Merge branch 'lens_migration-apache-metrics-8.3.0' of https://github.…

…com/harnish-elastic/integrations into lens_migration-apache-metrics-8.3.0
elastic · Apr 5, 2023 · 7abe485 · 7abe485
2 parents e9bd2f0 + a3b4406
commit 7abe485
Show file tree

Hide file tree

Showing 15 changed files with 59 additions and 12 deletions.
diff --git a/packages/aws/_dev/build/docs/cloudwatch.md b/packages/aws/_dev/build/docs/cloudwatch.md
@@ -40,6 +40,14 @@ When you configure the AWS integration, you can collect data from as many AWS se
 For step-by-step instructions on how to set up an integration, see the
 {{ url "getting-started-observability" "Getting started" }} guide.
 
+### Advanced
+
+#### Latency
+
+Log events on the busies log groups may require a longer time before they are available to CloudWatch Logs.
+
+The CloudWatch integration offers the `latency` setting to cope with this scenario. Latency translates the query's time range to consider the CloudWatch Logs latency. For example, a `5m` latency means the integration will query CloudWatch for logs available 5 minutes ago.
+
 ## Logs reference
 
 The `cloudwatch` data stream collects CloudWatch logs. Users can use Amazon

diff --git a/packages/aws/changelog.yml b/packages/aws/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.33.0"
+  changes:
+    - description: Add latency configuration option on the CloudWatch Logs integration.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/5777
 - version: "1.32.2"
   changes:
     - description: Fix a minor documentation format issue.

diff --git a/packages/aws/data_stream/cloudwatch_logs/agent/stream/aws-cloudwatch.yml.hbs b/packages/aws/data_stream/cloudwatch_logs/agent/stream/aws-cloudwatch.yml.hbs
@@ -53,6 +53,10 @@ scan_frequency: {{ scan_frequency }}
 api_sleep: {{ api_sleep }}
 {{/if}}
 
+{{#if latency }}
+latency: {{ latency }}
+{{/if}}
+
 {{#if credential_profile_name}}
 credential_profile_name: {{credential_profile_name}}
 {{/if}}

diff --git a/packages/aws/data_stream/cloudwatch_logs/manifest.yml b/packages/aws/data_stream/cloudwatch_logs/manifest.yml
@@ -149,6 +149,13 @@ streams:
         show_user: false
         default: 200ms
         description: This is used to sleep between AWS FilterLogEvents API calls inside the same collection period. `FilterLogEvents` API has a quota of 5 transactions per second (TPS)/account/Region. This value should only be adjusted when there are multiple Filebeats or multiple Filebeat inputs collecting logs from the same region and AWS account.
+      - name: latency
+        type: text
+        title: Latency
+        multi: false
+        required: false
+        show_user: false
+        description: "The amount of time required for the logs to be available to CloudWatch Logs. Sample values, `1m` or `5m` — see Golang [time.ParseDuration](https://pkg.go.dev/time#ParseDuration) for more details. Latency translates the query's time range to consider the CloudWatch Logs latency. Example: `5m` means that the integration will query CloudWatch to search for logs available 5 minutes ago."
       - name: tags
         type: text
         title: Tags

diff --git a/packages/aws/docs/cloudwatch.md b/packages/aws/docs/cloudwatch.md
@@ -40,6 +40,14 @@ When you configure the AWS integration, you can collect data from as many AWS se
 For step-by-step instructions on how to set up an integration, see the
 [Getting started](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-observability.html) guide.
 
+### Advanced
+
+#### Latency
+
+Log events on the busies log groups may require a longer time before they are available to CloudWatch Logs.
+
+The CloudWatch integration offers the `latency` setting to cope with this scenario. Latency translates the query's time range to consider the CloudWatch Logs latency. For example, a `5m` latency means the integration will query CloudWatch for logs available 5 minutes ago.
+
 ## Logs reference
 
 The `cloudwatch` data stream collects CloudWatch logs. Users can use Amazon

diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: aws
 title: AWS
-version: 1.32.2
+version: 1.33.0
 license: basic
 description: Collect logs and metrics from Amazon Web Services with Elastic Agent.
 type: integration

diff --git a/packages/cisco_umbrella/changelog.yml b/packages/cisco_umbrella/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.9.2"
+  changes:
+    - description: Revert Umbrella S3 multiline.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/5785
 - version: "1.9.1"
   changes:
     - description: Fix indentation.

diff --git a/packages/cisco_umbrella/data_stream/log/agent/stream/aws-s3.yml.hbs b/packages/cisco_umbrella/data_stream/log/agent/stream/aws-s3.yml.hbs
@@ -17,11 +17,6 @@ file_selectors:
   - regex: {{bucket_list_prefix}}/intrusionlogs/.+
   - regex: {{bucket_list_prefix}}/dlplogs/.+
   - regex: {{bucket_list_prefix}}/auditlogs/.+
-    parsers:
-      - multiline:
-        pattern: '"$'
-        negate: true
-        match: before
 {{/if}}
 {{#if region}}
 default_region: {{region}}

diff --git a/packages/cisco_umbrella/manifest.yml b/packages/cisco_umbrella/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: cisco_umbrella
 title: Cisco Umbrella
-version: "1.9.1"
+version: "1.9.2"
 license: basic
 description: Collect logs from Cisco Umbrella with Elastic Agent.
 type: integration

diff --git a/packages/cloud_defend/changelog.yml b/packages/cloud_defend/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.0.2"
+  changes:
+    - description: Added mapping for cloud_defend.trace_point. Fixed host.name and host.hostname examples, and added cloud.instance.name to field list in README.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/5793
 - version: "1.0.1"
   changes:
     - description: Default policy updated to include new file/process selector schema.

diff --git a/packages/cloud_defend/data_stream/alerts/fields/fields.yml b/packages/cloud_defend/data_stream/alerts/fields/fields.yml
@@ -7,6 +7,9 @@
 - name: cloud_defend.package_policy_revision
   type: short
   description: The revision of the cloud_defend.package_policy_id
+- name: cloud_defend.trace_point
+  type: keyword
+  description: The trace point used to trigger the event.
 - name: orchestrator.resource.label
   type: flattened
   description: An object containing the labels for the resource being acted upon.

diff --git a/packages/cloud_defend/data_stream/file/fields/fields.yml b/packages/cloud_defend/data_stream/file/fields/fields.yml
@@ -7,6 +7,9 @@
 - name: cloud_defend.package_policy_revision
   type: short
   description: The revision of the cloud_defend.package_policy_id
+- name: cloud_defend.trace_point
+  type: keyword
+  description: The trace point used to trigger the event.
 - name: orchestrator.resource.label
   type: flattened
   description: An object containing the labels for the resource being acted upon.

diff --git a/packages/cloud_defend/data_stream/process/fields/fields.yml b/packages/cloud_defend/data_stream/process/fields/fields.yml
@@ -7,6 +7,9 @@
 - name: cloud_defend.package_policy_revision
   type: short
   description: The revision of the cloud_defend.package_policy_id
+- name: cloud_defend.trace_point
+  type: keyword
+  description: The trace point used to trigger the event.
 - name: orchestrator.resource.label
   type: flattened
   description: An object containing the labels for the resource being acted upon.

diff --git a/packages/cloud_defend/docs/README.md b/packages/cloud_defend/docs/README.md
@@ -166,6 +166,7 @@ responses:
 | [cloud.account.id](https://www.elastic.co/guide/en/ecs/current/ecs-cloud.html#field-cloud-account-id) | '1234567abc' |
 | [cloud.account.name](https://www.elastic.co/guide/en/ecs/current/ecs-cloud.html#field-cloud-account-name) | 'elastic-dev' |
 | [cloud.availability_zone](https://www.elastic.co/guide/en/ecs/current/ecs-cloud.html#field-cloud-availability-zone) | us-east-1c |
+| [cloud.instance.name](https://www.elastic.co/guide/en/ecs/current/ecs-cloud.html#field-cloud-instance-name) | 'webapp-node' |
 | [cloud.project.id](https://www.elastic.co/guide/en/ecs/current/ecs-cloud.html#field-cloud-project-id) | '123456abc' |
 | [cloud.project.name](https://www.elastic.co/guide/en/ecs/current/ecs-cloud.html#field-cloud-project-name) | 'staging' |
 | [cloud.provider](https://www.elastic.co/guide/en/ecs/current/ecs-cloud.html#field-cloud-provider) | aws |
@@ -196,9 +197,9 @@ responses:
 | [host.boot.id](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-boot-id) | '815a760f-8153-49e1-9d0b-da0d3b2a468c' |
 | [host.id](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-id) | '1bb9e6a948dfb1c3cd38d1fdc8de4481' |
 | [host.ip](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-ip) | ['127.0.0.1', '172.20.0.2', '172.18.0.6'] |
-| [host.hostname](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-hostname) | 'docker-custom-agent' |
+| [host.hostname](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-hostname) | 'kibana-node' |
 | [host.mac](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-mac) | ['32:a9:cc:26:4c:e5', '7a:ec:f0:3e:29:ee'] |
-| [host.name](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-name) | 'docker-custom-agent' |
+| [host.name](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-name) | 'kibana-node.myapp.co' |
 | [host.os.family](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-os-family) | 'ubuntu' |
 | [host.os.full](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-os-full) | 'Ubuntu 20.04.5' |
 | [host.os.kernel](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-os-kernel) | '5.10.161+ #1 SMP Thu Jan 5 22:49:42 UTC 2023' |
@@ -320,9 +321,9 @@ responses:
 | [host.boot.id](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-boot-id) | '815a760f-8153-49e1-9d0b-da0d3b2a468c' |
 | [host.id](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-id) | '1bb9e6a948dfb1c3cd38d1fdc8de4481' |
 | [host.ip](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-ip) | ['127.0.0.1', '172.20.0.2', '172.18.0.6'] |
-| [host.hostname](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-hostname) | 'docker-custom-agent' |
+| [host.hostname](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-hostname) | 'kibana-node' |
 | [host.mac](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-mac) | ['32:a9:cc:26:4c:e5', '7a:ec:f0:3e:29:ee'] |
-| [host.name](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-name) | 'docker-custom-agent' |
+| [host.name](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-name) | 'kibana-node.myapp.co' |
 | [host.os.family](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-os-family) | 'ubuntu' |
 | [host.os.full](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-os-full) | 'Ubuntu 20.04.5' |
 | [host.os.kernel](https://www.elastic.co/guide/en/ecs/current/ecs-host.html#field-host-os-kernel) | '5.10.161+ #1 SMP Thu Jan 5 22:49:42 UTC 2023' |

diff --git a/packages/cloud_defend/manifest.yml b/packages/cloud_defend/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 2.3.0
 name: cloud_defend
 title: "Defend for Containers"
-version: 1.0.1
+version: 1.0.2
 source:
   license: "Elastic-2.0"
 description: "Elastic Defend for Containers provides cloud-native runtime protections for containerized environments."