[Enhancement] Update categories for packages (elastic#14571)

* update category

* update according to the comments

* more comments from PR

* added security global category to those packages that are related to security

* make all integrations having parent category

* add observability to another package

* introduce final comments

Author: trisch-me

packages/abnormal_security/manifest.yml

@@ -6,6 +6,10 @@ description: Collect logs from Abnormal AI with Elastic Agent.
 type: integration
 categories:
   - security
+  # Added email_security category as this integration focuses on email security and mailbox protection
+  - email_security
+  # Added threat_intel category as it includes threat detection and case management for email security threats
+  - threat_intel
 conditions:
   kibana:
     version: "^8.17.0 || ^9.0.0"

packages/activemq/manifest.yml

@@ -12,6 +12,10 @@ format_version: "3.0.2"
 categories:
   - message_queue
   - observability
+  # Added monitoring category as this integration collects metrics for monitoring ActiveMQ instances
+  - monitoring
+  # Added infrastructure category as ActiveMQ is part of the infrastructure stack
+  - infrastructure
 conditions:
   kibana:
     version: "^8.13.0 || ^9.0.0"

packages/admin_by_request_epm/manifest.yml

@@ -8,6 +8,10 @@ description: "Collect logs from Admin By Request EPM with Elastic Agent."
 type: integration
 categories:
   - security
+  # Added iam category as Admin By Request EPM is focused on privilege management and administrative access control
+  - iam
+  # Added credential_management category as it deals with elevated privileges management
+  - credential_management
 conditions:
   kibana:
     version: "^8.15.3 || ^9.0.0"

packages/airflow/manifest.yml

@@ -6,6 +6,8 @@ type: integration
 format_version: "3.0.0"
 categories:
   - observability
+  # Added process_manager category as Airflow is a workflow management platform that schedules and monitors workflows
+  - process_manager
 conditions:
   kibana:
     version: "^8.13.0 || ^9.0.0"

packages/amazon_security_lake/manifest.yml

@@ -4,7 +4,11 @@ title: Amazon Security Lake
 version: "2.7.1"
 description: Collect logs from Amazon Security Lake with Elastic Agent.
 type: integration
-categories: ["aws", "security"]
+categories:
+  - aws
+  - security
+  # Added siem category as it functions as a security information and event management system for AWS resources
+  - siem
 conditions:
   kibana:
     version: "^8.16.5 || ^9.0.0"

packages/apache_spark/manifest.yml

@@ -7,6 +7,10 @@ type: integration
 categories:
   - observability
   - analytics_engine
+  # Added big_data category as Apache Spark is a unified analytics engine for large-scale data processing
+  - big_data
+  # Added stream_processing category as Spark includes capabilities for stream processing with Spark Streaming
+  - stream_processing
 conditions:
   kibana:
     version: "^8.13.0 || ^9.0.0"

packages/apache_tomcat/manifest.yml

@@ -3,7 +3,11 @@ name: apache_tomcat
 title: Apache Tomcat
 version: "1.12.0"
 description: Collect and parse logs and metrics from Apache Tomcat servers with Elastic Agent.
-categories: ["web", "observability"]
+categories:
+  - web
+  - observability
+  # Added application_observability category as Apache Tomcat is an application server, and this integration provides detailed application-level metrics and logs
+  - application_observability
 type: integration
 conditions:
   kibana:

packages/apm/manifest.yml

@@ -4,7 +4,11 @@ title: Elastic APM
 version: 9.1.0-preview-1747764883
 description: Monitor, detect, and diagnose complex application performance issues.
 type: integration
-categories: ["elastic_stack", "monitoring"]
+categories:
+  - elastic_stack
+  - monitoring
+  # Observability is a parent category for monitoring
+  - observability
 conditions:
   elastic:
     capabilities:

packages/arista_ngfw/manifest.yml

@@ -8,6 +8,14 @@ description: "Collect logs and metrics from Arista NG Firewall."
 type: integration
 categories:
   - network
+  # Added network_security category as Arista NGFW is primarily a network security device
+  - network_security
+  # Added firewall_security category as it provides firewall capabilities and logs firewall events
+  - firewall_security
+  # Added ids_ips category as it includes intrusion prevention system functionality
+  - ids_ips
+  # Added global security category as this integration collects security-relevant data
+  - security
 conditions:
   kibana:
     version: "^8.11.0 || ^9.0.0"

packages/armis/manifest.yml

@@ -6,6 +6,10 @@ description: Collect logs from Armis with Elastic Agent.
 type: integration
 categories:
   - security
+  # Added vulnerability_management category as it detects and manages vulnerabilities across devices
+  - vulnerability_management
+  # Added network_security category as it monitors and protects devices across the network
+  - network_security
 conditions:
   kibana:
     version: "^8.18.0 || ^9.0.0"