Merge branch 'main' into chore/event-original-part2

Author: taylor-swanson

.buildkite/pipeline.schedule-daily.yml

@@ -34,7 +34,7 @@ steps:
       env:
         SERVERLESS: "false"
         FORCE_CHECK_ALL: "true"
-        STACK_VERSION: 8.19.6-SNAPSHOT
+        STACK_VERSION: 8.19.7-SNAPSHOT
         PUBLISH_COVERAGE_REPORTS: "true"
     depends_on:
       - step: "check"
@@ -48,7 +48,7 @@ steps:
       env:
         SERVERLESS: "false"
         FORCE_CHECK_ALL: "true"
-        STACK_VERSION: 8.19.6-SNAPSHOT
+        STACK_VERSION: 8.19.7-SNAPSHOT
         STACK_LOGSDB_ENABLED: "true"
         PUBLISH_COVERAGE_REPORTS: "false"
     depends_on:

packages/aws/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "4.3.2"
+  changes:
+    - description: Update transform to filter out document containing an error.message from AWS Config, AWS Inspector, and AWS Security Hub latest indexes.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/15722
 - version: "4.3.1"
   changes:
     - description: Update the AWS CloudWatch documentation.

packages/aws/elasticsearch/transform/latest_cdr_misconfigurations/transform.yml

@@ -1,6 +1,11 @@
 source:
   index:
     - "logs-aws.securityhub_findings_full_posture-*"
+  query:
+    bool:
+      must_not:
+        exists:
+          field: error.message
 dest:
   index: "security_solution-aws.misconfiguration_latest-v2"
   aliases:
@@ -27,4 +32,4 @@ _meta:
   managed: true
   # Bump this version to delete, reinstall, and restart the transform during package.
   # Version bump is needed if there is any code change in transform.
-  fleet_transform_version: 0.2.0
+  fleet_transform_version: 0.2.1

packages/aws/elasticsearch/transform/latest_cdr_misconfigurations_awsconfig/transform.yml

@@ -2,6 +2,11 @@
 source:
   index:
     - "logs-aws.config-*"
+  query:
+    bool:
+      must_not:
+        exists:
+          field: error.message
 dest:
   index: "security_solution-awsconfig.misconfiguration_latest-v1"
   aliases:
@@ -30,4 +35,4 @@ _meta:
   managed: true
   # Bump this version to delete, reinstall, and restart the transform during
   # package installation.
-  fleet_transform_version: 0.1.0
+  fleet_transform_version: 0.1.1

packages/aws/elasticsearch/transform/latest_cdr_vulnerabilities_awsinspector/transform.yml

@@ -8,6 +8,9 @@ source:
             aws.inspector.status: ACTIVE
         - match:
             aws.inspector.type: PACKAGE_VULNERABILITY
+      must_not:
+        exists:
+          field: error.message
 dest:
   index: "security_solution-awsinspector.vulnerability_latest-v1"
   aliases:
@@ -33,4 +36,4 @@ _meta:
   managed: true
   # Bump this version to delete, reinstall, and restart the transform during package.
   # Version bump is needed if there is any code change in transform.
-  fleet_transform_version: 0.1.0
+  fleet_transform_version: 0.1.1

packages/aws/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.3.2
 name: aws
 title: AWS
-version: "4.3.1"
+version: "4.3.2"
 description: Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent.
 type: integration
 categories:

packages/cloud_security_posture/changelog.yml

@@ -16,6 +16,11 @@
 # 1.4.x - 8.9.x
 # 1.3.x - 8.8.x
 # 1.2.x - 8.7.x
+- version: "3.1.1"
+  changes:
+    - description: Update transform to filter out documents containing an error message from latest vulnerability and misconfiguration indexes.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15722
 - version: "3.1.0"
   changes:
     - description: Release version 3.1.0

packages/cloud_security_posture/elasticsearch/transform/misconfiguration/transform.yml

@@ -1,6 +1,11 @@
 source:
   index:
     - "logs-cloud_security_posture.findings-*"
+  query:
+    bool:
+      must_not:
+        exists:
+          field: error.message
 dest:
   index: "security_solution-cloud_security_posture.misconfiguration_latest-v1"
   aliases:
@@ -27,4 +32,4 @@ _meta:
   managed: true
   # Bump this version to delete, reinstall, and restart the transform during package.
   # Version bump is needed if there is any code change in transform.
-  fleet_transform_version: 0.2.0
+  fleet_transform_version: 0.2.1

packages/cloud_security_posture/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.3.2
 name: cloud_security_posture
 title: "Security Posture Management"
-version: "3.1.0"
+version: "3.1.1"
 source:
   license: "Elastic-2.0"
 description: "Identify & remediate configuration risks in your Cloud infrastructure"

packages/fortinet_fortiproxy/changelog.yml

@@ -4,6 +4,11 @@
     - description: Preserve event.original on pipeline error.
       type: enhancement
       link: https://github.com/elastic/integrations/pull/15798
+- version: "1.2.3"
+  changes:
+    - description: add support for malformed quotes and log version field
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/15766
 - version: "1.2.2"
   changes:
     - description: Generate processor tags and normalize error handler.