SNS"
-        },
-        "dimensions": {
-            "TopicName": "test-sns-ks"
-        },
-        "sns": {
-            "metrics": {
-                "NumberOfMessagesPublished": {
-                    "sum": 1
-                },
-                "NumberOfNotificationsFailed": {
-                    "sum": 1
-                },
-                "PublishSize": {
-                    "avg": 5
-                }
-            }
-        },
-        "tags": {
-            "created-by": "ks"
-        }
-    },
-    "event": {
-        "dataset": "aws.sns",
-        "module": "aws",
-        "duration": 10418157072
-    },
-    "metricset": {
-        "period": 60000,
-        "name": "sns"
-    },
-    "cloud": {
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/sqs/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/sqs/agent/stream/stream.yml.hbs
deleted file mode 100644
index 0cf05645a..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,32 +0,0 @@
-metricsets: ["sqs"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/sqs/fields/agent.yml b/test/packages/parallel/aws/data_stream/sqs/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/sqs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/sqs/fields/base-fields.yml
deleted file mode 100644
index c39e5d890..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.sqs
diff --git a/test/packages/parallel/aws/data_stream/sqs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/sqs/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/sqs/fields/fields.yml b/test/packages/parallel/aws/data_stream/sqs/fields/fields.yml
deleted file mode 100644
index c1e5e0241..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/fields/fields.yml
+++ /dev/null
@@ -1,60 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: QueueName
-          type: keyword
-          description: SQS queue name
-    - name: sqs
-      type: group
-      fields:
-        - name: oldest_message_age.sec
-          type: long
-          format: duration
-          description: |
-            The approximate age of the oldest non-deleted message in the queue.
-        - name: messages.delayed
-          type: long
-          description: |
-            TThe number of messages in the queue that are delayed and not available for reading immediately.
-        - name: messages.not_visible
-          type: long
-          description: |
-            The number of messages that are in flight.
-        - name: messages.visible
-          type: long
-          description: |
-            The number of messages available for retrieval from the queue.
-        - name: messages.deleted
-          type: long
-          description: |
-            The number of messages deleted from the queue.
-        - name: messages.received
-          type: long
-          description: |
-            The number of messages returned by calls to the ReceiveMessage action.
-        - name: messages.sent
-          type: long
-          description: |
-            The number of messages added to a queue.
-        - name: empty_receives
-          type: long
-          description: |
-            The number of ReceiveMessage API calls that did not return a message.
-        - name: sent_message_size.bytes
-          type: long
-          format: bytes
-          description: |
-            The size of messages added to a queue.
-        - name: queue.name
-          type: keyword
-          description: |
-            SQS queue name
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/sqs/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/sqs/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/sqs/manifest.yml b/test/packages/parallel/aws/data_stream/sqs/manifest.yml
deleted file mode 100644
index 864d57bf9..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/manifest.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: AWS SQS metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 5m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-    title: AWS SQS metrics
-    description: Collect AWS SQS metrics
diff --git a/test/packages/parallel/aws/data_stream/sqs/sample_event.json b/test/packages/parallel/aws/data_stream/sqs/sample_event.json
deleted file mode 100644
index 714ab645a..000000000
--- a/test/packages/parallel/aws/data_stream/sqs/sample_event.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:27.154Z",
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "aws": {
-        "sqs": {
-            "empty_receives": 0,
-            "messages": {
-                "delayed": 0,
-                "deleted": 0,
-                "not_visible": 0,
-                "received": 0,
-                "sent": 0,
-                "visible": 2
-            },
-            "oldest_message_age": {
-                "sec": 78494
-            },
-            "queue": {
-                "name": "test-s3-notification"
-            },
-            "sent_message_size": {}
-        }
-    },
-    "event": {
-        "dataset": "aws.sqs",
-        "module": "aws",
-        "duration": 10418157072
-    },
-    "metricset": {
-        "period": 60000,
-        "name": "sqs"
-    },
-    "cloud": {
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs
deleted file mode 100644
index 4a574dfdc..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["transitgateway"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/fields/agent.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/base-fields.yml
deleted file mode 100644
index 291688d69..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.transitgateway
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/fields/ecs.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/fields/fields.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/fields.yml
deleted file mode 100644
index e89af4094..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/fields/fields.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: TransitGateway
-          type: keyword
-          description: Filters the metric data by transit gateway.
-        - name: TransitGatewayAttachment
-          type: keyword
-          description: Filters the metric data by transit gateway attachment.
-    - name: transitgateway
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: BytesIn.sum
-              type: long
-              description: The number of bytes received by the transit gateway.
-            - name: BytesOut.sum
-              type: long
-              description: The number of bytes sent from the transit gateway.
-            - name: PacketsIn.sum
-              type: long
-              description: The number of packets received by the transit gateway.
-            - name: PacketsOut.sum
-              type: long
-              description: The number of packets sent by the transit gateway.
-            - name: PacketDropCountBlackhole.sum
-              type: long
-              description: The number of packets dropped because they matched a blackhole route.
-            - name: PacketDropCountNoRoute.sum
-              type: long
-              description: The number of packets dropped because they did not match a route.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/transitgateway/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/manifest.yml b/test/packages/parallel/aws/data_stream/transitgateway/manifest.yml
deleted file mode 100644
index d433369d0..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/manifest.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: AWS Transit Gateway metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 1m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-    title: AWS Transit Gateway metrics
-    description: Collect AWS Transit Gateway metrics
diff --git a/test/packages/parallel/aws/data_stream/transitgateway/sample_event.json b/test/packages/parallel/aws/data_stream/transitgateway/sample_event.json
deleted file mode 100644
index 3f9d5b46e..000000000
--- a/test/packages/parallel/aws/data_stream/transitgateway/sample_event.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
-    "@timestamp": "2020-05-28T20:10:20.953Z",
-    "cloud": {
-        "provider": "aws",
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        }
-    },
-    "aws": {
-        "transitgateway": {
-            "metrics": {
-                "PacketsIn": {
-                    "sum": 0
-                },
-                "BytesIn": {
-                    "sum": 0
-                },
-                "BytesOut": {
-                    "sum": 0
-                },
-                "PacketsOut": {
-                    "sum": 0
-                },
-                "PacketDropCountBlackhole": {
-                    "sum": 0
-                },
-                "PacketDropCountNoRoute": {
-                    "sum": 0
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/TransitGateway"
-        },
-        "dimensions": {
-            "TransitGateway": "tgw-0630672a32f12808a"
-        }
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "agent": {
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b"
-    },
-    "event": {
-        "dataset": "aws.transitgateway",
-        "module": "aws",
-        "duration": 12762825681
-    },
-    "metricset": {
-        "period": 60000,
-        "name": "transitgateway"
-    },
-    "service": {
-        "type": "aws"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/usage/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/usage/agent/stream/stream.yml.hbs
deleted file mode 100644
index 5298d8d40..000000000
--- a/test/packages/parallel/aws/data_stream/usage/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["usage"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/usage/fields/agent.yml b/test/packages/parallel/aws/data_stream/usage/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/usage/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/usage/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/usage/fields/base-fields.yml
deleted file mode 100644
index d774fe1ff..000000000
--- a/test/packages/parallel/aws/data_stream/usage/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.usage
diff --git a/test/packages/parallel/aws/data_stream/usage/fields/ecs.yml b/test/packages/parallel/aws/data_stream/usage/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/usage/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/usage/fields/fields.yml b/test/packages/parallel/aws/data_stream/usage/fields/fields.yml
deleted file mode 100644
index 7cd5c5e37..000000000
--- a/test/packages/parallel/aws/data_stream/usage/fields/fields.yml
+++ /dev/null
@@ -1,36 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: dimensions
-      type: group
-      fields:
-        - name: Service
-          type: keyword
-          description: The name of the AWS service containing the resource.
-        - name: Class
-          type: keyword
-          description: The class of resource being tracked.
-        - name: Type
-          type: keyword
-          description: The type of resource being tracked.
-        - name: Resource
-          type: keyword
-          description: The name of the API operation.
-    - name: usage
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: CallCount.sum
-              type: long
-              description: The number of specified API operations performed in your account.
-            - name: ResourceCount.sum
-              type: long
-              description: The number of the specified resources running in your account. The resources are defined by the dimensions associated with the metric.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/usage/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/usage/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/usage/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/usage/manifest.yml b/test/packages/parallel/aws/data_stream/usage/manifest.yml
deleted file mode 100644
index bed34afa7..000000000
--- a/test/packages/parallel/aws/data_stream/usage/manifest.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: AWS usage metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 1m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-    title: AWS usage metrics
-    description: Collect AWS usage metrics
diff --git a/test/packages/parallel/aws/data_stream/usage/sample_event.json b/test/packages/parallel/aws/data_stream/usage/sample_event.json
deleted file mode 100644
index c67701e60..000000000
--- a/test/packages/parallel/aws/data_stream/usage/sample_event.json
+++ /dev/null
@@ -1,51 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:30.929Z",
-    "aws": {
-        "usage": {
-            "metrics": {
-                "CallCount": {
-                    "sum": 1
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/Usage"
-        },
-        "dimensions": {
-            "Type": "API",
-            "Resource": "GetMetricData",
-            "Service": "CloudWatch",
-            "Class": "None"
-        }
-    },
-    "event": {
-        "duration": 1191329839,
-        "dataset": "aws.usage",
-        "module": "aws"
-    },
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "cloud": {
-        "provider": "aws",
-        "region": "eu-north-1",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        }
-    },
-    "metricset": {
-        "name": "usage",
-        "period": 60000
-    },
-    "agent": {
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml
deleted file mode 100644
index 5622947e4..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-common-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-dynamic_fields:
-  event.ingested: ".*"
-fields:
-  tags:
-    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log
deleted file mode 100644
index 808ade66d..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log
+++ /dev/null
@@ -1,7 +0,0 @@
-2 123456789010 eni-1235b8ca123456789 2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6 2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6 34892 22 6 54 8855 1477913708 1477913820 ACCEPT OK
-2 123456789010 eni-1235b8ca123456789 - - - - - - - 1431280876 1431280934 - NODATA
-2 123456789010 eni-89.160.20.1561aaaaaaaaa - - - - - - - 1431280876 1431280934 - SKIPDATA
-2 123456789010 eni-1235b8ca123456789 89.160.20.156 89.160.20.156 20641 22 6 20 4249 1418530010 1418530070 ACCEPT OK
-2 123456789010 eni-1235b8ca123456789 89.160.20.156 89.160.20.156 49761 3389 6 20 4249 1418530010 1418530070 REJECT OK
-2 123456789010 eni-1235b8ca123456789 89.160.20.156 172.31.16.139 0 0 1 4 336 1432917027 1432917142 ACCEPT OK
-2 123456789010 eni-1235b8ca123456789 172.31.16.139 89.160.20.156 0 0 1 4 336 1432917094 1432917142 REJECT OK
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json
deleted file mode 100644
index 6c89adae0..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-extra-samples.log-expected.json
+++ /dev/null
@@ -1,492 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                }
-            },
-            "@timestamp": "2016-10-31T11:37:00.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6",
-                    "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6"
-                ]
-            },
-            "destination": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "country_name": "Norway",
-                    "location": {
-                        "lon": 10.0,
-                        "lat": 62.0
-                    },
-                    "country_iso_code": "NO"
-                },
-                "address": "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6",
-                "port": 22,
-                "ip": "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "country_name": "Norway",
-                    "location": {
-                        "lon": 10.0,
-                        "lat": 62.0
-                    },
-                    "country_iso_code": "NO"
-                },
-                "address": "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6",
-                "port": 34892,
-                "bytes": 8855,
-                "packets": 54,
-                "ip": "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.023227600Z",
-                "original": "2 123456789010 eni-1235b8ca123456789 2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6 2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6 34892 22 6 54 8855 1477913708 1477913820 ACCEPT OK",
-                "kind": "event",
-                "start": "2016-10-31T11:35:08.000Z",
-                "end": "2016-10-31T11:37:00.000Z",
-                "type": "flow",
-                "category": "network_traffic",
-                "outcome": "allow"
-            },
-            "aws": {
-                "vpcflow": {
-                    "action": "ACCEPT",
-                    "account_id": "123456789010",
-                    "log_status": "OK",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "version": "2"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "community_id": "1:3piNHoW0DjbrWkF//BeRomCaOZQ=",
-                "transport": "tcp",
-                "type": "ipv6",
-                "bytes": 8855,
-                "iana_number": "6",
-                "packets": 54
-            }
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                }
-            },
-            "@timestamp": "2015-05-10T18:02:14.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.023240100Z",
-                "original": "2 123456789010 eni-1235b8ca123456789 - - - - - - - 1431280876 1431280934 - NODATA",
-                "kind": "event",
-                "start": "2015-05-10T18:01:16.000Z",
-                "end": "2015-05-10T18:02:14.000Z",
-                "type": "flow",
-                "category": "network_traffic"
-            },
-            "aws": {
-                "vpcflow": {
-                    "account_id": "123456789010",
-                    "log_status": "NODATA",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "version": "2"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                }
-            },
-            "@timestamp": "2015-05-10T18:02:14.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.023249300Z",
-                "original": "2 123456789010 eni-89.160.20.1561aaaaaaaaa - - - - - - - 1431280876 1431280934 - SKIPDATA",
-                "kind": "event",
-                "start": "2015-05-10T18:01:16.000Z",
-                "end": "2015-05-10T18:02:14.000Z",
-                "type": "flow",
-                "category": "network_traffic"
-            },
-            "aws": {
-                "vpcflow": {
-                    "account_id": "123456789010",
-                    "log_status": "SKIPDATA",
-                    "interface_id": "eni-89.160.20.1561aaaaaaaaa",
-                    "version": "2"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                }
-            },
-            "@timestamp": "2014-12-14T04:07:50.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156",
-                    "89.160.20.156"
-                ]
-            },
-            "destination": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "port": 22,
-                "ip": "89.160.20.156"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "port": 20641,
-                "bytes": 4249,
-                "ip": "89.160.20.156",
-                "packets": 20
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.023257700Z",
-                "original": "2 123456789010 eni-1235b8ca123456789 89.160.20.156 89.160.20.156 20641 22 6 20 4249 1418530010 1418530070 ACCEPT OK",
-                "kind": "event",
-                "start": "2014-12-14T04:06:50.000Z",
-                "end": "2014-12-14T04:07:50.000Z",
-                "type": "flow",
-                "category": "network_traffic",
-                "outcome": "allow"
-            },
-            "aws": {
-                "vpcflow": {
-                    "action": "ACCEPT",
-                    "account_id": "123456789010",
-                    "log_status": "OK",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "version": "2"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "community_id": "1:CEGBlG6oEeW2Y5LLdr9GONITz00=",
-                "transport": "tcp",
-                "type": "ipv4",
-                "bytes": 4249,
-                "iana_number": "6",
-                "packets": 20
-            }
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                }
-            },
-            "@timestamp": "2014-12-14T04:07:50.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156",
-                    "89.160.20.156"
-                ]
-            },
-            "destination": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "port": 3389,
-                "ip": "89.160.20.156"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "port": 49761,
-                "bytes": 4249,
-                "ip": "89.160.20.156",
-                "packets": 20
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.023265800Z",
-                "original": "2 123456789010 eni-1235b8ca123456789 89.160.20.156 89.160.20.156 49761 3389 6 20 4249 1418530010 1418530070 REJECT OK",
-                "kind": "event",
-                "start": "2014-12-14T04:06:50.000Z",
-                "end": "2014-12-14T04:07:50.000Z",
-                "type": "flow",
-                "category": "network_traffic",
-                "outcome": "deny"
-            },
-            "aws": {
-                "vpcflow": {
-                    "action": "REJECT",
-                    "account_id": "123456789010",
-                    "log_status": "OK",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "version": "2"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "community_id": "1:va8LK/uEqYpj4NoZ9/5WRLio5rs=",
-                "transport": "tcp",
-                "type": "ipv4",
-                "bytes": 4249,
-                "iana_number": "6",
-                "packets": 20
-            }
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                }
-            },
-            "@timestamp": "2015-05-29T16:32:22.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156",
-                    "172.31.16.139"
-                ]
-            },
-            "destination": {
-                "port": 0,
-                "address": "172.31.16.139",
-                "ip": "172.31.16.139"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "port": 0,
-                "bytes": 336,
-                "ip": "89.160.20.156",
-                "packets": 4
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.023274Z",
-                "original": "2 123456789010 eni-1235b8ca123456789 89.160.20.156 172.31.16.139 0 0 1 4 336 1432917027 1432917142 ACCEPT OK",
-                "kind": "event",
-                "start": "2015-05-29T16:30:27.000Z",
-                "end": "2015-05-29T16:32:22.000Z",
-                "type": "flow",
-                "category": "network_traffic",
-                "outcome": "allow"
-            },
-            "aws": {
-                "vpcflow": {
-                    "action": "ACCEPT",
-                    "account_id": "123456789010",
-                    "log_status": "OK",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "version": "2"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "community_id": "1:cttDCHp3UNR8SFNTOgVYpAceHf4=",
-                "type": "ipv4",
-                "bytes": 336,
-                "iana_number": "1",
-                "packets": 4
-            }
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                }
-            },
-            "@timestamp": "2015-05-29T16:32:22.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "172.31.16.139",
-                    "89.160.20.156"
-                ]
-            },
-            "destination": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "port": 0,
-                "ip": "89.160.20.156"
-            },
-            "source": {
-                "address": "172.31.16.139",
-                "port": 0,
-                "bytes": 336,
-                "packets": 4,
-                "ip": "172.31.16.139"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.023282200Z",
-                "original": "2 123456789010 eni-1235b8ca123456789 172.31.16.139 89.160.20.156 0 0 1 4 336 1432917094 1432917142 REJECT OK",
-                "kind": "event",
-                "start": "2015-05-29T16:31:34.000Z",
-                "end": "2015-05-29T16:32:22.000Z",
-                "type": "flow",
-                "category": "network_traffic",
-                "outcome": "deny"
-            },
-            "aws": {
-                "vpcflow": {
-                    "action": "REJECT",
-                    "account_id": "123456789010",
-                    "log_status": "OK",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "version": "2"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "community_id": "1:XiVZKra6oEtIAPBi9QgeQL4Hp6M=",
-                "type": "ipv4",
-                "bytes": 336,
-                "iana_number": "1",
-                "packets": 4
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log
deleted file mode 100644
index 94b874fa6..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log
+++ /dev/null
@@ -1,3 +0,0 @@
-3 vpc-abcdefab012345678 subnet-aaaaaaaa012345678 i-01234567890123456 eni-1235b8ca123456789 123456789010 IPv4 89.160.20.156 10.0.0.62 43416 5001 89.160.20.156 10.0.0.62 6 568 8 1566848875 1566848933 ACCEPT 2 OK
-3 vpc-abcdefab012345678 subnet-aaaaaaaa012345678 i-01234567890123456 eni-1235b8ca123456789 123456789010 - - - - - - - - - - 1566848875 1566848933 - - SKIPDATA
-3 vpc-abcdefab012345678 subnet-aaaaaaaa012345678 i-01234567890123456 eni-1235b8ca123456789 123456789010 - - - - - - - - - - 1566848875 1566848933 - - NODATA
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json b/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json
deleted file mode 100644
index 145d7546e..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/_dev/test/pipeline/test-tcp-flag-sequence.log-expected.json
+++ /dev/null
@@ -1,171 +0,0 @@
-{
-    "expected": [
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                },
-                "instance": {
-                    "id": "i-01234567890123456"
-                }
-            },
-            "@timestamp": "2019-08-26T19:48:53.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156",
-                    "10.0.0.62"
-                ]
-            },
-            "destination": {
-                "port": 5001,
-                "address": "10.0.0.62",
-                "ip": "10.0.0.62"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "address": "89.160.20.156",
-                "port": 43416,
-                "bytes": 568,
-                "ip": "89.160.20.156",
-                "packets": 8
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.834121700Z",
-                "original": "3 vpc-abcdefab012345678 subnet-aaaaaaaa012345678 i-01234567890123456 eni-1235b8ca123456789 123456789010 IPv4 89.160.20.156 10.0.0.62 43416 5001 89.160.20.156 10.0.0.62 6 568 8 1566848875 1566848933 ACCEPT 2 OK",
-                "kind": "event",
-                "start": "2019-08-26T19:47:55.000Z",
-                "end": "2019-08-26T19:48:53.000Z",
-                "type": "flow",
-                "category": "network_traffic",
-                "outcome": "allow"
-            },
-            "aws": {
-                "vpcflow": {
-                    "tcp_flags_array": [
-                        "syn"
-                    ],
-                    "vpc_id": "vpc-abcdefab012345678",
-                    "pkt_srcaddr": "89.160.20.156",
-                    "type": "IPv4",
-                    "version": "3",
-                    "instance_id": "i-01234567890123456",
-                    "account_id": "123456789010",
-                    "log_status": "OK",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "tcp_flags": "2",
-                    "subnet_id": "subnet-aaaaaaaa012345678",
-                    "action": "ACCEPT",
-                    "pkt_dstaddr": "10.0.0.62"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "community_id": "1:dF5WY79X1yVncj+yH8q27Q5Bnpk=",
-                "transport": "tcp",
-                "type": "ipv4",
-                "bytes": 568,
-                "iana_number": "6",
-                "packets": 8
-            }
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                },
-                "instance": {
-                    "id": "i-01234567890123456"
-                }
-            },
-            "@timestamp": "2019-08-26T19:48:53.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.834135900Z",
-                "original": "3 vpc-abcdefab012345678 subnet-aaaaaaaa012345678 i-01234567890123456 eni-1235b8ca123456789 123456789010 - - - - - - - - - - 1566848875 1566848933 - - SKIPDATA",
-                "kind": "event",
-                "start": "2019-08-26T19:47:55.000Z",
-                "end": "2019-08-26T19:48:53.000Z",
-                "type": "flow",
-                "category": "network_traffic"
-            },
-            "aws": {
-                "vpcflow": {
-                    "instance_id": "i-01234567890123456",
-                    "account_id": "123456789010",
-                    "log_status": "SKIPDATA",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "vpc_id": "vpc-abcdefab012345678",
-                    "subnet_id": "subnet-aaaaaaaa012345678",
-                    "version": "3"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        },
-        {
-            "cloud": {
-                "provider": "aws",
-                "account": {
-                    "id": "123456789010"
-                },
-                "instance": {
-                    "id": "i-01234567890123456"
-                }
-            },
-            "@timestamp": "2019-08-26T19:48:53.000Z",
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "event": {
-                "ingested": "2021-12-14T10:30:58.834144Z",
-                "original": "3 vpc-abcdefab012345678 subnet-aaaaaaaa012345678 i-01234567890123456 eni-1235b8ca123456789 123456789010 - - - - - - - - - - 1566848875 1566848933 - - NODATA",
-                "kind": "event",
-                "start": "2019-08-26T19:47:55.000Z",
-                "end": "2019-08-26T19:48:53.000Z",
-                "type": "flow",
-                "category": "network_traffic"
-            },
-            "aws": {
-                "vpcflow": {
-                    "instance_id": "i-01234567890123456",
-                    "account_id": "123456789010",
-                    "log_status": "NODATA",
-                    "interface_id": "eni-1235b8ca123456789",
-                    "vpc_id": "vpc-abcdefab012345678",
-                    "subnet_id": "subnet-aaaaaaaa012345678",
-                    "version": "3"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ]
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs
deleted file mode 100644
index ccf43bcdd..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs
+++ /dev/null
@@ -1,51 +0,0 @@
-queue_url: {{queue_url}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if visibility_timeout}}
-visibility_timeout: {{visibility_timeout}}
-{{/if}}
-{{#if api_timeout}}
-api_timeout: {{api_timeout}}
-{{/if}}
-{{#if max_number_of_messages}}
-max_number_of_messages: {{max_number_of_messages}}
-{{/if}}
-{{#if endpoint}}
-endpoint: {{endpoint}}
-{{/if}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if fips_enabled}}
-fips_enabled: {{fips_enabled}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml
deleted file mode 100644
index d4d98f083..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/elasticsearch/ingest_pipeline/default.yml
+++ /dev/null
@@ -1,280 +0,0 @@
----
-description: Pipeline for AWS VPC Flow Logs
-
-processors:
-  - set:
-      field: event.ingested
-      value: '{{_ingest.timestamp}}'
-  - set:
-      field: ecs.version
-      value: '1.12.0'
-  - rename:
-      field: message
-      target_field: event.original
-      ignore_missing: true
-  - set:
-      field: event.type
-      value: flow
-  - set:
-      field: event.category
-      value: network_traffic
-  - drop:
-      if: 'ctx.event?.original.startsWith("version") || ctx.event?.original.startsWith("instance-id")'
-  - script:
-      lang: painless
-      if: ctx.event?.original != null
-      source: >-
-        ctx._temp_ = new HashMap();
-        ctx._temp_.message_token_count = ctx.event?.original.splitOnToken(" ").length;
-  - dissect:
-      field: event.original
-      pattern: '%{aws.vpcflow.version} %{aws.vpcflow.account_id} %{aws.vpcflow.interface_id} %{aws.vpcflow.srcaddr} %{aws.vpcflow.dstaddr} %{aws.vpcflow.srcport} %{aws.vpcflow.dstport} %{aws.vpcflow.protocol} %{aws.vpcflow.packets} %{aws.vpcflow.bytes} %{aws.vpcflow.start} %{aws.vpcflow.end} %{aws.vpcflow.action} %{aws.vpcflow.log_status}'
-      if: ctx?._temp_?.message_token_count == 14
-  - dissect:
-      field: event.original
-      pattern: '%{aws.vpcflow.instance_id} %{aws.vpcflow.interface_id} %{aws.vpcflow.srcaddr} %{aws.vpcflow.dstaddr} %{aws.vpcflow.pkt_srcaddr} %{aws.vpcflow.pkt_dstaddr}'
-      if: ctx?._temp_?.message_token_count == 6
-  - dissect:
-      field: event.original
-      pattern: '%{aws.vpcflow.version} %{aws.vpcflow.interface_id} %{aws.vpcflow.account_id} %{aws.vpcflow.vpc_id} %{aws.vpcflow.subnet_id} %{aws.vpcflow.instance_id} %{aws.vpcflow.srcaddr} %{aws.vpcflow.dstaddr} %{aws.vpcflow.srcport} %{aws.vpcflow.dstport} %{aws.vpcflow.protocol} %{aws.vpcflow.tcp_flags} %{aws.vpcflow.type} %{aws.vpcflow.pkt_srcaddr} %{aws.vpcflow.pkt_dstaddr} %{aws.vpcflow.action} %{aws.vpcflow.log_status}'
-      if: ctx?._temp_?.message_token_count == 17
-  - dissect:
-      field: event.original
-      pattern: '%{aws.vpcflow.version} %{aws.vpcflow.vpc_id} %{aws.vpcflow.subnet_id} %{aws.vpcflow.instance_id} %{aws.vpcflow.interface_id} %{aws.vpcflow.account_id} %{aws.vpcflow.type} %{aws.vpcflow.srcaddr} %{aws.vpcflow.dstaddr} %{aws.vpcflow.srcport} %{aws.vpcflow.dstport} %{aws.vpcflow.pkt_srcaddr} %{aws.vpcflow.pkt_dstaddr} %{aws.vpcflow.protocol} %{aws.vpcflow.bytes} %{aws.vpcflow.packets} %{aws.vpcflow.start} %{aws.vpcflow.end} %{aws.vpcflow.action} %{aws.vpcflow.tcp_flags} %{aws.vpcflow.log_status}'
-      if: ctx?._temp_?.message_token_count == 21
-
-  # Convert Unix epoch to timestamp
-  - date:
-      field: aws.vpcflow.end
-      target_field: '@timestamp'
-      ignore_failure: true
-      formats:
-        - UNIX
-  - date:
-      field: aws.vpcflow.start
-      target_field: event.start
-      ignore_failure: true
-      formats:
-        - UNIX
-  - date:
-      field: aws.vpcflow.end
-      target_field: event.end
-      ignore_failure: true
-      formats:
-        - UNIX
-  - remove:
-      field:
-        - aws.vpcflow.start
-        - aws.vpcflow.end
-      ignore_missing: true
-  - script:
-      lang: painless
-      ignore_failure: true
-      if: ctx.aws != null
-      source: >-
-        void handleMap(Map map) {
-          for (def x : map.values()) {
-            if (x instanceof Map) {
-                handleMap(x);
-            } else if (x instanceof List) {
-                handleList(x);
-            }
-          }
-          map.values().removeIf(v -> v instanceof String && v == "-");
-        }
-        void handleList(List list) {
-          for (def x : list) {
-              if (x instanceof Map) {
-                  handleMap(x);
-              } else if (x instanceof List) {
-                  handleList(x);
-              }
-          }
-        }
-        handleMap(ctx.aws);
-  - set:
-      field: event.outcome
-      value: allow
-      if: ctx.aws?.vpcflow?.action == "ACCEPT"
-  - set:
-      field: event.outcome
-      value: deny
-      if: ctx.aws?.vpcflow?.action == "REJECT"
-  - rename:
-      field: aws.vpcflow.srcaddr
-      target_field: source.address
-      ignore_missing: true
-  - set:
-      field: source.ip
-      copy_from: source.address
-      if: ctx.source?.address != null
-  - convert:
-      field: aws.vpcflow.srcport
-      target_field: source.port
-      type: integer
-      ignore_missing: true
-  - rename:
-      field: aws.vpcflow.dstaddr
-      target_field: destination.address
-      ignore_missing: true
-  - set:
-      field: destination.ip
-      copy_from: destination.address
-      if: ctx.destination?.address != null
-  - convert:
-      field: aws.vpcflow.dstport
-      target_field: destination.port
-      type: integer
-      ignore_missing: true
-  - rename:
-      field: aws.vpcflow.protocol
-      target_field: network.iana_number
-      ignore_missing: true
-  - convert:
-      field: aws.vpcflow.packets
-      target_field: source.packets
-      type: long
-      ignore_missing: true
-  - convert:
-      field: aws.vpcflow.bytes
-      target_field: source.bytes
-      type: long
-      ignore_missing: true
-  - set:
-      field: network.bytes
-      copy_from: source.bytes
-      if: ctx.source?.bytes != null
-  - set:
-      field: network.packets
-      copy_from: source.packets
-      if: ctx.source?.packets != null
-  - set:
-      field: network.type
-      value: ipv4
-      if: 'ctx.source?.ip != null && ctx.source?.ip.contains(".")'
-  - set:
-      field: network.type
-      value: ipv6
-      if: 'ctx.source?.ip != null && ctx.source?.ip.contains(":")'
-  - set:
-      field: network.transport
-      value: tcp
-      if: ctx.network?.iana_number == "6"
-  - set:
-      field: network.transport
-      value: udp
-      if: ctx.network?.iana_number == "17"
-  - community_id:
-      target_field: network.community_id
-      ignore_failure: true
-  # IP Geolocation Lookup
-  - geoip:
-      field: source.ip
-      target_field: source.geo
-      ignore_missing: true
-  - geoip:
-      field: destination.ip
-      target_field: destination.geo
-      ignore_missing: true
-  # IP Autonomous System (AS) Lookup
-  - geoip:
-      database_file: GeoLite2-ASN.mmdb
-      field: source.ip
-      target_field: source.as
-      properties:
-        - asn
-        - organization_name
-      ignore_missing: true
-  - geoip:
-      database_file: GeoLite2-ASN.mmdb
-      field: destination.ip
-      target_field: destination.as
-      properties:
-        - asn
-        - organization_name
-      ignore_missing: true
-  - rename:
-      field: source.as.asn
-      target_field: source.as.number
-      ignore_missing: true
-  - rename:
-      field: source.as.organization_name
-      target_field: source.as.organization.name
-      ignore_missing: true
-  - rename:
-      field: destination.as.asn
-      target_field: destination.as.number
-      ignore_missing: true
-  - rename:
-      field: destination.as.organization_name
-      target_field: destination.as.organization.name
-      ignore_missing: true
-  # Generate related.ip field
-  - append:
-      if: 'ctx.source?.ip != null && ctx.destination?.ip != null'
-      field: related.ip
-      value: ["{{source.ip}}", "{{destination.ip}}"]
-  - set:
-      field: cloud.provider
-      value: aws
-  - set:
-      if: ctx.aws?.vpcflow?.account_id != null
-      field: cloud.account.id
-      value: '{{aws.vpcflow.account_id}}'
-  - set:
-      if: 'ctx?.aws?.vpcflow?.instance_id != null && ctx.aws.vpcflow.instance_id != "-"'
-      field: cloud.instance.id
-      value: '{{aws.vpcflow.instance_id}}'
-  - set:
-      field: event.kind
-      value: event
-  - script:
-      lang: painless
-      ignore_failure: true
-      if: "ctx.aws?.vpcflow?.tcp_flags != null"
-      source: |
-        if (ctx.aws.vpcflow.tcp_flags_array == null) {
-          ArrayList al = new ArrayList();
-          ctx.aws.vpcflow.put("tcp_flags_array", al);
-        }
-
-        def flags = Integer.parseUnsignedInt(ctx.aws.vpcflow.tcp_flags);
-
-        if ((flags & 0x01) != 0) {
-          ctx.aws.vpcflow.tcp_flags_array.add('fin');
-        }
-        if ((flags & 0x02) != 0) {
-          ctx.aws.vpcflow.tcp_flags_array.add('syn');
-        }
-        if ((flags & 0x04) != 0) {
-          ctx.aws.vpcflow.tcp_flags_array.add('rst');
-        }
-        if ((flags & 0x08) != 0) {
-          ctx.aws.vpcflow.tcp_flags_array.add('psh');
-        }
-        if ((flags & 0x10) != 0) {
-          ctx.aws.vpcflow.tcp_flags_array.add('ack');
-        }
-        if ((flags & 0x20) != 0) {
-          ctx.aws.vpcflow.tcp_flags_array.add('urg');
-        }
-  - remove:
-      field:
-        - _temp_
-        - aws.vpcflow.srcaddr
-        - aws.vpcflow.srcport
-        - aws.vpcflow.dstaddr
-        - aws.vpcflow.dstport
-        - aws.vpcflow.bytes
-        - aws.vpcflow.packets
-        - aws.vpcflow.protocol
-      ignore_missing: true
-  - remove:
-      field: event.original
-      if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
-      ignore_failure: true
-      ignore_missing: true
-on_failure:
-  - set:
-      field: 'error.message'
-      value: '{{ _ingest.on_failure_message }}'
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/fields/agent.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/base-fields.yml
deleted file mode 100644
index 8360b70d7..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.vpcflow
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/fields/ecs.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/ecs.yml
deleted file mode 100644
index 6fbd292a0..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/fields/ecs.yml
+++ /dev/null
@@ -1,94 +0,0 @@
-- name: cloud.account.id
-  external: ecs
-- name: cloud.instance.id
-  external: ecs
-- name: cloud.provider
-  external: ecs
-- name: destination.address
-  external: ecs
-- name: destination.as.number
-  external: ecs
-- name: destination.as.organization.name
-  external: ecs
-- name: destination.geo.city_name
-  external: ecs
-- name: destination.geo.continent_name
-  external: ecs
-- name: destination.geo.country_iso_code
-  external: ecs
-- name: destination.geo.country_name
-  external: ecs
-- name: destination.geo.location
-  external: ecs
-- name: destination.geo.region_iso_code
-  external: ecs
-- name: destination.geo.region_name
-  external: ecs
-- name: destination.ip
-  external: ecs
-- name: destination.port
-  external: ecs
-- name: ecs.version
-  external: ecs
-- name: error.message
-  external: ecs
-- name: event.category
-  external: ecs
-- name: event.end
-  external: ecs
-- name: event.kind
-  external: ecs
-- name: event.original
-  external: ecs
-- name: event.outcome
-  external: ecs
-- name: event.start
-  external: ecs
-- name: event.type
-  external: ecs
-- name: network.bytes
-  external: ecs
-- name: network.community_id
-  external: ecs
-- name: network.iana_number
-  external: ecs
-- name: network.packets
-  external: ecs
-- name: network.transport
-  external: ecs
-- name: network.type
-  external: ecs
-- name: related.ip
-  external: ecs
-- name: source.address
-  external: ecs
-- name: source.as.number
-  external: ecs
-- name: source.as.organization.name
-  external: ecs
-- name: source.as.organization.name
-  external: ecs
-- name: source.bytes
-  external: ecs
-- name: source.geo.city_name
-  external: ecs
-- name: source.geo.continent_name
-  external: ecs
-- name: source.geo.country_iso_code
-  external: ecs
-- name: source.geo.country_name
-  external: ecs
-- name: source.geo.location
-  external: ecs
-- name: source.geo.region_iso_code
-  external: ecs
-- name: source.geo.region_name
-  external: ecs
-- name: source.ip
-  external: ecs
-- name: source.packets
-  external: ecs
-- name: source.port
-  external: ecs
-- name: tags
-  external: ecs
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/fields/fields.yml b/test/packages/parallel/aws/data_stream/vpcflow/fields/fields.yml
deleted file mode 100644
index eb8645698..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/fields/fields.yml
+++ /dev/null
@@ -1,56 +0,0 @@
-- name: aws.vpcflow
-  type: group
-  fields:
-    - name: version
-      type: keyword
-      description: |
-        The VPC Flow Logs version. If you use the default format, the version is 2. If you specify a custom format, the version is 3.
-    - name: account_id
-      type: keyword
-      description: |
-        The AWS account ID for the flow log.
-    - name: interface_id
-      type: keyword
-      description: |
-        The ID of the network interface for which the traffic is recorded.
-    - name: action
-      type: keyword
-      description: |
-        The action that is associated with the traffic, ACCEPT or REJECT.
-    - name: log_status
-      type: keyword
-      description: |
-        The logging status of the flow log, OK, NODATA or SKIPDATA.
-    - name: instance_id
-      type: keyword
-      description: |
-        The ID of the instance that's associated with network interface for which the traffic is recorded, if the instance is owned by you.
-    - name: pkt_srcaddr
-      type: ip
-      description: |
-        The packet-level (original) source IP address of the traffic.
-    - name: pkt_dstaddr
-      type: ip
-      description: |
-        The packet-level (original) destination IP address for the traffic.
-    - name: vpc_id
-      type: keyword
-      description: |
-        The ID of the VPC that contains the network interface for which the traffic is recorded.
-    - name: subnet_id
-      type: keyword
-      description: |
-        The ID of the subnet that contains the network interface for which the traffic is recorded.
-    - name: tcp_flags
-      type: keyword
-      description: |
-        The bitmask value for the following TCP flags: 2=SYN,18=SYN-ACK,1=FIN,4=RST
-    - name: tcp_flags_array
-      type: keyword
-      description: >
-        List of TCP flags: 'fin, syn, rst, psh, ack, urg'
-
-    - name: type
-      type: keyword
-      description: |
-        The type of traffic: IPv4, IPv6, or EFA.
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/manifest.yml b/test/packages/parallel/aws/data_stream/vpcflow/manifest.yml
deleted file mode 100644
index 3812639fb..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/manifest.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-title: AWS vpcflow logs
-type: logs
-streams:
-  - input: aws-s3
-    template_path: aws-s3.yml.hbs
-    title: AWS vpcflow logs
-    description: Collect AWS vpcflow logs using s3 input
-    vars:
-      - name: visibility_timeout
-        type: text
-        title: Visibility Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
-      - name: api_timeout
-        type: text
-        title: API Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
-      - name: queue_url
-        type: text
-        title: Queue URL
-        multi: false
-        required: true
-        show_user: true
-        description: URL of the AWS SQS queue that messages will be received from.
-      - name: fips_enabled
-        type: bool
-        title: Enable S3 FIPS
-        default: false
-        multi: false
-        required: false
-        show_user: false
-        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        required: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-vpcflow
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
-      - name: max_number_of_messages
-        type: integer
-        title: Maximum Concurrent SQS Messages
-        description: The maximum number of SQS messages that can be inflight at any time.
-        default: 5
-        required: false
-        show_user: false
diff --git a/test/packages/parallel/aws/data_stream/vpcflow/sample_event.json b/test/packages/parallel/aws/data_stream/vpcflow/sample_event.json
deleted file mode 100644
index b84f7671c..000000000
--- a/test/packages/parallel/aws/data_stream/vpcflow/sample_event.json
+++ /dev/null
@@ -1,65 +0,0 @@
-{
-    "data_stream": {
-        "namespace": "default",
-        "type": "logs",
-        "dataset": "aws.vpcflow"
-    },
-    "destination": {
-        "port": 22,
-        "address": "2001:db8:1234:a102:3304:8879:34cf:4071",
-        "ip": "2001:db8:1234:a102:3304:8879:34cf:4071"
-    },
-    "source": {
-        "address": "2001:db8:1234:a100:8d6e:3477:df66:f105",
-        "port": 34892,
-        "bytes": 8855,
-        "packets": 54,
-        "ip": "2001:db8:1234:a100:8d6e:3477:df66:f105"
-    },
-    "tags": [
-        "preserve_original_event"
-    ],
-    "network": {
-        "community_id": "1:hXZclvxUJScaVf0xMIJR6yW6tBQ=",
-        "transport": "tcp",
-        "type": "ipv6",
-        "bytes": 8855,
-        "iana_number": "6",
-        "packets": 54
-    },
-    "cloud": {
-        "provider": "aws",
-        "account": {
-            "id": "123456789010"
-        }
-    },
-    "@timestamp": "2016-10-31T11:37:00.000Z",
-    "ecs": {
-        "version": "1.12.0"
-    },
-    "related": {
-        "ip": [
-            "2001:db8:1234:a100:8d6e:3477:df66:f105",
-            "2001:db8:1234:a102:3304:8879:34cf:4071"
-        ]
-    },
-    "event": {
-        "ingested": "2021-09-28T19:10:43.075027100Z",
-        "original": "2 123456789010 eni-1235b8ca123456789 2001:db8:1234:a100:8d6e:3477:df66:f105 2001:db8:1234:a102:3304:8879:34cf:4071 34892 22 6 54 8855 1477913708 1477913820 ACCEPT OK",
-        "kind": "event",
-        "start": "2016-10-31T11:35:08.000Z",
-        "end": "2016-10-31T11:37:00.000Z",
-        "type": "flow",
-        "category": "network_traffic",
-        "outcome": "allow"
-    },
-    "aws": {
-        "vpcflow": {
-            "action": "ACCEPT",
-            "account_id": "123456789010",
-            "log_status": "OK",
-            "interface_id": "eni-1235b8ca123456789",
-            "version": "2"
-        }
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpn/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/vpn/agent/stream/stream.yml.hbs
deleted file mode 100644
index 49496da3a..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,35 +0,0 @@
-metricsets: ["vpn"]
-period: {{period}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if regions}}
-regions:
-{{#each regions as |region i|}}
-- {{region}}
-{{/each}}
-{{/if}}
-{{#if latency}}
-latency: {{latency}}
-{{/if}}
-{{#if tags_filter}}
-tags_filter: {{tags_filter}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/vpn/fields/agent.yml b/test/packages/parallel/aws/data_stream/vpn/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/vpn/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/vpn/fields/base-fields.yml
deleted file mode 100644
index 6e588484d..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.vpn
diff --git a/test/packages/parallel/aws/data_stream/vpn/fields/ecs.yml b/test/packages/parallel/aws/data_stream/vpn/fields/ecs.yml
deleted file mode 100644
index 83e3f6f12..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/fields/ecs.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- external: ecs
-  name: cloud
-- external: ecs
-  name: cloud.account.id
-- external: ecs
-  name: cloud.account.name
-- external: ecs
-  name: cloud.availability_zone
-- external: ecs
-  name: cloud.instance.id
-- external: ecs
-  name: cloud.machine.type
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: cloud.region
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error
-- external: ecs
-  name: error.message
-- external: ecs
-  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/vpn/fields/fields.yml b/test/packages/parallel/aws/data_stream/vpn/fields/fields.yml
deleted file mode 100644
index 5a5ff461f..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/fields/fields.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: vpn
-      type: group
-      fields:
-        - name: metrics
-          type: group
-          fields:
-            - name: TunnelState.avg
-              type: double
-              description: The state of the tunnel. For static VPNs, 0 indicates DOWN and 1 indicates UP. For BGP VPNs, 1 indicates ESTABLISHED and 0 is used for all other states.
-            - name: TunnelDataIn.sum
-              type: double
-              description: The bytes received through the VPN tunnel.
-            - name: TunnelDataOut.sum
-              type: double
-              description: The bytes sent through the VPN tunnel.
-    - name: dimensions
-      type: group
-      fields:
-        - name: VpnId
-          type: keyword
-          description: Filters the metric data by the Site-to-Site VPN connection ID.
-        - name: TunnelIpAddress
-          type: keyword
-          description: Filters the metric data by the IP address of the tunnel for the virtual private gateway.
-    - name: cloudwatch
-      type: group
-      fields:
-        - name: namespace
-          type: keyword
-          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/vpn/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/vpn/fields/package-fields.yml
deleted file mode 100644
index a8a7ee8dc..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/fields/package-fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: aws
-  type: group
-  fields:
-    - name: tags.*
-      type: object
-      description: |
-        Tag key value pairs from aws resources.
-    - name: s3.bucket.name
-      type: keyword
-      description: |
-        Name of a S3 bucket.
-    - name: dimensions.*
-      type: object
-      description: |
-        Metric dimensions.
-    - name: '*.metrics.*.*'
-      type: object
-      description: |
-        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/vpn/manifest.yml b/test/packages/parallel/aws/data_stream/vpn/manifest.yml
deleted file mode 100644
index aceda9743..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/manifest.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: AWS VPN metrics
-type: metrics
-streams:
-  - input: aws/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 1m
-      - name: regions
-        type: text
-        title: Regions
-        multi: true
-        required: false
-        show_user: true
-      - name: latency
-        type: text
-        title: Latency
-        multi: false
-        required: false
-        show_user: false
-      - name: tags_filter
-        type: yaml
-        title: Tags Filter
-        multi: false
-        required: false
-        show_user: false
-        default: |
-          # - key: "created-by"
-            # value: "foo"
-    title: AWS VPN metrics
-    description: Collect AWS VPN metrics
diff --git a/test/packages/parallel/aws/data_stream/vpn/sample_event.json b/test/packages/parallel/aws/data_stream/vpn/sample_event.json
deleted file mode 100644
index a5f331f9c..000000000
--- a/test/packages/parallel/aws/data_stream/vpn/sample_event.json
+++ /dev/null
@@ -1,51 +0,0 @@
-{
-    "@timestamp": "2020-05-28T17:58:27.154Z",
-    "service": {
-        "type": "aws"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "aws": {
-        "vpn": {
-            "metrics": {
-                "TunnelState": {
-                    "avg": 0
-                },
-                "TunnelDataIn": {
-                    "sum": 0
-                },
-                "TunnelDataOut": {
-                    "sum": 0
-                }
-            }
-        },
-        "cloudwatch": {
-            "namespace": "AWS/VPN"
-        }
-    },
-    "event": {
-        "dataset": "aws.vpn",
-        "module": "aws",
-        "duration": 10418157072
-    },
-    "metricset": {
-        "period": 60000,
-        "name": "vpn"
-    },
-    "cloud": {
-        "region": "us-west-2",
-        "account": {
-            "name": "elastic-beats",
-            "id": "428152502467"
-        },
-        "provider": "aws"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
-        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
-        "name": "MacBook-Elastic.local",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml
deleted file mode 100644
index 5622947e4..000000000
--- a/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-common-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-dynamic_fields:
-  event.ingested: ".*"
-fields:
-  tags:
-    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log b/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log
deleted file mode 100644
index 774353168..000000000
--- a/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log
+++ /dev/null
@@ -1,4 +0,0 @@
-{"timestamp":1576280412771,"formatVersion":1,"webaclId":"arn:aws:wafv2:ap-southeast-2:EXAMPLE12345:regional/webacl/STMTest/1EXAMPLE-2ARN-3ARN-4ARN-123456EXAMPLE","terminatingRuleId":"STMTest_SQLi_XSS","terminatingRuleType":"REGULAR","action":"BLOCK","terminatingRuleMatchDetails":[{"conditionType":"SQL_INJECTION","location":"HEADER","matchedData":["10","AND","1"]}],"httpSourceName":"-","httpSourceId":"-","ruleGroupList":[],"rateBasedRuleList":[],"nonTerminatingMatchingRules":[],"httpRequest":{"clientIp":"89.160.20.156","country":"AU","headers":[{"name":"Host","value":"localhost:1989"},{"name":"User-Agent","value":"curl/7.61.1"},{"name":"Accept","value":"*/*"},{"name":"x-stm-test","value":"10 AND 1=1"}],"uri":"/foo","args":"","httpVersion":"HTTP/1.1","httpMethod":"GET","requestId":"rid"},"labels":[{"name":"value"}]}
-{"timestamp":1592357192516,"formatVersion":1,"webaclId":"arn:aws:wafv2:us-east-1:123456789012:global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9","terminatingRuleId":"Default_Action","terminatingRuleType":"REGULAR","action":"ALLOW","terminatingRuleMatchDetails":[],"httpSourceName":"-","httpSourceId":"-","ruleGroupList":[],"rateBasedRuleList":[],"nonTerminatingMatchingRules":[{"ruleId":"TestRule","action":"COUNT","ruleMatchDetails":[{"conditionType":"SQL_INJECTION","location":"HEADER","matchedData":["10","and","1"]}]}],"httpRequest":{"clientIp":"89.160.20.156","country":"US","headers":[{"name":"Host","value":"localhost:1989"},{"name":"User-Agent","value":"curl/7.61.1"},{"name":"Accept","value":"*/*"},{"name":"foo","value":"10 AND 1=1"}],"uri":"/foo","args":"","httpVersion":"HTTP/1.1","httpMethod":"GET","requestId":"rid"},"labels":[{"name":"value"}]}
-{"timestamp":1592361810888,"formatVersion":1,"webaclId":"arn:aws:wafv2:us-east-1:123456789012:global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9","terminatingRuleId":"RG-Reference","terminatingRuleType":"GROUP","action":"BLOCK","terminatingRuleMatchDetails":[{"conditionType":"XSS","location":"HEADER","matchedData":["<","frameset"]}],"httpSourceName":"-","httpSourceId":"-","ruleGroupList":[{"ruleGroupId":"arn:aws:wafv2:us-east-1:123456789012:global/rulegroup/hello-world/c05lb698-1f11-4m41-aef4-99a506d53f4b","terminatingRule":{"ruleId":"RuleA-XSS","action":"BLOCK","ruleMatchDetails":null},"nonTerminatingMatchingRules":[{"ruleId":"RuleB-SQLi","action":"COUNT","ruleMatchDetails":[{"conditionType":"SQL_INJECTION","location":"HEADER","matchedData":["10","and","1"]}]}],"excludedRules":null}],"rateBasedRuleList":[],"nonTerminatingMatchingRules":[],"httpRequest":{"clientIp":"89.160.20.156","country":"US","headers":[{"name":"Host","value":"localhost:1989"},{"name":"User-Agent","value":"curl/7.61.1"},{"name":"Accept","value":"*/*"},{"name":"xssfoo","value":"<frameset onload=alert(1)>"},{"name":"bar","value":"10 AND 1=1"}],"uri":"/foo","args":"","httpVersion":"HTTP/1.1","httpMethod":"GET","requestId":"rid"},"labels":[{"name":"value"}]}
-{"timestamp":1576280412771,"formatVersion":1,"webaclId":"arn:aws:wafv2:ap-southeast-2:12345:regional/webacl/test/111","terminatingRuleId":"STMTest_SQLi_XSS","terminatingRuleType":"REGULAR","action":"BLOCK","terminatingRuleMatchDetails":[{"conditionType":"SQL_INJECTION","location":"UNKNOWN","matchedData":["10","AND","1"]}],"httpSourceName":"ALB","httpSourceId":"alb","ruleGroupList":[],"rateBasedRuleList":[],"nonTerminatingMatchingRules":[],"requestHeadersInserted":null,"responseCodeSent":null,"httpRequest":{"clientIp":"89.160.20.156","country":"AU","headers":[],"uri":"","args":"","httpVersion":"HTTP/1.1","httpMethod":"POST","requestId":"null"},"labels":[{"name":"value"}]}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json b/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json
deleted file mode 100644
index 1342df1c8..000000000
--- a/test/packages/parallel/aws/data_stream/waf/_dev/test/pipeline/test-waf.log-expected.json
+++ /dev/null
@@ -1,421 +0,0 @@
-{
-    "expected": [
-        {
-            "rule": {
-                "ruleset": "REGULAR",
-                "id": "STMTest_SQLi_XSS"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "ip": "89.160.20.156"
-            },
-            "url": {
-                "path": "/foo"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "protocol": "http",
-                "transport": "tcp"
-            },
-            "cloud": {
-                "region": "ap-southeast-2",
-                "provider": "aws",
-                "service": {
-                    "name": "wafv2"
-                },
-                "account": {
-                    "id": "EXAMPLE12345"
-                }
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "GET",
-                    "id": "rid"
-                },
-                "version": "1.1"
-            },
-            "event": {
-                "action": "BLOCK",
-                "ingested": "2021-12-14T10:30:59.169780800Z",
-                "original": "{\"timestamp\":1576280412771,\"formatVersion\":1,\"webaclId\":\"arn:aws:wafv2:ap-southeast-2:EXAMPLE12345:regional/webacl/STMTest/1EXAMPLE-2ARN-3ARN-4ARN-123456EXAMPLE\",\"terminatingRuleId\":\"STMTest_SQLi_XSS\",\"terminatingRuleType\":\"REGULAR\",\"action\":\"BLOCK\",\"terminatingRuleMatchDetails\":[{\"conditionType\":\"SQL_INJECTION\",\"location\":\"HEADER\",\"matchedData\":[\"10\",\"AND\",\"1\"]}],\"httpSourceName\":\"-\",\"httpSourceId\":\"-\",\"ruleGroupList\":[],\"rateBasedRuleList\":[],\"nonTerminatingMatchingRules\":[],\"httpRequest\":{\"clientIp\":\"89.160.20.156\",\"country\":\"AU\",\"headers\":[{\"name\":\"Host\",\"value\":\"localhost:1989\"},{\"name\":\"User-Agent\",\"value\":\"curl/7.61.1\"},{\"name\":\"Accept\",\"value\":\"*/*\"},{\"name\":\"x-stm-test\",\"value\":\"10 AND 1=1\"}],\"uri\":\"/foo\",\"args\":\"\",\"httpVersion\":\"HTTP/1.1\",\"httpMethod\":\"GET\",\"requestId\":\"rid\"},\"labels\":[{\"name\":\"value\"}]}",
-                "category": "web",
-                "type": [
-                    "access",
-                    "denied"
-                ],
-                "kind": "event"
-            },
-            "aws": {
-                "waf": {
-                    "request": {
-                        "headers": {
-                            "User-Agent": "curl/7.61.1",
-                            "Host": "localhost:1989",
-                            "Accept": "*/*",
-                            "x-stm-test": "10 AND 1=1"
-                        }
-                    },
-                    "terminating_rule_match_details": [
-                        {
-                            "conditionType": "SQL_INJECTION",
-                            "location": "HEADER",
-                            "matchedData": [
-                                "10",
-                                "AND",
-                                "1"
-                            ]
-                        }
-                    ],
-                    "id": "regional/webacl/STMTest/1EXAMPLE-2ARN-3ARN-4ARN-123456EXAMPLE",
-                    "arn": "arn:aws:wafv2:ap-southeast-2:EXAMPLE12345:regional/webacl/STMTest/1EXAMPLE-2ARN-3ARN-4ARN-123456EXAMPLE"
-                }
-            }
-        },
-        {
-            "rule": {
-                "ruleset": "REGULAR",
-                "id": "Default_Action"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "ip": "89.160.20.156"
-            },
-            "url": {
-                "path": "/foo"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "protocol": "http",
-                "transport": "tcp"
-            },
-            "cloud": {
-                "region": "us-east-1",
-                "provider": "aws",
-                "service": {
-                    "name": "wafv2"
-                },
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "GET",
-                    "id": "rid"
-                },
-                "version": "1.1"
-            },
-            "event": {
-                "action": "ALLOW",
-                "ingested": "2021-12-14T10:30:59.169794200Z",
-                "original": "{\"timestamp\":1592357192516,\"formatVersion\":1,\"webaclId\":\"arn:aws:wafv2:us-east-1:123456789012:global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9\",\"terminatingRuleId\":\"Default_Action\",\"terminatingRuleType\":\"REGULAR\",\"action\":\"ALLOW\",\"terminatingRuleMatchDetails\":[],\"httpSourceName\":\"-\",\"httpSourceId\":\"-\",\"ruleGroupList\":[],\"rateBasedRuleList\":[],\"nonTerminatingMatchingRules\":[{\"ruleId\":\"TestRule\",\"action\":\"COUNT\",\"ruleMatchDetails\":[{\"conditionType\":\"SQL_INJECTION\",\"location\":\"HEADER\",\"matchedData\":[\"10\",\"and\",\"1\"]}]}],\"httpRequest\":{\"clientIp\":\"89.160.20.156\",\"country\":\"US\",\"headers\":[{\"name\":\"Host\",\"value\":\"localhost:1989\"},{\"name\":\"User-Agent\",\"value\":\"curl/7.61.1\"},{\"name\":\"Accept\",\"value\":\"*/*\"},{\"name\":\"foo\",\"value\":\"10 AND 1=1\"}],\"uri\":\"/foo\",\"args\":\"\",\"httpVersion\":\"HTTP/1.1\",\"httpMethod\":\"GET\",\"requestId\":\"rid\"},\"labels\":[{\"name\":\"value\"}]}",
-                "category": "web",
-                "type": [
-                    "access",
-                    "allowed"
-                ],
-                "kind": "event"
-            },
-            "aws": {
-                "waf": {
-                    "request": {
-                        "headers": {
-                            "User-Agent": "curl/7.61.1",
-                            "Host": "localhost:1989",
-                            "Accept": "*/*",
-                            "foo": "10 AND 1=1"
-                        }
-                    },
-                    "id": "global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9",
-                    "arn": "arn:aws:wafv2:us-east-1:123456789012:global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9",
-                    "non_terminating_matching_rules": [
-                        {
-                            "ruleId": "TestRule",
-                            "action": "COUNT",
-                            "ruleMatchDetails": [
-                                {
-                                    "conditionType": "SQL_INJECTION",
-                                    "location": "HEADER",
-                                    "matchedData": [
-                                        "10",
-                                        "and",
-                                        "1"
-                                    ]
-                                }
-                            ]
-                        }
-                    ]
-                }
-            }
-        },
-        {
-            "rule": {
-                "ruleset": "GROUP",
-                "id": "RG-Reference"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "ip": "89.160.20.156"
-            },
-            "url": {
-                "path": "/foo"
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "protocol": "http",
-                "transport": "tcp"
-            },
-            "cloud": {
-                "region": "us-east-1",
-                "provider": "aws",
-                "service": {
-                    "name": "wafv2"
-                },
-                "account": {
-                    "id": "123456789012"
-                }
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "http": {
-                "request": {
-                    "method": "GET",
-                    "id": "rid"
-                },
-                "version": "1.1"
-            },
-            "event": {
-                "action": "BLOCK",
-                "ingested": "2021-12-14T10:30:59.169805500Z",
-                "original": "{\"timestamp\":1592361810888,\"formatVersion\":1,\"webaclId\":\"arn:aws:wafv2:us-east-1:123456789012:global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9\",\"terminatingRuleId\":\"RG-Reference\",\"terminatingRuleType\":\"GROUP\",\"action\":\"BLOCK\",\"terminatingRuleMatchDetails\":[{\"conditionType\":\"XSS\",\"location\":\"HEADER\",\"matchedData\":[\"\u003c\",\"frameset\"]}],\"httpSourceName\":\"-\",\"httpSourceId\":\"-\",\"ruleGroupList\":[{\"ruleGroupId\":\"arn:aws:wafv2:us-east-1:123456789012:global/rulegroup/hello-world/c05lb698-1f11-4m41-aef4-99a506d53f4b\",\"terminatingRule\":{\"ruleId\":\"RuleA-XSS\",\"action\":\"BLOCK\",\"ruleMatchDetails\":null},\"nonTerminatingMatchingRules\":[{\"ruleId\":\"RuleB-SQLi\",\"action\":\"COUNT\",\"ruleMatchDetails\":[{\"conditionType\":\"SQL_INJECTION\",\"location\":\"HEADER\",\"matchedData\":[\"10\",\"and\",\"1\"]}]}],\"excludedRules\":null}],\"rateBasedRuleList\":[],\"nonTerminatingMatchingRules\":[],\"httpRequest\":{\"clientIp\":\"89.160.20.156\",\"country\":\"US\",\"headers\":[{\"name\":\"Host\",\"value\":\"localhost:1989\"},{\"name\":\"User-Agent\",\"value\":\"curl/7.61.1\"},{\"name\":\"Accept\",\"value\":\"*/*\"},{\"name\":\"xssfoo\",\"value\":\"\u003cframeset onload=alert(1)\u003e\"},{\"name\":\"bar\",\"value\":\"10 AND 1=1\"}],\"uri\":\"/foo\",\"args\":\"\",\"httpVersion\":\"HTTP/1.1\",\"httpMethod\":\"GET\",\"requestId\":\"rid\"},\"labels\":[{\"name\":\"value\"}]}",
-                "category": "web",
-                "type": [
-                    "access",
-                    "denied"
-                ],
-                "kind": "event"
-            },
-            "aws": {
-                "waf": {
-                    "request": {
-                        "headers": {
-                            "User-Agent": "curl/7.61.1",
-                            "xssfoo": "\u003cframeset onload=alert(1)\u003e",
-                            "bar": "10 AND 1=1",
-                            "Host": "localhost:1989",
-                            "Accept": "*/*"
-                        }
-                    },
-                    "terminating_rule_match_details": [
-                        {
-                            "conditionType": "XSS",
-                            "location": "HEADER",
-                            "matchedData": [
-                                "\u003c",
-                                "frameset"
-                            ]
-                        }
-                    ],
-                    "rule_group_list": [
-                        {
-                            "nonTerminatingMatchingRules": [
-                                {
-                                    "ruleId": "RuleB-SQLi",
-                                    "action": "COUNT",
-                                    "ruleMatchDetails": [
-                                        {
-                                            "conditionType": "SQL_INJECTION",
-                                            "location": "HEADER",
-                                            "matchedData": [
-                                                "10",
-                                                "and",
-                                                "1"
-                                            ]
-                                        }
-                                    ]
-                                }
-                            ],
-                            "ruleGroupId": "arn:aws:wafv2:us-east-1:123456789012:global/rulegroup/hello-world/c05lb698-1f11-4m41-aef4-99a506d53f4b",
-                            "terminatingRule": {
-                                "ruleId": "RuleA-XSS",
-                                "action": "BLOCK"
-                            }
-                        }
-                    ],
-                    "id": "global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9",
-                    "arn": "arn:aws:wafv2:us-east-1:123456789012:global/webacl/hello-world/5933d6d9-9dde-js82-v8aw-9ck28nv9"
-                }
-            }
-        },
-        {
-            "cloud": {
-                "region": "ap-southeast-2",
-                "provider": "aws",
-                "service": {
-                    "name": "wafv2"
-                },
-                "account": {
-                    "id": "12345"
-                }
-            },
-            "ecs": {
-                "version": "1.12.0"
-            },
-            "related": {
-                "ip": [
-                    "89.160.20.156"
-                ]
-            },
-            "rule": {
-                "ruleset": "REGULAR",
-                "id": "STMTest_SQLi_XSS"
-            },
-            "http": {
-                "request": {
-                    "method": "POST",
-                    "id": "null"
-                },
-                "version": "1.1"
-            },
-            "source": {
-                "geo": {
-                    "continent_name": "Europe",
-                    "region_iso_code": "SE-E",
-                    "city_name": "Linköping",
-                    "country_iso_code": "SE",
-                    "country_name": "Sweden",
-                    "region_name": "Östergötland County",
-                    "location": {
-                        "lon": 15.6167,
-                        "lat": 58.4167
-                    }
-                },
-                "as": {
-                    "number": 29518,
-                    "organization": {
-                        "name": "Bredband2 AB"
-                    }
-                },
-                "ip": "89.160.20.156"
-            },
-            "event": {
-                "action": "BLOCK",
-                "ingested": "2021-12-14T10:30:59.169813400Z",
-                "original": "{\"timestamp\":1576280412771,\"formatVersion\":1,\"webaclId\":\"arn:aws:wafv2:ap-southeast-2:12345:regional/webacl/test/111\",\"terminatingRuleId\":\"STMTest_SQLi_XSS\",\"terminatingRuleType\":\"REGULAR\",\"action\":\"BLOCK\",\"terminatingRuleMatchDetails\":[{\"conditionType\":\"SQL_INJECTION\",\"location\":\"UNKNOWN\",\"matchedData\":[\"10\",\"AND\",\"1\"]}],\"httpSourceName\":\"ALB\",\"httpSourceId\":\"alb\",\"ruleGroupList\":[],\"rateBasedRuleList\":[],\"nonTerminatingMatchingRules\":[],\"requestHeadersInserted\":null,\"responseCodeSent\":null,\"httpRequest\":{\"clientIp\":\"89.160.20.156\",\"country\":\"AU\",\"headers\":[],\"uri\":\"\",\"args\":\"\",\"httpVersion\":\"HTTP/1.1\",\"httpMethod\":\"POST\",\"requestId\":\"null\"},\"labels\":[{\"name\":\"value\"}]}",
-                "category": "web",
-                "type": [
-                    "access",
-                    "denied"
-                ],
-                "kind": "event"
-            },
-            "aws": {
-                "waf": {
-                    "terminating_rule_match_details": [
-                        {
-                            "conditionType": "SQL_INJECTION",
-                            "location": "UNKNOWN",
-                            "matchedData": [
-                                "10",
-                                "AND",
-                                "1"
-                            ]
-                        }
-                    ],
-                    "id": "regional/webacl/test/111",
-                    "source": {
-                        "name": "ALB",
-                        "id": "alb"
-                    },
-                    "arn": "arn:aws:wafv2:ap-southeast-2:12345:regional/webacl/test/111"
-                }
-            },
-            "tags": [
-                "preserve_original_event"
-            ],
-            "network": {
-                "protocol": "http",
-                "transport": "tcp"
-            }
-        }
-    ]
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs
deleted file mode 100644
index aac824c6b..000000000
--- a/test/packages/parallel/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs
+++ /dev/null
@@ -1,52 +0,0 @@
-queue_url: {{queue_url}}
-content_type: application/json
-{{#if credential_profile_name}}
-credential_profile_name: {{credential_profile_name}}
-{{/if}}
-{{#if shared_credential_file}}
-shared_credential_file: {{shared_credential_file}}
-{{/if}}
-{{#if visibility_timeout}}
-visibility_timeout: {{visibility_timeout}}
-{{/if}}
-{{#if api_timeout}}
-api_timeout: {{api_timeout}}
-{{/if}}
-{{#if max_number_of_messages}}
-max_number_of_messages: {{max_number_of_messages}}
-{{/if}}
-{{#if endpoint}}
-endpoint: {{endpoint}}
-{{/if}}
-{{#if access_key_id}}
-access_key_id: {{access_key_id}}
-{{/if}}
-{{#if secret_access_key}}
-secret_access_key: {{secret_access_key}}
-{{/if}}
-{{#if session_token}}
-session_token: {{session_token}}
-{{/if}}
-{{#if role_arn}}
-role_arn: {{role_arn}}
-{{/if}}
-{{#if fips_enabled}}
-fips_enabled: {{fips_enabled}}
-{{/if}}
-{{#if proxy_url }}
-proxy_url: {{proxy_url}}
-{{/if}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/waf/agent/stream/log.yml.hbs b/test/packages/parallel/aws/data_stream/waf/agent/stream/log.yml.hbs
deleted file mode 100644
index de93a0f02..000000000
--- a/test/packages/parallel/aws/data_stream/waf/agent/stream/log.yml.hbs
+++ /dev/null
@@ -1,19 +0,0 @@
-paths:
-  {{#each paths as |path i|}}
-- {{path}}
-  {{/each}}
-tags:
-{{#if preserve_original_event}}
-  - preserve_original_event
-{{/if}}
-{{#each tags as |tag i|}}
-  - {{tag}}
-{{/each}}
-{{#contains "forwarded" tags}}
-publisher_pipeline.disable_host: true
-{{/contains}}
-exclude_files: [".gz$"]
-{{#if processors}}
-processors:
-{{processors}}
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml
deleted file mode 100644
index 79bcd949c..000000000
--- a/test/packages/parallel/aws/data_stream/waf/elasticsearch/ingest_pipeline/default.yml
+++ /dev/null
@@ -1,204 +0,0 @@
----
-description: "Pipeline for WAF logs"
-processors:
-- set:
-    field: event.ingested
-    value: '{{_ingest.timestamp}}'
-- set:
-    field: ecs.version
-    value: '1.12.0'
-- set:
-    field: event.category
-    value: web
-- append:
-    field: event.type
-    value: access
-- rename:
-    field: message
-    target_field: event.original
-    ignore_missing: true
-- json:
-    field: event.original
-    target_field: json
-- date:
-    field: json.timestamp'
-    target_field: '@timestamp'
-    ignore_failure: true
-    formats:
-    - UNIX_MS
-- rename:
-    field: json.httpRequest.clientIp
-    target_field: source.ip
-    ignore_missing: true
-- geoip:
-    field: source.ip
-    target_field: source.geo
-    ignore_missing: true
-- rename:
-    field: json.httpRequest.country
-    target_field: source.geo.country_iso_code
-    ignore_missing: true
-    if: ctx.source?.geo.country_iso_code == null
-- geoip:
-    database_file: GeoLite2-ASN.mmdb
-    field: source.ip
-    target_field: source.as
-    properties:
-    - asn
-    - organization_name
-    ignore_missing: true
-- rename:
-    field: source.as.asn
-    target_field: source.as.number
-    ignore_missing: true
-- rename:
-    field: json.ClientASN
-    target_field: source.as.number
-    ignore_missing: true
-    if: ctx?.source?.as?.number == null
-- rename:
-    field: source.as.organization_name
-    target_field: source.as.organization.name
-    ignore_missing: true
-- rename:
-    field: json.httpRequest.requestId
-    target_field: http.request.id
-    ignore_missing: true
-- rename:
-    field: json.httpRequest.httpMethod
-    target_field: http.request.method
-    ignore_missing: true
-- dissect:
-    field: json.httpRequest.httpVersion
-    pattern: "%{network.protocol}/%{http.version}"
-    ignore_failure: true
-- lowercase:
-    field: network.protocol
-    ignore_missing: true
-- set:
-    field: network.transport
-    value: tcp
-    if: ctx?.network?.protocol != null && ctx?.network?.protocol == 'http'
-- rename:
-    field: json.httpRequest.args
-    target_field: url.query
-    ignore_missing: true
-- rename:
-    field: json.httpRequest.uri
-    target_field: url.path
-    ignore_missing: true
-- rename:
-    field: json.terminatingRuleMatchDetails
-    target_field: aws.waf.terminating_rule_match_details
-    ignore_missing: true
-- rename:
-    field: json.ruleGroupList
-    target_field: aws.waf.rule_group_list
-    ignore_missing: true
-- rename:
-    field: json.rateBasedRuleList
-    target_field: aws.waf.rate_based_rule_list
-    ignore_missing: true
-- rename:
-    field: json.nonTerminatingMatchingRules
-    target_field: aws.waf.non_terminating_matching_rules
-    ignore_missing: true
-- script:
-    lang: painless
-    source: >-
-      if (ctx.json.httpRequest.headers != null) {
-        ctx.aws.waf.request = new HashMap();
-        ctx.aws.waf.request.headers = new HashMap();
-        for (def i = 0; i < ctx.json.httpRequest.headers.length; i++) {
-          ctx.aws.waf.request.headers[ctx.json.httpRequest.headers[i].name] = ctx.json.httpRequest.headers[i].value;
-        }
-      }
-    ignore_failure: true
-- rename:
-    field: json.action
-    target_field: event.action
-    ignore_missing: true
-- append:
-    field: related.ip
-    value: '{{source.ip}}'
-    allow_duplicates: false
-    if: ctx.source?.ip != null
-- set:
-    field: cloud.provider
-    value: aws
-- set:
-    field: event.kind
-    value: event
-- append:
-    field: event.type
-    value: allowed
-    if: ctx.event.action == "ALLOW"
-- append:
-    field: event.type
-    value: denied
-    if: ctx.event.action == "BLOCK"
-- rename:
-    field: json.webaclId
-    target_field: aws.waf.arn
-    ignore_missing: true
-- dissect:
-    field: aws.waf.arn
-    pattern: "arn:%{}:%{cloud.service.name}:%{cloud.region}:%{cloud.account.id}:%{aws.waf.id}"
-    ignore_failure: true
-    ignore_missing: true
-- rename:
-    field: json.terminatingRuleId
-    target_field: rule.id
-    ignore_missing: true
-- rename:
-    field: json.terminatingRuleType
-    target_field: rule.ruleset
-    ignore_missing: true
-- rename:
-    field: json.httpSourceName
-    target_field: aws.waf.source.name
-    ignore_missing: true
-- rename:
-    field: json.httpSourceId
-    target_field: aws.waf.source.id
-    ignore_missing: true
-
-  #
-  # Remove temporary fields
-  #
-- remove:
-    field: json
-    ignore_missing: true
-- script:
-    lang: painless
-    description: This script processor iterates over the whole document to remove fields with null values.
-    source: |
-        void handleMap(Map map) {
-            for (def x : map.values()) {
-                if (x instanceof Map) {
-                    handleMap(x);
-                } else if (x instanceof List) {
-                    handleList(x);
-                }
-            }
-            map.values().removeIf(v -> v == null || v == "" || v == "-" || ((v instanceof List || v instanceof Map) && v.isEmpty()));
-        }
-        void handleList(List list) {
-            for (def x : list) {
-                if (x instanceof Map) {
-                    handleMap(x);
-                } else if (x instanceof List) {
-                    handleList(x);
-                }
-            }
-        }
-        handleMap(ctx);
-- remove:
-    field: event.original
-    if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
-    ignore_failure: true
-    ignore_missing: true
-on_failure:
-  - set:
-      field: 'error.message'
-      value: '{{ _ingest.on_failure_message }}'
diff --git a/test/packages/parallel/aws/data_stream/waf/fields/agent.yml b/test/packages/parallel/aws/data_stream/waf/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/parallel/aws/data_stream/waf/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/parallel/aws/data_stream/waf/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/waf/fields/base-fields.yml
deleted file mode 100644
index 417828aa0..000000000
--- a/test/packages/parallel/aws/data_stream/waf/fields/base-fields.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: event.module
-  type: constant_keyword
-  description: Event module
-  value: aws
-- name: event.dataset
-  type: constant_keyword
-  description: Event dataset
-  value: aws.waf
diff --git a/test/packages/parallel/aws/data_stream/waf/fields/ecs.yml b/test/packages/parallel/aws/data_stream/waf/fields/ecs.yml
deleted file mode 100644
index cf3ab8d9b..000000000
--- a/test/packages/parallel/aws/data_stream/waf/fields/ecs.yml
+++ /dev/null
@@ -1,60 +0,0 @@
-- external: ecs
-  name: source.address
-- external: ecs
-  name: source.ip
-- external: ecs
-  name: cloud.provider
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error.message
-- external: ecs
-  name: event.action
-- external: ecs
-  name: event.id
-- external: ecs
-  name: event.kind
-- external: ecs
-  name: event.outcome
-- external: ecs
-  name: http.request.method
-- external: ecs
-  name: http.version
-- external: ecs
-  name: http.request.id
-- external: ecs
-  name: related.ip
-- external: ecs
-  name: tags
-- external: ecs
-  name: url.path
-- external: ecs
-  name: url.query
-- external: ecs
-  name: source.as.number
-- external: ecs
-  name: source.as.organization.name
-- external: ecs
-  name: source.geo.city_name
-- external: ecs
-  name: source.geo.continent_name
-- external: ecs
-  name: source.geo.country_iso_code
-- external: ecs
-  name: source.geo.country_name
-- description: Longitude and latitude.
-  level: core
-  name: source.geo.location
-  type: geo_point
-- external: ecs
-  name: source.geo.region_iso_code
-- external: ecs
-  name: source.geo.region_name
-- external: ecs
-  name: network.protocol
-- external: ecs
-  name: network.transport
-- external: ecs
-  name: rule.id
-- external: ecs
-  name: rule.ruleset
diff --git a/test/packages/parallel/aws/data_stream/waf/fields/fields.yml b/test/packages/parallel/aws/data_stream/waf/fields/fields.yml
deleted file mode 100644
index b4a9343da..000000000
--- a/test/packages/parallel/aws/data_stream/waf/fields/fields.yml
+++ /dev/null
@@ -1,39 +0,0 @@
-- name: aws.waf
-  type: group
-  fields:
-    - name: arn
-      type: keyword
-      description: |
-        AWS ARN of ACL
-    - name: id
-      type: keyword
-      description: |
-        ID of ACL
-    - name: non_terminating_matching_rules
-      type: nested
-      description: |
-        The list of non-terminating rules in the rule group that match the request. These are always COUNT rules (non-terminating rules that match)
-    - name: rate_based_rule_list
-      type: nested
-      description: |
-        The list of rate-based rules that acted on the request.
-    - name: request.headers
-      type: flattened
-      description: |
-        List of request headers
-    - name: rule_group_list
-      type: nested
-      description: |
-        The list of rule groups that acted on this request.
-    - name: source.id
-      type: keyword
-      description: |
-        The source ID. This field shows the ID of the associated resource.
-    - name: source.name
-      type: keyword
-      description: |
-        The source of the request. Possible values: CF for Amazon CloudFront, APIGW for Amazon API Gateway, ALB for Application Load Balancer, and APPSYNC for AWS AppSync.
-    - name: terminating_rule_match_details
-      type: nested
-      description: |
-        Detailed information about the terminating rule that matched the request. A terminating rule has an action that ends the inspection process against a web request. Possible actions for a terminating rule are ALLOW and BLOCK. This is only populated for SQL injection and cross-site scripting (XSS) match rule statements. As with all rule statements that inspect for more than one thing, AWS WAF applies the action on the first match and stops inspecting the web request. A web request with a terminating action could contain other threats, in addition to the one reported in the log.
diff --git a/test/packages/parallel/aws/data_stream/waf/manifest.yml b/test/packages/parallel/aws/data_stream/waf/manifest.yml
deleted file mode 100644
index 9abff552b..000000000
--- a/test/packages/parallel/aws/data_stream/waf/manifest.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-title: AWS WAF logs
-type: logs
-streams:
-  - input: aws-s3
-    template_path: aws-s3.yml.hbs
-    title: AWS WAF logs
-    description: Collect AWS WAF logs using s3 input
-    vars:
-      - name: visibility_timeout
-        type: text
-        title: Visibility Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
-      - name: api_timeout
-        type: text
-        title: API Timeout
-        multi: false
-        required: false
-        show_user: false
-        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
-      - name: queue_url
-        type: text
-        title: Queue URL
-        multi: false
-        required: true
-        show_user: true
-        description: URL of the AWS SQS queue that messages will be received from.
-      - name: fips_enabled
-        type: bool
-        title: Enable S3 FIPS
-        default: false
-        multi: false
-        required: false
-        show_user: false
-        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
-      - name: tags
-        type: text
-        title: Tags
-        multi: true
-        required: true
-        show_user: false
-        default:
-          - forwarded
-          - aws-waf
-      - name: processors
-        type: yaml
-        title: Processors
-        multi: false
-        required: false
-        show_user: false
-        description: >
-          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
-
-      - name: preserve_original_event
-        required: true
-        show_user: true
-        title: Preserve original event
-        description: Preserves a raw copy of the original event, added to the field `event.original`
-        type: bool
-        multi: false
-        default: false
-      - name: max_number_of_messages
-        type: integer
-        title: Maximum Concurrent SQS Messages
-        description: The maximum number of SQS messages that can be inflight at any time.
-        default: 5
-        required: false
-        show_user: false
diff --git a/test/packages/parallel/aws/data_stream/waf/sample_event.json b/test/packages/parallel/aws/data_stream/waf/sample_event.json
deleted file mode 100644
index 16cdada74..000000000
--- a/test/packages/parallel/aws/data_stream/waf/sample_event.json
+++ /dev/null
@@ -1,94 +0,0 @@
-{
-    "@timestamp": "2021-11-25T14:25:25.000Z",
-    "data_stream": {
-        "namespace": "default",
-        "type": "logs",
-        "dataset": "aws.waf"
-    },
-    "rule": {
-        "ruleset": "REGULAR",
-        "id": "STMTest_SQLi_XSS"
-    },
-    "source": {
-        "geo": {
-            "continent_name": "Oceania",
-            "country_name": "Australia",
-            "location": {
-                "lon": 143.2104,
-                "lat": -33.494
-            },
-            "country_iso_code": "AU"
-        },
-        "as": {
-            "number": 13335,
-            "organization": {
-                "name": "Cloudflare, Inc."
-            }
-        },
-        "ip": "1.1.1.1"
-    },
-    "tags": [
-        "preserve_original_event"
-    ],
-    "network": {
-        "protocol": "http",
-        "transport": "tcp"
-    },
-    "cloud": {
-        "region": "ap-southeast-2",
-        "provider": "aws",
-        "service": {
-            "name": "wafv2"
-        },
-        "account": {
-            "id": "12345"
-        }
-    },
-    "ecs": {
-        "version": "1.12.0"
-    },
-    "related": {
-        "ip": [
-            "1.1.1.1"
-        ]
-    },
-    "http": {
-        "request": {
-            "method": "POST",
-            "id": "null"
-        },
-        "version": "1.1"
-    },
-    "event": {
-        "action": "BLOCK",
-        "ingested": "2021-10-11T15:00:35.544818361Z",
-        "original": "{\"timestamp\":1576280412771,\"formatVersion\":1,\"webaclId\":\"arn:aws:wafv2:ap-southeast-2:12345:regional/webacl/test/111\",\"terminatingRuleId\":\"STMTest_SQLi_XSS\",\"terminatingRuleType\":\"REGULAR\",\"action\":\"BLOCK\",\"terminatingRuleMatchDetails\":[{\"conditionType\":\"SQL_INJECTION\",\"location\":\"UNKNOWN\",\"matchedData\":[\"10\",\"AND\",\"1\"]}],\"httpSourceName\":\"ALB\",\"httpSourceId\":\"alb\",\"ruleGroupList\":[],\"rateBasedRuleList\":[],\"nonTerminatingMatchingRules\":[],\"requestHeadersInserted\":null,\"responseCodeSent\":null,\"httpRequest\":{\"clientIp\":\"1.1.1.1\",\"country\":\"AU\",\"headers\":[],\"uri\":\"\",\"args\":\"\",\"httpVersion\":\"HTTP/1.1\",\"httpMethod\":\"POST\",\"requestId\":\"null\"},\"labels\":[{\"name\":\"value\"}]}",
-        "category": "web",
-        "type": [
-            "access",
-            "denied"
-        ],
-        "kind": "event"
-    },
-    "aws": {
-        "waf": {
-            "terminating_rule_match_details": [
-                {
-                    "conditionType": "SQL_INJECTION",
-                    "location": "UNKNOWN",
-                    "matchedData": [
-                        "10",
-                        "AND",
-                        "1"
-                    ]
-                }
-            ],
-            "id": "regional/webacl/test/111",
-            "source": {
-                "name": "ALB",
-                "id": "alb"
-            },
-            "arn": "arn:aws:wafv2:ap-southeast-2:12345:regional/webacl/test/111"
-        }
-    }
-}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/manifest.yml b/test/packages/parallel/aws/manifest.yml
index 73f660bba..f05d11c3f 100644
--- a/test/packages/parallel/aws/manifest.yml
+++ b/test/packages/parallel/aws/manifest.yml
@@ -78,127 +78,12 @@ vars:
     show_user: false
     description: URL to proxy connections in the form of http[s]://<user>:<password>@<server name/ip>:<port>
 policy_templates:
-  - name: billing
-    title: AWS Billing Metrics
-    description: Collect billing metrics from Amazon Web Services with Elastic Agent
-    data_streams:
-      - billing
-    inputs:
-      - type: aws/metrics
-        title: Collect billing metrics
-        description: Collect billing metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_billing.svg
-        title: AWS Billing logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-billing-overview.png
-        title: metricbeat aws billing overview
-        size: 2640x2240
-        type: image/png
-  - name: cloudtrail
-    title: AWS Cloudtrail Logs
-    description: Collect and parse logs from AWS Cloudtrail with Elastic Agent
-    data_streams:
-      - cloudtrail
-    categories:
-      - security
-    inputs:
-      - type: aws-s3
-        title: Collect logs from Cloudtrail service
-        description: Collecting Cloudtrail logs using aws-s3 input
-        input_group: logs
-      - type: httpjson
-        title: Collect logs from third-party REST API (experimental)
-        description: Collect logs from third-party REST API (experimental)
-        input_group: logs
-    icons:
-      - src: /img/logo_cloudtrail.svg
-        title: AWS Cloudtrail logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/filebeat-aws-cloudtrail.png
-        title: filebeat aws cloudtrail
-        size: 1702x1063
-        type: image/png
-  - name: cloudwatch
-    title: AWS CloudWatch
-    description: Collect logs and metrics from Amazon CloudWatch with Elastic Agent
-    data_streams:
-      - cloudwatch_logs
-      - cloudwatch_metrics
-    inputs:
-      - type: aws-s3
-        title: Collect logs from CloudWatch
-        description: Collecting logs from CloudWatch using aws-s3 input
-        input_group: logs
-      - type: aws/metrics
-        title: Collect metrics from CloudWatch
-        description: Collecting metrics from AWS CloudWatch
-        input_group: metrics
-    icons:
-      - src: /img/logo_cloudwatch.svg
-        title: AWS CloudWatch logo
-        size: 32x32
-        type: image/svg+xml
-  - name: dynamodb
-    title: AWS DynamoDB Metrics
-    description: Collect metrics from Amazon DynamoDB service with Elastic Agent
-    data_streams:
-      - dynamodb
-    categories:
-      - datastore
-    inputs:
-      - type: aws/metrics
-        title: Collect dynamodb metrics
-        description: Collect dynamodb metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_dynamodb.svg
-        title: AWS DynamoDB logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-dynamodb-overview.png
-        title: metricbeat aws dynamodb overview
-        size: 2640x2240
-        type: image/png
-  - name: ebs
-    title: AWS EBS Metrics
-    description: Collect metrics from Amazon Elastic Block Storage service with Elastic Agent
-    data_streams:
-      - ebs
-    categories:
-      - datastore
-    inputs:
-      - type: aws/metrics
-        title: Collect EBS metrics
-        description: Collect EBS metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_ebs.svg
-        title: AWS EBS logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-ebs-overview.png
-        title: metricbeat aws ebs overview
-        size: 2640x2240
-        type: image/png
   - name: ec2
     title: AWS EC2
     description: Collect logs and metrics from Amazon Elastic Compute Cloud service with Elastic Agent
     data_streams:
-      - ec2_logs
       - ec2_metrics
     inputs:
-      - type: aws-s3
-        title: Collect logs from EC2 service
-        description: Collecting EC2 logs using aws-s3 input
-        input_group: logs
       - type: aws/metrics
         title: Collect metrics from EC2 service
         description: Collecting EC2 metrics using AWS CloudWatch
@@ -213,275 +98,5 @@ policy_templates:
         title: metricbeat aws ec2 overview
         size: 2640x2240
         type: image/png
-  - name: elb
-    title: AWS ELB
-    description: Collect logs and metrics from Amazon Elastic Load Balancing service with Elastic Agent
-    data_streams:
-      - elb_logs
-      - elb_metrics
-    categories:
-      - network
-    inputs:
-      - type: aws-s3
-        title: Collect logs from ELB service
-        description: Collecting ELB logs using aws-s3 input
-        input_group: logs
-      - type: aws/metrics
-        title: Collect metrics from ELB service
-        description: Collecting ELB metrics using AWS CloudWatch
-        input_group: metrics
-    icons:
-      - src: /img/logo_elb.svg
-        title: AWS ELB logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-elb-overview.png
-        title: metricbeat aws elb overview
-        size: 2640x2240
-        type: image/png
-      - src: /img/filebeat-aws-elb-overview.png
-        title: filebeat aws elb overview
-        size: 1684x897
-        type: image/png
-  - name: lambda
-    title: AWS Lambda Metrics
-    description: Collect metrics from AWS Lambda service with Elastic Agent
-    data_streams:
-      - lambda
-    inputs:
-      - type: aws/metrics
-        title: Collect Lambda metrics
-        description: Collect Lambda metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_lambda.svg
-        title: AWS Lambda logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-lambda-overview.png
-        title: metricbeat aws lambda overview
-        size: 2640x2240
-        type: image/png
-  - name: natgateway
-    title: AWS NAT Gateway Metrics
-    description: Collect metrics from Amazon NAT Gateways with Elastic Agent
-    data_streams:
-      - natgateway
-    categories:
-      - network
-    inputs:
-      - type: aws/metrics
-        title: Collect NATGateway metrics
-        description: Collect NATGateway metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_natgateway.svg
-        title: AWS NATGateway logo
-        size: 32x32
-        type: image/svg+xml
-  - name: rds
-    title: AWS RDS Metrics
-    description: Collect metrics from Amazon Relational Database Service with Elastic Agent
-    data_streams:
-      - rds
-    categories:
-      - datastore
-    inputs:
-      - type: aws/metrics
-        title: Collect RDS metrics
-        description: Collect RDS metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_rds.svg
-        title: AWS RDS logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-rds-overview.png
-        title: metricbeat aws rds overview
-        size: 2640x2240
-        type: image/png
-  - name: s3
-    title: AWS S3
-    description: Collect logs and metrics from Amazon Simple Storage Service with Elastic Agent
-    data_streams:
-      - s3_daily_storage
-      - s3_request
-      - s3access
-    categories:
-      - datastore
-      - security
-    inputs:
-      - type: aws-s3
-        title: Collect S3 access logs
-        description: Collecting S3 access logs using aws-s3 input
-        input_group: logs
-      - type: aws/metrics
-        title: Collect metrics from S3
-        description: Collecting S3 metrics using AWS CloudWatch
-        input_group: metrics
-    icons:
-      - src: /img/logo_s3.svg
-        title: AWS S3 logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-s3-overview.png
-        title: metricbeat aws s3 overview
-        size: 2640x2240
-        type: image/png
-      - src: /img/filebeat-aws-s3access-overview.png
-        title: filebeat aws s3access overview
-        size: 1684x897
-        type: image/png
-  - name: s3_storage_lens
-    title: AWS S3 Storage Lens
-    description: Collect metrics from AWS S3 Storage Lens with Elastic Agent
-    data_streams:
-      - s3_storage_lens
-    categories:
-      - datastore
-    inputs:
-      - type: aws/metrics
-        title: Collect metrics from AWS S3 Storage Lens
-        description: Collecting AWS S3 Storage Lens metrics using AWS CloudWatch
-        input_group: metrics
-    icons:
-      - src: /img/logo_s3_storage_lens.svg
-        title: AWS S3 storage lens logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-s3-storage-lens-overview.png
-        title: metricbeat aws s3 storage lens overview
-        size: 2640x2240
-        type: image/png
-  - name: sns
-    title: AWS SNS Metrics
-    description: Collect metrics from Amazon Simple Notification Service with Elastic Agent
-    data_streams:
-      - sns
-    inputs:
-      - type: aws/metrics
-        title: Collect SNS metrics
-        description: Collect SNS metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_sns.svg
-        title: AWS SNS logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-sns-overview.png
-        title: metricbeat aws sns overview
-        size: 2640x2240
-        type: image/png
-  - name: sqs
-    title: AWS SQS Metrics
-    description: Collect metrics from Amazon Simple Queue Service with Elastic Agent
-    data_streams:
-      - sqs
-    inputs:
-      - type: aws/metrics
-        title: Collect SQS metrics
-        description: Collect SQS metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_sqs.svg
-        title: AWS SQS logo
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-aws-sqs-overview.png
-        title: metricbeat aws sqs overview
-        size: 2640x2240
-        type: image/png
-  - name: transitgateway
-    title: AWS Transit Gateway Metrics
-    description: Collect metrics from AWS Transit Gateways with Elastic Agent
-    data_streams:
-      - transitgateway
-    categories:
-      - network
-    inputs:
-      - type: aws/metrics
-        title: Collect Transit Gateway metrics
-        description: Collect Transit Gateway metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_transitgateway.svg
-        title: AWS Transit Gateway logo
-        size: 32x32
-        type: image/svg+xml
-  - name: usage
-    title: AWS Usage Metrics
-    description: Collect usage metrics from Amazon Web Services with Elastic Agent
-    data_streams:
-      - usage
-    inputs:
-      - type: aws/metrics
-        title: Collect Usage metrics
-        description: Collect Usage metrics
-        input_group: metrics
-    screenshots:
-      - src: /img/metricbeat-aws-usage-overview.png
-        title: metricbeat aws sns overview
-        size: 2640x2240
-        type: image/png
-  - name: vpcflow
-    title: AWS VPC Flow Logs
-    description: Collect VPC flow logs from Amazon Web Services with Elastic Agent
-    data_streams:
-      - vpcflow
-    categories:
-      - network
-      - security
-    inputs:
-      - type: aws-s3
-        title: Collect VPC Flow logs
-        description: Collecting VPC Flow logs using aws-s3 input
-        input_group: logs
-    icons:
-      - src: /img/logo_vpcflow.svg
-        title: AWS VPC logo
-        size: 32x32
-        type: image/svg+xml
-  - name: vpn
-    title: AWS VPN Metrics
-    description: Collect VPN metrics from Amazon Web Services with Elastic Agent
-    data_streams:
-      - vpn
-    categories:
-      - network
-    inputs:
-      - type: aws/metrics
-        title: Collect VPN metrics
-        description: Collect VPN metrics
-        input_group: metrics
-    icons:
-      - src: /img/logo_vpn.svg
-        title: AWS VPN logo
-        size: 32x32
-        type: image/svg+xml
-  - name: waf
-    title: AWS WAF Logs
-    description: Collect AWS WAF logs
-    data_streams:
-      - waf
-    categories:
-      - network
-      - security
-    inputs:
-      - type: aws-s3
-        title: Collect WAF logs
-        description: Collecting WAF logs using aws-s3 input
-        input_group: logs
-    icons:
-      - src: /img/logo_waf.svg
-        title: AWS VPC logo
-        size: 32x32
-        type: image/svg+xml
 owner:
   github: elastic/integrations

From da17901505f261ae96ee4363057bef6a971f2ed6 Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Thu, 16 Dec 2021 10:32:26 +0100
Subject: [PATCH 15/16] Strip k8s

---
 .../kubernetes/_dev/build/docs/README.md      |  93 --------
 .../_dev/build/docs/container-logs.md         |   6 -
 .../kubernetes/_dev/build/docs/events.md      |  16 --
 .../_dev/build/docs/kube-apiserver.md         |  37 ---
 .../build/docs/kube-controller-manager.md     |  12 -
 .../kubernetes/_dev/build/docs/kube-proxy.md  |  12 -
 .../_dev/build/docs/kube-scheduler.md         |  12 -
 .../_dev/build/docs/kube-state-metrics.md     | 132 -----------
 .../kubernetes/_dev/build/docs/kubelet.md     |  48 ----
 .../apiserver/_dev/deploy/k8s/.empty          |   0
 .../_dev/test/system/test-default-config.yml  |   7 -
 .../apiserver/agent/stream/stream.yml.hbs     |  18 --
 .../data_stream/apiserver/fields/agent.yml    | 198 ----------------
 .../apiserver/fields/base-fields.yml          |  12 -
 .../data_stream/apiserver/fields/ecs.yml      |  10 -
 .../data_stream/apiserver/fields/fields.yml   | 203 ----------------
 .../data_stream/apiserver/manifest.yml        |  44 ----
 .../data_stream/apiserver/sample_event.json   |  62 -----
 .../container/_dev/deploy/k8s/.empty          |   0
 .../_dev/test/system/test-default-config.yml  |   7 -
 .../container/agent/stream/stream.yml.hbs     |  11 -
 .../data_stream/container/fields/agent.yml    | 199 ----------------
 .../container/fields/base-fields.yml          |  98 --------
 .../data_stream/container/fields/ecs.yml      |  10 -
 .../data_stream/container/fields/fields.yml   | 199 ----------------
 .../data_stream/container/manifest.yml        |  43 ----
 .../data_stream/container/sample_event.json   | 150 ------------
 .../agent/stream/stream.yml.hbs               |   7 -
 .../container_logs/fields/agent.yml           | 200 ----------------
 .../container_logs/fields/base-fields.yml     | 104 ---------
 .../data_stream/container_logs/fields/ecs.yml |  18 --
 .../data_stream/container_logs/manifest.yml   |  21 --
 .../controllermanager/_dev/deploy/k8s/.empty  |   0
 .../_dev/test/system/test-default-config.yml  |   8 -
 .../agent/stream/stream.yml.hbs               |  14 --
 .../controllermanager/fields/agent.yml        | 198 ----------------
 .../controllermanager/fields/base-fields.yml  |  90 --------
 .../controllermanager/fields/ecs.yml          |  10 -
 .../controllermanager/fields/fields.yml       | 159 -------------
 .../controllermanager/manifest.yml            |  51 -----
 .../controllermanager/sample_event.json       |  93 --------
 .../event/agent/stream/stream.yml.hbs         |   6 -
 .../data_stream/event/fields/agent.yml        | 198 ----------------
 .../data_stream/event/fields/base-fields.yml  |  90 --------
 .../data_stream/event/fields/ecs.yml          |   8 -
 .../data_stream/event/fields/fields.yml       | 108 ---------
 .../kubernetes/data_stream/event/manifest.yml |  28 ---
 .../data_stream/event/sample_event.json       |  78 -------
 .../data_stream/node/_dev/deploy/k8s/.empty   |   0
 .../_dev/test/system/test-default-config.yml  |   7 -
 .../node/agent/stream/stream.yml.hbs          |  11 -
 .../data_stream/node/fields/agent.yml         | 198 ----------------
 .../data_stream/node/fields/base-fields.yml   |  91 --------
 .../data_stream/node/fields/ecs.yml           |  10 -
 .../data_stream/node/fields/fields.yml        | 198 ----------------
 .../kubernetes/data_stream/node/manifest.yml  |  43 ----
 .../data_stream/node/sample_event.json        | 148 ------------
 .../data_stream/proxy/_dev/deploy/k8s/.empty  |   0
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../proxy/agent/stream/stream.yml.hbs         |   6 -
 .../data_stream/proxy/fields/agent.yml        | 198 ----------------
 .../data_stream/proxy/fields/base-fields.yml  |  12 -
 .../data_stream/proxy/fields/ecs.yml          |  10 -
 .../data_stream/proxy/fields/fields.yml       | 127 ----------
 .../kubernetes/data_stream/proxy/manifest.yml |  22 --
 .../data_stream/proxy/sample_event.json       | 216 ------------------
 .../scheduler/_dev/deploy/k8s/.empty          |   0
 .../_dev/test/system/test-default-config.yml  |   8 -
 .../scheduler/agent/stream/stream.yml.hbs     |  12 -
 .../data_stream/scheduler/fields/agent.yml    | 198 ----------------
 .../scheduler/fields/base-fields.yml          |  90 --------
 .../data_stream/scheduler/fields/ecs.yml      |  10 -
 .../data_stream/scheduler/fields/fields.yml   | 163 -------------
 .../data_stream/scheduler/manifest.yml        |  51 -----
 .../data_stream/scheduler/sample_event.json   |  79 -------
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../state_container/fields/agent.yml          | 199 ----------------
 .../state_container/fields/base-fields.yml    |  98 --------
 .../state_container/fields/ecs.yml            |  12 -
 .../state_container/fields/fields.yml         |  66 ------
 .../data_stream/state_container/manifest.yml  |  37 ---
 .../state_container/sample_event.json         |  80 -------
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../state_cronjob/agent/stream/stream.yml.hbs |  11 -
 .../state_cronjob/fields/agent.yml            | 198 ----------------
 .../state_cronjob/fields/base-fields.yml      |  93 --------
 .../data_stream/state_cronjob/fields/ecs.yml  |  10 -
 .../state_cronjob/fields/fields.yml           |  43 ----
 .../data_stream/state_cronjob/manifest.yml    |  37 ---
 .../state_cronjob/sample_event.json           |  66 ------
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../state_daemonset/fields/agent.yml          | 198 ----------------
 .../state_daemonset/fields/base-fields.yml    |  90 --------
 .../state_daemonset/fields/ecs.yml            |  10 -
 .../state_daemonset/fields/fields.yml         |  31 ---
 .../data_stream/state_daemonset/manifest.yml  |  37 ---
 .../state_daemonset/sample_event.json         |  62 -----
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../state_deployment/fields/agent.yml         | 198 ----------------
 .../state_deployment/fields/base-fields.yml   |  92 --------
 .../state_deployment/fields/ecs.yml           |  10 -
 .../state_deployment/fields/fields.yml        |  30 ---
 .../data_stream/state_deployment/manifest.yml |  37 ---
 .../state_deployment/sample_event.json        |  63 -----
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../state_job/agent/stream/stream.yml.hbs     |   7 -
 .../data_stream/state_job/fields/agent.yml    | 198 ----------------
 .../state_job/fields/base-fields.yml          |  90 --------
 .../data_stream/state_job/fields/ecs.yml      |  10 -
 .../data_stream/state_job/fields/fields.yml   |  76 ------
 .../data_stream/state_job/manifest.yml        |  30 ---
 .../data_stream/state_job/sample_event.json   |  72 ------
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../state_node/agent/stream/stream.yml.hbs    |  10 -
 .../data_stream/state_node/fields/agent.yml   | 198 ----------------
 .../state_node/fields/base-fields.yml         |  91 --------
 .../data_stream/state_node/fields/ecs.yml     |  10 -
 .../data_stream/state_node/fields/fields.yml  |  69 ------
 .../data_stream/state_node/manifest.yml       |  37 ---
 .../data_stream/state_node/sample_event.json  |  88 -------
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  11 -
 .../state_persistentvolume/fields/agent.yml   | 198 ----------------
 .../fields/base-fields.yml                    |  90 --------
 .../state_persistentvolume/fields/ecs.yml     |  10 -
 .../state_persistentvolume/fields/fields.yml  |  18 --
 .../state_persistentvolume/manifest.yml       |  37 ---
 .../state_persistentvolume/sample_event.json  |  60 -----
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../fields/agent.yml                          | 198 ----------------
 .../fields/base-fields.yml                    |  90 --------
 .../fields/ecs.yml                            |  10 -
 .../fields/fields.yml                         |  24 --
 .../state_persistentvolumeclaim/manifest.yml  |  37 ---
 .../sample_event.json                         |  60 -----
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../state_pod/agent/stream/stream.yml.hbs     |  10 -
 .../data_stream/state_pod/fields/agent.yml    | 198 ----------------
 .../state_pod/fields/base-fields.yml          |  97 --------
 .../data_stream/state_pod/fields/ecs.yml      |  12 -
 .../data_stream/state_pod/fields/fields.yml   |  26 ---
 .../data_stream/state_pod/manifest.yml        |  37 ---
 .../data_stream/state_pod/sample_event.json   |  69 ------
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../state_replicaset/fields/agent.yml         | 198 ----------------
 .../state_replicaset/fields/base-fields.yml   |  92 --------
 .../state_replicaset/fields/ecs.yml           |  10 -
 .../state_replicaset/fields/fields.yml        |  31 ---
 .../data_stream/state_replicaset/manifest.yml |  37 ---
 .../state_replicaset/sample_event.json        |  69 ------
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../state_resourcequota/fields/agent.yml      | 198 ----------------
 .../fields/base-fields.yml                    |  90 --------
 .../state_resourcequota/fields/ecs.yml        |  10 -
 .../state_resourcequota/fields/fields.yml     |  24 --
 .../state_resourcequota/manifest.yml          |  37 ---
 .../state_resourcequota/sample_event.json     |  56 -----
 .../state_service/agent/stream/stream.yml.hbs |  10 -
 .../state_service/fields/agent.yml            | 198 ----------------
 .../state_service/fields/base-fields.yml      |  90 --------
 .../data_stream/state_service/fields/ecs.yml  |  10 -
 .../state_service/fields/fields.yml           |  31 ---
 .../data_stream/state_service/manifest.yml    |  37 ---
 .../state_service/sample_event.json           |  62 -----
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../state_statefulset/fields/agent.yml        | 198 ----------------
 .../state_statefulset/fields/base-fields.yml  |  91 --------
 .../state_statefulset/fields/ecs.yml          |  10 -
 .../state_statefulset/fields/fields.yml       |  40 ----
 .../state_statefulset/manifest.yml            |  37 ---
 .../state_statefulset/sample_event.json       |  62 -----
 .../_dev/test/system/test-default-config.yml  |   6 -
 .../agent/stream/stream.yml.hbs               |  10 -
 .../state_storageclass/fields/agent.yml       | 198 ----------------
 .../state_storageclass/fields/base-fields.yml |  90 --------
 .../state_storageclass/fields/ecs.yml         |  10 -
 .../state_storageclass/fields/fields.yml      |  19 --
 .../state_storageclass/manifest.yml           |  37 ---
 .../state_storageclass/sample_event.json      |  59 -----
 .../data_stream/system/_dev/deploy/k8s/.empty |   0
 .../_dev/test/system/test-default-config.yml  |   7 -
 .../system/agent/stream/stream.yml.hbs        |  11 -
 .../data_stream/system/fields/agent.yml       | 198 ----------------
 .../data_stream/system/fields/base-fields.yml |  91 --------
 .../data_stream/system/fields/ecs.yml         |  10 -
 .../data_stream/system/fields/fields.yml      |  74 ------
 .../data_stream/system/manifest.yml           |  43 ----
 .../data_stream/system/sample_event.json      | 101 --------
 .../data_stream/volume/_dev/deploy/k8s/.empty |   0
 .../_dev/test/system/test-default-config.yml  |   7 -
 .../volume/agent/stream/stream.yml.hbs        |  11 -
 .../data_stream/volume/fields/agent.yml       | 198 ----------------
 .../data_stream/volume/fields/base-fields.yml |  90 --------
 .../data_stream/volume/fields/ecs.yml         |  10 -
 .../data_stream/volume/fields/fields.yml      |  65 ------
 .../data_stream/volume/manifest.yml           |  43 ----
 .../data_stream/volume/sample_event.json      |  99 --------
 .../with-kind/kubernetes/manifest.yml         | 156 -------------
 205 files changed, 12641 deletions(-)
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/README.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/container-logs.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/events.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/kube-apiserver.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/kube-controller-manager.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/kube-proxy.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/kube-scheduler.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/kube-state-metrics.md
 delete mode 100644 test/packages/with-kind/kubernetes/_dev/build/docs/kubelet.md
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/apiserver/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container_logs/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container_logs/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container_logs/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/container_logs/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/controllermanager/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/event/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/event/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/event/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/event/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/event/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/event/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/event/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/node/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/proxy/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/scheduler/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_container/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_cronjob/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_daemonset/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_deployment/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_job/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_node/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_pod/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_replicaset/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_resourcequota/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_service/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_service/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_service/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_service/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_service/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_service/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_statefulset/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/state_storageclass/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/system/sample_event.json
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/fields/agent.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/fields/base-fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/fields/ecs.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/fields/fields.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/manifest.yml
 delete mode 100644 test/packages/with-kind/kubernetes/data_stream/volume/sample_event.json

diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/README.md b/test/packages/with-kind/kubernetes/_dev/build/docs/README.md
deleted file mode 100644
index 871364996..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/README.md
+++ /dev/null
@@ -1,93 +0,0 @@
-# Kubernetes integration
-
-This integration is used to collect logs and metrics from 
-[Kubernetes clusters](https://kubernetes.io/).
-
-As one of the main pieces provided for Kubernetes monitoring, this integration is capable of fetching metrics from several components:
-
-- [kubelet](https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/)
-- [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics)
-- [apiserver](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/)
-- [controller-manager](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/)
-- [scheduler](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-scheduler/)
-- [proxy](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/)
-
-Some of the previous components are running on each of the Kubernetes nodes (like `kubelet` or `proxy`) while others provide
-a single cluster-wide endpoint. This is important to determine the optimal configuration and running strategy
-for the different datasets included in the integration.
-
-
-#### Kubernetes endpoints and metricsets
-
-Kubernetes module is a bit complex as its internal datasets require access to a wide variety of endpoints.
-
-This section highlights and introduces some groups of datasets with similar endpoint access needs. 
-For more details on the datasets see `configuration example` and the `datasets` sections below.
-
-
-#### node / system / pod / container / module / volume
-
-The datasets `container`, `node`, `pod`, `system` and `volume` require access to the `kubelet endpoint` in each of
-the Kubernetes nodes, hence it's recommended to include them as part
-of an `Agent DaemonSet` or standalone Agents running on the hosts.
-
-Depending on the version and configuration of Kubernetes nodes, `kubelet` might provide a read only http port (typically 10255),
-which is used in some configuration examples. But in general, and lately, this endpoint requires SSL (`https`) access
-(to port 10250 by default) and token based authentication.
-
-
-##### state_* and event
-
-All datasets with the `state_` prefix require `hosts` field pointing to `kube-state-metrics`
-service within the cluster. As the service provides cluster-wide metrics, there's no need to fetch them per node,
-hence the recommendation is to run these datasets as part of an `Agent Deployment` with one only replica.
-
-Note: Kube-state-metrics is not deployed by default in Kubernetes. For these cases the instructions for its
-deployment are available [here](https://github.com/kubernetes/kube-state-metrics#kubernetes-deployment). 
-Generally `kube-state-metrics` runs a `Deployment` and is accessible via a service called `kube-state-metrics` on
-`kube-system` namespace, which will be the service to use in our configuration.
-
-state_* datasets are not enabled by default.
-
-#### apiserver
-
-The apiserver dataset requires access to the Kubernetes API, which should be easily available in all Kubernetes
-environments. Depending on the Kubernetes configuration, the API access might require SSL (`https`) and token
-based authentication.
-
-#### proxy
-
-The proxy dataset requires access to the proxy endpoint in each of Kubernetes nodes, hence it's recommended
-to configure it as a part of an `Agent DaemonSet`.
-
-#### scheduler and controllermanager
-
-These datasets require access to the Kubernetes `controller-manager` and `scheduler` endpoints. By default, these pods
-run only on master nodes, and they are not exposed via a Service, but there are different strategies
-available for its configuration:
-
-- Create `Kubernetes Services` to make `kube-controller-manager` and `kube-scheduler` available and configure
- the datasets to point to these services as part of an `Agent Deployment`.
-- Run these datasets as part an `Agent Daemonset` (with HostNetwork setting) with a `nodeSelector` to only run on Master nodes.
-
-These datasets are not enabled by default.
-
-Note: In some "As a Service" Kubernetes implementations, like `GKE`, the master nodes or even the pods running on
-the masters won't be visible. In these cases it won't be possible to use `scheduler` and `controllermanager` metricsets.
-
-#### container-logs
-
-The container-logs dataset requires access to the log files in each Kubernetes node where the container logs are stored.
-This defaults to `/var/log/containers/*${kubernetes.container.id}.log`.
-
-## Compatibility
-
-The Kubernetes package is tested with Kubernetes 1.13.x, 1.14.x, 1.15.x, 1.16.x, 1.17.x, and 1.18.x
-
-## Dashboard
-
-Kubernetes integration is shipped including default dashboards for `apiserver`, `controllermanager`, `overview`, `proxy` and `scheduler`.
-
-If you are using HA for those components, be aware that when gathering data from all instances the dashboard will usually show the average of the metrics. For those scenarios filtering by hosts or service address is possible.
-
-Cluster selector in `overview` dashboard helps in distinguishing and filtering metrics collected from multiple clusters. If you want to focus on a subset of the Kubernetes clusters for monitoring a specific scenario, this cluster selector could be a handy tool. Note that this selector gets populated from the `orchestrator.cluster.name` field that may not always be available. This field gets its value from sources like `kube_config`, `kubeadm-config` configMap, and Google Cloud's meta API for GKE. If the sources mentioned above don't provide this value, metricbeat will not report it. However, you can always use [processors](https://www.elastic.co/guide/en/beats/metricbeat/current/defining-processors.html) to set this field and utilize it in the `cluster overview` dashboard.
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/container-logs.md b/test/packages/with-kind/kubernetes/_dev/build/docs/container-logs.md
deleted file mode 100644
index 3595e1c26..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/container-logs.md
+++ /dev/null
@@ -1,6 +0,0 @@
-# container-logs
-
-container-logs integration collects and parses logs of Kubernetes containers.
-
-It requires access to the log files in each Kubernetes node where the container logs are stored.
-This defaults to `/var/log/containers/*${kubernetes.container.id}.log`.
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/events.md b/test/packages/with-kind/kubernetes/_dev/build/docs/events.md
deleted file mode 100644
index bd2ce5a22..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/events.md
+++ /dev/null
@@ -1,16 +0,0 @@
-# events
-
-## Metrics
-
-### event
-
-This is the `event` dataset of the Kubernetes package. It collects Kubernetes events
-related metrics.
-
-If Leader Election is activated (default behaviour) only the `elastic agent` which holds the leadership lock
-will retrieve events related metrics.
-This is relevant in multi-node kubernetes cluster and prevents duplicate data.
-
-{{event "event"}}
-
-{{fields "event"}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-apiserver.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-apiserver.md
deleted file mode 100644
index a28c98cc0..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-apiserver.md
+++ /dev/null
@@ -1,37 +0,0 @@
-# kube-apiserver
-
-## Metrics
-
-### apiserver
-
-This is the `apiserver` dataset of the Kubernetes package, in charge of retrieving metrics
-from the Kubernetes API (available at `/metrics`).
-
-This metricset needs access to the `apiserver` component of Kubernetes, accessible typically
-by any POD via the `kubernetes.default` service or via environment
-variables (`KUBERNETES_SERVICE_HOST` and `KUBERNETES_SERVICE_PORT`).
-
-If Leader Election is activated (default behaviour) only the `elastic agent` which holds the leadership lock
-will retrieve metrics from the `apiserver`.
-This is relevant in multi-node kubernetes cluster and prevents duplicate data.
-
-When the API uses https, the pod will need to authenticate using its default token and trust
-the server using the appropriate CA file.
-
-Configuration example using https and token based authentication:
-
-
-In order to access the `/metrics` path of the API service, some Kubernetes environments might
-require the following permission to be added to a ClusterRole.
-
-```yaml
-rules:
-- nonResourceURLs:
-  - /metrics
-  verbs:
-  - get
-```
-
-{{event "apiserver"}}
-
-{{fields "apiserver"}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-controller-manager.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-controller-manager.md
deleted file mode 100644
index 01faeab81..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-controller-manager.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# kube-controller-manager
-
-## Metrics
-
-### controllermanager
-
-This is the `controllermanager` dataset for the Kubernetes package. It collects from
-Kubernetes controller component `metrics` endpoint.
-
-{{event "controllermanager"}}
-
-{{fields "controllermanager"}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-proxy.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-proxy.md
deleted file mode 100644
index 6df5baf0c..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-proxy.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# kube-proxy
-
-## Metrics
-
-### proxy
-
-This is the `proxy` dataset of the Kubernetes package. It collects metrics
-from Kubernetes Proxy component.
-
-{{event "proxy"}}
-
-{{fields "proxy"}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-scheduler.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-scheduler.md
deleted file mode 100644
index bfd8b65c2..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-scheduler.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# kube-scheduler
-
-## Metrics
-
-### scheduler
-
-This is the `scheduler` dataset of the Kubernetes package. It collects metrics
-from Kubernetes Scheduler component.
-
-{{event "scheduler"}}
-
-{{fields "scheduler"}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-state-metrics.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kube-state-metrics.md
deleted file mode 100644
index 4358201cd..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/kube-state-metrics.md
+++ /dev/null
@@ -1,132 +0,0 @@
-# kube-state-metrics
-
-## Metrics
-
-If Leader Election is activated (default behaviour) only the `elastic agent` which holds the leadership lock
-will retrieve metrics from the `kube_state_metrics`.
-This is relevant in multi-node kubernetes cluster and prevents duplicate data.
-
-### state_container
-
-This is the `state_container` dataset of the Kubernetes package. It collects container related
-metrics from `kube_state_metrics`.
-
-{{event "state_container"}}
-
-{{fields "state_container"}}
-
-### state_cronjob
-
-This is the `state_cronjob` dataset of the Kubernetes package. It collects cronjob related
-metrics from `kube_state_metrics`.
-
-{{event "state_cronjob"}}
-
-{{fields "state_cronjob"}}
-
-### state_daemonset
-
-This is the `state_daemonset` dataset of the Kubernetes package. It collects daemonset related
-metrics from `kube_state_metrics`.
-
-{{event "state_daemonset"}}
-
-{{fields "state_daemonset"}}
-
-### state_deployment
-
-This is the `state_deployment` dataset of the Kubernetes package. It collects deployment related
-metrics from `kube_state_metrics`.
-
-{{event "state_deployment"}}
-
-{{fields "state_deployment"}}
-
-### state_job
-
-This is the `state_job` dataset of the Kubernetes package. It collects job related
-metrics from `kube_state_metrics`.
-
-{{event "state_job"}}
-
-{{fields "state_job"}}
-
-### state_node
-
-This is the `state_node` dataset of the Kubernetes package. It collects node related
-metrics from `kube_state_metrics`.
-
-{{event "state_node"}}
-
-{{fields "state_node"}}
-
-### state_persistentvolume
-
-This is the `state_persistentvolume` dataset of the Kubernetes package. It collects 
-PersistentVolume related metrics from `kube_state_metrics`.
-
-{{event "state_persistentvolume"}}
-
-{{fields "state_persistentvolume"}}
-
-### state_persistentvolumeclaim
-
-This is the `state_persistentvolumeclaim` dataset of the Kubernetes package. It collects 
-PersistentVolumeClaim related metrics from `kube_state_metrics`.
-
-{{event "state_persistentvolumeclaim"}}
-
-{{fields "state_persistentvolumeclaim"}}
-
-### state_pod
-
-This is the `state_pod` dataset of the Kubernetes package. It collects 
-Pod related metrics from `kube_state_metrics`.
-
-{{event "state_pod"}}
-
-{{fields "state_pod"}}
-
-### state_replicaset
-
-This is the `state_replicaset` dataset of the Kubernetes package. It collects 
-Replicaset related metrics from `kube_state_metrics`.
-
-{{event "state_replicaset"}}
-
-{{fields "state_replicaset"}}
-
-### state_resourcequota
-
-This is the `state_resourcequota` dataset of the Kubernetes package. It collects ResourceQuota related metrics
-from `kube_state_metrics`.
-
-{{event "state_resourcequota"}}
-
-{{fields "state_resourcequota"}}
-
-### state_service
-
-This is the `state_service` dataset of the Kubernetes package. It collects 
-Service related metrics from `kube_state_metrics`.
-
-{{event "state_service"}}
-
-{{fields "state_service"}}
-
-### state_statefulset
-
-This is the `state_statefulset` dataset of the Kubernetes package.
-
-{{event "state_statefulset"}}
-
-{{fields "state_statefulset"}}
-
-### state_storageclass
-
-This is the `state_storageclass` dataset of the Kubernetes package. It collects 
-StorageClass related metrics from `kube_state_metrics`.
-
-{{event "state_storageclass"}}
-
-{{fields "state_storageclass"}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/_dev/build/docs/kubelet.md b/test/packages/with-kind/kubernetes/_dev/build/docs/kubelet.md
deleted file mode 100644
index 54e684a86..000000000
--- a/test/packages/with-kind/kubernetes/_dev/build/docs/kubelet.md
+++ /dev/null
@@ -1,48 +0,0 @@
-# kubelet
-
-## Metrics
-
-### container
-
-This is the `container` dataset of the Kubernetes package. It collects container related metrics
-from Kubelet's monitoring APIs.
-
-{{event "container"}}
-
-{{fields "container"}}
-
-### node
-
-This is the `node` dataset of the Kubernetes package. It collects Node related metrics
-from Kubelet's monitoring APIs.
-
-{{event "node"}}
-
-{{fields "node"}}
-
-### pod
-
-This is the `pod` dataset of the Kubernetes package. It collects Pod related metrics
-from Kubelet's monitoring APIs.
-
-{{event "pod"}}
-
-{{fields "pod"}}
-
-### system
-
-This is the `system` dataset of the Kubernetes package. It collects System related metrics
-from Kubelet's monitoring APIs.
-
-{{event "system"}}
-
-{{fields "system"}}
-
-### volume
-
-This is the `volume` dataset of the Kubernetes package. It collects Volume related metrics
-from Kubelet's monitoring APIs.
-
-{{event "volume"}}
-
-{{fields "volume"}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml
deleted file mode 100644
index cf6f20d0c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-    period: 5s
-    hosts:
-      - https://kubernetes.default:443
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs
deleted file mode 100644
index 46426492a..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,18 +0,0 @@
-metricsets: ["apiserver"]
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
-
-{{#if bearer_token_file}}
-bearer_token_file: {{bearer_token_file}}
-ssl.certificate_authorities:
-{{#each ssl.certificate_authorities}}
-  - {{this}}
-{{/each}}
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/base-fields.yml
deleted file mode 100644
index 7c798f453..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/base-fields.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/fields.yml
deleted file mode 100644
index 8ec75318f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/fields/fields.yml
+++ /dev/null
@@ -1,203 +0,0 @@
-- name: kubernetes.apiserver
-  type: group
-  fields:
-    - name: request.client
-      dimension: true
-      type: keyword
-      description: |
-        Client executing requests
-    - name: request.resource
-      dimension: true
-      type: keyword
-      description: |
-        Requested resource
-    - name: request.subresource
-      dimension: true
-      type: keyword
-      description: |
-        Requested subresource
-    - name: request.scope
-      dimension: true
-      type: keyword
-      description: |
-        Request scope (cluster, namespace, resource)
-    - name: request.verb
-      dimension: true
-      type: keyword
-      description: |
-        HTTP verb
-    - name: request.code
-      dimension: true
-      type: keyword
-      description: |
-        HTTP code
-    - name: request.content_type
-      type: keyword
-      description: |
-        Request HTTP content type
-    - name: request.dry_run
-      type: keyword
-      description: |
-        Wether the request uses dry run
-    - name: request.kind
-      dimension: true
-      type: keyword
-      description: |
-        Kind of request
-    - name: request.component
-      dimension: true
-      type: keyword
-      description: |
-        Component handling the request
-    - name: request.group
-      dimension: true
-      type: keyword
-      description: |
-        API group for the resource
-    - name: request.version
-      dimension: true
-      type: keyword
-      description: |
-        version for the group
-    - name: request.handler
-      dimension: true
-      type: keyword
-      description: |
-        Request handler
-    - name: request.method
-      dimension: true
-      type: keyword
-      description: |
-        HTTP method
-    - name: request.host
-      dimension: true
-      type: keyword
-      description: |
-        Request host
-    - name: process
-      type: group
-      fields:
-        - name: cpu.sec
-          type: double
-          metric_type: counter
-          description: CPU seconds
-        - name: memory.resident.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in resident memory
-        - name: memory.virtual.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in virtual memory
-        - name: fds.open.count
-          type: long
-          metric_type: gauge
-          description: Number of open file descriptors
-        - name: started.sec
-          type: double
-          metric_type: gauge
-          description: Seconds since the process started
-    - name: http
-      type: group
-      fields:
-        - name: request.duration.us.percentile.*
-          type: object
-          description: Request duration microseconds percentiles
-        - name: request.duration.us.sum
-          type: double
-          metric_type: counter
-          unit: micros
-          description: Request duration microseconds cumulative sum
-        - name: request.duration.us.count
-          type: long
-          metric_type: counter
-          unit: micros
-          description: Request count for duration
-        - name: request.size.bytes.percentile.*
-          type: object
-          description: Request size percentiles
-        - name: request.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Request size cumulative sum
-        - name: request.size.bytes.count
-          type: long
-          unit: byte
-          metric_type: counter
-          description: Request count for size
-        - name: response.size.bytes.percentile.*
-          type: object
-          description: Response size percentiles
-        - name: response.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Response size cumulative sum
-        - name: response.size.bytes.count
-          type: long
-          metric_type: counter
-          description: Response count
-        - name: request.count
-          type: long
-          metric_type: counter
-          description: Request count for response
-    - name: client.request.count
-      type: long
-      metric_type: counter
-      description: Number of requests as client
-    - name: request
-      type: group
-      fields:
-        - name: count
-          type: long
-          metric_type: counter
-          description: Number of requests
-        - name: latency.sum
-          type: long
-          metric_type: counter
-          description: Requests latency, sum of latencies in microseconds
-        - name: latency.count
-          type: long
-          metric_type: counter
-          description: Request latency, number of requests
-        - name: latency.bucket.*
-          type: object
-          description: Request latency histogram buckets
-        - name: duration.us.sum
-          type: long
-          metric_type: counter
-          description: Request duration, sum in microseconds
-        - name: duration.us.count
-          type: long
-          metric_type: counter
-          description: Request duration, number of operations
-        - name: duration.us.bucket.*
-          type: object
-          description: Request duration, histogram buckets
-        - name: current.count
-          type: long
-          metric_type: counter
-          description: Inflight requests
-        - name: longrunning.count
-          type: long
-          metric_type: counter
-          description: Number of requests active long running requests
-    - name: etcd.object.count
-      type: long
-      metric_type: gauge
-      description: Number of kubernetes objects at etcd
-    - name: audit.event.count
-      type: long
-      metric_type: counter
-      description: Number of audit events
-    - name: audit.rejected.count
-      type: long
-      metric_type: counter
-      description: Number of audit rejected events
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/apiserver/manifest.yml
deleted file mode 100644
index cb9eac9cb..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/manifest.yml
+++ /dev/null
@@ -1,44 +0,0 @@
-title: Kubernetes API Server metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    vars:
-      - name: bearer_token_file
-        type: text
-        title: Bearer Token File
-        multi: false
-        required: true
-        show_user: true
-        default: /var/run/secrets/kubernetes.io/serviceaccount/token
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - https://${env.KUBERNETES_SERVICE_HOST}:${env.KUBERNETES_SERVICE_PORT}
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 30s
-      - name: ssl.certificate_authorities
-        type: text
-        title: SSL Certificate Authorities
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-    title: Kubernetes API Server metrics
-    description: Collect Kubernetes API Server metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/apiserver/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/apiserver/sample_event.json
deleted file mode 100644
index fda7d3222..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/apiserver/sample_event.json
+++ /dev/null
@@ -1,62 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:30:34.616Z",
-    "metricset": {
-        "name": "apiserver",
-        "period": 30000
-    },
-    "service": {
-        "address": "10.96.0.1:443",
-        "type": "kubernetes"
-    },
-    "event": {
-        "dataset": "kubernetes.apiserver",
-        "module": "kubernetes",
-        "duration": 114780772
-    },
-    "kubernetes": {
-        "apiserver": {
-            "request": {
-                "client": "metrics-server/v0.0.0 (linux/amd64) kubernetes/$Format",
-                "version": "v1",
-                "count": 3,
-                "scope": "cluster",
-                "content_type": "application/vnd.kubernetes.protobuf",
-                "code": "200",
-                "verb": "LIST",
-                "component": "apiserver",
-                "resource": "nodes"
-            }
-        }
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat"
-    },
-    "host": {
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "os": {
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)"
-        }
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/container/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 6c69562d4..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-    period: 5s
-    hosts:
-      - https://{{Hostname}}:10250
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/container/agent/stream/stream.yml.hbs
deleted file mode 100644
index bdfe1999e..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,11 +0,0 @@
-metricsets: ["container"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if bearer_token_file}}
-bearer_token_file: {{bearer_token_file}}
-ssl.verification_mode: {{ssl.verification_mode}}
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/agent.yml
deleted file mode 100644
index d16c88255..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/fields/agent.yml
+++ /dev/null
@@ -1,199 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      dimension: true
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/base-fields.yml
deleted file mode 100644
index 98c09161d..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/fields/base-fields.yml
+++ /dev/null
@@ -1,98 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: daemonset.name
-      type: keyword
-      description: >
-        Kubernetes daemonset name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/container/fields/fields.yml
deleted file mode 100644
index f09af30a3..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/fields/fields.yml
+++ /dev/null
@@ -1,199 +0,0 @@
-- name: kubernetes.container
-  type: group
-  fields:
-    - name: start_time
-      type: date
-      description: |
-        Start time
-    - name: cpu
-      type: group
-      fields:
-        - name: usage
-          type: group
-          fields:
-            - name: core
-              type: group
-              fields:
-                - name: ns
-                  type: long
-                  metric_type: gauge
-                  description: |
-                    Container CPU Core usage nanoseconds
-            - name: nanocores
-              type: long
-              metric_type: gauge
-              description: |
-                CPU used nanocores
-            - name: node.pct
-              type: scaled_float
-              format: percent
-              unit: percent
-              metric_type: gauge
-              description: |
-                CPU usage as a percentage of the total node allocatable CPU
-            - name: limit.pct
-              type: scaled_float
-              format: percent
-              unit: percent
-              metric_type: gauge
-              description: |
-                CPU usage as a percentage of the defined limit for the container (or total node allocatable CPU if unlimited)
-    - name: logs
-      type: group
-      fields:
-        - name: available
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Logs available capacity in bytes
-        - name: capacity
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Logs total capacity in bytes
-        - name: used
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Logs used capacity in bytes
-        - name: inodes
-          type: group
-          fields:
-            - name: count
-              type: long
-              metric_type: gauge
-              description: |
-                Total available inodes
-            - name: free
-              type: long
-              metric_type: gauge
-              description: |
-                Total free inodes
-            - name: used
-              type: long
-              metric_type: gauge
-              description: |
-                Total used inodes
-    - name: memory
-      type: group
-      fields:
-        - name: available
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Total available memory
-        - name: usage
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Total memory usage
-            - name: node.pct
-              type: scaled_float
-              format: percent
-              unit: percent
-              metric_type: gauge
-              description: |
-                Memory usage as a percentage of the total node allocatable memory
-            - name: limit.pct
-              type: scaled_float
-              format: percent
-              unit: percent
-              metric_type: gauge
-              description: |
-                Memory usage as a percentage of the defined limit for the container (or total node allocatable memory if unlimited)
-        - name: rss
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                RSS memory usage
-        - name: workingset
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Working set memory usage
-        - name: pagefaults
-          type: long
-          metric_type: counter
-          description: |
-            Number of page faults
-        - name: majorpagefaults
-          type: long
-          metric_type: counter
-          description: |
-            Number of major page faults
-    - name: rootfs
-      type: group
-      fields:
-        - name: capacity
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Root filesystem total capacity in bytes
-        - name: available
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Root filesystem total available in bytes
-        - name: used
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Root filesystem total used in bytes
-        - name: inodes
-          type: group
-          fields:
-            - name: used
-              type: long
-              metric_type: gauge
-              description: |
-                Used inodes
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/container/manifest.yml
deleted file mode 100644
index 66377c999..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/manifest.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-title: Kubernetes Container metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: bearer_token_file
-        type: text
-        title: Bearer Token File
-        multi: false
-        required: true
-        show_user: true
-        default: /var/run/secrets/kubernetes.io/serviceaccount/token
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - https://${env.NODE_NAME}:10250
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-      - name: ssl.verification_mode
-        type: text
-        title: SSL Verification Mode
-        multi: false
-        required: true
-        show_user: true
-        default: none
-    title: Kubernetes Container metrics
-    description: Collect Kubernetes Container metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/container/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/container/sample_event.json
deleted file mode 100644
index 2bbe7c0a9..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container/sample_event.json
+++ /dev/null
@@ -1,150 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:32:29.748Z",
-    "kubernetes": {
-        "namespace": "kube-system",
-        "node": {
-            "name": "minikube"
-        },
-        "pod": {
-            "name": "metricbeat-g9fc6"
-        },
-        "container": {
-            "rootfs": {
-                "used": {
-                    "bytes": 61440
-                },
-                "inodes": {
-                    "used": 17
-                },
-                "available": {
-                    "bytes": 6724222976
-                },
-                "capacity": {
-                    "bytes": 17361141760
-                }
-            },
-            "logs": {
-                "used": {
-                    "bytes": 1617920
-                },
-                "inodes": {
-                    "count": 9768928,
-                    "used": 223910,
-                    "free": 9545018
-                },
-                "available": {
-                    "bytes": 6724222976
-                },
-                "capacity": {
-                    "bytes": 17361141760
-                }
-            },
-            "start_time": "2020-06-25T07:19:37Z",
-            "name": "metricbeat",
-            "cpu": {
-                "usage": {
-                    "node": {
-                        "pct": 0.00015289625
-                    },
-                    "limit": {
-                        "pct": 0.00015289625
-                    },
-                    "nanocores": 611585,
-                    "core": {
-                        "ns": 12206519774
-                    }
-                }
-            },
-            "memory": {
-                "pagefaults": 10164,
-                "majorpagefaults": 528,
-                "available": {
-                    "bytes": 188600320
-                },
-                "usage": {
-                    "limit": {
-                        "pct": 0.005608354460473573
-                    },
-                    "bytes": 94306304,
-                    "node": {
-                        "pct": 0.005608354460473573
-                    }
-                },
-                "workingset": {
-                    "bytes": 21114880
-                },
-                "rss": {
-                    "bytes": 18386944
-                }
-            }
-        }
-    },
-    "host": {
-        "containerized": false,
-        "ip": [
-            "192.168.64.10",
-            "fe80::a883:2fff:fe7f:6b12",
-            "172.17.0.1",
-            "fe80::42:d4ff:fe8c:9493",
-            "fe80::2859:80ff:fe9e:fcd6",
-            "fe80::d83a:d9ff:fee9:7052",
-            "fe80::880a:b6ff:fe18:ba76",
-            "fe80::f447:faff:fe80:e88b",
-            "fe80::9cc3:ffff:fe95:e48e",
-            "fe80::6c1c:29ff:fe50:d40c",
-            "fe80::b4f3:11ff:fe60:14ed",
-            "fe80::20f2:2aff:fe96:1e7b",
-            "fe80::5434:baff:fede:5720",
-            "fe80::a878:91ff:fe29:81f7"
-        ],
-        "mac": [
-            "aa:83:2f:7f:6b:12",
-            "02:42:d4:8c:94:93",
-            "2a:59:80:9e:fc:d6",
-            "da:3a:d9:e9:70:52",
-            "8a:0a:b6:18:ba:76",
-            "f6:47:fa:80:e8:8b",
-            "9e:c3:ff:95:e4:8e",
-            "6e:1c:29:50:d4:0c",
-            "b6:f3:11:60:14:ed",
-            "22:f2:2a:96:1e:7b",
-            "56:34:ba:de:57:20",
-            "aa:78:91:29:81:f7"
-        ],
-        "hostname": "minikube",
-        "architecture": "x86_64",
-        "os": {
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)"
-        },
-        "name": "minikube",
-        "id": "b0e83d397c054b8a99a431072fe4617b"
-    },
-    "agent": {
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "b964a246-96c0-456a-a5c2-8c8b1040ecaf",
-        "id": "f7ec69f9-4997-4e76-b6c7-0c75206b727a",
-        "name": "minikube"
-    },
-    "metricset": {
-        "period": 10000,
-        "name": "container"
-    },
-    "service": {
-        "address": "minikube:10250",
-        "type": "kubernetes"
-    },
-    "event": {
-        "dataset": "kubernetes.container",
-        "module": "kubernetes",
-        "duration": 11091346
-    },
-    "ecs": {
-        "version": "1.5.0"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs
deleted file mode 100644
index 9432fd0a1..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container_logs/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,7 +0,0 @@
-paths:
-{{#each paths}}
-  - {{this}}
-{{/each}}
-prospector.scanner.symlinks: {{ symlinks }}
-parsers:
-  - container: ~
diff --git a/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/agent.yml
deleted file mode 100644
index 5959b701d..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/agent.yml
+++ /dev/null
@@ -1,200 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      dimension: true
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      dimension: true
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/base-fields.yml
deleted file mode 100644
index 21f9fc16f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/base-fields.yml
+++ /dev/null
@@ -1,104 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: log.offset
-  type: long
-  description: Offset of the entry in the log file.
-- name: log.file.path
-  type: keyword
-  description: Path to the log file.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: daemonset.name
-      type: keyword
-      description: >
-        Kubernetes daemonset name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/ecs.yml
deleted file mode 100644
index f6818be26..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container_logs/fields/ecs.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: error.message
-- external: ecs
-  name: event.ingested
-- external: ecs
-  name: agent.name
-- external: ecs
-  name: agent.type
-- external: ecs
-  name: agent.id
-- external: ecs
-  name: agent.ephemeral_id
-- external: ecs
-  name: agent.version
-- external: ecs
-  name: message
diff --git a/test/packages/with-kind/kubernetes/data_stream/container_logs/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/container_logs/manifest.yml
deleted file mode 100644
index 19bf942d9..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/container_logs/manifest.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-title: "Kubernetes container logs"
-type: logs
-streams:
-  - input: filestream
-    title: Collect Kubernetes container logs
-    description: Collect Kubernetes container logs
-    vars:
-      - name: paths
-        type: text
-        required: true
-        title: Kubernetes container log path
-        multi: true
-        default:
-          - /var/log/containers/*${kubernetes.container.id}.log
-      - name: symlinks
-        type: bool
-        title: Use Symlinks
-        multi: false
-        required: true
-        show_user: true
-        default: true
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 60403494f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    period: 5s
-    hosts:
-      - https://0.0.0.0:10257
-    bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-    ssl.verification_mode: "none"
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs
deleted file mode 100644
index 227746923..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,14 +0,0 @@
-metricsets: ["controllermanager"]
-
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-
-{{#if bearer_token_file}}
-bearer_token_file: {{bearer_token_file}}
-ssl.verification_mode: {{ssl.verification_mode}}
-{{/if}}
-
-condition: ${kubernetes.labels.{{~controller_manager_label_key~}} } == '{{controller_manager_label_value}}'
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/fields.yml
deleted file mode 100644
index 1ef76f93e..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/fields/fields.yml
+++ /dev/null
@@ -1,159 +0,0 @@
-- name: kubernetes.controllermanager
-  type: group
-  fields:
-    - name: handler
-      dimension: true
-      type: keyword
-      description: |
-        Request handler
-    - name: code
-      dimension: true
-      type: keyword
-      description: |
-        HTTP code
-    - name: method
-      dimension: true
-      type: keyword
-      description: |
-        HTTP method
-    - name: host
-      dimension: true
-      type: keyword
-      description: |
-        Request host
-    - name: name
-      dimension: true
-      type: keyword
-      description: |
-        Name for the resource
-    - name: zone
-      dimension: true
-      type: keyword
-      description: |
-        Infrastructure zone
-    - name: process
-      type: group
-      fields:
-        - name: cpu.sec
-          type: double
-          metric_type: counter
-          description: CPU seconds
-        - name: memory.resident.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in resident memory
-        - name: memory.virtual.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in virtual memory
-        - name: fds.open.count
-          type: long
-          metric_type: gauge
-          description: Number of open file descriptors
-        - name: started.sec
-          type: double
-          metric_type: gauge
-          description: Seconds since the process started
-    - name: http
-      type: group
-      fields:
-        - name: request.duration.us.percentile.*
-          type: object
-          description: Request duration microseconds percentiles
-        - name: request.duration.us.sum
-          type: double
-          unit: micros
-          metric_type: counter
-          description: Request duration microseconds cumulative sum
-        - name: request.duration.us.count
-          type: long
-          unit: micros
-          metric_type: counter
-          description: Request count for duration
-        - name: request.size.bytes.percentile.*
-          type: object
-          description: Request size percentiles
-        - name: request.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Request size cumulative sum
-        - name: request.size.bytes.count
-          type: long
-          unit: byte
-          metric_type: counter
-          description: Request count for size
-        - name: response.size.bytes.percentile.*
-          type: object
-          description: Response size percentiles
-        - name: response.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Response size cumulative sum
-        - name: response.size.bytes.count
-          type: long
-          unit: byte
-          metric_type: counter
-          description: Response count
-        - name: request.count
-          type: long
-          metric_type: counter
-          description: Request count for response
-    - name: client.request.count
-      type: long
-      metric_type: counter
-      description: |
-        Number of requests as client
-    - name: workqueue
-      type: group
-      fields:
-        - name: longestrunning.sec
-          type: double
-          metric_type: gauge
-          description: Longest running processors
-        - name: unfinished.sec
-          type: double
-          metric_type: gauge
-          description: Unfinished processors
-        - name: adds.count
-          type: long
-          metric_type: counter
-          description: Workqueue add count
-        - name: depth.count
-          type: long
-          metric_type: gauge
-          description: Workqueue depth count
-        - name: retries.count
-          type: long
-          metric_type: counter
-          description: Workqueue number of retries
-    - name: node.collector
-      type: group
-      fields:
-        - name: eviction.count
-          type: long
-          metric_type: counter
-          description: Number of node evictions
-        - name: unhealthy.count
-          type: long
-          metric_type: gauge
-          description: Number of unhealthy nodes
-        - name: count
-          type: long
-          metric_type: gauge
-          description: Number of nodes
-        - name: health.pct
-          type: long
-          metric_type: gauge
-          description: Percentage of healthy nodes
-    - name: leader.is_master
-      type: boolean
-      description: |
-        Whether the node is master
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/controllermanager/manifest.yml
deleted file mode 100644
index 12e0f56da..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/manifest.yml
+++ /dev/null
@@ -1,51 +0,0 @@
-title: Kubernetes Controller Manager metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: bearer_token_file
-        type: text
-        title: Bearer Token File
-        multi: false
-        required: true
-        show_user: true
-        default: /var/run/secrets/kubernetes.io/serviceaccount/token
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - https://0.0.0.0:10257
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-      - name: ssl.verification_mode
-        type: text
-        title: SSL Verification Mode
-        multi: false
-        required: true
-        show_user: true
-        default: none
-      - name: controller_manager_label_key
-        type: text
-        title: Kubernetes Controller Manager Label key
-        multi: false
-        required: true
-        show_user: false
-        default: component
-      - name: controller_manager_label_value
-        type: text
-        title: Kubernetes Controller Manager Label value
-        multi: false
-        required: true
-        show_user: false
-        default: kube-controller-manager
-    title: Kubernetes Controller Manager metrics
-    description: Collect Kubernetes Controller Manager metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/controllermanager/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/controllermanager/sample_event.json
deleted file mode 100644
index 7aa39a4dd..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/controllermanager/sample_event.json
+++ /dev/null
@@ -1,93 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:33:29.643Z",
-    "kubernetes": {
-        "controllermanager": {
-            "workqueue": {
-                "unfinished": {
-                    "sec": 0
-                },
-                "adds": {
-                    "count": 0
-                },
-                "depth": {
-                    "count": 0
-                },
-                "longestrunning": {
-                    "sec": 0
-                },
-                "retries": {
-                    "count": 0
-                }
-            },
-            "name": "certificate"
-        }
-    },
-    "event": {
-        "dataset": "kubernetes.controllermanager",
-        "module": "kubernetes",
-        "duration": 8893806
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "ip": [
-            "192.168.64.10",
-            "fe80::a883:2fff:fe7f:6b12",
-            "172.17.0.1",
-            "fe80::42:d4ff:fe8c:9493",
-            "fe80::2859:80ff:fe9e:fcd6",
-            "fe80::d83a:d9ff:fee9:7052",
-            "fe80::880a:b6ff:fe18:ba76",
-            "fe80::f447:faff:fe80:e88b",
-            "fe80::9cc3:ffff:fe95:e48e",
-            "fe80::6c1c:29ff:fe50:d40c",
-            "fe80::b4f3:11ff:fe60:14ed",
-            "fe80::20f2:2aff:fe96:1e7b",
-            "fe80::5434:baff:fede:5720",
-            "fe80::a878:91ff:fe29:81f7"
-        ],
-        "mac": [
-            "aa:83:2f:7f:6b:12",
-            "02:42:d4:8c:94:93",
-            "2a:59:80:9e:fc:d6",
-            "da:3a:d9:e9:70:52",
-            "8a:0a:b6:18:ba:76",
-            "f6:47:fa:80:e8:8b",
-            "9e:c3:ff:95:e4:8e",
-            "6e:1c:29:50:d4:0c",
-            "b6:f3:11:60:14:ed",
-            "22:f2:2a:96:1e:7b",
-            "56:34:ba:de:57:20",
-            "aa:78:91:29:81:f7"
-        ],
-        "hostname": "minikube",
-        "architecture": "x86_64",
-        "os": {
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "name": "minikube"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "b964a246-96c0-456a-a5c2-8c8b1040ecaf",
-        "id": "f7ec69f9-4997-4e76-b6c7-0c75206b727a",
-        "name": "minikube",
-        "type": "metricbeat"
-    },
-    "metricset": {
-        "period": 10000,
-        "name": "controllermanager"
-    },
-    "service": {
-        "address": "localhost:10252",
-        "type": "kubernetes"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/event/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/event/agent/stream/stream.yml.hbs
deleted file mode 100644
index fe1ecc78c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/event/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,6 +0,0 @@
-metricsets: ["event"]
-period: {{period}}
-add_metadata: {{add_metadata}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/event/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/event/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/event/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/event/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/event/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/ecs.yml
deleted file mode 100644
index 32165e66a..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/event/fields/ecs.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/event/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/event/fields/fields.yml
deleted file mode 100644
index 9bcbf0001..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/event/fields/fields.yml
+++ /dev/null
@@ -1,108 +0,0 @@
-- name: kubernetes.event
-  type: group
-  fields:
-    - name: count
-      type: long
-      metric_type: counter
-      description: |
-        Count field records the number of times the particular event has occurred
-    - name: timestamp
-      type: group
-      fields:
-        - name: first_occurrence
-          type: date
-          description: |
-            Timestamp of first occurrence of event
-        - name: last_occurrence
-          type: date
-          description: |
-            Timestamp of last occurrence of event
-    - name: message
-      type: text
-      description: |
-        Message recorded for the given event
-    - name: reason
-      dimension: true
-      type: keyword
-      description: |
-        Reason recorded for the given event
-    - name: type
-      dimension: true
-      type: keyword
-      description: |
-        Type of the given event
-    - name: source
-      type: group
-      fields:
-        - name: component
-          dimension: true
-          type: keyword
-          description: |
-            Component from which the event is generated
-        - name: host
-          dimension: true
-          type: keyword
-          description: |
-            Node name on which the event is generated
-    - name: metadata
-      type: group
-      fields:
-        - name: timestamp
-          type: group
-          fields:
-            - name: created
-              type: date
-              description: |
-                Timestamp of creation of the given event
-        - name: generate_name
-          dimension: true
-          type: keyword
-          description: |
-            Generate name of the event
-        - name: name
-          dimension: true
-          type: keyword
-          description: |
-            Name of the event
-        - name: namespace
-          dimension: true
-          type: keyword
-          description: |
-            Namespace in which event was generated
-        - name: resource_version
-          dimension: true
-          type: keyword
-          description: |
-            Version of the event resource
-        - name: uid
-          type: keyword
-          description: |
-            Unique identifier to the event object
-        - name: self_link
-          type: keyword
-          description: |
-            URL representing the event
-    - name: involved_object
-      type: group
-      fields:
-        - name: api_version
-          type: keyword
-          description: |
-            API version of the object
-        - name: kind
-          type: keyword
-          description: |
-            API kind of the object
-        - name: name
-          type: keyword
-          description: |
-            name of the object
-        - name: resource_version
-          type: keyword
-          description: |
-            resource version of the object
-        - name: uid
-          dimension: true
-          type: keyword
-          description: |
-            uid version of the object
diff --git a/test/packages/with-kind/kubernetes/data_stream/event/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/event/manifest.yml
deleted file mode 100644
index cecc6ef73..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/event/manifest.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-title: Kubernetes Event metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    vars:
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-    title: Kubernetes Event metrics
-    description: Collect Kubernetes Event metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/event/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/event/sample_event.json
deleted file mode 100644
index 01c0c93fc..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/event/sample_event.json
+++ /dev/null
@@ -1,78 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:30:27.575Z",
-    "metricset": {
-        "name": "event"
-    },
-    "agent": {
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "event": {
-        "dataset": "kubernetes.event",
-        "module": "kubernetes"
-    },
-    "service": {
-        "type": "kubernetes"
-    },
-    "kubernetes": {
-        "event": {
-            "metadata": {
-                "uid": "604e39e0-862f-4615-9cec-8cb62299dea3",
-                "resource_version": "485630",
-                "timestamp": {
-                    "created": "2020-06-25T07:20:25.000Z"
-                },
-                "name": "monitor.161bb862545e3099",
-                "namespace": "beats",
-                "self_link": "/api/v1/namespaces/beats/events/monitor.161bb862545e3099",
-                "generate_name": ""
-            },
-            "timestamp": {
-                "first_occurrence": "2020-06-25T07:20:25.000Z",
-                "last_occurrence": "2020-06-25T12:30:27.000Z"
-            },
-            "message": "Failed to find referenced backend beats/monitor: Elasticsearch.elasticsearch.k8s.elastic.co \"monitor\" not found",
-            "reason": "AssociationError",
-            "type": "Warning",
-            "count": 1861,
-            "source": {
-                "host": "",
-                "component": "kibana-association-controller"
-            },
-            "involved_object": {
-                "api_version": "kibana.k8s.elastic.co/v1",
-                "resource_version": "101842",
-                "name": "monitor",
-                "kind": "Kibana",
-                "uid": "45a19de5-5eef-4090-a2d3-dbceb0a28af8"
-            }
-        }
-    },
-    "host": {
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core"
-        }
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/node/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 6c69562d4..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-    period: 5s
-    hosts:
-      - https://{{Hostname}}:10250
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/node/agent/stream/stream.yml.hbs
deleted file mode 100644
index c4a3cbda5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,11 +0,0 @@
-metricsets: ["node"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if bearer_token_file}}
-bearer_token_file: {{bearer_token_file}}
-ssl.verification_mode: {{ssl.verification_mode}}
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/base-fields.yml
deleted file mode 100644
index 0e3072d1e..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/fields/base-fields.yml
+++ /dev/null
@@ -1,91 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/node/fields/fields.yml
deleted file mode 100644
index dc46f35f2..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/fields/fields.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: kubernetes.node
-  type: group
-  fields:
-    - name: start_time
-      type: date
-      description: |
-        Start time
-    - name: cpu
-      type: group
-      fields:
-        - name: usage
-          type: group
-          fields:
-            - name: core
-              type: group
-              fields:
-                - name: ns
-                  type: long
-                  metric_type: gauge
-                  description: |
-                    Node CPU Core usage nanoseconds
-            - name: nanocores
-              type: long
-              metric_type: gauge
-              description: |
-                CPU used nanocores
-    - name: memory
-      type: group
-      fields:
-        - name: available
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Total available memory
-        - name: usage
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Total memory usage
-        - name: rss
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                RSS memory usage
-        - name: workingset
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Working set memory usage
-        - name: pagefaults
-          type: long
-          metric_type: counter
-          description: |
-            Number of page faults
-        - name: majorpagefaults
-          type: long
-          metric_type: counter
-          description: |
-            Number of major page faults
-    - name: network
-      type: group
-      fields:
-        - name: rx
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: counter
-              description: |
-                Received bytes
-            - name: errors
-              type: long
-              description: |
-                Rx errors
-        - name: tx
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: counter
-              description: |
-                Transmitted bytes
-            - name: errors
-              type: long
-              metric_type: counter
-              description: |
-                Tx errors
-    - name: fs
-      type: group
-      fields:
-        - name: capacity
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Filesystem total capacity in bytes
-        - name: available
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Filesystem total available in bytes
-        - name: used
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Filesystem total used in bytes
-        - name: inodes
-          type: group
-          fields:
-            - name: used
-              type: long
-              metric_type: gauge
-              description: |
-                Number of used inodes
-            - name: count
-              type: long
-              metric_type: gauge
-              description: |
-                Number of inodes
-            - name: free
-              type: long
-              metric_type: gauge
-              description: |
-                Number of free inodes
-    - name: runtime
-      type: group
-      fields:
-        - name: imagefs
-          type: group
-          fields:
-            - name: capacity
-              type: group
-              fields:
-                - name: bytes
-                  type: long
-                  format: bytes
-                  unit: byte
-                  metric_type: gauge
-                  description: |
-                    Image filesystem total capacity in bytes
-            - name: available
-              type: group
-              fields:
-                - name: bytes
-                  type: long
-                  format: bytes
-                  unit: byte
-                  metric_type: gauge
-                  description: |
-                    Image filesystem total available in bytes
-            - name: used
-              type: group
-              fields:
-                - name: bytes
-                  type: long
-                  format: bytes
-                  unit: byte
-                  metric_type: gauge
-                  description: |
-                    Image filesystem total used in bytes
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/node/manifest.yml
deleted file mode 100644
index fc763864f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/manifest.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-title: Kubernetes Node metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: bearer_token_file
-        type: text
-        title: Bearer Token File
-        multi: false
-        required: true
-        show_user: true
-        default: /var/run/secrets/kubernetes.io/serviceaccount/token
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - https://${env.NODE_NAME}:10250
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-      - name: ssl.verification_mode
-        type: text
-        title: SSL Verification Mode
-        multi: false
-        required: true
-        show_user: true
-        default: none
-    title: Kubernetes Node metrics
-    description: Collect Kubernetes Node metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/node/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/node/sample_event.json
deleted file mode 100644
index 3128c86a5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/node/sample_event.json
+++ /dev/null
@@ -1,148 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:34:39.723Z",
-    "event": {
-        "dataset": "kubernetes.node",
-        "module": "kubernetes",
-        "duration": 13042307
-    },
-    "service": {
-        "type": "kubernetes",
-        "address": "minikube:10250"
-    },
-    "host": {
-        "containerized": false,
-        "ip": [
-            "192.168.64.10",
-            "fe80::a883:2fff:fe7f:6b12",
-            "172.17.0.1",
-            "fe80::42:d4ff:fe8c:9493",
-            "fe80::2859:80ff:fe9e:fcd6",
-            "fe80::d83a:d9ff:fee9:7052",
-            "fe80::880a:b6ff:fe18:ba76",
-            "fe80::f447:faff:fe80:e88b",
-            "fe80::9cc3:ffff:fe95:e48e",
-            "fe80::6c1c:29ff:fe50:d40c",
-            "fe80::b4f3:11ff:fe60:14ed",
-            "fe80::20f2:2aff:fe96:1e7b",
-            "fe80::5434:baff:fede:5720",
-            "fe80::a878:91ff:fe29:81f7"
-        ],
-        "mac": [
-            "aa:83:2f:7f:6b:12",
-            "02:42:d4:8c:94:93",
-            "2a:59:80:9e:fc:d6",
-            "da:3a:d9:e9:70:52",
-            "8a:0a:b6:18:ba:76",
-            "f6:47:fa:80:e8:8b",
-            "9e:c3:ff:95:e4:8e",
-            "6e:1c:29:50:d4:0c",
-            "b6:f3:11:60:14:ed",
-            "22:f2:2a:96:1e:7b",
-            "56:34:ba:de:57:20",
-            "aa:78:91:29:81:f7"
-        ],
-        "name": "minikube",
-        "hostname": "minikube",
-        "architecture": "x86_64",
-        "os": {
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b"
-    },
-    "metricset": {
-        "name": "node",
-        "period": 10000
-    },
-    "kubernetes": {
-        "labels": {
-            "beta_kubernetes_io/os": "linux",
-            "kubernetes_io/arch": "amd64",
-            "kubernetes_io/hostname": "minikube",
-            "kubernetes_io/os": "linux",
-            "node-role_kubernetes_io/master": "",
-            "beta_kubernetes_io/arch": "amd64"
-        },
-        "node": {
-            "memory": {
-                "available": {
-                    "bytes": 12746428416
-                },
-                "usage": {
-                    "bytes": 5670916096
-                },
-                "workingset": {
-                    "bytes": 4068896768
-                },
-                "rss": {
-                    "bytes": 3252125696
-                },
-                "pagefaults": 31680,
-                "majorpagefaults": 0
-            },
-            "network": {
-                "rx": {
-                    "bytes": 107077476,
-                    "errors": 0
-                },
-                "tx": {
-                    "bytes": 67457933,
-                    "errors": 0
-                }
-            },
-            "fs": {
-                "available": {
-                    "bytes": 6655090688
-                },
-                "capacity": {
-                    "bytes": 17361141760
-                },
-                "used": {
-                    "bytes": 9689358336
-                },
-                "inodes": {
-                    "count": 9768928,
-                    "used": 224151,
-                    "free": 9544777
-                }
-            },
-            "runtime": {
-                "imagefs": {
-                    "capacity": {
-                        "bytes": 17361141760
-                    },
-                    "used": {
-                        "bytes": 8719928568
-                    },
-                    "available": {
-                        "bytes": 6655090688
-                    }
-                }
-            },
-            "start_time": "2020-06-25T07:18:38Z",
-            "name": "minikube",
-            "cpu": {
-                "usage": {
-                    "core": {
-                        "ns": 6136184971873
-                    },
-                    "nanocores": 455263291
-                }
-            }
-        }
-    },
-    "agent": {
-        "name": "minikube",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "b964a246-96c0-456a-a5c2-8c8b1040ecaf",
-        "id": "f7ec69f9-4997-4e76-b6c7-0c75206b727a"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/proxy/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml
deleted file mode 100644
index d70f2cab7..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    period: 5s
-    hosts:
-      - http://localhost:10249
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs
deleted file mode 100644
index 1723efeec..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,6 +0,0 @@
-metricsets: ["proxy"]
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/base-fields.yml
deleted file mode 100644
index 7c798f453..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/base-fields.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/fields/fields.yml
deleted file mode 100644
index 7e37ae789..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/fields/fields.yml
+++ /dev/null
@@ -1,127 +0,0 @@
-- name: kubernetes.proxy
-  type: group
-  fields:
-    - name: handler
-      dimension: true
-      type: keyword
-      description: |
-        Request handler
-    - name: code
-      dimension: true
-      type: keyword
-      description: |
-        HTTP code
-    - name: method
-      dimension: true
-      type: keyword
-      description: |
-        HTTP method
-    - name: host
-      dimension: true
-      type: keyword
-      description: |
-        Request host
-    - name: process
-      type: group
-      fields:
-        - name: cpu.sec
-          type: double
-          metric_type: counter
-          description: CPU seconds
-        - name: memory.resident.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in resident memory
-        - name: memory.virtual.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in virtual memory
-        - name: fds.open.count
-          type: long
-          metric_type: gauge
-          description: Number of open file descriptors
-        - name: started.sec
-          type: double
-          metric_type: gauge
-          description: Seconds since the process started
-    - name: http
-      type: group
-      fields:
-        - name: request.duration.us.percentile.*
-          type: object
-          description: Request duration microseconds percentiles
-        - name: request.duration.us.sum
-          type: double
-          metric_type: counter
-          unit: micros
-          description: Request duration microseconds cumulative sum
-        - name: request.duration.us.count
-          type: long
-          metric_type: counter
-          unit: micros
-          description: Request count for duration
-        - name: request.size.bytes.percentile.*
-          type: object
-          description: Request size percentiles
-        - name: request.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Request size cumulative sum
-        - name: request.size.bytes.count
-          type: long
-          unit: byte
-          metric_type: counter
-          description: Request count for size
-        - name: response.size.bytes.percentile.*
-          type: object
-          description: Response size percentiles
-        - name: response.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Response size cumulative sum
-        - name: response.size.bytes.count
-          type: long
-          metric_type: counter
-          description: Response count
-        - name: request.count
-          type: long
-          metric_type: counter
-          description: Request count
-    - name: client.request.count
-      type: long
-      metric_type: counter
-      description: |
-        Number of requests as client
-    - name: sync
-      type: group
-      fields:
-        - name: rules.duration.us.sum
-          type: long
-          metric_type: counter
-          description: SyncProxyRules duration, sum of durations in microseconds
-        - name: rules.duration.us.count
-          type: long
-          metric_type: counter
-          description: SyncProxyRules duration, number of operations
-        - name: rules.duration.us.bucket.*
-          type: object
-          description: SyncProxyRules duration, histogram buckets
-        - name: networkprogramming.duration.us.sum
-          type: long
-          metric_type: counter
-          description: Network programming duration, sum in microseconds
-        - name: networkprogramming.duration.us.count
-          type: long
-          metric_type: counter
-          description: Network programming duration, number of operations
-        - name: networkprogramming.duration.us.bucket.*
-          type: object
-          description: Network programming duration, histogram buckets
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/proxy/manifest.yml
deleted file mode 100644
index 8b4f0d944..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/manifest.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-title: Kubernetes Proxy metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    vars:
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - localhost:10249
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Proxy metrics
-    description: Collect Kubernetes Proxy metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/proxy/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/proxy/sample_event.json
deleted file mode 100644
index 50ba492ea..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/proxy/sample_event.json
+++ /dev/null
@@ -1,216 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:35:29.639Z",
-    "agent": {
-        "name": "minikube",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "b964a246-96c0-456a-a5c2-8c8b1040ecaf",
-        "id": "f7ec69f9-4997-4e76-b6c7-0c75206b727a"
-    },
-    "host": {
-        "ip": [
-            "192.168.64.10",
-            "fe80::a883:2fff:fe7f:6b12",
-            "172.17.0.1",
-            "fe80::42:d4ff:fe8c:9493",
-            "fe80::2859:80ff:fe9e:fcd6",
-            "fe80::d83a:d9ff:fee9:7052",
-            "fe80::880a:b6ff:fe18:ba76",
-            "fe80::f447:faff:fe80:e88b",
-            "fe80::9cc3:ffff:fe95:e48e",
-            "fe80::6c1c:29ff:fe50:d40c",
-            "fe80::b4f3:11ff:fe60:14ed",
-            "fe80::20f2:2aff:fe96:1e7b",
-            "fe80::5434:baff:fede:5720",
-            "fe80::a878:91ff:fe29:81f7"
-        ],
-        "name": "minikube",
-        "mac": [
-            "aa:83:2f:7f:6b:12",
-            "02:42:d4:8c:94:93",
-            "2a:59:80:9e:fc:d6",
-            "da:3a:d9:e9:70:52",
-            "8a:0a:b6:18:ba:76",
-            "f6:47:fa:80:e8:8b",
-            "9e:c3:ff:95:e4:8e",
-            "6e:1c:29:50:d4:0c",
-            "b6:f3:11:60:14:ed",
-            "22:f2:2a:96:1e:7b",
-            "56:34:ba:de:57:20",
-            "aa:78:91:29:81:f7"
-        ],
-        "hostname": "minikube",
-        "architecture": "x86_64",
-        "os": {
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false
-    },
-    "kubernetes": {
-        "proxy": {
-            "sync": {
-                "rules": {
-                    "duration": {
-                        "us": {
-                            "sum": 763620.9329999998,
-                            "count": 18,
-                            "bucket": {
-                                "1000": 0,
-                                "2000": 0,
-                                "4000": 0,
-                                "8000": 0,
-                                "16000": 0,
-                                "32000": 10,
-                                "64000": 16,
-                                "128000": 17,
-                                "256000": 18,
-                                "512000": 18,
-                                "1024000": 18,
-                                "2048000": 18,
-                                "4096000": 18,
-                                "8192000": 18,
-                                "16384000": 18,
-                                "+Inf": 18
-                            }
-                        }
-                    }
-                },
-                "networkprogramming": {
-                    "duration": {
-                        "us": {
-                            "count": 19,
-                            "bucket": {
-                                "0": 0,
-                                "250000": 4,
-                                "500000": 8,
-                                "1000000": 11,
-                                "2000000": 11,
-                                "3000000": 11,
-                                "4000000": 11,
-                                "5000000": 11,
-                                "6000000": 11,
-                                "7000000": 11,
-                                "8000000": 11,
-                                "9000000": 11,
-                                "10000000": 11,
-                                "11000000": 11,
-                                "12000000": 11,
-                                "13000000": 11,
-                                "14000000": 11,
-                                "15000000": 11,
-                                "16000000": 11,
-                                "17000000": 11,
-                                "18000000": 11,
-                                "19000000": 11,
-                                "20000000": 11,
-                                "21000000": 11,
-                                "22000000": 11,
-                                "23000000": 11,
-                                "24000000": 11,
-                                "25000000": 11,
-                                "26000000": 11,
-                                "27000000": 11,
-                                "28000000": 11,
-                                "29000000": 11,
-                                "30000000": 11,
-                                "31000000": 11,
-                                "32000000": 11,
-                                "33000000": 11,
-                                "34000000": 11,
-                                "35000000": 11,
-                                "36000000": 11,
-                                "37000000": 11,
-                                "38000000": 11,
-                                "39000000": 11,
-                                "40000000": 11,
-                                "41000000": 11,
-                                "42000000": 11,
-                                "43000000": 11,
-                                "44000000": 11,
-                                "45000000": 11,
-                                "46000000": 11,
-                                "47000000": 11,
-                                "48000000": 11,
-                                "49000000": 11,
-                                "50000000": 11,
-                                "51000000": 11,
-                                "52000000": 11,
-                                "53000000": 11,
-                                "54000000": 11,
-                                "55000000": 11,
-                                "56000000": 11,
-                                "57000000": 11,
-                                "58000000": 11,
-                                "59000000": 11,
-                                "60000000": 11,
-                                "65000000": 11,
-                                "70000000": 11,
-                                "75000000": 11,
-                                "80000000": 11,
-                                "85000000": 11,
-                                "90000000": 11,
-                                "95000000": 11,
-                                "100000000": 11,
-                                "105000000": 11,
-                                "110000000": 11,
-                                "115000000": 11,
-                                "120000000": 11,
-                                "150000000": 11,
-                                "180000000": 11,
-                                "210000000": 11,
-                                "240000000": 11,
-                                "270000000": 11,
-                                "300000000": 11,
-                                "+Inf": 19
-                            },
-                            "sum": 5571080914163.27
-                        }
-                    }
-                }
-            },
-            "process": {
-                "cpu": {
-                    "sec": 8
-                },
-                "memory": {
-                    "resident": {
-                        "bytes": 37609472
-                    },
-                    "virtual": {
-                        "bytes": 143990784
-                    }
-                },
-                "started": {
-                    "sec": 1593069580.69
-                },
-                "fds": {
-                    "open": {
-                        "count": 17
-                    }
-                }
-            }
-        }
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "event": {
-        "module": "kubernetes",
-        "duration": 2031254,
-        "dataset": "kubernetes.proxy"
-    },
-    "metricset": {
-        "name": "proxy",
-        "period": 10000
-    },
-    "service": {
-        "address": "localhost:10249",
-        "type": "kubernetes"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml
deleted file mode 100644
index c775d296e..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    period: 5s
-    hosts:
-      - https://0.0.0.0:10259
-    bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-    ssl.verification_mode: "none"
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs
deleted file mode 100644
index 1c34b2b90..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,12 +0,0 @@
-metricsets: ["scheduler"]
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-
-{{#if bearer_token_file}}
-bearer_token_file: {{bearer_token_file}}
-ssl.verification_mode: {{ssl.verification_mode}}
-{{/if}}
-condition: ${kubernetes.labels.{{~scheduler_label_key~}} } == '{{scheduler_label_value}}'
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/fields.yml
deleted file mode 100644
index fa717504a..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/fields/fields.yml
+++ /dev/null
@@ -1,163 +0,0 @@
-- name: kubernetes.scheduler
-  type: group
-  fields:
-    - name: handler
-      dimension: true
-      type: keyword
-      description: |
-        Request handler
-    - name: code
-      dimension: true
-      type: keyword
-      description: |
-        HTTP code
-    - name: method
-      dimension: true
-      type: keyword
-      description: |
-        HTTP method
-    - name: host
-      dimension: true
-      type: keyword
-      description: |
-        Request host
-    - name: name
-      dimension: true
-      type: keyword
-      description: |
-        Name for the resource
-    - name: result
-      dimension: true
-      type: keyword
-      description: |
-        Schedule attempt result
-    - name: operation
-      dimension: true
-      type: keyword
-      description: |
-        Scheduling operation
-    - name: process
-      type: group
-      fields:
-        - name: cpu.sec
-          type: double
-          metric_type: counter
-          description: CPU seconds
-        - name: memory.resident.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in resident memory
-        - name: memory.virtual.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: Bytes in virtual memory
-        - name: fds.open.count
-          type: long
-          metric_type: gauge
-          description: Number of open file descriptors
-        - name: started.sec
-          type: double
-          metric_type: gauge
-          description: Seconds since the process started
-    - name: http
-      type: group
-      fields:
-        - name: request.duration.us.percentile.*
-          type: object
-          description: Request duration microseconds percentiles
-        - name: request.duration.us.sum
-          type: double
-          metric_type: counter
-          unit: micros
-          description: Request duration microseconds cumulative sum
-        - name: request.duration.us.count
-          type: long
-          metric_type: counter
-          unit: micros
-          description: Request count for duration
-        - name: request.size.bytes.percentile.*
-          type: object
-          description: Request size percentiles
-        - name: request.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Request size cumulative sum
-        - name: request.size.bytes.count
-          type: long
-          unit: byte
-          metric_type: counter
-          description: Request count for size
-        - name: response.size.bytes.percentile.*
-          type: object
-          description: Response size percentiles
-        - name: response.size.bytes.sum
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: counter
-          description: Response size cumulative sum
-        - name: response.size.bytes.count
-          type: long
-          metric_type: counter
-          description: Response count
-        - name: request.count
-          type: long
-          metric_type: counter
-          description: Request count
-    - name: client.request.count
-      type: long
-      metric_type: counter
-      description: |
-        Number of requests as client
-    - name: leader.is_master
-      type: boolean
-      description: |
-        Whether the node is master
-    - name: scheduling
-      type: group
-      fields:
-        - name: e2e.duration.us.bucket.*
-          type: object
-          description: End to end scheduling duration microseconds
-        - name: e2e.duration.us.sum
-          type: long
-          unit: micros
-          metric_type: counter
-          description: End to end scheduling duration microseconds sum
-        - name: e2e.duration.us.count
-          type: long
-          unit: micros
-          metric_type: counter
-          description: End to end scheduling count
-        - name: pod.preemption.victims.bucket.*
-          type: long
-          description: Pod preemption victims
-        - name: pod.preemption.victims.sum
-          type: long
-          metric_type: counter
-          description: Pod preemption victims sum
-        - name: pod.preemption.victims.count
-          type: long
-          metric_type: counter
-          description: Pod preemption victims count
-        - name: pod.attempts.count
-          type: long
-          metric_type: counter
-          description: Pod attempts count
-        - name: duration.seconds.percentile.*
-          type: object
-          description: Scheduling duration percentiles
-        - name: duration.seconds.sum
-          type: double
-          metric_type: counter
-          description: Scheduling duration cumulative sum
-        - name: duration.seconds.count
-          type: long
-          metric_type: counter
-          description: Scheduling count
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/scheduler/manifest.yml
deleted file mode 100644
index cd7e4c078..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/manifest.yml
+++ /dev/null
@@ -1,51 +0,0 @@
-title: Kubernetes Scheduler metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: bearer_token_file
-        type: text
-        title: Bearer Token File
-        multi: false
-        required: true
-        show_user: true
-        default: /var/run/secrets/kubernetes.io/serviceaccount/token
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - https://0.0.0.0:10259
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-      - name: ssl.verification_mode
-        type: text
-        title: SSL Verification Mode
-        multi: false
-        required: true
-        show_user: true
-        default: none
-      - name: scheduler_label_key
-        type: text
-        title: Kubernetes Scheduler Label key
-        multi: false
-        required: true
-        show_user: false
-        default: component
-      - name: scheduler_label_value
-        type: text
-        title: Kubernetes Scheduler Label value
-        multi: false
-        required: true
-        show_user: false
-        default: kube-scheduler
-    title: Kubernetes Scheduler metrics
-    description: Collect Kubernetes Scheduler metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/scheduler/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/scheduler/sample_event.json
deleted file mode 100644
index b932b1797..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/scheduler/sample_event.json
+++ /dev/null
@@ -1,79 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:35:59.624Z",
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "b964a246-96c0-456a-a5c2-8c8b1040ecaf",
-        "id": "f7ec69f9-4997-4e76-b6c7-0c75206b727a",
-        "name": "minikube",
-        "type": "metricbeat"
-    },
-    "host": {
-        "hostname": "minikube",
-        "architecture": "x86_64",
-        "os": {
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux"
-        },
-        "name": "minikube",
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "192.168.64.10",
-            "fe80::a883:2fff:fe7f:6b12",
-            "172.17.0.1",
-            "fe80::42:d4ff:fe8c:9493",
-            "fe80::2859:80ff:fe9e:fcd6",
-            "fe80::d83a:d9ff:fee9:7052",
-            "fe80::880a:b6ff:fe18:ba76",
-            "fe80::f447:faff:fe80:e88b",
-            "fe80::9cc3:ffff:fe95:e48e",
-            "fe80::6c1c:29ff:fe50:d40c",
-            "fe80::b4f3:11ff:fe60:14ed",
-            "fe80::20f2:2aff:fe96:1e7b",
-            "fe80::5434:baff:fede:5720",
-            "fe80::a878:91ff:fe29:81f7"
-        ],
-        "mac": [
-            "aa:83:2f:7f:6b:12",
-            "02:42:d4:8c:94:93",
-            "2a:59:80:9e:fc:d6",
-            "da:3a:d9:e9:70:52",
-            "8a:0a:b6:18:ba:76",
-            "f6:47:fa:80:e8:8b",
-            "9e:c3:ff:95:e4:8e",
-            "6e:1c:29:50:d4:0c",
-            "b6:f3:11:60:14:ed",
-            "22:f2:2a:96:1e:7b",
-            "56:34:ba:de:57:20",
-            "aa:78:91:29:81:f7"
-        ]
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "event": {
-        "duration": 7245648,
-        "dataset": "kubernetes.scheduler",
-        "module": "kubernetes"
-    },
-    "metricset": {
-        "name": "scheduler",
-        "period": 10000
-    },
-    "service": {
-        "address": "localhost:10251",
-        "type": "kubernetes"
-    },
-    "kubernetes": {
-        "scheduler": {
-            "name": "kube-scheduler",
-            "leader": {
-                "is_master": true
-            }
-        }
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs
deleted file mode 100644
index 55bf95929..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_container"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/agent.yml
deleted file mode 100644
index d16c88255..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/agent.yml
+++ /dev/null
@@ -1,199 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      dimension: true
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/base-fields.yml
deleted file mode 100644
index 98c09161d..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/base-fields.yml
+++ /dev/null
@@ -1,98 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: daemonset.name
-      type: keyword
-      description: >
-        Kubernetes daemonset name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/ecs.yml
deleted file mode 100644
index 31cb2817b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/ecs.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: container.runtime
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/fields/fields.yml
deleted file mode 100644
index 858f894d1..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/fields/fields.yml
+++ /dev/null
@@ -1,66 +0,0 @@
-- name: kubernetes.container
-  type: group
-  fields:
-    - name: id
-      type: keyword
-      description: Container id
-    - name: status
-      type: group
-      fields:
-        - name: phase
-          type: keyword
-          description: |
-            Container phase (running, waiting, terminated)
-        - name: ready
-          type: boolean
-          description: |
-            Container ready status
-        - name: restarts
-          type: integer
-          metric_type: counter
-          description: |
-            Container restarts count
-        - name: reason
-          type: keyword
-          description: |
-            Waiting (ContainerCreating, CrashLoopBackoff, ErrImagePull, ImagePullBackoff) or termination (Completed, ContainerCannotRun, Error, OOMKilled) reason.
-    - name: cpu
-      type: group
-      fields:
-        - name: limit.cores
-          type: float
-          metric_type: gauge
-          description: |
-            Container CPU cores limit
-        - name: request.cores
-          type: float
-          metric_type: gauge
-          description: |
-            Container CPU requested cores
-        - name: limit.nanocores
-          type: long
-          metric_type: gauge
-          description: |
-            Container CPU nanocores limit
-        - name: request.nanocores
-          type: long
-          metric_type: gauge
-          description: |
-            Container CPU requested nanocores
-    - name: memory
-      type: group
-      fields:
-        - name: limit.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: |
-            Container memory limit in bytes
-        - name: request.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: |
-            Container requested memory in bytes
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_container/manifest.yml
deleted file mode 100644
index a51516b6e..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes Container metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Container metrics
-    description: Collect Kubernetes Container metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_container/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_container/sample_event.json
deleted file mode 100644
index fda9be931..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_container/sample_event.json
+++ /dev/null
@@ -1,80 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:36:34.469Z",
-    "host": {
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "os": {
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false
-    },
-    "event": {
-        "dataset": "kubernetes.container",
-        "module": "kubernetes",
-        "duration": 8554499
-    },
-    "kubernetes": {
-        "node": {
-            "name": "minikube"
-        },
-        "labels": {
-            "component": "kube-scheduler",
-            "tier": "control-plane"
-        },
-        "container": {
-            "image": "k8s.gcr.io/kube-scheduler:v1.17.0",
-            "name": "kube-scheduler",
-            "cpu": {
-                "request": {
-                    "cores": 0.1
-                }
-            },
-            "status": {
-                "phase": "running",
-                "ready": true,
-                "restarts": 10
-            },
-            "id": "docker://b00b185f2b304a7ece804d1af28eb232f825255f716bcc85ef5bd20d5a4f45d4"
-        },
-        "pod": {
-            "name": "kube-scheduler-minikube",
-            "uid": "9cdbd5ea-7638-4e86-a706-a5b222d86f26"
-        },
-        "namespace": "kube-system"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "agent": {
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    },
-    "container": {
-        "runtime": "docker",
-        "id": "b00b185f2b304a7ece804d1af28eb232f825255f716bcc85ef5bd20d5a4f45d4"
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "metricset": {
-        "name": "state_container",
-        "period": 10000
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs
deleted file mode 100644
index 08b16b339..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,11 +0,0 @@
-metricsets: ["state_cronjob"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/base-fields.yml
deleted file mode 100644
index 331f87f88..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/base-fields.yml
+++ /dev/null
@@ -1,93 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/fields.yml
deleted file mode 100644
index 5e3470530..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/fields/fields.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-- name: kubernetes.cronjob
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-      description: Cronjob name
-    - name: schedule
-      dimension: true
-      type: keyword
-      description: Cronjob schedule
-    - name: concurrency
-      dimension: true
-      type: keyword
-      description: Concurrency policy
-    - name: active.count
-      type: long
-      metric_type: gauge
-      description: Number of active pods for the cronjob
-    - name: is_suspended
-      dimension: true
-      type: boolean
-      description: Whether the cronjob is suspended
-    - name: created.sec
-      type: double
-      unit: s
-      metric_type: gauge
-      description: Epoch seconds since the cronjob was created
-    - name: last_schedule.sec
-      type: double
-      unit: s
-      metric_type: gauge
-      description: Epoch seconds for last cronjob run
-    - name: next_schedule.sec
-      type: double
-      unit: s
-      metric_type: gauge
-      description: Epoch seconds for next cronjob run
-    - name: deadline.sec
-      type: long
-      unit: s
-      metric_type: gauge
-      description: Deadline seconds after schedule for considering failed
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/manifest.yml
deleted file mode 100644
index b13c06ae2..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes Cronjob metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Cronjob metrics
-    description: Collect Kubernetes Cronjob metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_cronjob/sample_event.json
deleted file mode 100644
index f297190ba..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_cronjob/sample_event.json
+++ /dev/null
@@ -1,66 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:43:04.384Z",
-    "metricset": {
-        "name": "state_cronjob",
-        "period": 10000
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)"
-        }
-    },
-    "event": {
-        "dataset": "kubernetes.cronjob",
-        "module": "kubernetes",
-        "duration": 9482053
-    },
-    "kubernetes": {
-        "namespace": "default",
-        "cronjob": {
-            "active": {
-                "count": 0
-            },
-            "is_suspended": false,
-            "name": "hello",
-            "next_schedule": {
-                "sec": 1593088980
-            },
-            "last_schedule": {
-                "sec": 1593088920
-            },
-            "created": {
-                "sec": 1593088862
-            }
-        }
-    },
-    "agent": {
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs
deleted file mode 100644
index f7b98418b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_daemonset"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/fields.yml
deleted file mode 100644
index c76309183..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/fields/fields.yml
+++ /dev/null
@@ -1,31 +0,0 @@
-- name: kubernetes.daemonset
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-    - name: replicas
-      type: group
-      description: |
-        Kubernetes DaemonSet replica metrics
-      fields:
-        - name: available
-          type: long
-          metric_type: gauge
-          description: |
-            The number of available replicas per DaemonSet
-        - name: desired
-          type: long
-          metric_type: gauge
-          description: |
-            The desired number of replicas per DaemonSet
-        - name: ready
-          type: long
-          metric_type: gauge
-          description: |
-            The number of ready replicas per DaemonSet
-        - name: unavailable
-          type: long
-          metric_type: gauge
-          description: |
-            The number of unavailable replicas per DaemonSet
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/manifest.yml
deleted file mode 100644
index e7a1c826f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes Deamonset metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Deamonset metrics
-    description: Collect Kubernetes Deamonset metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_daemonset/sample_event.json
deleted file mode 100644
index 54b75c87c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_daemonset/sample_event.json
+++ /dev/null
@@ -1,62 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:37:04.455Z",
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "event": {
-        "module": "kubernetes",
-        "duration": 8648138,
-        "dataset": "kubernetes.daemonset"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "metricset": {
-        "name": "state_daemonset",
-        "period": 10000
-    },
-    "kubernetes": {
-        "daemonset": {
-            "name": "metricbeat",
-            "replicas": {
-                "available": 1,
-                "desired": 1,
-                "ready": 1,
-                "unavailable": 0
-            }
-        },
-        "labels": {
-            "k8s-app": "metricbeat"
-        },
-        "namespace": "kube-system"
-    },
-    "host": {
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat"
-        },
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ]
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs
deleted file mode 100644
index 205bc7376..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_deployment"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/base-fields.yml
deleted file mode 100644
index 5ba440e42..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/base-fields.yml
+++ /dev/null
@@ -1,92 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/fields.yml
deleted file mode 100644
index 51b6abb87..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/fields/fields.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-- name: kubernetes.deployment
-  type: group
-  fields:
-    - name: paused
-      type: boolean
-      description: |
-        Kubernetes deployment paused status
-    - name: replicas
-      type: group
-      fields:
-        - name: desired
-          type: integer
-          metric_type: gauge
-          description: |
-            Deployment number of desired replicas (spec)
-        - name: available
-          type: integer
-          metric_type: gauge
-          description: |
-            Deployment available replicas
-        - name: unavailable
-          type: integer
-          metric_type: gauge
-          description: |
-            Deployment unavailable replicas
-        - name: updated
-          type: integer
-          metric_type: gauge
-          description: |
-            Deployment updated replicas
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_deployment/manifest.yml
deleted file mode 100644
index 29b7fece8..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes Deployment metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Deployment metrics
-    description: Collect Kubernetes Deployment metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_deployment/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_deployment/sample_event.json
deleted file mode 100644
index fd79baced..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_deployment/sample_event.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:37:04.455Z",
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "event": {
-        "module": "kubernetes",
-        "duration": 8648138,
-        "dataset": "kubernetes.deployment"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "metricset": {
-        "name": "state_deployment",
-        "period": 10000
-    },
-    "kubernetes": {
-        "deployment": {
-            "name": "metricbeat",
-            "replicas": {
-                "unavailable": 0,
-                "desired": 1,
-                "updated": 1,
-                "available": 1
-            },
-            "paused": false
-        },
-        "labels": {
-            "k8s-app": "metricbeat"
-        },
-        "namespace": "kube-system"
-    },
-    "host": {
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat"
-        },
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ]
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs
deleted file mode 100644
index b9903eff7..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,7 +0,0 @@
-metricsets: ["state_job"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/fields/fields.yml
deleted file mode 100644
index dd96148fa..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/fields/fields.yml
+++ /dev/null
@@ -1,76 +0,0 @@
-- name: kubernetes.job
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-      description: >
-        The name of the job resource
-
-    - name: pods
-      type: group
-      description: >
-        Pod metrics for the job
-
-      fields:
-        - name: active
-          type: long
-          metric_type: gauge
-          description: Number of active pods
-        - name: failed
-          type: long
-          metric_type: gauge
-          description: Number of failed pods
-        - name: succeeded
-          type: long
-          metric_type: gauge
-          description: Number of successful pods
-    - name: time
-      type: group
-      description: Kubernetes job timestamps
-      fields:
-        - name: created
-          type: date
-          description: The time at which the job was created
-        - name: completed
-          type: date
-          description: The time at which the job completed
-    - name: completions
-      type: group
-      description: Kubernetes job completion settings
-      fields:
-        - name: desired
-          type: long
-          metric_type: gauge
-          description: The configured completion count for the job (Spec)
-    - name: parallelism
-      type: group
-      description: Kubernetes job parallelism settings
-      fields:
-        - name: desired
-          type: long
-          metric_type: gauge
-          description: The configured parallelism of the job (Spec)
-    - name: owner
-      type: group
-      description: Kubernetes job owner information
-      fields:
-        - name: name
-          type: keyword
-          description: The name of the resource that owns this job
-        - name: kind
-          type: keyword
-          description: The kind of resource that owns this job (eg. "CronJob")
-        - name: is_controller
-          type: keyword
-          description: Owner is controller ("true", "false", or `"<none>"`)
-    - name: status
-      type: group
-      description: Kubernetes job status information
-      fields:
-        - name: complete
-          type: keyword
-          description: Whether the job completed ("true", "false", or "unknown")
-        - name: failed
-          type: keyword
-          description: Whether the job failed ("true", "false", or "unknown")
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_job/manifest.yml
deleted file mode 100644
index 5026046ff..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/manifest.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-title: Kubernetes Job metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Job metrics
-    description: Collect Kubernetes Job metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_job/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_job/sample_event.json
deleted file mode 100644
index c9ff59627..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_job/sample_event.json
+++ /dev/null
@@ -1,72 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:43:04.384Z",
-    "metricset": {
-        "name": "state_job",
-        "period": 10000
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)"
-        }
-    },
-    "event": {
-        "dataset": "kubernetes.job",
-        "module": "kubernetes",
-        "duration": 9482053
-    },
-    "kubernetes": {
-        "job": {
-            "completions": {
-                "desired": 1
-            },
-            "name": "sleep-30-ok-cron-27075645",
-            "owner": {
-                "is_controller": "true",
-                "kind": "CronJob",
-                "name": "sleep-30-ok-cron"
-            },
-            "parallelism": {
-                "desired": 1
-            },
-            "pods": {
-                "active": 1,
-                "failed": 0,
-                "succeeded": 0
-            },
-            "time": {
-                "created": "2021-06-24T12:45:00.000Z"
-            }
-        },
-        "namespace": "default"
-    },
-    "agent": {
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs
deleted file mode 100644
index 1ddfb5e92..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_node"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/base-fields.yml
deleted file mode 100644
index 0e3072d1e..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/base-fields.yml
+++ /dev/null
@@ -1,91 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/fields/fields.yml
deleted file mode 100644
index c1eb21524..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/fields/fields.yml
+++ /dev/null
@@ -1,69 +0,0 @@
-- name: kubernetes.node
-  type: group
-  fields:
-    - name: status
-      type: group
-      fields:
-        - name: ready
-          type: keyword
-          description: |
-            Node ready status (true, false or unknown)
-        - name: unschedulable
-          type: boolean
-          description: |
-            Node unschedulable status
-        - name: disk_pressure
-          type: keyword
-          description: Node DiskPressure status (true, false or unknown)
-        - name: memory_pressure
-          type: keyword
-          description: Node MemoryPressure status (true, false or unknown)
-        - name: out_of_disk
-          type: keyword
-          description: Node OutOfDisk status (true, false or unknown)
-        - name: pid_pressure
-          type: keyword
-          description: Node PIDPressure status (true, false or unknown)
-    - name: cpu
-      type: group
-      fields:
-        - name: allocatable.cores
-          type: float
-          metric_type: gauge
-          description: |
-            Node CPU allocatable cores
-        - name: capacity.cores
-          type: long
-          metric_type: gauge
-          description: |
-            Node CPU capacity cores
-    - name: memory
-      type: group
-      fields:
-        - name: allocatable.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: |
-            Node allocatable memory in bytes
-        - name: capacity.bytes
-          type: long
-          format: bytes
-          unit: byte
-          metric_type: gauge
-          description: |
-            Node memory capacity in bytes
-    - name: pod
-      type: group
-      fields:
-        - name: allocatable.total
-          type: long
-          metric_type: gauge
-          description: |
-            Node allocatable pods
-        - name: capacity.total
-          type: long
-          metric_type: gauge
-          description: |
-            Node pod capacity
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_node/manifest.yml
deleted file mode 100644
index 294a71f51..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes Node metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Node metrics
-    description: Collect Kubernetes Node metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_node/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_node/sample_event.json
deleted file mode 100644
index 9b7f451ab..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_node/sample_event.json
+++ /dev/null
@@ -1,88 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:37:44.457Z",
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ]
-    },
-    "metricset": {
-        "name": "state_node",
-        "period": 10000
-    },
-    "kubernetes": {
-        "node": {
-            "pod": {
-                "capacity": {
-                    "total": 110
-                },
-                "allocatable": {
-                    "total": 110
-                }
-            },
-            "memory": {
-                "capacity": {
-                    "bytes": 16815325184
-                },
-                "allocatable": {
-                    "bytes": 16815325184
-                }
-            },
-            "cpu": {
-                "allocatable": {
-                    "cores": 4
-                },
-                "capacity": {
-                    "cores": 4
-                }
-            },
-            "name": "minikube",
-            "status": {
-                "ready": "true",
-                "unschedulable": false
-            }
-        },
-        "labels": {
-            "kubernetes_io/arch": "amd64",
-            "kubernetes_io/hostname": "minikube",
-            "kubernetes_io/os": "linux",
-            "node-role_kubernetes_io/master": "",
-            "beta_kubernetes_io/arch": "amd64",
-            "beta_kubernetes_io/os": "linux"
-        }
-    },
-    "agent": {
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    },
-    "service": {
-        "type": "kubernetes",
-        "address": "kube-state-metrics:8080"
-    },
-    "event": {
-        "dataset": "kubernetes.node",
-        "module": "kubernetes",
-        "duration": 8194220
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs
deleted file mode 100644
index b8556ce98..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,11 +0,0 @@
-metricsets: ["state_persistentvolume"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/fields.yml
deleted file mode 100644
index e441ac8f9..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/fields/fields.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-- name: kubernetes.persistentvolume
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-      description: Volume name.
-    - name: capacity.bytes
-      type: long
-      unit: byte
-      metric_type: gauge
-      description: Volume capacity
-    - name: phase
-      type: keyword
-      description: Volume phase according to kubernetes
-    - name: storage_class
-      type: keyword
-      description: Storage class for the volume
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/manifest.yml
deleted file mode 100644
index 1a6cbabc4..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes PersistentVolume metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes PersistentVolume metrics
-    description: Collect Kubernetes PersistentVolume metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/sample_event.json
deleted file mode 100644
index cbc6f7f84..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolume/sample_event.json
+++ /dev/null
@@ -1,60 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:43:54.412Z",
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "event": {
-        "module": "kubernetes",
-        "duration": 12149615,
-        "dataset": "kubernetes.persistentvolume"
-    },
-    "agent": {
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat"
-    },
-    "kubernetes": {
-        "persistentvolume": {
-            "capacity": {
-                "bytes": 10737418240
-            },
-            "phase": "Bound",
-            "storage_class": "manual",
-            "name": "task-pv-volume"
-        },
-        "labels": {
-            "type": "local"
-        }
-    },
-    "host": {
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "containerized": false
-    },
-    "metricset": {
-        "period": 10000,
-        "name": "state_persistentvolume"
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs
deleted file mode 100644
index 06ae23614..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_persistentvolumeclaim"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml
deleted file mode 100644
index 6f11ce66b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/fields/fields.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- name: kubernetes.persistentvolumeclaim
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-      description: PVC name.
-    - name: volume_name
-      type: keyword
-      description: Binded volume name.
-    - name: request_storage.bytes
-      type: long
-      unit: byte
-      metric_type: gauge
-      description: Requested capacity.
-    - name: phase
-      type: keyword
-      description: PVC phase.
-    - name: access_mode
-      type: keyword
-      description: Access mode.
-    - name: storage_class
-      type: keyword
-      description: Storage class for the PVC.
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml
deleted file mode 100644
index a825fda1c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes PersistentVolumeClaim metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes PersistentVolumeClaim metrics
-    description: Collect Kubernetes PersistentVolumeClaim metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json
deleted file mode 100644
index 0a1204964..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_persistentvolumeclaim/sample_event.json
+++ /dev/null
@@ -1,60 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:44:44.418Z",
-    "event": {
-        "dataset": "kubernetes.persistentvolumeclaim",
-        "module": "kubernetes",
-        "duration": 5698588
-    },
-    "metricset": {
-        "name": "state_persistentvolumeclaim",
-        "period": 10000
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "kubernetes": {
-        "namespace": "default",
-        "persistentvolumeclaim": {
-            "phase": "Bound",
-            "storage_class": "manual",
-            "volume_name": "task-pv-volume",
-            "name": "task-pv-claim",
-            "request_storage": {
-                "bytes": 3221225472
-            },
-            "access_mode": "ReadWriteOnce"
-        }
-    },
-    "agent": {
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "os": {
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs
deleted file mode 100644
index b35f091f9..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_pod"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/base-fields.yml
deleted file mode 100644
index 31b09fa29..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/base-fields.yml
+++ /dev/null
@@ -1,97 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: daemonset.name
-      type: keyword
-      description: >
-        Kubernetes daemonset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/ecs.yml
deleted file mode 100644
index 31cb2817b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/ecs.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: container.runtime
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/fields.yml
deleted file mode 100644
index 67d4cb4b2..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/fields/fields.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-- name: kubernetes.pod
-  type: group
-  fields:
-    - name: ip
-      type: ip
-      description: |
-        Kubernetes pod IP
-    - name: host_ip
-      type: ip
-      description: |
-        Kubernetes pod host IP
-    - name: status
-      type: group
-      fields:
-        - name: phase
-          type: keyword
-          description: |
-            Kubernetes pod phase (Running, Pending...)
-        - name: ready
-          type: keyword
-          description: |
-            Kubernetes pod ready status (true, false or unknown)
-        - name: scheduled
-          type: keyword
-          description: |
-            Kubernetes pod scheduled status (true, false, unknown)
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_pod/manifest.yml
deleted file mode 100644
index 165122636..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes Pod metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Pod metrics
-    description: Collect Kubernetes Pod metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_pod/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_pod/sample_event.json
deleted file mode 100644
index 1b868887b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_pod/sample_event.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:38:34.469Z",
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux"
-        }
-    },
-    "event": {
-        "duration": 10777415,
-        "dataset": "kubernetes.pod",
-        "module": "kubernetes"
-    },
-    "service": {
-        "type": "kubernetes",
-        "address": "kube-state-metrics:8080"
-    },
-    "kubernetes": {
-        "pod": {
-            "name": "filebeat-dqzzz",
-            "status": {
-                "ready": "true",
-                "scheduled": "true",
-                "phase": "running"
-            },
-            "host_ip": "192.168.64.10",
-            "ip": "192.168.64.10",
-            "uid": "a5f1d3c9-40b6-4182-823b-dd5ff9832279"
-        },
-        "namespace": "kube-system",
-        "node": {
-            "name": "minikube"
-        },
-        "labels": {
-            "controller-revision-hash": "85649b9ddb",
-            "k8s-app": "filebeat",
-            "pod-template-generation": "1"
-        }
-    },
-    "agent": {
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487"
-    },
-    "metricset": {
-        "period": 10000,
-        "name": "state_pod"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs
deleted file mode 100644
index 8b4cdd582..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_replicaset"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/base-fields.yml
deleted file mode 100644
index 9db605480..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/base-fields.yml
+++ /dev/null
@@ -1,92 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      dimensiont: true
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      dimensiont: true
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/fields.yml
deleted file mode 100644
index 40928a771..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/fields/fields.yml
+++ /dev/null
@@ -1,31 +0,0 @@
-- name: kubernetes.replicaset
-  type: group
-  fields:
-    - name: replicas
-      type: group
-      fields:
-        - name: available
-          type: long
-          metric_type: gauge
-          description: |
-            The number of replicas per ReplicaSet
-        - name: desired
-          type: long
-          metric_type: gauge
-          description: |
-            The number of replicas per ReplicaSet
-        - name: ready
-          type: long
-          metric_type: gauge
-          description: |
-            The number of ready replicas per ReplicaSet
-        - name: observed
-          type: long
-          metric_type: gauge
-          description: |
-            The generation observed by the ReplicaSet controller
-        - name: labeled
-          type: long
-          metric_type: gauge
-          description: |
-            The number of fully labeled replicas per ReplicaSet
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/manifest.yml
deleted file mode 100644
index fd6847b61..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes state_replicaset metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Replicaset metrics
-    description: Collect Kubernetes Replicaset metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_replicaset/sample_event.json
deleted file mode 100644
index e5506863d..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_replicaset/sample_event.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:38:54.482Z",
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "metricset": {
-        "period": 10000,
-        "name": "state_replicaset"
-    },
-    "event": {
-        "module": "kubernetes",
-        "duration": 5456128,
-        "dataset": "kubernetes.replicaset"
-    },
-    "kubernetes": {
-        "namespace": "kube-system",
-        "replicaset": {
-            "name": "nginx-ingress-controller-6fc5bcc8c9",
-            "replicas": {
-                "labeled": 1,
-                "ready": 1,
-                "available": 1,
-                "observed": 1,
-                "desired": 1
-            }
-        },
-        "deployment": {
-            "name": "nginx-ingress-controller"
-        },
-        "labels": {
-            "app_kubernetes_io/part-of": "kube-system",
-            "pod-template-hash": "6fc5bcc8c9",
-            "addonmanager_kubernetes_io/mode": "Reconcile",
-            "app_kubernetes_io/name": "nginx-ingress-controller"
-        }
-    },
-    "agent": {
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs
deleted file mode 100644
index 2b7da2e38..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_resourcequota"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/fields.yml
deleted file mode 100644
index 530619270..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/fields/fields.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-- name: kubernetes.resourcequota
-  type: group
-  fields:
-    - name: created.sec
-      type: double
-      unit: s
-      metric_type: gauge
-      description: Epoch seconds since the ResourceQuota was created
-    - name: quota
-      type: double
-      metric_type: gauge
-      description: Quota informed (hard or used) for the resource
-    - name: name
-      dimension: true
-      type: keyword
-      description: ResourceQuota name
-    - name: type
-      dimension: true
-      type: keyword
-      description: Quota information type, `hard` or `used`
-    - name: resource
-      dimension: true
-      type: keyword
-      description: Resource name the quota applies to
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/manifest.yml
deleted file mode 100644
index c06b079d7..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes ResourceQuota metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes ResourceQuota metrics
-    description: Collect Kubernetes ResourceQuota metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/sample_event.json
deleted file mode 100644
index d3603943f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_resourcequota/sample_event.json
+++ /dev/null
@@ -1,56 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:45:04.416Z",
-    "metricset": {
-        "name": "state_resourcequota",
-        "period": 10000
-    },
-    "host": {
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "codename": "Core",
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ]
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "event": {
-        "dataset": "kubernetes.resourcequota",
-        "module": "kubernetes",
-        "duration": 6324269
-    },
-    "agent": {
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "kubernetes": {
-        "namespace": "quota-object-example",
-        "resourcequota": {
-            "name": "object-quota-demo",
-            "resource": "persistentvolumeclaims",
-            "type": "hard",
-            "quota": 1
-        }
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs
deleted file mode 100644
index 134349678..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_service/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_service"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/fields/fields.yml
deleted file mode 100644
index 0bec40286..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_service/fields/fields.yml
+++ /dev/null
@@ -1,31 +0,0 @@
-- name: kubernetes.service
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-      description: Service name.
-    - name: cluster_ip
-      type: keyword
-      description: Internal IP for the service.
-    - name: external_name
-      type: keyword
-      description: Service external DNS name
-    - name: external_ip
-      type: keyword
-      description: Service external IP
-    - name: load_balancer_ip
-      type: keyword
-      description: Load Balancer service IP
-    - name: type
-      type: keyword
-      description: Service type
-    - name: ingress_ip
-      type: keyword
-      description: Ingress IP
-    - name: ingress_hostname
-      type: keyword
-      description: Ingress Hostname
-    - name: created
-      type: date
-      description: Service creation date
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_service/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_service/manifest.yml
deleted file mode 100644
index 9c1214316..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_service/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes Service metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes Service metrics
-    description: Collect Kubernetes Service metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_service/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_service/sample_event.json
deleted file mode 100644
index a6cd05ed1..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_service/sample_event.json
+++ /dev/null
@@ -1,62 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:39:24.389Z",
-    "kubernetes": {
-        "labels": {
-            "kubernetes_io_minikube_addons_endpoint": "metrics-server",
-            "kubernetes_io_name": "Metrics-server",
-            "addonmanager_kubernetes_io_mode": "Reconcile",
-            "kubernetes_io_minikube_addons": "metrics-server"
-        },
-        "service": {
-            "name": "metrics-server",
-            "created": "2020-06-10T09:02:27.000Z",
-            "cluster_ip": "10.96.124.248",
-            "type": "ClusterIP"
-        },
-        "namespace": "kube-system"
-    },
-    "event": {
-        "dataset": "kubernetes.service",
-        "module": "kubernetes",
-        "duration": 10966648
-    },
-    "metricset": {
-        "name": "state_service",
-        "period": 10000
-    },
-    "host": {
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "os": {
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core"
-        }
-    },
-    "agent": {
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs
deleted file mode 100644
index 2ecf8cc5f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_statefulset"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/base-fields.yml
deleted file mode 100644
index b6151d62f..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/base-fields.yml
+++ /dev/null
@@ -1,91 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      dimensions: true
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/fields.yml
deleted file mode 100644
index e28adddca..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/fields/fields.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-- name: kubernetes.statefulset
-  type: group
-  fields:
-    - name: created
-      type: long
-      metric_type: gauge
-      description: |
-        The creation timestamp (epoch) for StatefulSet
-    - name: replicas
-      type: group
-      fields:
-        - name: observed
-          type: long
-          metric_type: gauge
-          description: |
-            The number of observed replicas per StatefulSet
-        - name: desired
-          type: long
-          metric_type: gauge
-          description: |
-            The number of desired replicas per StatefulSet
-        - name: ready
-          type: long
-          metric_type: gauge
-          description: >
-            The number of ready replicas per StatefulSet
-
-    - name: generation
-      type: group
-      fields:
-        - name: observed
-          type: long
-          metric_type: gauge
-          description: |
-            The observed generation per StatefulSet
-        - name: desired
-          type: long
-          metric_type: gauge
-          description: |
-            The desired generation per StatefulSet
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/manifest.yml
deleted file mode 100644
index ea6c38222..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes StatefulSet metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes StatefulSet metrics
-    description: Collect Kubernetes StatefulSet metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_statefulset/sample_event.json
deleted file mode 100644
index 9a87bc3df..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_statefulset/sample_event.json
+++ /dev/null
@@ -1,62 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:39:24.389Z",
-    "kubernetes": {
-        "namespace": "default",
-        "statefulset": {
-            "created": 1511989697,
-            "generation": {
-                "desired": 4,
-                "observed": 2
-            },
-            "name": "mysql",
-            "replicas": {
-                "desired": 5,
-                "observed": 2
-            }
-        }
-    },
-    "event": {
-        "dataset": "kubernetes.statefulset",
-        "module": "kubernetes",
-        "duration": 10966648
-    },
-    "metricset": {
-        "name": "state_statefulset",
-        "period": 10000
-    },
-    "host": {
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ],
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "os": {
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core"
-        }
-    },
-    "agent": {
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 0f4bd620c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    hosts:
-      # this is the DNS name of the k8s service for kube-state-metrics deployment
-      - http://kube-state-metrics:8080
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs
deleted file mode 100644
index acf1b2e2c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-metricsets: ["state_storageclass"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if leaderelection}}
-condition: ${kubernetes_leaderelection.leader} == true
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/fields.yml
deleted file mode 100644
index 6a0d31a62..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/fields/fields.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: kubernetes.storageclass
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-      description: Storage class name.
-    - name: provisioner
-      type: keyword
-      description: Volume provisioner for the storage class.
-    - name: reclaim_policy
-      type: keyword
-      description: Reclaim policy for dynamically created volumes
-    - name: volume_binding_mode
-      type: keyword
-      description: Mode for default provisioning and binding
-    - name: created
-      type: date
-      description: Storage class creation date
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/manifest.yml
deleted file mode 100644
index 5e1821b11..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/manifest.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-title: Kubernetes StorageClass metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    enabled: false
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - kube-state-metrics:8080
-      - name: leaderelection
-        type: bool
-        title: Leader Election
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-    title: Kubernetes StorageClass metrics
-    description: Collect Kubernetes StorageClass metrics from kube_state_metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/state_storageclass/sample_event.json
deleted file mode 100644
index de074d381..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/state_storageclass/sample_event.json
+++ /dev/null
@@ -1,59 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:39:44.399Z",
-    "agent": {
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "644323b5-5d6a-4dfb-92dd-35ca602db487",
-        "id": "a6147a6e-6626-4a84-9907-f372f6c61eee"
-    },
-    "kubernetes": {
-        "storageclass": {
-            "provisioner": "k8s.io/minikube-hostpath",
-            "reclaim_policy": "Delete",
-            "volume_binding_mode": "Immediate",
-            "name": "standard",
-            "created": "2020-06-10T09:02:27.000Z"
-        },
-        "labels": {
-            "addonmanager_kubernetes_io_mode": "EnsureExists"
-        }
-    },
-    "host": {
-        "hostname": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "architecture": "x86_64",
-        "os": {
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "name": "agent-ingest-management-clusterscope-674dbb75df-rp8cc",
-        "containerized": false,
-        "ip": [
-            "172.17.0.11"
-        ],
-        "mac": [
-            "02:42:ac:11:00:0b"
-        ]
-    },
-    "event": {
-        "module": "kubernetes",
-        "duration": 5713503,
-        "dataset": "kubernetes.storageclass"
-    },
-    "metricset": {
-        "name": "state_storageclass",
-        "period": 10000
-    },
-    "service": {
-        "address": "kube-state-metrics:8080",
-        "type": "kubernetes"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/system/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 6c69562d4..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-    period: 5s
-    hosts:
-      - https://{{Hostname}}:10250
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/system/agent/stream/stream.yml.hbs
deleted file mode 100644
index 7157b762c..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,11 +0,0 @@
-metricsets: ["system"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if bearer_token_file}}
-bearer_token_file: {{bearer_token_file}}
-ssl.verification_mode: {{ssl.verification_mode}}
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/base-fields.yml
deleted file mode 100644
index 0e3072d1e..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/fields/base-fields.yml
+++ /dev/null
@@ -1,91 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      dimension: true
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/system/fields/fields.yml
deleted file mode 100644
index 65fc48d0d..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/fields/fields.yml
+++ /dev/null
@@ -1,74 +0,0 @@
-- name: kubernetes.system
-  type: group
-  fields:
-    - name: container
-      dimension: true
-      type: keyword
-      description: |
-        Container name
-    - name: start_time
-      type: date
-      description: |
-        Start time
-    - name: cpu
-      type: group
-      fields:
-        - name: usage
-          type: group
-          fields:
-            - name: core
-              type: group
-              fields:
-                - name: ns
-                  type: long
-                  metric_type: gauge
-                  description: |
-                    CPU Core usage nanoseconds
-            - name: nanocores
-              type: long
-              metric_type: gauge
-              description: |
-                CPU used nanocores
-    - name: memory
-      type: group
-      fields:
-        - name: usage
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Total memory usage
-        - name: rss
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                RSS memory usage
-        - name: workingset
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Working set memory usage
-        - name: pagefaults
-          type: long
-          metric_type: counter
-          description: |
-            Number of page faults
-        - name: majorpagefaults
-          type: long
-          metric_type: counter
-          description: |
-            Number of major page faults
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/system/manifest.yml
deleted file mode 100644
index 322c0958a..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/manifest.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-title: Kubernetes System metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: bearer_token_file
-        type: text
-        title: Bearer Token File
-        multi: false
-        required: true
-        show_user: true
-        default: /var/run/secrets/kubernetes.io/serviceaccount/token
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - https://${env.NODE_NAME}:10250
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-      - name: ssl.verification_mode
-        type: text
-        title: SSL Verification Mode
-        multi: false
-        required: true
-        show_user: true
-        default: none
-    title: Kubernetes System metrics
-    description: Collect Kubernetes system metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/system/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/system/sample_event.json
deleted file mode 100644
index 1c490ef75..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/system/sample_event.json
+++ /dev/null
@@ -1,101 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:39:59.647Z",
-    "service": {
-        "address": "minikube:10250",
-        "type": "kubernetes"
-    },
-    "event": {
-        "duration": 20012905,
-        "dataset": "kubernetes.system",
-        "module": "kubernetes"
-    },
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "host": {
-        "mac": [
-            "aa:83:2f:7f:6b:12",
-            "02:42:d4:8c:94:93",
-            "2a:59:80:9e:fc:d6",
-            "da:3a:d9:e9:70:52",
-            "8a:0a:b6:18:ba:76",
-            "f6:47:fa:80:e8:8b",
-            "9e:c3:ff:95:e4:8e",
-            "6e:1c:29:50:d4:0c",
-            "b6:f3:11:60:14:ed",
-            "22:f2:2a:96:1e:7b",
-            "56:34:ba:de:57:20",
-            "aa:78:91:29:81:f7"
-        ],
-        "hostname": "minikube",
-        "name": "minikube",
-        "architecture": "x86_64",
-        "os": {
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core",
-            "platform": "centos"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "192.168.64.10",
-            "fe80::a883:2fff:fe7f:6b12",
-            "172.17.0.1",
-            "fe80::42:d4ff:fe8c:9493",
-            "fe80::2859:80ff:fe9e:fcd6",
-            "fe80::d83a:d9ff:fee9:7052",
-            "fe80::880a:b6ff:fe18:ba76",
-            "fe80::f447:faff:fe80:e88b",
-            "fe80::9cc3:ffff:fe95:e48e",
-            "fe80::6c1c:29ff:fe50:d40c",
-            "fe80::b4f3:11ff:fe60:14ed",
-            "fe80::20f2:2aff:fe96:1e7b",
-            "fe80::5434:baff:fede:5720",
-            "fe80::a878:91ff:fe29:81f7"
-        ]
-    },
-    "agent": {
-        "ephemeral_id": "b964a246-96c0-456a-a5c2-8c8b1040ecaf",
-        "id": "f7ec69f9-4997-4e76-b6c7-0c75206b727a",
-        "name": "minikube",
-        "type": "metricbeat",
-        "version": "8.0.0"
-    },
-    "kubernetes": {
-        "node": {
-            "name": "minikube"
-        },
-        "system": {
-            "container": "runtime",
-            "cpu": {
-                "usage": {
-                    "nanocores": 35779815,
-                    "core": {
-                        "ns": 530899961233
-                    }
-                }
-            },
-            "memory": {
-                "pagefaults": 12944019,
-                "majorpagefaults": 99,
-                "usage": {
-                    "bytes": 198279168
-                },
-                "workingset": {
-                    "bytes": 178794496
-                },
-                "rss": {
-                    "bytes": 125259776
-                }
-            },
-            "start_time": "2020-06-25T07:19:32Z"
-        }
-    },
-    "metricset": {
-        "name": "system",
-        "period": 10000
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty b/test/packages/with-kind/kubernetes/data_stream/volume/_dev/deploy/k8s/.empty
deleted file mode 100644
index e69de29bb..000000000
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml b/test/packages/with-kind/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml
deleted file mode 100644
index 6c69562d4..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/_dev/test/system/test-default-config.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-service: kubernetes
-data_stream:
-  vars:
-    bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-    period: 5s
-    hosts:
-      - https://{{Hostname}}:10250
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs b/test/packages/with-kind/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs
deleted file mode 100644
index d546a6663..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/agent/stream/stream.yml.hbs
+++ /dev/null
@@ -1,11 +0,0 @@
-metricsets: ["volume"]
-add_metadata: {{add_metadata}}
-hosts:
-{{#each hosts}}
-  - {{this}}
-{{/each}}
-period: {{period}}
-{{#if bearer_token_file}}
-bearer_token_file: {{bearer_token_file}}
-ssl.verification_mode: {{ssl.verification_mode}}
-{{/if}}
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/fields/agent.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/agent.yml
deleted file mode 100644
index da4e652c5..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/fields/agent.yml
+++ /dev/null
@@ -1,198 +0,0 @@
-- name: cloud
-  title: Cloud
-  group: 2
-  description: Fields related to the cloud or infrastructure the events are coming from.
-  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
-  type: group
-  fields:
-    - name: account.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
-
-        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
-      example: 666777888999
-    - name: availability_zone
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Availability zone in which this host is running.
-      example: us-east-1c
-    - name: instance.id
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance ID of the host machine.
-      example: i-1234567890abcdef0
-    - name: instance.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Instance name of the host machine.
-    - name: machine.type
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Machine type of the host machine.
-      example: t2.medium
-    - name: provider
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
-      example: aws
-    - name: region
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Region in which this host is running.
-      example: us-east-1
-    - name: project.id
-      type: keyword
-      description: Name of the project in Google Cloud.
-    - name: image.id
-      type: keyword
-      description: Image ID for the cloud instance.
-- name: container
-  title: Container
-  group: 2
-  description: 'Container fields are used for meta information about the specific container that is the source of information.
-
-    These fields help correlate data based containers from any runtime.'
-  type: group
-  fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
-    - name: image.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Name of the image the container was built on.
-    - name: labels
-      level: extended
-      type: object
-      object_type: keyword
-      description: Image labels.
-    - name: name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Container name.
-- name: host
-  title: Host
-  group: 2
-  description: 'A host is defined as a general computing instance.
-
-    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
-  type: group
-  fields:
-    - name: architecture
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Operating system architecture.
-      example: x86_64
-    - name: domain
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the domain of which the host is a member.
-
-        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
-      example: CONTOSO
-      default_field: false
-    - name: hostname
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Hostname of the host.
-
-        It normally contains what the `hostname` command returns on the host machine.'
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Unique host id.
-
-        As hostname is not always unique, use values that are meaningful in your environment.
-
-        Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
-    - name: mac
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Host mac addresses.
-    - name: name
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Name of the host.
-
-        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
-    - name: os.family
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: OS family (such as redhat, debian, freebsd, windows).
-      example: debian
-    - name: os.kernel
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system kernel version as a raw string.
-      example: 4.4.0-112-generic
-    - name: os.name
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      multi_fields:
-        - name: text
-          type: text
-          norms: false
-          default_field: false
-      description: Operating system name, without the version.
-      example: Mac OS X
-    - name: os.platform
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system platform (such centos, ubuntu, windows).
-      example: darwin
-    - name: os.version
-      level: extended
-      type: keyword
-      ignore_above: 1024
-      description: Operating system version as a raw string.
-      example: 10.14.1
-    - name: type
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: 'Type of host.
-
-        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
-    - name: containerized
-      type: boolean
-      description: >
-        If the host is a container.
-
-    - name: os.build
-      type: keyword
-      example: "18D109"
-      description: >
-        OS build information.
-
-    - name: os.codename
-      type: keyword
-      example: "stretch"
-      description: >
-        OS codename, if any.
-
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/fields/base-fields.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/base-fields.yml
deleted file mode 100644
index d43ffd796..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/fields/base-fields.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-- name: data_stream.type
-  type: constant_keyword
-  description: Data stream type.
-- name: data_stream.dataset
-  type: constant_keyword
-  description: Data stream dataset.
-- name: data_stream.namespace
-  type: constant_keyword
-  description: Data stream namespace.
-- name: '@timestamp'
-  type: date
-  description: Event timestamp.
-- name: kubernetes
-  type: group
-  fields:
-    - name: pod.name
-      type: keyword
-      description: >
-        Kubernetes pod name
-
-    - name: pod.uid
-      type: keyword
-      description: >
-        Kubernetes pod UID
-
-    - name: pod.ip
-      type: ip
-      description: >
-        Kubernetes pod IP
-
-    - name: namespace
-      type: keyword
-      description: >
-        Kubernetes namespace
-
-    - name: node.name
-      type: keyword
-      description: >
-        Kubernetes node name
-
-    - name: node.hostname
-      type: keyword
-      description: >
-        Kubernetes hostname as reported by the node’s kernel
-
-    - name: labels.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes labels map
-
-    - name: annotations.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes annotations map
-
-    - name: selectors.*
-      type: object
-      object_type: keyword
-      object_type_mapping_type: "*"
-      description: >
-        Kubernetes Service selectors map
-
-    - name: replicaset.name
-      type: keyword
-      description: >
-        Kubernetes replicaset name
-
-    - name: deployment.name
-      type: keyword
-      description: >
-        Kubernetes deployment name
-
-    - name: statefulset.name
-      type: keyword
-      description: >
-        Kubernetes statefulset name
-
-    - name: container.name
-      type: keyword
-      description: >
-        Kubernetes container name
-
-    - name: container.image
-      type: keyword
-      description: >-
-        Kubernetes container image
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/fields/ecs.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/ecs.yml
deleted file mode 100644
index cd4e3a89b..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/fields/ecs.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- external: ecs
-  name: ecs.version
-- external: ecs
-  name: service.address
-- external: ecs
-  name: service.type
-- external: ecs
-  name: orchestrator.cluster.name
-- external: ecs
-  name: orchestrator.cluster.url
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/fields/fields.yml b/test/packages/with-kind/kubernetes/data_stream/volume/fields/fields.yml
deleted file mode 100644
index afebbf228..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/fields/fields.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-- name: kubernetes.volume
-  type: group
-  fields:
-    - name: name
-      dimension: true
-      type: keyword
-      description: |
-        Volume name
-    - name: fs
-      type: group
-      fields:
-        - name: capacity
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Filesystem total capacity in bytes
-        - name: available
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Filesystem total available in bytes
-        - name: used
-          type: group
-          fields:
-            - name: bytes
-              type: long
-              format: bytes
-              unit: byte
-              metric_type: gauge
-              description: |
-                Filesystem total used in bytes
-            - name: pct
-              type: long
-              unit: percent
-              metric_type: gauge
-              description: |
-                Percentage of filesystem total used
-        - name: inodes
-          type: group
-          fields:
-            - name: used
-              type: long
-              metric_type: gauge
-              description: |
-                Used inodes
-            - name: free
-              type: long
-              metric_type: gauge
-              description: |
-                Free inodes
-            - name: count
-              type: long
-              metric_type: gauge
-              description: |
-                Total inodes
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/manifest.yml b/test/packages/with-kind/kubernetes/data_stream/volume/manifest.yml
deleted file mode 100644
index 6f36b86dc..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/manifest.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-title: Kubernetes Volume metrics
-type: metrics
-streams:
-  - input: kubernetes/metrics
-    vars:
-      - name: add_metadata
-        type: bool
-        title: Add Metadata
-        multi: false
-        required: true
-        show_user: true
-        default: true
-      - name: bearer_token_file
-        type: text
-        title: Bearer Token File
-        multi: false
-        required: true
-        show_user: true
-        default: /var/run/secrets/kubernetes.io/serviceaccount/token
-      - name: hosts
-        type: text
-        title: Hosts
-        multi: true
-        required: true
-        show_user: true
-        default:
-          - https://${env.NODE_NAME}:10250
-      - name: period
-        type: text
-        title: Period
-        multi: false
-        required: true
-        show_user: true
-        default: 10s
-      - name: ssl.verification_mode
-        type: text
-        title: SSL Verification Mode
-        multi: false
-        required: true
-        show_user: true
-        default: none
-    title: Kubernetes Volume metrics
-    description: Collect Kubernetes Volume metrics
diff --git a/test/packages/with-kind/kubernetes/data_stream/volume/sample_event.json b/test/packages/with-kind/kubernetes/data_stream/volume/sample_event.json
deleted file mode 100644
index 700d089f1..000000000
--- a/test/packages/with-kind/kubernetes/data_stream/volume/sample_event.json
+++ /dev/null
@@ -1,99 +0,0 @@
-{
-    "@timestamp": "2020-06-25T12:40:19.649Z",
-    "ecs": {
-        "version": "1.5.0"
-    },
-    "metricset": {
-        "name": "volume",
-        "period": 10000
-    },
-    "service": {
-        "type": "kubernetes",
-        "address": "minikube:10250"
-    },
-    "kubernetes": {
-        "pod": {
-            "name": "metricbeat-g9fc6"
-        },
-        "volume": {
-            "name": "config",
-            "fs": {
-                "inodes": {
-                    "used": 5,
-                    "free": 9549949,
-                    "count": 9768928
-                },
-                "available": {
-                    "bytes": 7719858176
-                },
-                "capacity": {
-                    "bytes": 17361141760
-                },
-                "used": {
-                    "bytes": 12288
-                }
-            }
-        },
-        "namespace": "kube-system",
-        "node": {
-            "name": "minikube"
-        }
-    },
-    "host": {
-        "architecture": "x86_64",
-        "os": {
-            "platform": "centos",
-            "version": "7 (Core)",
-            "family": "redhat",
-            "name": "CentOS Linux",
-            "kernel": "4.19.81",
-            "codename": "Core"
-        },
-        "id": "b0e83d397c054b8a99a431072fe4617b",
-        "containerized": false,
-        "ip": [
-            "192.168.64.10",
-            "fe80::a883:2fff:fe7f:6b12",
-            "172.17.0.1",
-            "fe80::42:d4ff:fe8c:9493",
-            "fe80::2859:80ff:fe9e:fcd6",
-            "fe80::d83a:d9ff:fee9:7052",
-            "fe80::880a:b6ff:fe18:ba76",
-            "fe80::f447:faff:fe80:e88b",
-            "fe80::9cc3:ffff:fe95:e48e",
-            "fe80::6c1c:29ff:fe50:d40c",
-            "fe80::b4f3:11ff:fe60:14ed",
-            "fe80::20f2:2aff:fe96:1e7b",
-            "fe80::5434:baff:fede:5720",
-            "fe80::a878:91ff:fe29:81f7"
-        ],
-        "name": "minikube",
-        "mac": [
-            "aa:83:2f:7f:6b:12",
-            "02:42:d4:8c:94:93",
-            "2a:59:80:9e:fc:d6",
-            "da:3a:d9:e9:70:52",
-            "8a:0a:b6:18:ba:76",
-            "f6:47:fa:80:e8:8b",
-            "9e:c3:ff:95:e4:8e",
-            "6e:1c:29:50:d4:0c",
-            "b6:f3:11:60:14:ed",
-            "22:f2:2a:96:1e:7b",
-            "56:34:ba:de:57:20",
-            "aa:78:91:29:81:f7"
-        ],
-        "hostname": "minikube"
-    },
-    "agent": {
-        "type": "metricbeat",
-        "version": "8.0.0",
-        "ephemeral_id": "b964a246-96c0-456a-a5c2-8c8b1040ecaf",
-        "id": "f7ec69f9-4997-4e76-b6c7-0c75206b727a",
-        "name": "minikube"
-    },
-    "event": {
-        "dataset": "kubernetes.volume",
-        "module": "kubernetes",
-        "duration": 12481688
-    }
-}
\ No newline at end of file
diff --git a/test/packages/with-kind/kubernetes/manifest.yml b/test/packages/with-kind/kubernetes/manifest.yml
index 7ddd8bd0f..990bb54d3 100644
--- a/test/packages/with-kind/kubernetes/manifest.yml
+++ b/test/packages/with-kind/kubernetes/manifest.yml
@@ -26,11 +26,7 @@ policy_templates:
     title: Kubelet Metrics
     description: Collect metrics from Kubernetes Kubelet API with Elastic Agent.
     data_streams:
-      - container
-      - node
       - pod
-      - system
-      - volume
     inputs:
       - type: kubernetes/metrics
         title: Collect Kubernetes metrics from Kubelet API
@@ -46,157 +42,5 @@ policy_templates:
         title: Metricbeat Kubernetes Overview
         size: 1896x961
         type: image/png
-  - name: kube-state-metrics
-    title: Kube-state-metrics
-    description: Collect container metrics from Kubernetes Kube-state-metrics with Elastic Agent.
-    data_streams:
-      - state_container
-      - state_cronjob
-      - state_daemonset
-      - state_deployment
-      - state_job
-      - state_node
-      - state_persistentvolume
-      - state_persistentvolumeclaim
-      - state_pod
-      - state_replicaset
-      - state_resourcequota
-      - state_service
-      - state_statefulset
-      - state_storageclass
-    inputs:
-      - type: kubernetes/metrics
-        title: Collect Kubernetes metrics from kube-state-metrics
-        description: Collecting metrics from kube-state-metrics (container, cronjob, deployment, daemonset, node, persistentvolume, persistentvolumeclaim, pod, replicaset, resourcequota, service, statefulset, storageclass)
-        input_group: metrics
-    icons:
-      - src: /img/logo_kubernetes.svg
-        title: Logo Kubernetes
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat_kubernetes_overview.png
-        title: Metricbeat Kubernetes Overview
-        size: 1896x961
-        type: image/png
-  - name: kube-apiserver
-    title: Kube-apiserver Metrics
-    description: Collect metrics from Kubernetes API Server with Elastic Agent.
-    data_streams:
-      - apiserver
-    inputs:
-      - type: kubernetes/metrics
-        title: Collect Kubernetes metrics from Kubernetes API Server
-        description: Collecting metrics from Kubernetes API Server
-        input_group: metrics
-    icons:
-      - src: /img/logo_kubernetes.svg
-        title: Logo Kubernetes
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat_kubernetes_overview.png
-        title: Metricbeat Kubernetes Overview
-        size: 1896x961
-        type: image/png
-  - name: kube-proxy
-    title: Kube-proxy Metrics
-    description: Collect metrics from Kubernetes Proxy server with Elastic Agent.
-    data_streams:
-      - proxy
-    inputs:
-      - type: kubernetes/metrics
-        title: Collect Kubernetes metrics from Kubernetes Proxy
-        description: Collecting metrics from Kubernetes Proxy
-        input_group: metrics
-    icons:
-      - src: /img/logo_kubernetes.svg
-        title: Logo Kubernetes
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-kubernetes-proxy.png
-        title: Metricbeat Kubernetes Proxy
-        size: 1854x920
-        type: image/png
-  - name: kube-scheduler
-    title: Kube-scheduler Metrics
-    description: Collect metrics from Kubernetes Scheduler with Elastic Agent.
-    data_streams:
-      - scheduler
-    inputs:
-      - type: kubernetes/metrics
-        title: Collect Kubernetes metrics from Kubernetes Scheduler
-        description: Collecting metrics from Kubernetes Scheduler
-        input_group: metrics
-    icons:
-      - src: /img/logo_kubernetes.svg
-        title: Logo Kubernetes
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat_kubernetes_scheduler.png
-        title: Metricbeat Kubernetes Scheduler
-        size: 1856x897
-        type: image/png
-  - name: kube-controller-manager
-    title: Kube-controller-manager Metrics
-    description: Collect metrics from Kubernetes Controller Manager with Elastic Agent.
-    data_streams:
-      - controllermanager
-    inputs:
-      - type: kubernetes/metrics
-        title: Collect Kubernetes metrics from Kubernetes controller-manager
-        description: Collecting metrics from Kubernetes controller-manager
-        input_group: metrics
-    icons:
-      - src: /img/logo_kubernetes.svg
-        title: Logo Kubernetes
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat-kubernetes-controllermanager.png
-        title: Metricbeat Kubernetes Controller Manager
-        size: 1896x961
-        type: image/png
-  - name: events
-    title: Kubernetes Event Metrics
-    description: Collect events related metrics from Kubernetes API server with Elastic Agent.
-    data_streams:
-      - event
-    inputs:
-      - type: kubernetes/metrics
-        title: Collect Kubernetes events from Kubernetes API Server
-        description: Collecting events from Kubernetes API Server
-        input_group: metrics
-    icons:
-      - src: /img/logo_kubernetes.svg
-        title: Logo Kubernetes
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat_kubernetes_overview.png
-        title: Metricbeat Kubernetes Overview
-        size: 1896x961
-        type: image/png
-  - name: container-logs
-    title: Kubernetes Container Logs
-    description: Collect container related logs from Kubernetes clusters with Elastic Agent.
-    data_streams:
-      - container_logs
-    inputs:
-      - type: filestream
-        title: Collect Kubernetes container logs
-        description: Collect Kubernetes container logs
-    icons:
-      - src: /img/logo_kubernetes.svg
-        title: Logo Kubernetes
-        size: 32x32
-        type: image/svg+xml
-    screenshots:
-      - src: /img/metricbeat_kubernetes_overview.png
-        title: Metricbeat Kubernetes Overview
-        size: 1896x961
-        type: image/png
 owner:
   github: elastic/integrations

From 927c6c20a459995238e1077699a2464e4195ae7b Mon Sep 17 00:00:00 2001
From: mtojek <marcin.tojek@elastic.co>
Date: Thu, 16 Dec 2021 11:12:55 +0100
Subject: [PATCH 16/16] Bring back missing data streams

---
 .../elb_logs/_dev/test/pipeline/test-alb.log  |   1 +
 .../test/pipeline/test-alb.log-expected.json  | 104 ++++++++
 .../_dev/test/pipeline/test-common-config.yml |   5 +
 .../elb_logs/agent/stream/aws-s3.yml.hbs      |  51 ++++
 .../elasticsearch/ingest_pipeline/default.yml | 222 ++++++++++++++++++
 .../aws/data_stream/elb_logs/fields/agent.yml | 198 ++++++++++++++++
 .../elb_logs/fields/base-fields.yml           |  20 ++
 .../aws/data_stream/elb_logs/fields/ecs.yml   |  22 ++
 .../data_stream/elb_logs/fields/fields.yml    | 197 ++++++++++++++++
 .../aws/data_stream/elb_logs/manifest.yml     |  70 ++++++
 .../data_stream/elb_logs/sample_event.json    | 105 +++++++++
 .../sns/agent/stream/stream.yml.hbs           |  35 +++
 .../aws/data_stream/sns/fields/agent.yml      | 198 ++++++++++++++++
 .../data_stream/sns/fields/base-fields.yml    |  20 ++
 .../aws/data_stream/sns/fields/ecs.yml        |  24 ++
 .../aws/data_stream/sns/fields/fields.yml     |  69 ++++++
 .../data_stream/sns/fields/package-fields.yml |  19 ++
 .../parallel/aws/data_stream/sns/manifest.yml |  35 +++
 .../aws/data_stream/sns/sample_event.json     |  57 +++++
 test/packages/parallel/aws/manifest.yml       |  10 +
 20 files changed, 1462 insertions(+)
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
 create mode 100644 test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
 create mode 100644 test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
 create mode 100644 test/packages/parallel/aws/data_stream/sns/fields/agent.yml
 create mode 100644 test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
 create mode 100644 test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
 create mode 100644 test/packages/parallel/aws/data_stream/sns/fields/fields.yml
 create mode 100644 test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
 create mode 100644 test/packages/parallel/aws/data_stream/sns/manifest.yml
 create mode 100644 test/packages/parallel/aws/data_stream/sns/sample_event.json

diff --git a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
new file mode 100644
index 000000000..dcb5b8563
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log
@@ -0,0 +1 @@
+http 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 "GET http://www.example.com:80/ HTTP/1.1" "curl/7.46.0" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337262-36d228ad5d99923122bbe354" "-" "-" 0 2018-07-02T22:22:48.364000Z "forward,redirect" "-" "-" "10.0.0.1:80" "200" "-" "-"
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
new file mode 100644
index 000000000..baf96cc0f
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-alb.log-expected.json
@@ -0,0 +1,104 @@
+{
+    "expected": [
+        {
+            "tracing": {
+                "trace": {
+                    "id": "Root=1-58337262-36d228ad5d99923122bbe354"
+                }
+            },
+            "source": {
+                "port": "2817",
+                "ip": "192.168.131.39"
+            },
+            "url": {
+                "path": "/",
+                "original": "http://www.example.com:80/",
+                "scheme": "http",
+                "port": 80,
+                "domain": "www.example.com"
+            },
+            "tags": [
+                "preserve_original_event"
+            ],
+            "cloud": {
+                "provider": "aws"
+            },
+            "@timestamp": "2018-07-02T22:23:00.186Z",
+            "ecs": {
+                "version": "1.12.0"
+            },
+            "http": {
+                "request": {
+                    "method": "get",
+                    "body": {
+                        "bytes": 34
+                    }
+                },
+                "version": "1.1",
+                "response": {
+                    "body": {
+                        "bytes": 366
+                    },
+                    "status_code": 200
+                }
+            },
+            "event": {
+                "ingested": "2021-12-09T16:11:58.868846100Z",
+                "original": "http 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 \"GET http://www.example.com:80/ HTTP/1.1\" \"curl/7.46.0\" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 \"Root=1-58337262-36d228ad5d99923122bbe354\" \"-\" \"-\" 0 2018-07-02T22:22:48.364000Z \"forward,redirect\" \"-\" \"-\" \"10.0.0.1:80\" \"200\" \"-\" \"-\"",
+                "kind": "event",
+                "start": "2018-07-02T22:22:48.364000Z",
+                "end": "2018-07-02T22:23:00.186Z",
+                "category": "web",
+                "outcome": "success"
+            },
+            "aws": {
+                "elb": {
+                    "trace_id": "Root=1-58337262-36d228ad5d99923122bbe354",
+                    "matched_rule_priority": "0",
+                    "type": "http",
+                    "request_processing_time": {
+                        "sec": 0.0
+                    },
+                    "response_processing_time": {
+                        "sec": 0.0
+                    },
+                    "target_port": [
+                        "10.0.0.1:80"
+                    ],
+                    "protocol": "http",
+                    "target_status_code": [
+                        "200"
+                    ],
+                    "name": "app/my-loadbalancer/50dc6c495c0c9188",
+                    "backend": {
+                        "port": "80",
+                        "http": {
+                            "response": {
+                                "status_code": 200
+                            }
+                        },
+                        "ip": "10.0.0.1"
+                    },
+                    "target_group": {
+                        "arn": "arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067"
+                    },
+                    "backend_processing_time": {
+                        "sec": 0.001
+                    },
+                    "action_executed": [
+                        "forward",
+                        "redirect"
+                    ]
+                }
+            },
+            "user_agent": {
+                "name": "curl",
+                "original": "curl/7.46.0",
+                "device": {
+                    "name": "Other"
+                },
+                "version": "7.46.0"
+            }
+        }
+    ]
+}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
new file mode 100644
index 000000000..5622947e4
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/_dev/test/pipeline/test-common-config.yml
@@ -0,0 +1,5 @@
+dynamic_fields:
+  event.ingested: ".*"
+fields:
+  tags:
+    - preserve_original_event
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs b/test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
new file mode 100644
index 000000000..ccf43bcdd
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs
@@ -0,0 +1,51 @@
+queue_url: {{queue_url}}
+{{#if credential_profile_name}}
+credential_profile_name: {{credential_profile_name}}
+{{/if}}
+{{#if shared_credential_file}}
+shared_credential_file: {{shared_credential_file}}
+{{/if}}
+{{#if visibility_timeout}}
+visibility_timeout: {{visibility_timeout}}
+{{/if}}
+{{#if api_timeout}}
+api_timeout: {{api_timeout}}
+{{/if}}
+{{#if max_number_of_messages}}
+max_number_of_messages: {{max_number_of_messages}}
+{{/if}}
+{{#if endpoint}}
+endpoint: {{endpoint}}
+{{/if}}
+{{#if access_key_id}}
+access_key_id: {{access_key_id}}
+{{/if}}
+{{#if secret_access_key}}
+secret_access_key: {{secret_access_key}}
+{{/if}}
+{{#if session_token}}
+session_token: {{session_token}}
+{{/if}}
+{{#if role_arn}}
+role_arn: {{role_arn}}
+{{/if}}
+{{#if fips_enabled}}
+fips_enabled: {{fips_enabled}}
+{{/if}}
+{{#if proxy_url }}
+proxy_url: {{proxy_url}}
+{{/if}}
+tags:
+{{#if preserve_original_event}}
+  - preserve_original_event
+{{/if}}
+{{#each tags as |tag i|}}
+  - {{tag}}
+{{/each}}
+{{#contains "forwarded" tags}}
+publisher_pipeline.disable_host: true
+{{/contains}}
+{{#if processors}}
+processors:
+{{processors}}
+{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml b/test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
new file mode 100644
index 000000000..10dbec91e
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/elasticsearch/ingest_pipeline/default.yml
@@ -0,0 +1,222 @@
+---
+description: "Pipeline for ELB logs"
+
+processors:
+  - set:
+      field: event.ingested
+      value: '{{_ingest.timestamp}}'
+  - set:
+      field: ecs.version
+      value: '1.12.0'
+  - rename:
+      field: message
+      target_field: event.original
+      ignore_missing: true
+  - grok:
+      field: event.original
+      # Classic ELB patterns documented in https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/access-log-collection.html
+      # ELB v2 Application load balancers https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
+      # ELB v2 Netwwork load balancers https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-access-logs.html
+      #
+      patterns:
+        # HTTP (Classic ELB)
+        - >-
+          %{ELBHTTPLOG}
+
+        # TCP (Classic ELB)
+        - >-
+          %{ELBTCPLOG}
+
+        # HTTP from Application Load Balancers (v2 Load Balancers)
+        - >-
+          %{ELBV2TYPE}
+          %{ELBHTTPLOG}
+          %{NOTSPACE:aws.elb.target_group.arn}
+          \"%{DATA:aws.elb.trace_id}\"
+          \"(?:-|%{DATA:destination.domain})\"
+          \"(?:-|%{DATA:aws.elb.chosen_cert.arn})\"
+          (?:-1|%{NUMBER:aws.elb.matched_rule_priority})
+          %{TIMESTAMP_ISO8601:event.start}
+          \"(?:-|%{DATA:_tmp.actions_executed})\"
+          \"(?:-|%{DATA:aws.elb.redirect_url})\"
+          \"(?:-|%{DATA:aws.elb.error.reason})\"( \"(?:-|%{DATA:_tmp.target_port})\")?( \"(?:-|%{DATA:_tmp.target_status_code})\")?( \"(?:-|%{DATA:aws.elb.classification})\")?( \"(?:-|%{DATA:aws.elb.classification_reason})\")?
+
+        # TCP from Network Load Balancers (v2 Load Balancers)
+        - >-
+          %{ELBV2TYPE}
+          %{ELBV2LOGVERSION}
+          %{ELBTIMESTAMP}
+          %{ELBNAME}
+          %{NOTSPACE:aws.elb.listener}
+          %{ELBSOURCE}
+          %{ELBBACKEND}
+          %{NUMBER:aws.elb.connection_time.ms:float}
+          %{NUMBER:aws.elb.tls_handshake_time.ms:float}
+          %{NUMBER:source.bytes:long}
+          %{NUMBER:destination.bytes:long}
+          (?:-|%{NUMBER:aws.elb.incoming_tls_alert})
+          (?:-|%{NOTSPACE:aws.elb.chosen_cert.arn})
+          (?:-|%{NOTSPACE:aws.elb.chosen_cert.serial})
+          %{ELBSSL}
+          (?:-|%{NOTSPACE:aws.elb.ssl_named_group})
+          (?:-|%{NOTSPACE:destination.domain})
+
+      pattern_definitions:
+        ELBTIMESTAMP: '%{TIMESTAMP_ISO8601:_tmp.timestamp}'
+        ELBNAME: '%{NOTSPACE:aws.elb.name}'
+        ELBSOURCE: '%{IP:source.ip}:%{POSINT:source.port}'
+        ELBBACKEND: '(?:-|%{IP:aws.elb.backend.ip}:%{POSINT:aws.elb.backend.port})'
+        ELBPROCESSINGTIME: >-
+          (?:-1|%{NUMBER:aws.elb.request_processing_time.sec:float})
+          (?:-1|%{NUMBER:aws.elb.backend_processing_time.sec:float})
+          (?:-1|%{NUMBER:aws.elb.response_processing_time.sec:float})
+        ELBSSL: >-
+          (?:-|%{NOTSPACE:aws.elb.ssl_cipher})
+          (?:-|%{NOTSPACE:aws.elb.ssl_protocol})
+        ELBCOMMON: >-
+          %{ELBTIMESTAMP}
+          %{ELBNAME}
+          %{ELBSOURCE}
+          %{ELBBACKEND}
+          %{ELBPROCESSINGTIME}
+        ELBHTTPLOG: >-
+          %{ELBCOMMON}
+          %{NUMBER:http.response.status_code:long}
+          (?:-|%{NUMBER:aws.elb.backend.http.response.status_code:long})
+          %{NUMBER:http.request.body.bytes:long}
+          %{NUMBER:http.response.body.bytes:long}
+          \"(?:-|%{WORD:http.request.method}) (?:-|%{NOTSPACE:_tmp.uri_orig}) (?:-|HTTP/%{NOTSPACE:http.version})\"
+          \"%{DATA:_tmp.user_agent}\"
+          %{ELBSSL}
+        ELBTCPLOG: >-
+          %{ELBCOMMON}
+          -
+          -
+          %{NUMBER:source.bytes:long}
+          %{NUMBER:destination.bytes:long}
+          \"- - - \"
+          \"-\"
+          %{ELBSSL}
+        ELBV2TYPE: '%{WORD:aws.elb.type}'
+        ELBV2LOGVERSION: '%{NOTSPACE}'  # Could be used to support different log versions, only 1.0 exists now
+  - set:
+      field: event.kind
+      value: event
+  - set:
+      field: cloud.provider
+      value: aws
+  - set:
+      if: ctx.http != null
+      field: aws.elb.protocol
+      value: http
+
+  - uri_parts:
+      if: 'ctx?._tmp?.uri_orig != null'
+      field: _tmp.uri_orig
+      ignore_failure: true
+
+  - user_agent:
+      if: 'ctx?._tmp?.user_agent != null'
+      field: _tmp.user_agent
+      ignore_missing: true
+
+  - set:
+      if: ctx.http != null
+      field: event.category
+      value: web
+  - set:
+      field: aws.elb.protocol
+      value: tcp
+      if: ctx.http == null
+  - set:
+      field: event.category
+      value: network
+      if: ctx.http == null
+  - set:
+      field: event.outcome
+      value: success
+      if: 'ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400'
+  - set:
+      field: event.outcome
+      value: failure
+      if: 'ctx?.http?.response?.status_code != null && ctx.http.response.status_code >= 400'
+  - lowercase:
+      field: http.request.method
+      ignore_missing: true
+  - set:
+      field: tracing.trace.id
+      value: '{{aws.elb.trace_id}}'
+      if: ctx?.aws?.elb?.trace_id != null
+  - split:
+      field: _tmp.actions_executed
+      target_field: aws.elb.action_executed
+      separator: ','
+      ignore_missing: true
+  - split:
+      field: _tmp.target_port
+      target_field: aws.elb.target_port
+      separator: ' '
+      ignore_missing: true
+  - split:
+      field: _tmp.target_status_code
+      target_field: aws.elb.target_status_code
+      separator: ' '
+      ignore_missing: true
+  - date:
+      field: _tmp.timestamp
+      formats:
+        - ISO8601
+  - set:
+      field: event.end
+      value: '{{ @timestamp }}'
+  - geoip:
+      field: source.ip
+      target_field: source.geo
+      ignore_missing: true
+  - geoip:
+      database_file: GeoLite2-ASN.mmdb
+      field: source.ip
+      target_field: source.as
+      properties:
+        - asn
+        - organization_name
+      ignore_missing: true
+  - rename:
+      field: source.as.asn
+      target_field: source.as.number
+      ignore_missing: true
+  - rename:
+      field: source.as.organization_name
+      target_field: source.as.organization.name
+      ignore_missing: true
+  - set:
+      field: tls.cipher
+      value: '{{aws.elb.ssl_cipher}}'
+      if: ctx.aws?.elb?.ssl_cipher != null
+  - script:
+      lang: painless
+      if: ctx.aws?.elb?.ssl_protocol != null
+      source: >-
+        def parts = ctx.aws.elb.ssl_protocol.splitOnToken("v");
+        if (parts.length != 2) {
+          return;
+        }
+        if (parts[1].contains(".")) {
+          ctx.tls.version = parts[1];
+        } else {
+          ctx.tls.version = parts[1].substring(0,1) + "." + parts[1].substring(1);
+        }
+        ctx.tls.version_protocol = parts[0].toLowerCase();
+  - remove:
+      field:
+        - _tmp
+      ignore_missing: true
+  - remove:
+      field: event.original
+      if: "ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))"
+      ignore_failure: true
+      ignore_missing: true
+on_failure:
+  - set:
+      field: 'error.message'
+      value: '{{ _ingest.on_failure_message }}'
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
new file mode 100644
index 000000000..da4e652c5
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/fields/agent.yml
@@ -0,0 +1,198 @@
+- name: cloud
+  title: Cloud
+  group: 2
+  description: Fields related to the cloud or infrastructure the events are coming from.
+  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
+  type: group
+  fields:
+    - name: account.id
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
+
+        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
+      example: 666777888999
+    - name: availability_zone
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Availability zone in which this host is running.
+      example: us-east-1c
+    - name: instance.id
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Instance ID of the host machine.
+      example: i-1234567890abcdef0
+    - name: instance.name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Instance name of the host machine.
+    - name: machine.type
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Machine type of the host machine.
+      example: t2.medium
+    - name: provider
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
+      example: aws
+    - name: region
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Region in which this host is running.
+      example: us-east-1
+    - name: project.id
+      type: keyword
+      description: Name of the project in Google Cloud.
+    - name: image.id
+      type: keyword
+      description: Image ID for the cloud instance.
+- name: container
+  title: Container
+  group: 2
+  description: 'Container fields are used for meta information about the specific container that is the source of information.
+
+    These fields help correlate data based containers from any runtime.'
+  type: group
+  fields:
+    - name: id
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: Unique container id.
+    - name: image.name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Name of the image the container was built on.
+    - name: labels
+      level: extended
+      type: object
+      object_type: keyword
+      description: Image labels.
+    - name: name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Container name.
+- name: host
+  title: Host
+  group: 2
+  description: 'A host is defined as a general computing instance.
+
+    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
+  type: group
+  fields:
+    - name: architecture
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: Operating system architecture.
+      example: x86_64
+    - name: domain
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: 'Name of the domain of which the host is a member.
+
+        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
+      example: CONTOSO
+      default_field: false
+    - name: hostname
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Hostname of the host.
+
+        It normally contains what the `hostname` command returns on the host machine.'
+    - name: id
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Unique host id.
+
+        As hostname is not always unique, use values that are meaningful in your environment.
+
+        Example: The current usage of `beat.name`.'
+    - name: ip
+      level: core
+      type: ip
+      description: Host ip addresses.
+    - name: mac
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: Host mac addresses.
+    - name: name
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Name of the host.
+
+        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
+    - name: os.family
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: OS family (such as redhat, debian, freebsd, windows).
+      example: debian
+    - name: os.kernel
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Operating system kernel version as a raw string.
+      example: 4.4.0-112-generic
+    - name: os.name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      multi_fields:
+        - name: text
+          type: text
+          norms: false
+          default_field: false
+      description: Operating system name, without the version.
+      example: Mac OS X
+    - name: os.platform
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Operating system platform (such centos, ubuntu, windows).
+      example: darwin
+    - name: os.version
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Operating system version as a raw string.
+      example: 10.14.1
+    - name: type
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Type of host.
+
+        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
+    - name: containerized
+      type: boolean
+      description: >
+        If the host is a container.
+
+    - name: os.build
+      type: keyword
+      example: "18D109"
+      description: >
+        OS build information.
+
+    - name: os.codename
+      type: keyword
+      example: "stretch"
+      description: >
+        OS codename, if any.
+
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
new file mode 100644
index 000000000..fedbf54e9
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/fields/base-fields.yml
@@ -0,0 +1,20 @@
+- name: data_stream.type
+  type: constant_keyword
+  description: Data stream type.
+- name: data_stream.dataset
+  type: constant_keyword
+  description: Data stream dataset.
+- name: data_stream.namespace
+  type: constant_keyword
+  description: Data stream namespace.
+- name: '@timestamp'
+  type: date
+  description: Event timestamp.
+- name: event.module
+  type: constant_keyword
+  description: Event module
+  value: aws
+- name: event.dataset
+  type: constant_keyword
+  description: Event dataset
+  value: aws.elb_logs
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
new file mode 100644
index 000000000..00a543651
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/fields/ecs.yml
@@ -0,0 +1,22 @@
+- external: ecs
+  name: ecs.version
+- external: ecs
+  name: error.message
+- external: ecs
+  name: tags
+- external: ecs
+  name: url.domain
+- external: ecs
+  name: url.original
+- external: ecs
+  name: url.path
+- external: ecs
+  name: url.port
+- external: ecs
+  name: url.scheme
+- external: ecs
+  name: user_agent.device.name
+- external: ecs
+  name: user_agent.name
+- external: ecs
+  name: user_agent.version
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml b/test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
new file mode 100644
index 000000000..a93a86942
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/fields/fields.yml
@@ -0,0 +1,197 @@
+- name: aws.elb
+  type: group
+  fields:
+    - name: name
+      type: keyword
+      description: |
+        The name of the load balancer.
+    - name: type
+      type: keyword
+      description: |
+        The type of the load balancer for v2 Load Balancers.
+    - name: target_group.arn
+      type: keyword
+      description: |
+        The ARN of the target group handling the request.
+    - name: listener
+      type: keyword
+      description: |
+        The ELB listener that received the connection.
+    - name: protocol
+      type: keyword
+      description: |
+        The protocol of the load balancer (http or tcp).
+    - name: request_processing_time.sec
+      type: float
+      description: |
+        The total time in seconds since the connection or request is received until it is sent to a registered backend.
+    - name: backend_processing_time.sec
+      type: float
+      description: |
+        The total time in seconds since the connection is sent to the backend till the backend starts responding.
+    - name: response_processing_time.sec
+      type: float
+      description: |
+        The total time in seconds since the response is received from the backend till it is sent to the client.
+    - name: connection_time.ms
+      type: long
+      description: |
+        The total time of the connection in milliseconds, since it is opened till it is closed.
+    - name: tls_handshake_time.ms
+      type: long
+      description: |
+        The total time for the TLS handshake to complete in milliseconds once the connection has been established.
+    - name: backend.ip
+      type: keyword
+      description: |
+        The IP address of the backend processing this connection.
+    - name: backend.port
+      type: keyword
+      description: |
+        The port in the backend processing this connection.
+    - name: backend.http.response.status_code
+      type: long
+      description: |
+        The status code from the backend (status code sent to the client from ELB is stored in `http.response.status_code`
+    - name: ssl_cipher
+      type: keyword
+      description: |
+        The SSL cipher used in TLS/SSL connections.
+    - name: ssl_protocol
+      type: keyword
+      description: |
+        The SSL protocol used in TLS/SSL connections.
+    - name: chosen_cert.arn
+      type: keyword
+      description: |
+        The ARN of the chosen certificate presented to the client in TLS/SSL connections.
+    - name: chosen_cert.serial
+      type: keyword
+      description: |
+        The serial number of the chosen certificate presented to the client in TLS/SSL connections.
+    - name: incoming_tls_alert
+      type: keyword
+      description: |
+        The integer value of TLS alerts received by the load balancer from the client, if present.
+    - name: tls_named_group
+      type: keyword
+      description: |
+        The TLS named group.
+    - name: trace_id
+      type: keyword
+      description: |
+        The contents of the `X-Amzn-Trace-Id` header.
+    - name: matched_rule_priority
+      type: keyword
+      description: |
+        The priority value of the rule that matched the request, if a rule matched.
+    - name: action_executed
+      type: keyword
+      description: |
+        The action executed when processing the request (forward, fixed-response, authenticate...). It can contain several values.
+    - name: redirect_url
+      type: keyword
+      description: |
+        The URL used if a redirection action was executed.
+    - name: error.reason
+      type: keyword
+      description: |
+        The error reason if the executed action failed.
+    - name: target_port
+      type: keyword
+      description: >
+        List of IP addresses and ports for the targets that processed this request.
+
+    - name: target_status_code
+      type: keyword
+      description: >
+        List of status codes from the responses of the targets.
+
+    - name: classification
+      type: keyword
+      description: >
+        The classification for desync mitigation.
+
+    - name: classification_reason
+      type: keyword
+      description: >
+        The classification reason code.
+
+- name: destination.domain
+  type: keyword
+  description: Destination domain.
+- name: event.start
+  type: date
+  description: event.start contains the date when the event started or when the activity was first observed.
+- name: destination.bytes
+  type: long
+  description: Bytes sent from the destination to the source.
+- name: http.response.status_code
+  type: long
+  description: HTTP response status code.
+- name: http.request.body.bytes
+  type: long
+  description: Size in bytes of the request body.
+- name: http.response.body.bytes
+  type: long
+  description: Size in bytes of the response body.
+- name: http.request.method
+  type: keyword
+  description: HTTP request method.
+- name: http.request.referrer
+  type: keyword
+  description: Referrer for this HTTP request.
+- name: http.version
+  type: keyword
+  description: HTTP version.
+- name: user_agent.original
+  type: keyword
+  description: Unparsed user_agent string.
+- name: cloud.provider
+  type: keyword
+  description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
+- name: event.kind
+  type: keyword
+  description: Event kind (e.g. event, alert, metric, state, pipeline_error, sig
+- name: event.category
+  type: keyword
+  description: Event category (e.g. database)
+- name: event.outcome
+  type: keyword
+  description: This is one of four ECS Categorization Fields, and indicates the lowest level in the ECS category hierarchy.
+- name: tracing.trace.id
+  type: keyword
+  description: Unique identifier of the trace.
+- name: event.end
+  type: date
+  description: event.end contains the date when the event ended or when the activity was last observed.
+- name: source.ip
+  type: ip
+  description: IP address of the source.
+- name: source.as.number
+  type: long
+  description: Unique number allocated to the autonomous system. The autonomous system number (ASN) uniquely identifies each network on the Internet.
+- name: source.as.organization.name
+  type: keyword
+  description: Organization name.
+- name: source.geo.city_name
+  type: keyword
+  description: City name.
+- name: source.geo.continent_name
+  type: keyword
+  description: Name of the continent.
+- name: source.geo.country_iso_code
+  type: keyword
+  description: Country ISO code.
+- name: source.geo.location
+  type: geo_point
+  description: Longitude and latitude.
+- name: source.geo.region_iso_code
+  type: keyword
+  description: Region ISO code.
+- name: source.geo.region_name
+  type: keyword
+  description: Region name.
+- name: source.port
+  type: keyword
+  description: Port of the source.
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/manifest.yml b/test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
new file mode 100644
index 000000000..fdd4f2549
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/manifest.yml
@@ -0,0 +1,70 @@
+title: AWS ELB logs
+type: logs
+streams:
+  - input: aws-s3
+    template_path: aws-s3.yml.hbs
+    title: AWS ELB logs
+    description: Collect AWS ELB logs using s3 input
+    vars:
+      - name: visibility_timeout
+        type: text
+        title: Visibility Timeout
+        multi: false
+        required: false
+        show_user: false
+        description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request.  The maximum is 12 hours.
+      - name: api_timeout
+        type: text
+        title: API Timeout
+        multi: false
+        required: false
+        show_user: false
+        description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
+      - name: queue_url
+        type: text
+        title: Queue URL
+        multi: false
+        required: true
+        show_user: true
+        description: URL of the AWS SQS queue that messages will be received from.
+      - name: fips_enabled
+        type: bool
+        title: Enable S3 FIPS
+        default: false
+        multi: false
+        required: false
+        show_user: false
+        description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint.
+      - name: tags
+        type: text
+        title: Tags
+        multi: true
+        required: true
+        show_user: false
+        default:
+          - forwarded
+          - aws-elb-logs
+      - name: processors
+        type: yaml
+        title: Processors
+        multi: false
+        required: false
+        show_user: false
+        description: >
+          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
+
+      - name: preserve_original_event
+        required: true
+        show_user: true
+        title: Preserve original event
+        description: Preserves a raw copy of the original event, added to the field `event.original`
+        type: bool
+        multi: false
+        default: false
+      - name: max_number_of_messages
+        type: integer
+        title: Maximum Concurrent SQS Messages
+        description: The maximum number of SQS messages that can be inflight at any time.
+        default: 5
+        required: false
+        show_user: false
diff --git a/test/packages/parallel/aws/data_stream/elb_logs/sample_event.json b/test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
new file mode 100644
index 000000000..d0d9729d8
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/elb_logs/sample_event.json
@@ -0,0 +1,105 @@
+{
+    "data_stream": {
+        "namespace": "default",
+        "type": "logs",
+        "dataset": "aws.elb_logs"
+    },
+    "tracing": {
+        "trace": {
+            "id": "Root=1-58337262-36d228ad5d99923122bbe354"
+        }
+    },
+    "source": {
+        "port": "2817",
+        "ip": "192.168.131.39"
+    },
+    "url": {
+        "path": "/",
+        "original": "http://www.example.com:80/",
+        "scheme": "http",
+        "port": 80,
+        "domain": "www.example.com"
+    },
+    "tags": [
+        "preserve_original_event"
+    ],
+    "cloud": {
+        "provider": "aws"
+    },
+    "@timestamp": "2018-07-02T22:23:00.186Z",
+    "ecs": {
+        "version": "1.12.0"
+    },
+    "http": {
+        "request": {
+            "method": "get",
+            "body": {
+                "bytes": 34
+            }
+        },
+        "version": "1.1",
+        "response": {
+            "body": {
+                "bytes": 366
+            },
+            "status_code": 200
+        }
+    },
+    "event": {
+        "ingested": "2021-07-19T21:47:05.084930900Z",
+        "original": "http 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 \"GET http://www.example.com:80/ HTTP/1.1\" \"curl/7.46.0\" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 \"Root=1-58337262-36d228ad5d99923122bbe354\" \"-\" \"-\" 0 2018-07-02T22:22:48.364000Z \"forward,redirect\" \"-\" \"-\" \"10.0.0.1:80\" \"200\" \"-\" \"-\"",
+        "kind": "event",
+        "start": "2018-07-02T22:22:48.364000Z",
+        "end": "2018-07-02T22:23:00.186Z",
+        "category": "web",
+        "outcome": "success"
+    },
+    "aws": {
+        "elb": {
+            "trace_id": "Root=1-58337262-36d228ad5d99923122bbe354",
+            "matched_rule_priority": "0",
+            "type": "http",
+            "request_processing_time": {
+                "sec": 0.0
+            },
+            "response_processing_time": {
+                "sec": 0.0
+            },
+            "target_port": [
+                "10.0.0.1:80"
+            ],
+            "protocol": "http",
+            "target_status_code": [
+                "200"
+            ],
+            "name": "app/my-loadbalancer/50dc6c495c0c9188",
+            "backend": {
+                "port": "80",
+                "http": {
+                    "response": {
+                        "status_code": 200
+                    }
+                },
+                "ip": "10.0.0.1"
+            },
+            "target_group": {
+                "arn": "arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067"
+            },
+            "backend_processing_time": {
+                "sec": 0.001
+            },
+            "action_executed": [
+                "forward",
+                "redirect"
+            ]
+        }
+    },
+    "user_agent": {
+        "name": "curl",
+        "original": "curl/7.46.0",
+        "device": {
+            "name": "Other"
+        },
+        "version": "7.46.0"
+    }
+}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs b/test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
new file mode 100644
index 000000000..9a1266820
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/agent/stream/stream.yml.hbs
@@ -0,0 +1,35 @@
+metricsets: ["sns"]
+period: {{period}}
+{{#if access_key_id}}
+access_key_id: {{access_key_id}}
+{{/if}}
+{{#if secret_access_key}}
+secret_access_key: {{secret_access_key}}
+{{/if}}
+{{#if session_token}}
+session_token: {{session_token}}
+{{/if}}
+{{#if credential_profile_name}}
+credential_profile_name: {{credential_profile_name}}
+{{/if}}
+{{#if shared_credential_file}}
+shared_credential_file: {{shared_credential_file}}
+{{/if}}
+{{#if role_arn}}
+role_arn: {{role_arn}}
+{{/if}}
+{{#if regions}}
+regions:
+{{#each regions as |region i|}}
+- {{region}}
+{{/each}}
+{{/if}}
+{{#if latency}}
+latency: {{latency}}
+{{/if}}
+{{#if tags_filter}}
+tags_filter: {{tags_filter}}
+{{/if}}
+{{#if proxy_url }}
+proxy_url: {{proxy_url}}
+{{/if}}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/agent.yml b/test/packages/parallel/aws/data_stream/sns/fields/agent.yml
new file mode 100644
index 000000000..da4e652c5
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/fields/agent.yml
@@ -0,0 +1,198 @@
+- name: cloud
+  title: Cloud
+  group: 2
+  description: Fields related to the cloud or infrastructure the events are coming from.
+  footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.'
+  type: group
+  fields:
+    - name: account.id
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment.
+
+        Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.'
+      example: 666777888999
+    - name: availability_zone
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Availability zone in which this host is running.
+      example: us-east-1c
+    - name: instance.id
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Instance ID of the host machine.
+      example: i-1234567890abcdef0
+    - name: instance.name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Instance name of the host machine.
+    - name: machine.type
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Machine type of the host machine.
+      example: t2.medium
+    - name: provider
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.
+      example: aws
+    - name: region
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Region in which this host is running.
+      example: us-east-1
+    - name: project.id
+      type: keyword
+      description: Name of the project in Google Cloud.
+    - name: image.id
+      type: keyword
+      description: Image ID for the cloud instance.
+- name: container
+  title: Container
+  group: 2
+  description: 'Container fields are used for meta information about the specific container that is the source of information.
+
+    These fields help correlate data based containers from any runtime.'
+  type: group
+  fields:
+    - name: id
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: Unique container id.
+    - name: image.name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Name of the image the container was built on.
+    - name: labels
+      level: extended
+      type: object
+      object_type: keyword
+      description: Image labels.
+    - name: name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Container name.
+- name: host
+  title: Host
+  group: 2
+  description: 'A host is defined as a general computing instance.
+
+    ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.'
+  type: group
+  fields:
+    - name: architecture
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: Operating system architecture.
+      example: x86_64
+    - name: domain
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: 'Name of the domain of which the host is a member.
+
+        For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.'
+      example: CONTOSO
+      default_field: false
+    - name: hostname
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Hostname of the host.
+
+        It normally contains what the `hostname` command returns on the host machine.'
+    - name: id
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Unique host id.
+
+        As hostname is not always unique, use values that are meaningful in your environment.
+
+        Example: The current usage of `beat.name`.'
+    - name: ip
+      level: core
+      type: ip
+      description: Host ip addresses.
+    - name: mac
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: Host mac addresses.
+    - name: name
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Name of the host.
+
+        It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.'
+    - name: os.family
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: OS family (such as redhat, debian, freebsd, windows).
+      example: debian
+    - name: os.kernel
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Operating system kernel version as a raw string.
+      example: 4.4.0-112-generic
+    - name: os.name
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      multi_fields:
+        - name: text
+          type: text
+          norms: false
+          default_field: false
+      description: Operating system name, without the version.
+      example: Mac OS X
+    - name: os.platform
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Operating system platform (such centos, ubuntu, windows).
+      example: darwin
+    - name: os.version
+      level: extended
+      type: keyword
+      ignore_above: 1024
+      description: Operating system version as a raw string.
+      example: 10.14.1
+    - name: type
+      level: core
+      type: keyword
+      ignore_above: 1024
+      description: 'Type of host.
+
+        For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.'
+    - name: containerized
+      type: boolean
+      description: >
+        If the host is a container.
+
+    - name: os.build
+      type: keyword
+      example: "18D109"
+      description: >
+        OS build information.
+
+    - name: os.codename
+      type: keyword
+      example: "stretch"
+      description: >
+        OS codename, if any.
+
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
new file mode 100644
index 000000000..17fbf3627
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/fields/base-fields.yml
@@ -0,0 +1,20 @@
+- name: data_stream.type
+  type: constant_keyword
+  description: Data stream type.
+- name: data_stream.dataset
+  type: constant_keyword
+  description: Data stream dataset.
+- name: data_stream.namespace
+  type: constant_keyword
+  description: Data stream namespace.
+- name: '@timestamp'
+  type: date
+  description: Event timestamp.
+- name: event.module
+  type: constant_keyword
+  description: Event module
+  value: aws
+- name: event.dataset
+  type: constant_keyword
+  description: Event dataset
+  value: aws.sns
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/ecs.yml b/test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
new file mode 100644
index 000000000..83e3f6f12
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/fields/ecs.yml
@@ -0,0 +1,24 @@
+- external: ecs
+  name: cloud
+- external: ecs
+  name: cloud.account.id
+- external: ecs
+  name: cloud.account.name
+- external: ecs
+  name: cloud.availability_zone
+- external: ecs
+  name: cloud.instance.id
+- external: ecs
+  name: cloud.machine.type
+- external: ecs
+  name: cloud.provider
+- external: ecs
+  name: cloud.region
+- external: ecs
+  name: ecs.version
+- external: ecs
+  name: error
+- external: ecs
+  name: error.message
+- external: ecs
+  name: service.type
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/fields.yml
new file mode 100644
index 000000000..c07522553
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/fields/fields.yml
@@ -0,0 +1,69 @@
+- name: aws
+  type: group
+  fields:
+    - name: dimensions
+      type: group
+      fields:
+        - name: Application
+          type: keyword
+          description: Filters on application objects, which represent an app and device registered with one of the supported push notification services, such as APNs and FCM.
+        - name: Application,Platform
+          type: keyword
+          description: Filters on application and platform objects, where the platform objects are for the supported push notification services, such as APNs and FCM.
+        - name: Country
+          type: keyword
+          description: Filters on the destination country or region of an SMS message.
+        - name: Platform
+          type: keyword
+          description: Filters on platform objects for the push notification services, such as APNs and FCM.
+        - name: TopicName
+          type: keyword
+          description: Filters on Amazon SNS topic names.
+        - name: SMSType
+          type: keyword
+          description: Filters on the message type of SMS message.
+    - name: sns
+      type: group
+      fields:
+        - name: metrics
+          type: group
+          fields:
+            - name: PublishSize.avg
+              type: double
+              description: The size of messages published.
+            - name: SMSSuccessRate.avg
+              type: double
+              description: The rate of successful SMS message deliveries.
+            - name: NumberOfMessagesPublished.sum
+              type: long
+              description: The number of messages published to your Amazon SNS topics.
+            - name: NumberOfNotificationsDelivered.sum
+              type: long
+              description: The number of messages successfully delivered from your Amazon SNS topics to subscribing endpoints.
+            - name: NumberOfNotificationsFailed.sum
+              type: long
+              description: The number of messages that Amazon SNS failed to deliver.
+            - name: NumberOfNotificationsFilteredOut.sum
+              type: long
+              description: The number of messages that were rejected by subscription filter policies.
+            - name: NumberOfNotificationsFilteredOut-InvalidAttributes.sum
+              type: long
+              description: The number of messages that were rejected by subscription filter policies because the messages' attributes are invalid - for example, because the attribute JSON is incorrectly formatted.
+            - name: NumberOfNotificationsFilteredOut-NoMessageAttributes.sum
+              type: long
+              description: The number of messages that were rejected by subscription filter policies because the messages have no attributes.
+            - name: NumberOfNotificationsRedrivenToDlq.sum
+              type: long
+              description: The number of messages that have been moved to a dead-letter queue.
+            - name: NumberOfNotificationsFailedToRedriveToDlq.sum
+              type: long
+              description: The number of messages that couldn't be moved to a dead-letter queue.
+            - name: SMSMonthToDateSpentUSD.sum
+              type: long
+              description: The charges you have accrued since the start of the current calendar month for sending SMS messages.
+    - name: cloudwatch
+      type: group
+      fields:
+        - name: namespace
+          type: keyword
+          description: The namespace specified when query cloudwatch api.
diff --git a/test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml b/test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
new file mode 100644
index 000000000..a8a7ee8dc
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/fields/package-fields.yml
@@ -0,0 +1,19 @@
+- name: aws
+  type: group
+  fields:
+    - name: tags.*
+      type: object
+      description: |
+        Tag key value pairs from aws resources.
+    - name: s3.bucket.name
+      type: keyword
+      description: |
+        Name of a S3 bucket.
+    - name: dimensions.*
+      type: object
+      description: |
+        Metric dimensions.
+    - name: '*.metrics.*.*'
+      type: object
+      description: |
+        Metrics that returned from Cloudwatch API query.
diff --git a/test/packages/parallel/aws/data_stream/sns/manifest.yml b/test/packages/parallel/aws/data_stream/sns/manifest.yml
new file mode 100644
index 000000000..9ec9ad0da
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/manifest.yml
@@ -0,0 +1,35 @@
+title: AWS SNS metrics
+type: metrics
+streams:
+  - input: aws/metrics
+    vars:
+      - name: period
+        type: text
+        title: Period
+        multi: false
+        required: true
+        show_user: true
+        default: 5m
+      - name: regions
+        type: text
+        title: Regions
+        multi: true
+        required: false
+        show_user: true
+      - name: latency
+        type: text
+        title: Latency
+        multi: false
+        required: false
+        show_user: false
+      - name: tags_filter
+        type: yaml
+        title: Tags Filter
+        multi: false
+        required: false
+        show_user: false
+        default: |
+          # - key: "created-by"
+            # value: "foo"
+    title: AWS SNS metrics
+    description: Collect AWS SNS metrics
diff --git a/test/packages/parallel/aws/data_stream/sns/sample_event.json b/test/packages/parallel/aws/data_stream/sns/sample_event.json
new file mode 100644
index 000000000..af48ae9aa
--- /dev/null
+++ b/test/packages/parallel/aws/data_stream/sns/sample_event.json
@@ -0,0 +1,57 @@
+{
+    "@timestamp": "2020-05-28T17:58:27.154Z",
+    "service": {
+        "type": "aws"
+    },
+    "ecs": {
+        "version": "1.5.0"
+    },
+    "aws": {
+        "cloudwatch": {
+            "namespace": "AWS/SNS"
+        },
+        "dimensions": {
+            "TopicName": "test-sns-ks"
+        },
+        "sns": {
+            "metrics": {
+                "NumberOfMessagesPublished": {
+                    "sum": 1
+                },
+                "NumberOfNotificationsFailed": {
+                    "sum": 1
+                },
+                "PublishSize": {
+                    "avg": 5
+                }
+            }
+        },
+        "tags": {
+            "created-by": "ks"
+        }
+    },
+    "event": {
+        "dataset": "aws.sns",
+        "module": "aws",
+        "duration": 10418157072
+    },
+    "metricset": {
+        "period": 60000,
+        "name": "sns"
+    },
+    "cloud": {
+        "region": "us-west-2",
+        "account": {
+            "name": "elastic-beats",
+            "id": "428152502467"
+        },
+        "provider": "aws"
+    },
+    "agent": {
+        "version": "8.0.0",
+        "ephemeral_id": "17803f33-b617-4ce9-a9ac-e218c02aeb4b",
+        "id": "12f376ef-5186-4e8b-a175-70f1140a8f30",
+        "name": "MacBook-Elastic.local",
+        "type": "metricbeat"
+    }
+}
\ No newline at end of file
diff --git a/test/packages/parallel/aws/manifest.yml b/test/packages/parallel/aws/manifest.yml
index f05d11c3f..1455d1eae 100644
--- a/test/packages/parallel/aws/manifest.yml
+++ b/test/packages/parallel/aws/manifest.yml
@@ -98,5 +98,15 @@ policy_templates:
         title: metricbeat aws ec2 overview
         size: 2640x2240
         type: image/png
+  - name: elb
+    title: AWS ELB
+    description: Collect logs and metrics from Amazon Elastic Load Balancing service with Elastic Agent
+    data_streams:
+      - elb_logs
+  - name: sns
+    title: AWS SNS Metrics
+    description: Collect metrics from Amazon Simple Notification Service with Elastic Agent
+    data_streams:
+      - sns
 owner:
   github: elastic/integrations