[ecs] windows platform packages to ecs 8.17 (#12636)

* [hid_bravura_monitor] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. The set ecs.version processor in pipelines was changed 8.17.0. Previously the pipeline was setting version 8.11.0. The ecs.version in sample_event.json files was changed to 8.17.0. Previously sample_event.json files contained 8.11.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/hid_bravura_monitor * [microsoft_dhcp] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. The set ecs.version processor in pipelines was changed 8.17.0. Previously the pipeline was setting version 8.11.0. The ecs.version in sample_event.json files was changed to 8.17.0. Previously sample_event.json files contained 8.11.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/microsoft_dhcp * [microsoft_dnsserver] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. The set ecs.version processor in pipelines was changed 8.17.0. Previously the pipeline was setting version 8.11.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/microsoft_dnsserver * [microsoft_exchange_server] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/microsoft_exchange_server * [mysql_enterprise] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. The set ecs.version processor in pipelines was changed 8.17.0. Previously the pipeline was setting version 8.11.0. The ecs.version in sample_event.json files was changed to 8.17.0. Previously sample_event.json files contained 8.11.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/mysql_enterprise * [unifiedlogs] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/unifiedlogs * [windows_etw] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. The ecs.version in sample_event.json files was changed to 8.17.0. Previously sample_event.json files contained 8.0.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/windows_etw * [winlog] - change to ECS version git@v8.17.0 ECS version in build manifest changed from git@v8.11.0 to git@v8.17.0. [git-generate] go run github.com/andrewkroh/go-examples/ecs-update@latest -v -ecs-version=8.17.0 -ecs-git-ref=git@v8.17.0 -pr=12636 packages/winlog
elastic · Feb 19, 2025 · 205d5f8 · 205d5f8
1 parent 8426614
commit 205d5f8
Show file tree

Hide file tree

Showing 53 changed files with 305 additions and 199 deletions.
diff --git a/packages/hid_bravura_monitor/_dev/build/build.yml b/packages/hid_bravura_monitor/_dev/build/build.yml
@@ -1,3 +1,3 @@
 dependencies:
   ecs:
-    reference: "git@v8.11.0"
+    reference: "git@v8.17.0"
diff --git a/packages/hid_bravura_monitor/changelog.yml b/packages/hid_bravura_monitor/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.20.0"
+  changes:
+    - description: ECS version updated to 8.17.0.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12636
 - version: "1.19.0"
   changes:
     - description: Add 9.0.0 constraint.

diff --git a/...ura_monitor/data_stream/log/_dev/test/pipeline/test-hid-bravura-monitor.log-expected.json b/...ura_monitor/data_stream/log/_dev/test/pipeline/test-hid-bravura-monitor.log-expected.json
@@ -3,7 +3,7 @@
         {
             "@timestamp": "2021-01-16T00:38:18.515Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -32,7 +32,7 @@
         {
             "@timestamp": "2021-01-16T00:35:25.258Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -61,7 +61,7 @@
         {
             "@timestamp": "2021-01-27T00:31:24.499Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -90,7 +90,7 @@
         {
             "@timestamp": "2021-01-16T00:35:34.317Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -119,7 +119,7 @@
         {
             "@timestamp": "2021-02-05T08:41:11.845Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -155,7 +155,7 @@
         {
             "@timestamp": "2021-01-16T11:54:34.234Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -191,7 +191,7 @@
         {
             "@timestamp": "2021-10-21T19:13:31.679Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -220,7 +220,7 @@
         {
             "@timestamp": "2021-01-16T00:35:32.941Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -261,7 +261,7 @@
         {
             "@timestamp": "2021-01-16T11:54:18.663Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -299,7 +299,7 @@
         {
             "@timestamp": "2021-02-05T08:41:11.845Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -335,7 +335,7 @@
         {
             "@timestamp": "2021-02-05T08:41:11.845Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -369,7 +369,7 @@
         {
             "@timestamp": "2021-02-05T08:43:13.839Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -404,7 +404,7 @@
         {
             "@timestamp": "2021-01-16T11:54:25.839Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -439,7 +439,7 @@
         {
             "@timestamp": "2021-01-27T14:36:47.026Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -475,7 +475,7 @@
         {
             "@timestamp": "2021-02-04T18:03:38.605Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -512,7 +512,7 @@
         {
             "@timestamp": "2021-01-16T00:35:32.958Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "timezone": "UTC"
@@ -539,4 +539,4 @@
             }
         }
     ]
-}
+}
diff --git a/packages/hid_bravura_monitor/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/hid_bravura_monitor/data_stream/log/elasticsearch/ingest_pipeline/default.yml
@@ -3,7 +3,7 @@ description: Pipeline for parsing hid_bravura_monitor logs
 processors:
   - set:
       field: ecs.version
-      value: '8.11.0'
+      value: '8.17.0'
       description: Set ecs.version to 1.12.0
   - rename:
       field: message

diff --git a/packages/hid_bravura_monitor/data_stream/log/sample_event.json b/packages/hid_bravura_monitor/data_stream/log/sample_event.json
@@ -13,7 +13,7 @@
         "type": "logs"
     },
     "ecs": {
-        "version": "8.11.0"
+        "version": "8.17.0"
     },
     "elastic_agent": {
         "id": "891454b6-66ae-48e0-a2df-0f093ea30e4c",

diff --git a/.../data_stream/winlog/_dev/test/pipeline/test-hid-bravura-monitor-events.json-expected.json b/.../data_stream/winlog/_dev/test/pipeline/test-hid-bravura-monitor-events.json-expected.json
@@ -3,7 +3,7 @@
         {
             "@timestamp": "2020-05-13T09:04:04.755Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "code": "118",
@@ -45,7 +45,7 @@
         {
             "@timestamp": "2021-11-03T20:05:14.092Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "code": "64",
@@ -90,7 +90,7 @@
         {
             "@timestamp": "2021-11-03T20:05:14.092Z",
             "ecs": {
-                "version": "8.11.0"
+                "version": "8.17.0"
             },
             "event": {
                 "code": "94",
@@ -135,4 +135,4 @@
             }
         }
     ]
-}
+}
diff --git a/packages/hid_bravura_monitor/data_stream/winlog/elasticsearch/ingest_pipeline/default.yml b/packages/hid_bravura_monitor/data_stream/winlog/elasticsearch/ingest_pipeline/default.yml
@@ -350,7 +350,7 @@ processors:
 
   - set:
       field: ecs.version
-      value: '8.11.0'
+      value: '8.17.0'
 
   - set:
       field: log.level

diff --git a/packages/hid_bravura_monitor/data_stream/winlog/sample_event.json b/packages/hid_bravura_monitor/data_stream/winlog/sample_event.json
@@ -26,7 +26,7 @@
         "region": "us-east-1"
     },
     "ecs": {
-        "version": "8.11.0"
+        "version": "8.17.0"
     },
     "event": {
         "code": 92,

diff --git a/packages/hid_bravura_monitor/docs/README.md b/packages/hid_bravura_monitor/docs/README.md
@@ -167,7 +167,7 @@ An example event for `log` looks as following:
         "type": "logs"
     },
     "ecs": {
-        "version": "8.11.0"
+        "version": "8.17.0"
     },
     "elastic_agent": {
         "id": "891454b6-66ae-48e0-a2df-0f093ea30e4c",
@@ -427,10 +427,10 @@ An example event for `log` looks as following:
 | url.path | Path of the request, such as "/search". | wildcard |
 | url.port | Port of the request, such as 443. | long |
 | url.query | The query field describes the query string of the request, such as "q=elasticsearch". The `?` is excluded from the query string. If a URL contains no `?`, there is no query field. If there is a `?` but no query, the query field exists with an empty string. The `exists` query can be used to differentiate between the two cases. | keyword |
-| url.registered_domain | The highest registered url domain, stripped of the subdomain. For example, the registered domain for "foo.example.com" is "example.com". This value can be determined precisely with a list like the public suffix list (http://publicsuffix.org). Trying to approximate this by simply taking the last two labels will not work well for TLDs such as "co.uk". | keyword |
+| url.registered_domain | The highest registered url domain, stripped of the subdomain. For example, the registered domain for "foo.example.com" is "example.com". This value can be determined precisely with a list like the public suffix list (https://publicsuffix.org). Trying to approximate this by simply taking the last two labels will not work well for TLDs such as "co.uk". | keyword |
 | url.scheme | Scheme of the request, such as "https". Note: The `:` is not part of the scheme. | keyword |
 | url.subdomain | The subdomain portion of a fully qualified domain name includes all of the names except the host name under the registered_domain.  In a partially qualified domain, or if the the qualification level of the full name cannot be determined, subdomain contains all of the names below the registered domain. For example the subdomain portion of "www.east.mydomain.co.uk" is "east". If the domain has multiple levels of subdomain, such as "sub2.sub1.example.com", the subdomain field should contain "sub2.sub1", with no trailing period. | keyword |
-| url.top_level_domain | The effective top level domain (eTLD), also known as the domain suffix, is the last part of the domain name. For example, the top level domain for example.com is "com". This value can be determined precisely with a list like the public suffix list (http://publicsuffix.org). Trying to approximate this by simply taking the last label will not work well for effective TLDs such as "co.uk". | keyword |
+| url.top_level_domain | The effective top level domain (eTLD), also known as the domain suffix, is the last part of the domain name. For example, the top level domain for example.com is "com". This value can be determined precisely with a list like the public suffix list (https://publicsuffix.org). Trying to approximate this by simply taking the last label will not work well for effective TLDs such as "co.uk". | keyword |
 | url.username | Username of the request. | keyword |
 | user.email | User email address. | keyword |
 | user.id | Unique identifier of the user. | keyword |
@@ -473,7 +473,7 @@ An example event for `winlog` looks as following:
         "region": "us-east-1"
     },
     "ecs": {
-        "version": "8.11.0"
+        "version": "8.17.0"
     },
     "event": {
         "code": 92,

diff --git a/packages/hid_bravura_monitor/manifest.yml b/packages/hid_bravura_monitor/manifest.yml
@@ -1,6 +1,6 @@
 name: hid_bravura_monitor
 title: Bravura Monitor
-version: "1.19.0"
+version: "1.20.0"
 categories: ["security", "iam"]
 description: Collect logs from Bravura Security Fabric with Elastic Agent.
 type: integration

diff --git a/packages/microsoft_dhcp/_dev/build/build.yml b/packages/microsoft_dhcp/_dev/build/build.yml
@@ -1,3 +1,3 @@
 dependencies:
   ecs:
-    reference: "git@v8.11.0"
+    reference: "git@v8.17.0"
diff --git a/packages/microsoft_dhcp/changelog.yml b/packages/microsoft_dhcp/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.26.0"
+  changes:
+    - description: ECS version updated to 8.17.0.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/12636
 - version: "1.25.0"
   changes:
     - description: Add 9.0.0 constraint.