[production] Promote many packages from snapshot

[andrewkroh]

This PR promotes packages from snapshot to production.

Promoted packages:

• 1password-1.5.2: a571a8e4e1564115
• akamai-2.0.0: a736620c19e57dba
• auth0-1.1.1: 7bb9994247200888
• cef-2.2.1: 00e4d45a5c95adce
• checkpoint-1.7.1: 2c0623a1ee4707c1
• cisco_asa-2.5.2: e24aa302b85f056a
• cisco_ftd-2.3.1: 990f69836724ebe0
• cisco_ios-1.7.1: 3f20f466a033c82a
• cisco_meraki-0.6.1: 3c762b1975202f17
• cisco_secure_email_gateway-0.2.1: db7e28e17e3806dc
• cisco_secure_endpoint-2.5.2: fec2752c012d9e5f
• citrix_waf-0.1.1: c83652316b933e12
• cloudflare-2.1.2: fedb1f84cc689d5c
• crowdstrike-1.4.1: 2b45a90e9805223b
• cylance-0.9.1: 2a5a0153e989abd3
• fireeye-1.5.1: 2e182681c001d05b
• fortinet-1.7.2: 338422979881c76e
• fortinet_forticlient-1.0.0: 0a2f37883a0a8359
• fortinet_fortigate-1.0.0: ce7dfdca0295dfcb
• fortinet_fortimail-1.0.0: 2146ebd883200692
• fortinet_fortimanager-1.0.0: ff672c8493186669
• gcp-2.2.1: 293ea0e44bad7427
• github-1.2.2: 6db9bfe42160927b
• httpjson-1.4.2: 7bc294433b760594
• iptables-0.11.1: d81d7965ba0f55eb
• juniper_netscreen-0.3.0: b1fe930068f24ac0
• juniper_srx-1.4.1: 164ee0ae8639a839
• keycloak-1.4.2: 7e3af43f6275e4a3
• m365_defender-1.1.1: e46ad5ecdcc5684e
• mattermost-1.3.1: 9ae4131486b495a9
• mimecast-1.2.0: 04e8dda44733dbba
• modsecurity-1.1.3: dcdea5d6a617c6c2
• mysql_enterprise-1.1.1: b549d91f6b73c8f1
• netskope-1.2.0: 143f95f04b5b3eab
• network_traffic-1.5.0: 6dfd8f7dde0e7278
• o365-1.7.1: 1117b087fa679918
• okta-1.9.1: e5a51902884a3dc0
• oracle-1.1.1: 857e0553b46cb649
• osquery-1.4.1: 79005563bf0138d9
• panw-3.0.2: 44275da8fac507ba
• pfsense-1.1.2: 66f9762aef2d5fdd
• santa-3.2.1: d61723cf3666e4a0
• snyk-1.3.2: 7e1b980c2a2c2e13
• sophos-2.3.2: a551f79e85a5f4a5
• suricata-2.3.1: 9796b8def8478f16
• ti_abusech-1.5.0: 1f97b279e276f068
• ti_anomali-1.5.0: 4d8aa48042126132
• ti_cybersixgill-1.6.0: 2a630075d2a316f5
• ti_misp-1.6.0: 5686ed99cb0dee0e
• ti_otx-1.4.1: 715074fa5e5f8335
• ti_recordedfuture-1.2.0: f25c062ad81daa33
• ti_threatq-1.5.0: d7aab3bd2767c0fd
• udp-1.3.1: b9313cf6e74f2369
• zeek-2.3.1: aff6b59bbf5532d0
• zerofox-1.4.1: 1a63233b2f25f9ca
• zoom-1.4.1: 58c9b807850329c6
• zscaler_zia-2.3.1: 0e1800db8597990a

Summary of Fleet Package Changes

Report generated from snapshot branch commit
6446e30816f23941c73b84b8995451b175dd3f28
from 2022-07-26 11:21:23 +0000 UTC.

Comparisons were made to production branch commit
0a134de4837fb84cb10cca87a51b055248965682
from 2022-07-26 14:23:09 +0000 UTC.

Filtering parameters:

• Team: elastic/security-external-integrations

• Include Deprecated: false

1Password - 1.5.2

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.5.1

• 1.5.2
  • enhancement: Update package name and description to align with standard wording (PR)

Akamai - 2.0.0

Owner: elastic/security-external-integrations

Requires: ^8.3.0

Changes since 1.1.0

• 2.0.0

  • enhancement: Add dashboard. (PR)

• 1.1.1

  • enhancement: Update package name and description to align with standard wording (PR)

Auth0 - 1.1.1

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.1.0

• 1.1.1
  • enhancement: Update package name and description to align with standard wording (PR)

Common Event Format (CEF) - 2.2.1

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 2.2.0

• 2.2.1
  • enhancement: Update package name and description to align with standard wording (PR)

Check Point - 1.7.1

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.6.0

• 1.7.1

  • bugfix: Fix handling of R81 fields. (PR)

• 1.7.0

  • enhancement: Add handling of authentication events. (PR)

• 1.6.1

  • enhancement: Improve TCP, SSL config description and example. (PR)

Cisco ASA - 2.5.2

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 2.5.1

• 2.5.2
  • enhancement: Improve TCP, SSL config description and example. (PR)

Cisco FTD - 2.3.1

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 2.3.0

• 2.3.1
  • enhancement: Improve TCP, SSL config description and example. (PR)

Cisco IOS - 1.7.1

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.7.0

• 1.7.1
  • enhancement: update readme file - added link to cisco documentation (PR)

Cisco Meraki - 0.6.1

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 0.6.0

• 0.6.1
  • enhancement: Update package name and description to align with standard wording (PR)

Cisco Secure Email Gateway - 0.2.1

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 0.2.0

• 0.2.1
  • enhancement: Improve SSL config description and example. (PR)

Cisco Secure Endpoint - 2.5.2

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 2.5.1

• 2.5.2
  • enhancement: Update package name and description to align with standard wording (PR)

Citrix Web App Firewall - 0.1.1

Owner: elastic/security-external-integrations

Requires: ^8.2.0

New Package

• 0.1.1

  • bugfix: Fix UDP parameter name and remove setting from default. (PR)

• 0.1.0

  • enhancement: Initial draft of the package (PR)

Cloudflare - 2.1.2

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 2.1.1

• 2.1.2
  • enhancement: Update package name and description to align with standard wording (PR)

CrowdStrike - 1.4.1

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 1.4.0

• 1.4.1
  • enhancement: Update package name and description to align with standard wording (PR)

CylanceProtect Logs - 0.9.1

Owner: elastic/security-external-integrations

Requires: ^7.14.1 || ^8.0.0

Changes since 0.9.0

• 0.9.1
  • enhancement: Added link to vendor documentation in readme.md (PR)

FireEye Network Security - 1.5.1

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.5.0

• 1.5.1
  • enhancement: Update package name and description to align with standard wording (PR)

Fortinet - 1.7.2

Owner: elastic/security-external-integrations

Requires: ^7.14.1 || ^8.0.0

Changes since 1.7.0

• 1.7.2

  • enhancement: Improve TCP, SSL config description and example for firewall. (PR)

• 1.7.1

  • enhancement: Update package name and description to align with standard wording (PR)

Fortinet FortiClient Logs - 1.0.0

Owner: elastic/security-external-integrations

Requires: ^7.14.1 || ^8.0.0

New Package

• 1.0.0
  • enhancement: Initial version of Fortinet FortiClient as separate package (PR)

Fortinet FortiGate Firewall Logs - 1.0.0

Owner: elastic/security-external-integrations

Requires: ^7.14.1 || ^8.0.0

New Package

• 1.0.0
  • enhancement: Initial version of Fortinet FortiGate as separate package (PR)

Fortinet FortiMail Logs - 1.0.0

Owner: elastic/security-external-integrations

Requires: ^7.14.1 || ^8.0.0

New Package

• 1.0.0
  • enhancement: Initial version of Fortinet FortiMail as separate package (PR)

Fortinet FortiManager Logs - 1.0.0

Owner: elastic/security-external-integrations

Requires: ^7.14.1 || ^8.0.0

New Package

• 1.0.0
  • enhancement: Initial version of Fortinet FortiManager as separate package (PR)

Google Cloud Platform - 2.2.1

Owner: elastic/security-external-integrations

Requires: ^7.17.6 || ^8.3.0

Changes since 1.10.0

• 2.2.1

  • enhancement: Fix Billing policy template title and default period for gcp.compute (PR)

• 2.2.0

  • enhancement: Remove fields duplicated in ECS fields (PR)

• 2.1.0

  • enhancement: restore compatibility with 7.17 release track (PR)

• 2.0.0

  • breaking-change: Move configurations to support metrics. This change is breaking, as it moves
    some configuration from the top level variables to data stream variables.

    This change involves project_id, credentials_file and credentials_json
    variables that are moved from input level configuration to package level
    configuration (as those variables are reused across all inputs/data streams).

    Users with GCP integration enabled will need to input values for these
    variables again when upgrading the policies to this version.
    (PR)
    - enhancement: Add GCP Billing Data Stream (PR)
    - enhancement: Add GCP Compute Data Stream (PR)
    - enhancement: Add GCP Firestore Data stream (PR)

GitHub - 1.2.2

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.2.0

• 1.2.2

  • bugfix: Update Github Secret Scanning fingerprint with resolved_at (PR)

• 1.2.1

  • enhancement: Update package name and description to align with standard wording (PR)

Custom API - 1.4.2

Owner: elastic/security-external-integrations

Requires: ^8.4.0

Changes since 1.4.1

• 1.4.2
  • enhancement: Update package name and description to align with standard wording (PR)

Iptables - 0.11.1

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 0.11.0

• 0.11.1
  • enhancement: Update package name and description to align with standard wording (PR)

Juniper NetScreen - 0.3.0

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 0.3.1

Juniper SRX - 1.4.1

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.4.0

• 1.4.1
  • enhancement: Improve TCP, SSL config description and example. (PR)

Keycloak - 1.4.2

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.4.0

• 1.4.2

  • bugfix: Fix typo in 'Timezone Offset' description. (PR)

• 1.4.1

  • enhancement: Update package name and description to align with standard wording (PR)

Microsoft M365 Defender - 1.1.1

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.1.0

• 1.1.1
  • enhancement: Update package name and description to align with standard wording (PR)

Mattermost - 1.3.1

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.3.0

• 1.3.1
  • enhancement: Update package name and description to align with standard wording (PR)

Mimecast - 1.2.0

Owner: elastic/security-external-integrations

Requires: ^8.3.0

Changes since 1.1.0

• 1.2.0

  • enhancement: Update categories to include threat_intel. (PR)

• 1.1.2

  • enhancement: Tidy up Markdown syntax in readme. (PR)

• 1.1.1

  • enhancement: Update package name and description to align with standard wording (PR)

ModSecurity Audit - 1.1.3

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.1.0

• 1.1.3

  • bugfix: Fix typo in the build/docs/README.md (PR)

• 1.1.2

  • bugfix: Fix date format, Json issues and apache modesecurity issues (PR)

• 1.1.1

  • enhancement: Update package name and description to align with standard wording (PR)

MySQL Enterprise - 1.1.1

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 1.1.0

• 1.1.1
  • enhancement: Update package name and description to align with standard wording (PR)

Netskope - 1.2.0

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 1.1.0

• 1.2.0
  • enhancement: Added support to handle null values in ip fields. (PR)
  • enhancement: Added support of retaining unparseable URLs in *.url.original. (PR)

Network Packet Capture - 1.5.0

Owner: elastic/security-external-integrations

Requires: ^8.4.0

Changes since 1.4.1

• 1.5.0
  • enhancement: Add option to use TCP for the SIP protocol. (PR)

Microsoft 365 - 1.7.1

Owner: elastic/security-external-integrations

Requires: ^7.14.0 || ^8.0.0

Changes since 1.7.0

• 1.7.1
  • enhancement: Update package name and description to align with standard wording (PR)

Okta - 1.9.1

Owner: elastic/security-external-integrations

Requires: ^7.14.0 || ^8.0.0

Changes since 1.9.0

• 1.9.1
  • enhancement: Update package name and description to align with standard wording (PR)

Oracle - 1.1.1

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 1.1.0

• 1.1.1
  • enhancement: Update package name and description to align with standard wording (PR)

Osquery Logs - 1.4.1

Owner: elastic/security-external-integrations

Requires: ^7.14.0 || ^8.0.0

Changes since 1.4.0

• 1.4.1
  • enhancement: Update package name and description to align with standard wording (PR)

Palo Alto Next-Gen Firewall - 3.0.2

Owner: elastic/security-external-integrations

Requires: ^8.2.1

Changes since 2.3.0

• 3.0.2

  • bugfix: Preserve original event for syslog messages. (PR)

• 3.0.1

  • enhancement: Improve TCP, SSL config description and example. (PR)

• 3.0.0

  • enhancement: Add support for PAN-OS 10.2 and enhance the 'panos' data stream to collect additional logs. (PR)

• 2.3.1

  • enhancement: Update package name and description to align with standard wording (PR)

pfSense - 1.1.2

Owner: elastic/security-external-integrations

Requires: ^7.15.0 || ^8.0.0

Changes since 1.1.1

• 1.1.2
  • enhancement: Update package name and description to align with standard wording (PR)

Google Santa - 3.2.1

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 3.2.0

• 3.2.1
  • enhancement: Update package name and description to align with standard wording (PR)

Snyk - 1.3.2

Owner: elastic/security-external-integrations

Requires: ^7.16.0 || ^8.0.0

Changes since 1.3.1

• 1.3.2
  • enhancement: Update package name and description to align with standard wording (PR)

Sophos - 2.3.2

Owner: elastic/security-external-integrations

Requires: ^7.17.0 || ^8.0.0

Changes since 2.3.0

• 2.3.2

  • enhancement: Improve TCP, SSL config description and example for Sophos XG. (PR)

• 2.3.1

  • enhancement: Update package name and description to align with standard wording (PR)

Suricata - 2.3.1

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 2.3.0

• 2.3.1
  • enhancement: Update package name and description to align with standard wording (PR)

AbuseCH - 1.5.0

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.4.0

• 1.5.0
  • enhancement: Update categories to include threat_intel. (PR)

Anomali - 1.5.0

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.4.0

• 1.5.0
  • enhancement: Update categories to include threat_intel. (PR)

Cybersixgill - 1.6.0

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.5.0

• 1.6.0
  • enhancement: Update categories to include threat_intel. (PR)

MISP - 1.6.0

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.5.0

• 1.6.0
  • enhancement: Update categories to include threat_intel. (PR)

AlienVault OTX - 1.4.1

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.4.0

• 1.4.1
  • enhancement: Update categories to include threat_intel. (PR)

Recorded Future - 1.2.0

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.1.0

• 1.2.0
  • enhancement: Update categories to include threat_intel. (PR)

ThreatQuotient - 1.5.0

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 1.4.0

• 1.5.0
  • enhancement: Update categories to include threat_intel. (PR)

Custom UDP Logs - 1.3.1

Owner: elastic/security-external-integrations

Requires: ^8.2.1

Changes since 1.3.0

• 1.3.1
  • enhancement: Improve syslog parsing description (PR)

Zeek - 2.3.1

Owner: elastic/security-external-integrations

Requires: ^8.0.0

Changes since 2.3.0

• 2.3.1
  • enhancement: Update package name and description to align with standard wording (PR)

ZeroFox - 1.4.1

Owner: elastic/security-external-integrations

Requires: ^7.14 || ^8.0.0

Changes since 1.4.0

• 1.4.1
  • enhancement: Update package name and description to align with standard wording (PR)

Zoom - 1.4.1

Owner: elastic/security-external-integrations

Requires: ^7.14.0 || ^8.0.0

Changes since 1.4.0

• 1.4.1
  • enhancement: Update package name and description to align with standard wording (PR)

Zscaler Internet Access - 2.3.1

Owner: elastic/security-external-integrations

Requires: ^8.3.0

Changes since 2.2.0

• 2.3.1

  • enhancement: Updated the documentation links in README file (PR)

• 2.3.0

  • bugfix: Fix issue related URI parts processor. (PR)
  • enhancement: Added support for optionally configuring secret header and secret value for cloud NSS input. (PR)

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-07-26T14:34:32.712+0000

• Duration: 43 min 54 sec

Test stats 🧪

Test	Results
Failed	0
Passed	69
Skipped	0
Total	69

[taylor-swanson]

Do you know why Cisco IOS got stuck here: #4948?
Edit: didn't see the timestamp on your /test comment over there, hopefully that moves it along...

[andrewkroh]

Do you know why Cisco IOS got stuck here: #4948?

Re-testing them didn't fix the failed setup, so I rebased them in case something in CI config needed an update and that fixed them so far.