Update Deployment and Devices integrations to ECS 8.17.0 (part 3) (#1…

…2572) Updated the following integrations to ECS 8.17.0: - juniper_srx - modsecurity - netflow - osquery - panw - pfsense - proxysg
elastic · Feb 4, 2025 · 60807db · 60807db
1 parent b8fa530
commit 60807db
Show file tree

Hide file tree

Showing 90 changed files with 3,464 additions and 3,429 deletions.
diff --git a/packages/juniper_srx/_dev/build/build.yml b/packages/juniper_srx/_dev/build/build.yml
@@ -1,3 +1,3 @@
 dependencies:
   ecs:
-    reference: "git@v8.11.0"
+    reference: "git@v8.17.0"
diff --git a/packages/juniper_srx/changelog.yml b/packages/juniper_srx/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.22.0"
+  changes:
+    - description: ECS version updated to 8.17.0.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12572
 - version: "1.21.3"
   changes:
     - description: Populated event.outcome and event.category to system log on SSH login failure and added host.name field to system log.

diff --git a/packages/juniper_srx/data_stream/log/_dev/test/pipeline/test-atp.log-expected.json b/packages/juniper_srx/data_stream/log/_dev/test/pipeline/test-atp.log-expected.json
@@ -23,7 +23,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "malware_detected",
@@ -108,7 +108,7 @@
         {
             "@timestamp": "2016-09-20T17:43:30.330Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "malware_detected",
@@ -174,7 +174,7 @@
         {
             "@timestamp": "2016-09-20T17:40:30.050Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "category": [
@@ -255,7 +255,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "category": [
@@ -343,4 +343,4 @@
             ]
         }
     ]
-}
+}
diff --git a/packages/juniper_srx/data_stream/log/_dev/test/pipeline/test-flow.log-expected.json b/packages/juniper_srx/data_stream/log/_dev/test/pipeline/test-flow.log-expected.json
@@ -30,7 +30,7 @@
                 "port": 10400
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -134,7 +134,7 @@
                 "port": 161
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_deny",
@@ -231,7 +231,7 @@
                 "port": 2003
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_deny",
@@ -346,7 +346,7 @@
                 "port": 902
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -475,7 +475,7 @@
                 "port": 768
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -594,7 +594,7 @@
                 "port": 46384
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -707,7 +707,7 @@
                 "port": 46384
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -830,7 +830,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -950,7 +950,7 @@
                 "port": 445
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -1072,7 +1072,7 @@
                 "port": 53
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -1207,7 +1207,7 @@
                 "port": 53
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -1320,7 +1320,7 @@
                 "port": 21
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -1443,7 +1443,7 @@
                 "port": 21
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -1565,7 +1565,7 @@
                 "port": 21
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -1696,7 +1696,7 @@
                 "port": 21
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -1829,7 +1829,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -1969,7 +1969,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -2107,7 +2107,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -2246,7 +2246,7 @@
                 "port": 768
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -2358,7 +2358,7 @@
                 "port": 161
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_deny",
@@ -2466,7 +2466,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -2609,7 +2609,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -2733,7 +2733,7 @@
                 "port": 8883
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -2863,7 +2863,7 @@
                 "port": 53
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -2981,7 +2981,7 @@
                 "port": 53
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -3105,7 +3105,7 @@
                 "port": 443
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -3225,7 +3225,7 @@
                 "port": 443
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_started",
@@ -3352,7 +3352,7 @@
                 "port": 443
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -3495,7 +3495,7 @@
                 "port": 443
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "flow_close",
@@ -3593,4 +3593,4 @@
             ]
         }
     ]
-}
+}
diff --git a/packages/juniper_srx/data_stream/log/_dev/test/pipeline/test-idp.log-expected.json b/packages/juniper_srx/data_stream/log/_dev/test/pipeline/test-idp.log-expected.json
@@ -22,7 +22,7 @@
                 "port": 123
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "security_threat",
@@ -153,7 +153,7 @@
                 "port": 123
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "security_threat",
@@ -284,7 +284,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "security_threat",
@@ -406,7 +406,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "security_threat",
@@ -513,7 +513,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "application_ddos",
@@ -592,7 +592,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "application_ddos",
@@ -690,7 +690,7 @@
                 "port": 80
             },
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "action": "application_ddos",
@@ -778,4 +778,4 @@
             ]
         }
     ]
-}
+}