[Checkpoint Email] Add agentless deployment (#15450)

moxarth-rathod · web-flow · commit e252e30f3a33 · 2025-09-26T11:29:06.000+05:30
diff --git a/packages/checkpoint_email/_dev/build/docs/README.md b/packages/checkpoint_email/_dev/build/docs/README.md
@@ -4,6 +4,12 @@ Check Point's [Harmony Email & Collaboration](https://www.checkpoint.com/harmony
 
 The Check Point Harmony Email & Collaboration integration collects security event logs using REST API.
 
+## Agentless Enabled Integration
+
+Agentless integrations allow you to collect data without having to manage Elastic Agent in your cloud. They make manual agent deployment unnecessary, so you can focus on your data instead of the agent that collects it. For more information, refer to [Agentless integrations](https://www.elastic.co/guide/en/serverless/current/security-agentless-integrations.html) and the [Agentless integrations FAQ](https://www.elastic.co/guide/en/serverless/current/agentless-integration-troubleshooting.html).
+
+Agentless deployments are only supported in Elastic Serverless and Elastic Cloud environments.  This functionality is in beta and is subject to change. Beta features are not subject to the support SLA of official GA features.
+
 ## Data streams
 
 This integration collects the following logs:
diff --git a/packages/checkpoint_email/changelog.yml b/packages/checkpoint_email/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.3.0"
+  changes:
+    - description: Enable Agentless deployment.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15450
 - version: "1.2.0"
   changes:
     - description: Populate additional ECS fields for the event types `phishing`, `spam`, and `malicious_url`.
diff --git a/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml b/packages/checkpoint_email/data_stream/event/elasticsearch/ingest_pipeline/default.yml
@@ -5,6 +5,17 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.17.0
+  - remove:
+      field:
+        - organization
+        - division
+        - team
+      ignore_missing: true
+      if: ctx.organization instanceof String && ctx.division instanceof String && ctx.team instanceof String
+      tag: remove_agentless_tags
+      description: >-
+        Removes the fields added by Agentless as metadata,
+        as they can collide with ECS fields.
   - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
diff --git a/packages/checkpoint_email/docs/README.md b/packages/checkpoint_email/docs/README.md
@@ -4,6 +4,12 @@ Check Point's [Harmony Email & Collaboration](https://www.checkpoint.com/harmony
 
 The Check Point Harmony Email & Collaboration integration collects security event logs using REST API.
 
+## Agentless Enabled Integration
+
+Agentless integrations allow you to collect data without having to manage Elastic Agent in your cloud. They make manual agent deployment unnecessary, so you can focus on your data instead of the agent that collects it. For more information, refer to [Agentless integrations](https://www.elastic.co/guide/en/serverless/current/security-agentless-integrations.html) and the [Agentless integrations FAQ](https://www.elastic.co/guide/en/serverless/current/agentless-integration-troubleshooting.html).
+
+Agentless deployments are only supported in Elastic Serverless and Elastic Cloud environments.  This functionality is in beta and is subject to change. Beta features are not subject to the support SLA of official GA features.
+
 ## Data streams
 
 This integration collects the following logs:
diff --git a/packages/checkpoint_email/manifest.yml b/packages/checkpoint_email/manifest.yml
@@ -1,7 +1,7 @@
-format_version: 3.4.0
+format_version: 3.3.2
 name: checkpoint_email
 title: Check Point Harmony Email & Collaboration
-version: "1.2.0"
+version: "1.3.0"
 description: Collect logs from Check Point Harmony Email & Collaboration with Elastic Agent.
 type: integration
 categories:
@@ -10,7 +10,7 @@ categories:
   - email_security
 conditions:
   kibana:
-    version: "^8.16.0 || ^9.0.0"
+    version: "^8.18.0 || ^9.0.0"
   elastic:
     subscription: basic
 screenshots:
@@ -27,6 +27,14 @@ policy_templates:
   - name: checkpoint_email
     title: Check Point Harmony Email & Collaboration logs
     description: Collect Check Point Harmony Email & Collaboration logs.
+    deployment_modes:
+      default:
+        enabled: true
+      agentless:
+        enabled: true
+        organization: security
+        division: engineering
+        team: security-service-integrations
     inputs:
       - type: cel
         title: Collect Check Point Harmony Email & Collaboration logs via API
