elastic
diff --git a/‎.github/CODEOWNERS
+46-45 b/‎.github/CODEOWNERS
+46-45
diff --git a/‎docs/developer_workflow_bug_fix_older_package_version.md
+1-1 b/‎docs/developer_workflow_bug_fix_older_package_version.md
+1-1
diff --git a/‎docs/fine_tune_integration.md
+2-2 b/‎docs/fine_tune_integration.md
+2-2
diff --git a/‎go.mod
+2-2 b/‎go.mod
+2-2
diff --git a/‎go.sum
+4-3 b/‎go.sum
+4-3
diff --git a/‎packages/1password/_dev/build/build.yml
+1-1 b/‎packages/1password/_dev/build/build.yml
+1-1
diff --git a/‎packages/1password/changelog.yml
+5 b/‎packages/1password/changelog.yml
+5
diff --git a/‎packages/1password/data_stream/audit_events/_dev/test/pipeline/test-auditevents.json-expected.json
+2-2 b/‎packages/1password/data_stream/audit_events/_dev/test/pipeline/test-auditevents.json-expected.json
+2-2
diff --git a/‎packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml
+1-1 b/‎packages/1password/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml
+1-1
diff --git a/‎packages/1password/data_stream/audit_events/sample_event.json
+8-8 b/‎packages/1password/data_stream/audit_events/sample_event.json
+8-8
diff --git a/‎packages/1password/data_stream/item_usages/_dev/test/pipeline/test-itemusages.json-expected.json
+2-2 b/‎packages/1password/data_stream/item_usages/_dev/test/pipeline/test-itemusages.json-expected.json
+2-2
diff --git a/‎packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml
+1-1 b/‎packages/1password/data_stream/item_usages/elasticsearch/ingest_pipeline/default.yml
+1-1
@@ -7,11 +7,11 @@
 
 # Package owners below.
 /packages/1password @elastic/security-external-integrations
-/packages/activemq @elastic/obs-service-integrations
+/packages/activemq @elastic/obs-infraobs-integrations
 /packages/akamai @elastic/security-external-integrations
-/packages/apache @elastic/obs-service-integrations
-/packages/apache_spark @elastic/obs-service-integrations
-/packages/apache_tomcat @elastic/obs-service-integrations
+/packages/apache @elastic/obs-infraobs-integrations
+/packages/apache_spark @elastic/obs-infraobs-integrations
+/packages/apache_tomcat @elastic/obs-infraobs-integrations
 /packages/atlassian_bitbucket @elastic/security-external-integrations
 /packages/atlassian_confluence @elastic/security-external-integrations
 /packages/atlassian_jira @elastic/security-external-integrations
@@ -37,10 +37,10 @@
 /packages/box_events @elastic/security-external-integrations
 /packages/carbon_black_cloud @elastic/security-external-integrations
 /packages/carbonblack_edr @elastic/security-external-integrations
-/packages/cassandra @elastic/obs-service-integrations
+/packages/cassandra @elastic/obs-infraobs-integrations
 /packages/cef @elastic/security-external-integrations
 /packages/cel @elastic/security-external-integrations
-/packages/ceph @elastic/obs-service-integrations
+/packages/ceph @elastic/obs-infraobs-integrations
 /packages/checkpoint @elastic/security-external-integrations
 /packages/cisco_aironet @elastic/security-external-integrations
 /packages/cisco_asa @elastic/security-external-integrations
@@ -54,16 +54,16 @@
 /packages/cisco_nexus @elastic/security-external-integrations
 /packages/cisco_secure_endpoint @elastic/security-external-integrations
 /packages/cisco_umbrella @elastic/security-external-integrations
-/packages/citrix_adc @elastic/obs-service-integrations
+/packages/citrix_adc @elastic/obs-infraobs-integrations
 /packages/citrix_waf @elastic/security-external-integrations
 /packages/cloud_security_posture @elastic/cloud-security-posture
 /packages/cloudflare @elastic/security-external-integrations
 /packages/cloudflare_logpush @elastic/security-external-integrations
-/packages/cockroachdb @elastic/obs-service-integrations
+/packages/cockroachdb @elastic/obs-infraobs-integrations
 /packages/containerd @elastic/obs-cloudnative-monitoring
-/packages/coredns @elastic/obs-service-integrations
-/packages/couchbase @elastic/obs-service-integrations
-/packages/couchdb @elastic/obs-service-integrations
+/packages/coredns @elastic/obs-infraobs-integrations
+/packages/couchbase @elastic/obs-infraobs-integrations
+/packages/couchdb @elastic/obs-infraobs-integrations
 /packages/crowdstrike @elastic/security-external-integrations
 /packages/cyberark @elastic/security-external-integrations
 /packages/cyberark_pta @elastic/security-external-integrations
@@ -76,7 +76,7 @@
 /packages/elastic_package_registry @elastic/ecosystem
 /packages/elasticsearch @elastic/infra-monitoring-ui
 /packages/enterprisesearch @elastic/infra-monitoring-ui
-/packages/etcd @elastic/obs-service-integrations
+/packages/etcd @elastic/obs-infraobs-integrations
 /packages/f5 @elastic/security-external-integrations
 /packages/f5_bigip @elastic/security-external-integrations
 /packages/fim @elastic/security-external-integrations
@@ -93,17 +93,17 @@
 /packages/gcp @elastic/security-external-integrations @elastic/obs-cloud-monitoring
 /packages/gcp_pubsub @elastic/security-external-integrations
 /packages/github @elastic/security-external-integrations
-/packages/golang @elastic/obs-service-integrations
+/packages/golang @elastic/obs-infraobs-integrations
 /packages/google_cloud_storage @elastic/security-external-integrations
 /packages/google_workspace @elastic/security-external-integrations
-/packages/hadoop @elastic/obs-service-integrations
-/packages/haproxy @elastic/obs-service-integrations
+/packages/hadoop @elastic/obs-infraobs-integrations
+/packages/haproxy @elastic/obs-infraobs-integrations
 /packages/hashicorp_vault @elastic/security-external-integrations
 /packages/hid_bravura_monitor @elastic/security-external-integrations
 /packages/http_endpoint @elastic/security-external-integrations
 /packages/httpjson @elastic/security-external-integrations
-/packages/ibmmq @elastic/obs-service-integrations
-/packages/iis @elastic/obs-service-integrations
+/packages/ibmmq @elastic/obs-infraobs-integrations
+/packages/iis @elastic/obs-infraobs-integrations
 /packages/imperva @elastic/security-external-integrations
 /packages/infoblox @elastic/security-external-integrations
 /packages/infoblox_bloxone_ddi @elastic/security-external-integrations
@@ -117,8 +117,8 @@
 /packages/juniper @elastic/security-external-integrations
 /packages/juniper_netscreen @elastic/security-external-integrations
 /packages/juniper_srx @elastic/security-external-integrations
-/packages/kafka @elastic/obs-service-integrations
-/packages/kafka_log @elastic/obs-service-integrations
+/packages/kafka @elastic/obs-infraobs-integrations
+/packages/kafka_log @elastic/obs-infraobs-integrations
 /packages/keycloak @elastic/security-external-integrations
 /packages/kibana @elastic/infra-monitoring-ui
 /packages/kubernetes @elastic/obs-cloudnative-monitoring
@@ -130,49 +130,49 @@
 /packages/lyve_cloud @elastic/security-external-integrations
 /packages/m365_defender @elastic/security-external-integrations
 /packages/mattermost @elastic/security-external-integrations
-/packages/memcached @elastic/obs-service-integrations
+/packages/memcached @elastic/obs-infraobs-integrations
 /packages/microsoft_defender_endpoint @elastic/security-external-integrations
 /packages/microsoft_dhcp @elastic/security-external-integrations
 /packages/microsoft_exchange_online_message_trace @elastic/security-external-integrations
 /packages/microsoft @elastic/security-external-integrations
-/packages/microsoft_sqlserver @elastic/obs-service-integrations
+/packages/microsoft_sqlserver @elastic/obs-infraobs-integrations
 /packages/mimecast @elastic/security-external-integrations
 /packages/modsecurity @elastic/security-external-integrations
-/packages/mongodb @elastic/obs-service-integrations
+/packages/mongodb @elastic/obs-infraobs-integrations
 /packages/mysql_enterprise @elastic/security-external-integrations
-/packages/mysql @elastic/obs-service-integrations
-/packages/nagios_xi @elastic/obs-service-integrations
+/packages/mysql @elastic/obs-infraobs-integrations
+/packages/nagios_xi @elastic/obs-infraobs-integrations
 /packages/nats @elastic/obs-cloudnative-monitoring
 /packages/netflow @elastic/security-external-integrations
 /packages/netscout @elastic/security-external-integrations
 /packages/netskope @elastic/security-external-integrations
 /packages/network_traffic @elastic/security-external-integrations
 /packages/nginx_ingress_controller @elastic/obs-cloudnative-monitoring
-/packages/nginx @elastic/obs-service-integrations
+/packages/nginx @elastic/obs-infraobs-integrations
 /packages/o365 @elastic/security-external-integrations
 /packages/okta @elastic/security-external-integrations
-/packages/oracle @elastic/obs-service-integrations
-/packages/oracle_weblogic @elastic/obs-service-integrations
+/packages/oracle @elastic/obs-infraobs-integrations
+/packages/oracle_weblogic @elastic/obs-infraobs-integrations
 /packages/osquery_manager @elastic/security-asset-management
 /packages/osquery @elastic/security-external-integrations
 /packages/panw_cortex_xdr @elastic/security-external-integrations
 /packages/panw @elastic/security-external-integrations
 /packages/pfsense @elastic/security-external-integrations
-/packages/php_fpm @elastic/obs-service-integrations
+/packages/php_fpm @elastic/obs-infraobs-integrations
 /packages/ping_one @elastic/security-external-integrations
-/packages/postgresql @elastic/obs-service-integrations
+/packages/postgresql @elastic/obs-infraobs-integrations
 /packages/problemchild @elastic/ml-ui @elastic/sec-applied-ml
 /packages/prometheus @elastic/obs-cloudnative-monitoring
 /packages/proofpoint @elastic/security-external-integrations
 /packages/proofpoint_tap @elastic/security-external-integrations
 /packages/pulse_connect_secure @elastic/security-external-integrations
 /packages/qnap_nas @elastic/security-external-integrations
-/packages/rabbitmq @elastic/obs-service-integrations
+/packages/rabbitmq @elastic/obs-infraobs-integrations
 /packages/radware @elastic/security-external-integrations
 /packages/rapid7_insightvm @elastic/security-external-integrations
-/packages/redis @elastic/obs-service-integrations
-/packages/redisenterprise @elastic/obs-service-integrations
-/packages/salesforce @elastic/obs-service-integrations
+/packages/redis @elastic/obs-infraobs-integrations
+/packages/redisenterprise @elastic/obs-infraobs-integrations
+/packages/salesforce @elastic/obs-infraobs-integrations
 /packages/santa @elastic/security-external-integrations
 /packages/security_detection_engine @elastic/protections
 /packages/sentinel_one @elastic/security-external-integrations
@@ -183,7 +183,7 @@
 /packages/sonicwall_firewall @elastic/security-external-integrations
 /packages/sophos @elastic/security-external-integrations
 /packages/sophos_central @elastic/security-external-integrations
-/packages/spring_boot @elastic/obs-service-integrations
+/packages/spring_boot @elastic/obs-infraobs-integrations
 /packages/squid @elastic/security-external-integrations
 /packages/stan @elastic/obs-cloudnative-monitoring
 /packages/suricata @elastic/security-external-integrations
@@ -209,35 +209,36 @@
 /packages/ti_threatq @elastic/security-external-integrations
 /packages/ti_util @elastic/security-external-integrations
 /packages/tines @elastic/security-external-integrations
-/packages/tomcat @elastic/obs-service-integrations
-/packages/traefik @elastic/obs-service-integrations
+/packages/tomcat @elastic/obs-infraobs-integrations
+/packages/traefik @elastic/obs-infraobs-integrations
 /packages/trellix_epo_cloud @elastic/security-external-integrations
 /packages/trendmicro @elastic/security-external-integrations
 /packages/trend_micro_vision_one @elastic/security-external-integrations
 /packages/udp @elastic/security-external-integrations
 /packages/universal_profiling_agent @elastic/profiling
+/packages/universal_profiling_collector @elastic/profiling
 /packages/universal_profiling_symbolizer @elastic/profiling
 /packages/vectra_detect @elastic/security-external-integrations
-/packages/vsphere @elastic/obs-service-integrations
-/packages/websphere_application_server @elastic/obs-service-integrations
+/packages/vsphere @elastic/obs-infraobs-integrations
+/packages/websphere_application_server @elastic/obs-infraobs-integrations
 /packages/windows @elastic/elastic-agent-data-plane @elastic/security-external-integrations
 /packages/winlog @elastic/security-external-integrations
 /packages/zeek @elastic/security-external-integrations
 /packages/zerofox @elastic/security-external-integrations
-/packages/zookeeper @elastic/obs-service-integrations
+/packages/zookeeper @elastic/obs-infraobs-integrations
 /packages/zoom @elastic/security-external-integrations
 /packages/zscaler @elastic/security-external-integrations
 /packages/zscaler_zia @elastic/security-external-integrations
 /packages/zscaler_zpa @elastic/security-external-integrations
 /packages/platform_observability @elastic/infra-monitoring-ui
-/packages/influxdb @elastic/obs-service-integrations
-/packages/jolokia_input @elastic/obs-service-integrations
+/packages/influxdb @elastic/obs-infraobs-integrations
+/packages/jolokia_input @elastic/obs-infraobs-integrations
 /packages/ded @elastic/ml-ui @elastic/sec-applied-ml
 /packages/cloud_defend @elastic/sec-cloudnative-integrations
 /packages/lmd @elastic/ml-ui @elastic/sec-applied-ml
 /packages/gcp_metrics @elastic/obs-cloud-monitoring
-/packages/airflow @elastic/obs-service-integrations
-/packages/sql_input @elastic/obs-service-integrations
-/packages/statsd_input @elastic/obs-service-integrations
+/packages/airflow @elastic/obs-infraobs-integrations
+/packages/sql_input @elastic/obs-infraobs-integrations
+/packages/statsd_input @elastic/obs-infraobs-integrations
 /packages/zeronetworks @elastic/security-external-integrations
-/packages/prometheus_input @elastic/obs-service-integrations
+/packages/prometheus_input @elastic/obs-infraobs-integrations
@@ -8,7 +8,7 @@ for Kibana version 7.x and bumped the AWS package version from 1.19.5 to 1.20.0.
 a bug in the EC2 dashboard that needs to be fixed with Kibana version 7.x. So instead of
 adding a new AWS package version 1.23.5, we need to fix it between 1.19.5 and 1.20.0.
 
-Here there wil be detailed the steps to follow to release a fix for a given package version:
+Follow these detailed steps to release a fix for a given package version:
 
 1. **Find git commit (package version) that needs to be fixed**
 
 
@@ -129,11 +129,11 @@ what's been already fixed, as the script has overridden part of it).
 
     Due to changed templating engine from a standard Golang one to [handlebars](https://handlebarsjs.com/), it may be
     hard to automatically convert the Filebeat input configuration (nested variables, many representations, conditions,
-    loops). Kindly please to review the output stream configuration and review potential bugs.
+    loops). Please review the output stream configuration and identify potential bugs.
 
 11. Update docs template with sample events.
 
-    The events collected by the agent slightly differ from original, Metricbeat's and Filebeat's, ones. Adjust the event
+    The events collected by the agent slightly differ from the original, Metricbeat and Filebeat, ones. Adjust the event
     content manually basing on already migrated integrations (e.g. [MySQL integration](https://github.com/elastic/integrations/blob/main/packages/mysql/_dev/build/docs/README.md))
     or copy them once managed to run whole setup with real agent.
 
 
@@ -9,8 +9,8 @@ require (
 	github.com/elastic/package-registry v1.20.0
 	github.com/magefile/mage v1.15.0
 	github.com/pkg/errors v0.9.1
-	github.com/stretchr/testify v1.8.2
-	golang.org/x/tools v0.9.1
+	github.com/stretchr/testify v1.8.4
+	golang.org/x/tools v0.9.3
 	gopkg.in/yaml.v2 v2.4.0
 )
 
 
@@ -426,8 +426,9 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
 github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
 github.com/tklauser/go-sysconf v0.3.11 h1:89WgdJhk5SNwJfu+GKyYveZ4IaJ7xAkecBo+KdJV0CM=
@@ -626,8 +627,8 @@ golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo=
 golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.9.1 h1:8WMNJAz3zrtPmnYC7ISf5dEn3MT0gY7jBJfw27yrrLo=
-golang.org/x/tools v0.9.1/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
+golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
+golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 
@@ -1,3 +1,3 @@
 dependencies:
   ecs:
-    reference: git@8.7
+    reference: git@8.8
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.13.0"
+  changes:
+    - description: Update package to ECS 8.8.0 and package-spec 2.7.0.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/6373
 - version: "1.12.0"
   changes:
     - description: Add a new flag to enable request tracing
 
@@ -3,7 +3,7 @@
         {
             "@timestamp": "2022-10-24T21:16:52.827Z",
             "ecs": {
-                "version": "8.7.0"
+                "version": "8.8.0"
             },
             "event": {
                 "action": "suspend",
@@ -67,7 +67,7 @@
         {
             "@timestamp": "2022-10-24T21:16:52.827Z",
             "ecs": {
-                "version": "8.7.0"
+                "version": "8.8.0"
             },
             "event": {
                 "action": "suspend",
 
@@ -16,7 +16,7 @@ processors:
   #######################
   - set:
       field: ecs.version
-      value: "8.7.0"
+      value: "8.8.0"
   # Sets event.created from the @timestamp field generated by filebeat before being overwritten further down
   - set:
       field: event.created
 
@@ -1,34 +1,34 @@
 {
     "@timestamp": "2022-10-24T21:16:52.827Z",
     "agent": {
-        "ephemeral_id": "042ad272-9e5f-4e42-be29-3733a96797a5",
-        "id": "086ffa1b-8e21-4d62-84aa-125408782121",
+        "ephemeral_id": "26875e28-ac90-42f2-bcc9-5969510c2882",
+        "id": "437fe922-4551-429d-a49f-0a4ad40bf297",
         "name": "docker-fleet-agent",
         "type": "filebeat",
-        "version": "8.6.0"
+        "version": "8.8.0"
     },
     "data_stream": {
         "dataset": "1password.audit_events",
         "namespace": "ep",
         "type": "logs"
     },
     "ecs": {
-        "version": "8.7.0"
+        "version": "8.8.0"
     },
     "elastic_agent": {
-        "id": "086ffa1b-8e21-4d62-84aa-125408782121",
+        "id": "437fe922-4551-429d-a49f-0a4ad40bf297",
         "snapshot": false,
-        "version": "8.6.0"
+        "version": "8.8.0"
     },
     "event": {
         "action": "suspend",
         "agent_id_status": "verified",
         "category": [
             "configuration"
         ],
-        "created": "2023-03-23T19:03:48.623Z",
+        "created": "2023-05-30T15:57:13.805Z",
         "dataset": "1password.audit_events",
-        "ingested": "2023-03-23T19:03:49Z",
+        "ingested": "2023-05-30T15:57:17Z",
         "kind": "event",
         "type": [
             "access"
 
@@ -3,7 +3,7 @@
         {
             "@timestamp": "2021-08-30T18:57:42.484Z",
             "ecs": {
-                "version": "8.7.0"
+                "version": "8.8.0"
             },
             "event": {
                 "action": "reveal",
@@ -76,7 +76,7 @@
         {
             "@timestamp": "2021-08-30T19:10:00.123Z",
             "ecs": {
-                "version": "8.7.0"
+                "version": "8.8.0"
             },
             "event": {
                 "category": [
 
@@ -16,7 +16,7 @@ processors:
   #######################
   - set:
       field: ecs.version
-      value: '8.7.0'
+      value: '8.8.0'
   # Sets event.created from the @timestamp field generated by filebeat before being overwritten further down
   - set:
       field: event.created