From c7c60dcbb7f1550b20b4bd88b197ffb53bf2fb72 Mon Sep 17 00:00:00 2001 From: Kavindu Dodanduwa Date: Thu, 6 Feb 2025 14:52:27 -0800 Subject: [PATCH] add s3 start timestamp and ignore older duration to integrations Signed-off-by: Kavindu Dodanduwa # Conflicts: # packages/aws/changelog.yml # packages/aws/manifest.yml # packages/aws_bedrock/changelog.yml # packages/aws_bedrock/manifest.yml # packages/aws_logs/changelog.yml # packages/aws_logs/manifest.yml # packages/symantec_endpoint_security/changelog.yml # Conflicts: # packages/carbon_black_cloud/changelog.yml # packages/carbon_black_cloud/manifest.yml # packages/cloudflare_logpush/changelog.yml # packages/cloudflare_logpush/manifest.yml # packages/f5_bigip/changelog.yml # packages/f5_bigip/manifest.yml # packages/jamf_protect/changelog.yml # packages/jamf_protect/manifest.yml # packages/sentinel_one_cloud_funnel/changelog.yml # packages/sentinel_one_cloud_funnel/manifest.yml # packages/sublime_security/changelog.yml # packages/sublime_security/manifest.yml # packages/symantec_endpoint_security/changelog.yml # packages/symantec_endpoint_security/manifest.yml # packages/tanium/changelog.yml # packages/tanium/manifest.yml # packages/trellix_edr_cloud/changelog.yml # packages/trellix_edr_cloud/manifest.yml # Conflicts: # packages/aws/changelog.yml # packages/aws/manifest.yml # packages/sublime_security/changelog.yml # packages/sublime_security/manifest.yml --- packages/amazon_security_lake/changelog.yml | 5 +++++ .../data_stream/event/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/event/manifest.yml | 14 ++++++++++++++ packages/amazon_security_lake/manifest.yml | 4 ++-- packages/aws/changelog.yml | 5 +++++ .../apigateway_logs/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../aws/data_stream/apigateway_logs/manifest.yml | 14 ++++++++++++++ .../cloudfront_logs/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../aws/data_stream/cloudfront_logs/manifest.yml | 14 ++++++++++++++ .../cloudtrail/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/cloudtrail/manifest.yml | 14 ++++++++++++++ .../ec2_logs/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/ec2_logs/manifest.yml | 14 ++++++++++++++ .../elb_logs/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/elb_logs/manifest.yml | 14 ++++++++++++++ .../emr_logs/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/emr_logs/manifest.yml | 14 ++++++++++++++ .../firewall_logs/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../aws/data_stream/firewall_logs/manifest.yml | 14 ++++++++++++++ .../guardduty/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/guardduty/manifest.yml | 14 ++++++++++++++ .../agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/route53_resolver_logs/manifest.yml | 14 ++++++++++++++ .../s3access/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/s3access/manifest.yml | 14 ++++++++++++++ .../vpcflow/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/vpcflow/manifest.yml | 14 ++++++++++++++ .../data_stream/waf/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/aws/data_stream/waf/manifest.yml | 14 ++++++++++++++ packages/aws/manifest.yml | 4 ++-- packages/aws_bedrock/changelog.yml | 5 +++++ .../invocation/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/invocation/manifest.yml | 14 ++++++++++++++ packages/aws_bedrock/manifest.yml | 4 ++-- packages/aws_logs/changelog.yml | 7 ++++++- .../generic/agent/stream/aws-s3.yml.hbs | 8 ++++++++ packages/aws_logs/data_stream/generic/manifest.yml | 14 ++++++++++++++ packages/aws_logs/manifest.yml | 4 ++-- packages/canva/changelog.yml | 5 +++++ .../data_stream/audit/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/canva/data_stream/audit/manifest.yml | 14 ++++++++++++++ packages/canva/manifest.yml | 4 ++-- packages/carbon_black_cloud/changelog.yml | 5 +++++ .../data_stream/alert/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/alert/manifest.yml | 14 ++++++++++++++ .../alert_v7/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/alert_v7/manifest.yml | 14 ++++++++++++++ .../endpoint_event/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/endpoint_event/manifest.yml | 14 ++++++++++++++ .../watchlist_hit/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/watchlist_hit/manifest.yml | 14 ++++++++++++++ packages/carbon_black_cloud/manifest.yml | 4 ++-- packages/cisco_umbrella/changelog.yml | 5 +++++ .../data_stream/log/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../cisco_umbrella/data_stream/log/manifest.yml | 14 ++++++++++++++ packages/cisco_umbrella/manifest.yml | 4 ++-- packages/cloudflare_logpush/changelog.yml | 5 +++++ .../access_request/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/access_request/manifest.yml | 14 ++++++++++++++ .../data_stream/audit/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/audit/manifest.yml | 14 ++++++++++++++ .../data_stream/casb/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/casb/manifest.yml | 14 ++++++++++++++ .../device_posture/agent/stream/aws-s3.yml.hbs | 9 +++++++++ .../data_stream/dns/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/dns/manifest.yml | 14 ++++++++++++++ .../dns_firewall/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../firewall_event/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../gateway_dns/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../gateway_http/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../gateway_network/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../http_request/agent/stream/aws-s3.yml.hbs | 9 +++++++++ .../magic_ids/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/magic_ids/manifest.yml | 14 ++++++++++++++ .../nel_report/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/nel_report/manifest.yml | 14 ++++++++++++++ .../network_analytics/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/network_analytics/manifest.yml | 14 ++++++++++++++ .../network_session/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/network_session/manifest.yml | 14 ++++++++++++++ .../sinkhole_http/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/sinkhole_http/manifest.yml | 14 ++++++++++++++ .../spectrum_event/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/spectrum_event/manifest.yml | 14 ++++++++++++++ .../workers_trace/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/workers_trace/manifest.yml | 14 ++++++++++++++ packages/cloudflare_logpush/manifest.yml | 4 ++-- packages/f5_bigip/changelog.yml | 5 +++++ .../data_stream/log/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/f5_bigip/data_stream/log/manifest.yml | 14 ++++++++++++++ packages/f5_bigip/manifest.yml | 4 ++-- packages/imperva_cloud_waf/changelog.yml | 5 +++++ .../data_stream/event/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/event/manifest.yml | 14 ++++++++++++++ packages/imperva_cloud_waf/manifest.yml | 4 ++-- packages/jamf_protect/changelog.yml | 5 +++++ .../data_stream/alerts/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../jamf_protect/data_stream/alerts/manifest.yml | 14 ++++++++++++++ .../telemetry/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/telemetry/manifest.yml | 14 ++++++++++++++ .../telemetry_legacy/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/telemetry_legacy/manifest.yml | 14 ++++++++++++++ .../web_threat_events/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/web_threat_events/manifest.yml | 14 ++++++++++++++ .../web_traffic_events/agent/stream/aws-s3.yml.hbs | 8 ++++++++ .../data_stream/web_traffic_events/manifest.yml | 14 ++++++++++++++ packages/jamf_protect/manifest.yml | 4 ++-- packages/sentinel_one_cloud_funnel/changelog.yml | 5 +++++ .../data_stream/event/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/event/manifest.yml | 14 ++++++++++++++ packages/sentinel_one_cloud_funnel/manifest.yml | 4 ++-- packages/servicenow/changelog.yml | 5 +++++ .../data_stream/event/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/servicenow/data_stream/event/manifest.yml | 14 ++++++++++++++ packages/servicenow/manifest.yml | 4 ++-- packages/sublime_security/changelog.yml | 5 +++++ .../data_stream/audit/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../email_message/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/email_message/manifest.yml | 14 ++++++++++++++ .../message_event/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/message_event/manifest.yml | 14 ++++++++++++++ packages/sublime_security/manifest.yml | 4 ++-- packages/symantec_endpoint_security/changelog.yml | 5 +++++ .../data_stream/event/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/event/manifest.yml | 14 ++++++++++++++ packages/symantec_endpoint_security/manifest.yml | 4 ++-- packages/tanium/changelog.yml | 5 +++++ .../action_history/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../tanium/data_stream/action_history/manifest.yml | 14 ++++++++++++++ .../client_status/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../tanium/data_stream/client_status/manifest.yml | 14 ++++++++++++++ .../discover/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/tanium/data_stream/discover/manifest.yml | 14 ++++++++++++++ .../endpoint_config/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/endpoint_config/manifest.yml | 14 ++++++++++++++ .../reporting/agent/stream/aws-s3.yml.hbs | 6 ++++++ packages/tanium/data_stream/reporting/manifest.yml | 14 ++++++++++++++ .../threat_response/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/threat_response/manifest.yml | 14 ++++++++++++++ packages/tanium/manifest.yml | 4 ++-- packages/trellix_edr_cloud/changelog.yml | 5 +++++ .../data_stream/event/agent/stream/aws-s3.yml.hbs | 6 ++++++ .../data_stream/event/manifest.yml | 14 ++++++++++++++ packages/trellix_edr_cloud/manifest.yml | 4 ++-- 144 files changed, 1240 insertions(+), 35 deletions(-) diff --git a/packages/amazon_security_lake/changelog.yml b/packages/amazon_security_lake/changelog.yml index 6087e0693f5..a438320ad31 100644 --- a/packages/amazon_security_lake/changelog.yml +++ b/packages/amazon_security_lake/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "2.3.1" changes: - description: Updated SSL description to be uniform and to include links to documentation. diff --git a/packages/amazon_security_lake/data_stream/event/agent/stream/aws-s3.yml.hbs b/packages/amazon_security_lake/data_stream/event/agent/stream/aws-s3.yml.hbs index 2f3400105f0..51e5afac1e9 100644 --- a/packages/amazon_security_lake/data_stream/event/agent/stream/aws-s3.yml.hbs +++ b/packages/amazon_security_lake/data_stream/event/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/amazon_security_lake/data_stream/event/manifest.yml b/packages/amazon_security_lake/data_stream/event/manifest.yml index a2044f5a25b..2b74e23c1c7 100644 --- a/packages/amazon_security_lake/data_stream/event/manifest.yml +++ b/packages/amazon_security_lake/data_stream/event/manifest.yml @@ -92,6 +92,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. It is a required parameter for collecting logs via the AWS S3 Bucket. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: queue_url type: text title: "[SQS] Queue URL" diff --git a/packages/amazon_security_lake/manifest.yml b/packages/amazon_security_lake/manifest.yml index a358632df07..a4558b58903 100644 --- a/packages/amazon_security_lake/manifest.yml +++ b/packages/amazon_security_lake/manifest.yml @@ -1,13 +1,13 @@ format_version: "3.0.3" name: amazon_security_lake title: Amazon Security Lake -version: "2.3.1" +version: "2.4.0" description: Collect logs from Amazon Security Lake with Elastic Agent. type: integration categories: ["aws", "security"] conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" elastic: subscription: basic screenshots: diff --git a/packages/aws/changelog.yml b/packages/aws/changelog.yml index 1a76e9999f3..46d8d8609d1 100644 --- a/packages/aws/changelog.yml +++ b/packages/aws/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.42.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "2.41.1" changes: - description: Updated SSL description to be uniform and to include links to documentation. diff --git a/packages/aws/data_stream/apigateway_logs/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/apigateway_logs/agent/stream/aws-s3.yml.hbs index 66e3c2e291b..674ac2280ee 100644 --- a/packages/aws/data_stream/apigateway_logs/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/apigateway_logs/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/apigateway_logs/manifest.yml b/packages/aws/data_stream/apigateway_logs/manifest.yml index ef48082b230..971b6c6493e 100644 --- a/packages/aws/data_stream/apigateway_logs/manifest.yml +++ b/packages/aws/data_stream/apigateway_logs/manifest.yml @@ -75,6 +75,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/cloudfront_logs/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/cloudfront_logs/agent/stream/aws-s3.yml.hbs index 287a5b524ef..b3697a136ec 100644 --- a/packages/aws/data_stream/cloudfront_logs/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/cloudfront_logs/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/cloudfront_logs/manifest.yml b/packages/aws/data_stream/cloudfront_logs/manifest.yml index ded5fde9e14..54bdae45afe 100644 --- a/packages/aws/data_stream/cloudfront_logs/manifest.yml +++ b/packages/aws/data_stream/cloudfront_logs/manifest.yml @@ -51,6 +51,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs index f7108fc5f77..3bb8ec738d8 100644 --- a/packages/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/cloudtrail/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/cloudtrail/manifest.yml b/packages/aws/data_stream/cloudtrail/manifest.yml index c826d77e569..a2985e2084b 100644 --- a/packages/aws/data_stream/cloudtrail/manifest.yml +++ b/packages/aws/data_stream/cloudtrail/manifest.yml @@ -28,6 +28,20 @@ streams: required: false show_user: true description: Mandatory if the "Collect logs via S3 Bucket" switch is on. It is a required parameter for collecting logs via the AWS S3 Bucket unless you set a Bucket ARN. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: queue_url type: text title: "[SQS] Queue URL" diff --git a/packages/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs index 34bfdcd9984..08a891bd02c 100644 --- a/packages/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/ec2_logs/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/ec2_logs/manifest.yml b/packages/aws/data_stream/ec2_logs/manifest.yml index c42606cdd2e..bf9c47929e3 100644 --- a/packages/aws/data_stream/ec2_logs/manifest.yml +++ b/packages/aws/data_stream/ec2_logs/manifest.yml @@ -52,6 +52,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs index 34bfdcd9984..08a891bd02c 100644 --- a/packages/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/elb_logs/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/elb_logs/manifest.yml b/packages/aws/data_stream/elb_logs/manifest.yml index aa09dadc48a..8dcbba52f81 100644 --- a/packages/aws/data_stream/elb_logs/manifest.yml +++ b/packages/aws/data_stream/elb_logs/manifest.yml @@ -51,6 +51,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/emr_logs/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/emr_logs/agent/stream/aws-s3.yml.hbs index bc80de3f551..2e68e0cbb11 100644 --- a/packages/aws/data_stream/emr_logs/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/emr_logs/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/emr_logs/manifest.yml b/packages/aws/data_stream/emr_logs/manifest.yml index 3587816c851..a364119cd95 100644 --- a/packages/aws/data_stream/emr_logs/manifest.yml +++ b/packages/aws/data_stream/emr_logs/manifest.yml @@ -29,6 +29,20 @@ streams: required: false show_user: true description: Mandatory if the "Collect logs via S3 Bucket" switch is on. It is a required parameter for collecting logs via the AWS S3 Bucket unless you set a Bucket ARN. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: queue_url type: text title: "[SQS] Queue URL" diff --git a/packages/aws/data_stream/firewall_logs/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/firewall_logs/agent/stream/aws-s3.yml.hbs index 9a9a527ec10..639d11a5270 100644 --- a/packages/aws/data_stream/firewall_logs/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/firewall_logs/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/firewall_logs/manifest.yml b/packages/aws/data_stream/firewall_logs/manifest.yml index 031ba72deda..071699c464c 100644 --- a/packages/aws/data_stream/firewall_logs/manifest.yml +++ b/packages/aws/data_stream/firewall_logs/manifest.yml @@ -51,6 +51,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/guardduty/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/guardduty/agent/stream/aws-s3.yml.hbs index 9c846628a06..6dcf050cbe0 100644 --- a/packages/aws/data_stream/guardduty/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/guardduty/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/guardduty/manifest.yml b/packages/aws/data_stream/guardduty/manifest.yml index 56d3fc8768e..956fe560051 100644 --- a/packages/aws/data_stream/guardduty/manifest.yml +++ b/packages/aws/data_stream/guardduty/manifest.yml @@ -167,6 +167,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: queue_url type: text title: "[SQS] Queue URL" diff --git a/packages/aws/data_stream/route53_resolver_logs/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/route53_resolver_logs/agent/stream/aws-s3.yml.hbs index 99975fa009b..fe827d5404e 100644 --- a/packages/aws/data_stream/route53_resolver_logs/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/route53_resolver_logs/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/route53_resolver_logs/manifest.yml b/packages/aws/data_stream/route53_resolver_logs/manifest.yml index 553b8633c25..f89b850c779 100644 --- a/packages/aws/data_stream/route53_resolver_logs/manifest.yml +++ b/packages/aws/data_stream/route53_resolver_logs/manifest.yml @@ -174,6 +174,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs index 34bfdcd9984..08a891bd02c 100644 --- a/packages/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/s3access/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/s3access/manifest.yml b/packages/aws/data_stream/s3access/manifest.yml index 9dcb9b0ad62..a72b524163f 100644 --- a/packages/aws/data_stream/s3access/manifest.yml +++ b/packages/aws/data_stream/s3access/manifest.yml @@ -51,6 +51,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries older than the given timespan. Timespan is calculated from the current time to processing entry's last modified timestamp. Accepts a time duration like `48h` or `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs index b3090c8cf3d..72afa4a2685 100644 --- a/packages/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/vpcflow/manifest.yml b/packages/aws/data_stream/vpcflow/manifest.yml index 5cae11902bf..7ebdba19429 100644 --- a/packages/aws/data_stream/vpcflow/manifest.yml +++ b/packages/aws/data_stream/vpcflow/manifest.yml @@ -59,6 +59,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries older than the given timespan. Timespan is calculated from the current time to processing entry's last modified timestamp. Accepts a time duration like `48h` or `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs b/packages/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs index 34bfdcd9984..08a891bd02c 100644 --- a/packages/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs +++ b/packages/aws/data_stream/waf/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/aws/data_stream/waf/manifest.yml b/packages/aws/data_stream/waf/manifest.yml index f52af2c88e3..0605f475c3a 100644 --- a/packages/aws/data_stream/waf/manifest.yml +++ b/packages/aws/data_stream/waf/manifest.yml @@ -51,6 +51,20 @@ streams: show_user: false default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries older than the given timespan. Timespan is calculated from the current time to processing entry's last modified timestamp. Accepts a time duration like `48h` or `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml index 889d7064fef..30ac9ebd2b5 100644 --- a/packages/aws/manifest.yml +++ b/packages/aws/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.1 name: aws title: AWS -version: 2.41.1 +version: 2.42.0 description: Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent. type: integration categories: @@ -11,7 +11,7 @@ conditions: elastic: subscription: basic kibana: - version: "^8.16.2 || ^9.0.0" + version: "^8.16.5 || ^9.0.0" screenshots: - src: /img/metricbeat-aws-overview.png title: metricbeat aws overview diff --git a/packages/aws_bedrock/changelog.yml b/packages/aws_bedrock/changelog.yml index 5cfd34e8fb1..e6c773f02c1 100644 --- a/packages/aws_bedrock/changelog.yml +++ b/packages/aws_bedrock/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.1.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.0.1" changes: - description: Add guardrail policy action details in the guardrails dashboard. diff --git a/packages/aws_bedrock/data_stream/invocation/agent/stream/aws-s3.yml.hbs b/packages/aws_bedrock/data_stream/invocation/agent/stream/aws-s3.yml.hbs index ff557e78200..c1eaca3deeb 100644 --- a/packages/aws_bedrock/data_stream/invocation/agent/stream/aws-s3.yml.hbs +++ b/packages/aws_bedrock/data_stream/invocation/agent/stream/aws-s3.yml.hbs @@ -33,6 +33,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless non_aws_bucket_name}} {{#unless access_point_arn}} diff --git a/packages/aws_bedrock/data_stream/invocation/manifest.yml b/packages/aws_bedrock/data_stream/invocation/manifest.yml index 4aedfc11fca..86041f8c5ce 100644 --- a/packages/aws_bedrock/data_stream/invocation/manifest.yml +++ b/packages/aws_bedrock/data_stream/invocation/manifest.yml @@ -171,6 +171,20 @@ streams: default: 1 show_user: true description: Number of workers that will process the S3 objects listed. (Required when `bucket_arn` or `access_point_arn` are set). + - name: start_timestamp + type: text + title: "Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: bucket_list_interval type: text title: Bucket List Interval diff --git a/packages/aws_bedrock/manifest.yml b/packages/aws_bedrock/manifest.yml index 244c85b6de6..bb3f5f4395b 100644 --- a/packages/aws_bedrock/manifest.yml +++ b/packages/aws_bedrock/manifest.yml @@ -3,7 +3,7 @@ name: aws_bedrock title: Amazon Bedrock description: Collect Amazon Bedrock model invocation logs and runtime metrics with Elastic Agent. type: integration -version: "1.0.1" +version: "1.1.0" categories: - aws - cloud @@ -11,7 +11,7 @@ categories: - security conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" elastic: subscription: basic policy_templates: diff --git a/packages/aws_logs/changelog.yml b/packages/aws_logs/changelog.yml index c59c3090d7e..98bc8c17017 100644 --- a/packages/aws_logs/changelog.yml +++ b/packages/aws_logs/changelog.yml @@ -1,6 +1,11 @@ +- version: "1.8.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: 1.7.0 changes: - - description: Add support for Kibana `9.0.0` + - description: Add support for Kibana `9.0.0` type: enhancement link: https://github.com/elastic/integrations/pull/12637 - version: "1.6.1" diff --git a/packages/aws_logs/data_stream/generic/agent/stream/aws-s3.yml.hbs b/packages/aws_logs/data_stream/generic/agent/stream/aws-s3.yml.hbs index 4bace235add..aa51a89e23d 100644 --- a/packages/aws_logs/data_stream/generic/agent/stream/aws-s3.yml.hbs +++ b/packages/aws_logs/data_stream/generic/agent/stream/aws-s3.yml.hbs @@ -31,6 +31,14 @@ When using an S3 bucket, you can specify only one of the following options: number_of_workers: {{ number_of_workers }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{#if bucket_list_prefix }} bucket_list_prefix: {{ bucket_list_prefix }} {{/if}} diff --git a/packages/aws_logs/data_stream/generic/manifest.yml b/packages/aws_logs/data_stream/generic/manifest.yml index 722cddd7509..85b0b28f618 100644 --- a/packages/aws_logs/data_stream/generic/manifest.yml +++ b/packages/aws_logs/data_stream/generic/manifest.yml @@ -185,6 +185,20 @@ streams: default: 1 show_user: true description: Number of workers that will process the S3 objects listed. (Required when `bucket_arn` or `access_point_arn` are set). + - name: start_timestamp + type: text + title: "Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: bucket_list_interval type: text title: Bucket List Interval diff --git a/packages/aws_logs/manifest.yml b/packages/aws_logs/manifest.yml index 631226d9506..ef6b934f14f 100644 --- a/packages/aws_logs/manifest.yml +++ b/packages/aws_logs/manifest.yml @@ -3,7 +3,7 @@ name: aws_logs title: Custom AWS Logs description: Collect raw logs from AWS S3 or CloudWatch with Elastic Agent. type: integration -version: "1.7.0" +version: "1.8.0" categories: - cloud - observability @@ -11,7 +11,7 @@ categories: - aws conditions: kibana: - version: "^8.16.2 || ^9.0.0" + version: "^8.16.5 || ^9.0.0" elastic: subscription: basic policy_templates: diff --git a/packages/canva/changelog.yml b/packages/canva/changelog.yml index 56f0521b7ee..3ca42b72d3b 100644 --- a/packages/canva/changelog.yml +++ b/packages/canva/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.5.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "0.4.1" changes: - description: Updated SSL description to be uniform and to include links to documentation. diff --git a/packages/canva/data_stream/audit/agent/stream/aws-s3.yml.hbs b/packages/canva/data_stream/audit/agent/stream/aws-s3.yml.hbs index 3f86b988ce5..0e16d9fb134 100644 --- a/packages/canva/data_stream/audit/agent/stream/aws-s3.yml.hbs +++ b/packages/canva/data_stream/audit/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} + ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/canva/data_stream/audit/manifest.yml b/packages/canva/data_stream/audit/manifest.yml index dda0efe58f6..22d0047e039 100644 --- a/packages/canva/data_stream/audit/manifest.yml +++ b/packages/canva/data_stream/audit/manifest.yml @@ -118,6 +118,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. It is a required parameter for collecting logs via the AWS S3 Bucket. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/canva/manifest.yml b/packages/canva/manifest.yml index 14debc5a039..2cae87d1a67 100644 --- a/packages/canva/manifest.yml +++ b/packages/canva/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: canva title: Canva -version: 0.4.1 +version: 0.5.0 description: Collect logs from Canva with Elastic Agent. type: integration categories: @@ -9,7 +9,7 @@ categories: - productivity conditions: kibana: - version: ^8.16.2 + version: ^8.16.5 elastic: subscription: basic screenshots: diff --git a/packages/carbon_black_cloud/changelog.yml b/packages/carbon_black_cloud/changelog.yml index 95f61c9f17f..1d9a7508294 100644 --- a/packages/carbon_black_cloud/changelog.yml +++ b/packages/carbon_black_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.9.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "2.8.1" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/carbon_black_cloud/data_stream/alert/agent/stream/aws-s3.yml.hbs b/packages/carbon_black_cloud/data_stream/alert/agent/stream/aws-s3.yml.hbs index fe7c6032e3e..f02b77eb69c 100644 --- a/packages/carbon_black_cloud/data_stream/alert/agent/stream/aws-s3.yml.hbs +++ b/packages/carbon_black_cloud/data_stream/alert/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/carbon_black_cloud/data_stream/alert/manifest.yml b/packages/carbon_black_cloud/data_stream/alert/manifest.yml index e26492ade74..90e5a95b5b4 100644 --- a/packages/carbon_black_cloud/data_stream/alert/manifest.yml +++ b/packages/carbon_black_cloud/data_stream/alert/manifest.yml @@ -93,6 +93,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/carbon_black_cloud/data_stream/alert_v7/agent/stream/aws-s3.yml.hbs b/packages/carbon_black_cloud/data_stream/alert_v7/agent/stream/aws-s3.yml.hbs index fe7c6032e3e..f02b77eb69c 100644 --- a/packages/carbon_black_cloud/data_stream/alert_v7/agent/stream/aws-s3.yml.hbs +++ b/packages/carbon_black_cloud/data_stream/alert_v7/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/carbon_black_cloud/data_stream/alert_v7/manifest.yml b/packages/carbon_black_cloud/data_stream/alert_v7/manifest.yml index 4b57708a811..e9c01116875 100644 --- a/packages/carbon_black_cloud/data_stream/alert_v7/manifest.yml +++ b/packages/carbon_black_cloud/data_stream/alert_v7/manifest.yml @@ -93,6 +93,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/carbon_black_cloud/data_stream/endpoint_event/agent/stream/aws-s3.yml.hbs b/packages/carbon_black_cloud/data_stream/endpoint_event/agent/stream/aws-s3.yml.hbs index dfb5b5b7ad0..18e0f791002 100644 --- a/packages/carbon_black_cloud/data_stream/endpoint_event/agent/stream/aws-s3.yml.hbs +++ b/packages/carbon_black_cloud/data_stream/endpoint_event/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/carbon_black_cloud/data_stream/endpoint_event/manifest.yml b/packages/carbon_black_cloud/data_stream/endpoint_event/manifest.yml index b258e250f87..cbc261d2429 100644 --- a/packages/carbon_black_cloud/data_stream/endpoint_event/manifest.yml +++ b/packages/carbon_black_cloud/data_stream/endpoint_event/manifest.yml @@ -39,6 +39,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/carbon_black_cloud/data_stream/watchlist_hit/agent/stream/aws-s3.yml.hbs b/packages/carbon_black_cloud/data_stream/watchlist_hit/agent/stream/aws-s3.yml.hbs index dbab0f3ba22..0c9eb2710be 100644 --- a/packages/carbon_black_cloud/data_stream/watchlist_hit/agent/stream/aws-s3.yml.hbs +++ b/packages/carbon_black_cloud/data_stream/watchlist_hit/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/carbon_black_cloud/data_stream/watchlist_hit/manifest.yml b/packages/carbon_black_cloud/data_stream/watchlist_hit/manifest.yml index 717f0f38075..9aeaeb1b827 100644 --- a/packages/carbon_black_cloud/data_stream/watchlist_hit/manifest.yml +++ b/packages/carbon_black_cloud/data_stream/watchlist_hit/manifest.yml @@ -39,6 +39,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/carbon_black_cloud/manifest.yml b/packages/carbon_black_cloud/manifest.yml index 51c20662d83..275d7ae2049 100644 --- a/packages/carbon_black_cloud/manifest.yml +++ b/packages/carbon_black_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: carbon_black_cloud title: VMware Carbon Black Cloud -version: "2.8.1" +version: "2.9.0" description: Collect logs from VMWare Carbon Black Cloud with Elastic Agent. type: integration categories: @@ -9,7 +9,7 @@ categories: - edr_xdr conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" screenshots: - src: /img/carbon_black_cloud-screenshot.png title: Carbon Black Cloud alert dashboard screenshot diff --git a/packages/cisco_umbrella/changelog.yml b/packages/cisco_umbrella/changelog.yml index 0f0ee77a0ac..902e35cc950 100644 --- a/packages/cisco_umbrella/changelog.yml +++ b/packages/cisco_umbrella/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.29.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.28.0" changes: - description: Add support for Access Point ARN when collecting logs via the AWS S3 Bucket. diff --git a/packages/cisco_umbrella/data_stream/log/agent/stream/aws-s3.yml.hbs b/packages/cisco_umbrella/data_stream/log/agent/stream/aws-s3.yml.hbs index 0fb264cec64..5d07095597d 100644 --- a/packages/cisco_umbrella/data_stream/log/agent/stream/aws-s3.yml.hbs +++ b/packages/cisco_umbrella/data_stream/log/agent/stream/aws-s3.yml.hbs @@ -9,6 +9,12 @@ access_point_arn: {{access_point_arn}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}}/ {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{#if file_selectors}} file_selectors: {{file_selectors}} diff --git a/packages/cisco_umbrella/data_stream/log/manifest.yml b/packages/cisco_umbrella/data_stream/log/manifest.yml index 6a6bfedc560..843386883ad 100644 --- a/packages/cisco_umbrella/data_stream/log/manifest.yml +++ b/packages/cisco_umbrella/data_stream/log/manifest.yml @@ -52,6 +52,20 @@ streams: show_user: true default: 1 description: Required for Cisco Managed S3. Number of workers that will process the S3 objects listed. Minimum is 1. + - name: start_timestamp + type: text + title: "Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: bucket_list_interval type: text title: Bucket List Interval diff --git a/packages/cisco_umbrella/manifest.yml b/packages/cisco_umbrella/manifest.yml index bb6e25a7b37..78342e03d2d 100644 --- a/packages/cisco_umbrella/manifest.yml +++ b/packages/cisco_umbrella/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cisco_umbrella title: Cisco Umbrella -version: "1.28.0" +version: "1.29.0" description: Collect logs from Cisco Umbrella with Elastic Agent. type: integration categories: @@ -10,7 +10,7 @@ categories: - dns_security conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" icons: - src: /img/cisco.svg title: cisco diff --git a/packages/cloudflare_logpush/changelog.yml b/packages/cloudflare_logpush/changelog.yml index 171617b688e..ff50a1e407a 100644 --- a/packages/cloudflare_logpush/changelog.yml +++ b/packages/cloudflare_logpush/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.35.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.34.1" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/cloudflare_logpush/data_stream/access_request/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/access_request/agent/stream/aws-s3.yml.hbs index 2b8cc3bb855..3ca35f8fa4a 100644 --- a/packages/cloudflare_logpush/data_stream/access_request/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/access_request/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_access_request}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/access_request/manifest.yml b/packages/cloudflare_logpush/data_stream/access_request/manifest.yml index ef4e0653c87..ae3a636f819 100644 --- a/packages/cloudflare_logpush/data_stream/access_request/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/access_request/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/audit/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/audit/agent/stream/aws-s3.yml.hbs index d2668306d95..5fd41e4ba44 100644 --- a/packages/cloudflare_logpush/data_stream/audit/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/audit/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_audit}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/audit/manifest.yml b/packages/cloudflare_logpush/data_stream/audit/manifest.yml index 77660a70ea5..3dfa79df676 100644 --- a/packages/cloudflare_logpush/data_stream/audit/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/audit/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/casb/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/casb/agent/stream/aws-s3.yml.hbs index 282e1e4bdb2..87179ead237 100644 --- a/packages/cloudflare_logpush/data_stream/casb/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/casb/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_casb}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/casb/manifest.yml b/packages/cloudflare_logpush/data_stream/casb/manifest.yml index 1427ca17990..782c1ae67a2 100644 --- a/packages/cloudflare_logpush/data_stream/casb/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/casb/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/device_posture/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/device_posture/agent/stream/aws-s3.yml.hbs index 50b8bb58c58..71cb81cb44a 100644 --- a/packages/cloudflare_logpush/data_stream/device_posture/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/device_posture/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,15 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_device_posture}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/dns/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/dns/agent/stream/aws-s3.yml.hbs index bd5e4b3aebc..0da92ebf129 100644 --- a/packages/cloudflare_logpush/data_stream/dns/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/dns/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_dns}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/dns/manifest.yml b/packages/cloudflare_logpush/data_stream/dns/manifest.yml index a649e907b99..adfd97d6b13 100644 --- a/packages/cloudflare_logpush/data_stream/dns/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/dns/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/dns_firewall/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/dns_firewall/agent/stream/aws-s3.yml.hbs index e67d21ffe29..984f70adc96 100644 --- a/packages/cloudflare_logpush/data_stream/dns_firewall/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/dns_firewall/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_dns_firewall}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/firewall_event/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/firewall_event/agent/stream/aws-s3.yml.hbs index cb938b515fe..306d76c71f1 100644 --- a/packages/cloudflare_logpush/data_stream/firewall_event/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/firewall_event/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_firewall_event}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/gateway_dns/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/gateway_dns/agent/stream/aws-s3.yml.hbs index f046eac539c..5cfaf5feefa 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_dns/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/gateway_dns/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_gateway_dns}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/gateway_http/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/gateway_http/agent/stream/aws-s3.yml.hbs index a407a5ca10d..670a1ac3401 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_http/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/gateway_http/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_gateway_http}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/gateway_network/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/gateway_network/agent/stream/aws-s3.yml.hbs index 7b4d553b880..721a93ca61d 100644 --- a/packages/cloudflare_logpush/data_stream/gateway_network/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/gateway_network/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_gateway_network}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/http_request/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/http_request/agent/stream/aws-s3.yml.hbs index 8f3d8af92f7..306bc89f624 100644 --- a/packages/cloudflare_logpush/data_stream/http_request/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/http_request/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,15 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_http_request}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/magic_ids/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/magic_ids/agent/stream/aws-s3.yml.hbs index e299dc5bbaa..d8df996faed 100644 --- a/packages/cloudflare_logpush/data_stream/magic_ids/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/magic_ids/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_magic_ids}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/magic_ids/manifest.yml b/packages/cloudflare_logpush/data_stream/magic_ids/manifest.yml index 4c543025397..7f285108470 100644 --- a/packages/cloudflare_logpush/data_stream/magic_ids/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/magic_ids/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/nel_report/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/nel_report/agent/stream/aws-s3.yml.hbs index 52139e5a7d5..1e72ad4ca14 100644 --- a/packages/cloudflare_logpush/data_stream/nel_report/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/nel_report/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_nel_report}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/nel_report/manifest.yml b/packages/cloudflare_logpush/data_stream/nel_report/manifest.yml index 46a0be2dfb9..1ec3dd33750 100644 --- a/packages/cloudflare_logpush/data_stream/nel_report/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/nel_report/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/network_analytics/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/network_analytics/agent/stream/aws-s3.yml.hbs index 9fb821c1387..0e844952c14 100644 --- a/packages/cloudflare_logpush/data_stream/network_analytics/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/network_analytics/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_network_analytics}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/network_analytics/manifest.yml b/packages/cloudflare_logpush/data_stream/network_analytics/manifest.yml index 80b0f7c7fb7..462c414ed44 100644 --- a/packages/cloudflare_logpush/data_stream/network_analytics/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/network_analytics/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/network_session/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/network_session/agent/stream/aws-s3.yml.hbs index e0de152cef9..6e388e9f99b 100644 --- a/packages/cloudflare_logpush/data_stream/network_session/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/network_session/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_network_session}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/network_session/manifest.yml b/packages/cloudflare_logpush/data_stream/network_session/manifest.yml index 12b58e96b59..b1066dc44ce 100644 --- a/packages/cloudflare_logpush/data_stream/network_session/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/network_session/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/sinkhole_http/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/sinkhole_http/agent/stream/aws-s3.yml.hbs index 331544ccbca..48942109921 100644 --- a/packages/cloudflare_logpush/data_stream/sinkhole_http/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/sinkhole_http/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_sinkhole_http}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/sinkhole_http/manifest.yml b/packages/cloudflare_logpush/data_stream/sinkhole_http/manifest.yml index 43dd7702c84..968649ce034 100644 --- a/packages/cloudflare_logpush/data_stream/sinkhole_http/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/sinkhole_http/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/spectrum_event/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/spectrum_event/agent/stream/aws-s3.yml.hbs index adc38601da5..a94cdab6c3d 100644 --- a/packages/cloudflare_logpush/data_stream/spectrum_event/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/spectrum_event/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_spectrum_event}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/spectrum_event/manifest.yml b/packages/cloudflare_logpush/data_stream/spectrum_event/manifest.yml index c6c7b89e643..ce2f44d1c27 100644 --- a/packages/cloudflare_logpush/data_stream/spectrum_event/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/spectrum_event/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/data_stream/workers_trace/agent/stream/aws-s3.yml.hbs b/packages/cloudflare_logpush/data_stream/workers_trace/agent/stream/aws-s3.yml.hbs index 424d0e423c6..47b2e32df9a 100644 --- a/packages/cloudflare_logpush/data_stream/workers_trace/agent/stream/aws-s3.yml.hbs +++ b/packages/cloudflare_logpush/data_stream/workers_trace/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless cloudflare_r2_workers_trace}} {{#unless cloudflare_r2}} diff --git a/packages/cloudflare_logpush/data_stream/workers_trace/manifest.yml b/packages/cloudflare_logpush/data_stream/workers_trace/manifest.yml index 2363b0726b4..008f91ed80d 100644 --- a/packages/cloudflare_logpush/data_stream/workers_trace/manifest.yml +++ b/packages/cloudflare_logpush/data_stream/workers_trace/manifest.yml @@ -121,6 +121,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/cloudflare_logpush/manifest.yml b/packages/cloudflare_logpush/manifest.yml index 8d90d2248b0..7ec4458367c 100644 --- a/packages/cloudflare_logpush/manifest.yml +++ b/packages/cloudflare_logpush/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cloudflare_logpush title: Cloudflare Logpush -version: "1.34.1" +version: "1.35.0" description: Collect and parse logs from Cloudflare API with Elastic Agent. type: integration categories: @@ -10,7 +10,7 @@ categories: - cdn_security conditions: kibana: - version: "^8.16.2 || ^9.0.0" + version: "^8.16.5 || ^9.0.0" screenshots: - src: /img/cloudflare_logpush-overview1.png title: Cloudflare Logpush - Zero Trust Overview diff --git a/packages/f5_bigip/changelog.yml b/packages/f5_bigip/changelog.yml index a60cf74e109..499c133881f 100644 --- a/packages/f5_bigip/changelog.yml +++ b/packages/f5_bigip/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.26.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.25.1" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/f5_bigip/data_stream/log/agent/stream/aws-s3.yml.hbs b/packages/f5_bigip/data_stream/log/agent/stream/aws-s3.yml.hbs index 0f374456817..141bd8c7d06 100644 --- a/packages/f5_bigip/data_stream/log/agent/stream/aws-s3.yml.hbs +++ b/packages/f5_bigip/data_stream/log/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/f5_bigip/data_stream/log/manifest.yml b/packages/f5_bigip/data_stream/log/manifest.yml index aad44200467..2939602337a 100644 --- a/packages/f5_bigip/data_stream/log/manifest.yml +++ b/packages/f5_bigip/data_stream/log/manifest.yml @@ -85,6 +85,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/f5_bigip/manifest.yml b/packages/f5_bigip/manifest.yml index 6d607ed88a6..66113bf9498 100644 --- a/packages/f5_bigip/manifest.yml +++ b/packages/f5_bigip/manifest.yml @@ -1,14 +1,14 @@ format_version: "3.0.2" name: f5_bigip title: F5 BIG-IP -version: "1.25.1" +version: "1.26.0" description: Collect logs from F5 BIG-IP with Elastic Agent. type: integration categories: - security conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" elastic: subscription: basic screenshots: diff --git a/packages/imperva_cloud_waf/changelog.yml b/packages/imperva_cloud_waf/changelog.yml index b13d3814d54..215497eeb0d 100644 --- a/packages/imperva_cloud_waf/changelog.yml +++ b/packages/imperva_cloud_waf/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.6.2" changes: - description: Fix error message formatting syntax in agent configuration. diff --git a/packages/imperva_cloud_waf/data_stream/event/agent/stream/aws-s3.yml.hbs b/packages/imperva_cloud_waf/data_stream/event/agent/stream/aws-s3.yml.hbs index 82a11634eff..893051264e6 100644 --- a/packages/imperva_cloud_waf/data_stream/event/agent/stream/aws-s3.yml.hbs +++ b/packages/imperva_cloud_waf/data_stream/event/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/imperva_cloud_waf/data_stream/event/manifest.yml b/packages/imperva_cloud_waf/data_stream/event/manifest.yml index 74d89e866a2..b2fb5d6b771 100644 --- a/packages/imperva_cloud_waf/data_stream/event/manifest.yml +++ b/packages/imperva_cloud_waf/data_stream/event/manifest.yml @@ -195,6 +195,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. It is a required parameter for collecting logs via the AWS S3 Bucket. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: queue_url type: text title: "[SQS] Queue URL" diff --git a/packages/imperva_cloud_waf/manifest.yml b/packages/imperva_cloud_waf/manifest.yml index 02e9a8f1a05..e6050d4fa9b 100644 --- a/packages/imperva_cloud_waf/manifest.yml +++ b/packages/imperva_cloud_waf/manifest.yml @@ -1,14 +1,14 @@ format_version: 3.0.3 name: imperva_cloud_waf title: Imperva Cloud WAF -version: "1.6.2" +version: "1.7.0" description: Collect logs from Imperva Cloud WAF with Elastic Agent. type: integration categories: - security conditions: kibana: - version: ^8.16.2 + version: ^8.16.5 elastic: subscription: basic screenshots: diff --git a/packages/jamf_protect/changelog.yml b/packages/jamf_protect/changelog.yml index 657f9e3973b..008f347acd6 100644 --- a/packages/jamf_protect/changelog.yml +++ b/packages/jamf_protect/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.10.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "2.9.2" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/jamf_protect/data_stream/alerts/agent/stream/aws-s3.yml.hbs b/packages/jamf_protect/data_stream/alerts/agent/stream/aws-s3.yml.hbs index 664deb76a6b..62a01563a07 100644 --- a/packages/jamf_protect/data_stream/alerts/agent/stream/aws-s3.yml.hbs +++ b/packages/jamf_protect/data_stream/alerts/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless jamf_protect_bucket_name}} {{#unless global_bucket_name}} diff --git a/packages/jamf_protect/data_stream/alerts/manifest.yml b/packages/jamf_protect/data_stream/alerts/manifest.yml index 3f6a18f7bb6..31090f70f3e 100644 --- a/packages/jamf_protect/data_stream/alerts/manifest.yml +++ b/packages/jamf_protect/data_stream/alerts/manifest.yml @@ -98,6 +98,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/jamf_protect/data_stream/telemetry/agent/stream/aws-s3.yml.hbs b/packages/jamf_protect/data_stream/telemetry/agent/stream/aws-s3.yml.hbs index 95ca775c7af..1a5aba4ccab 100644 --- a/packages/jamf_protect/data_stream/telemetry/agent/stream/aws-s3.yml.hbs +++ b/packages/jamf_protect/data_stream/telemetry/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless jamf_protect_bucket_name}} {{#unless global_bucket_name}} diff --git a/packages/jamf_protect/data_stream/telemetry/manifest.yml b/packages/jamf_protect/data_stream/telemetry/manifest.yml index a64e15eeba0..a758dae0f0a 100644 --- a/packages/jamf_protect/data_stream/telemetry/manifest.yml +++ b/packages/jamf_protect/data_stream/telemetry/manifest.yml @@ -98,6 +98,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/jamf_protect/data_stream/telemetry_legacy/agent/stream/aws-s3.yml.hbs b/packages/jamf_protect/data_stream/telemetry_legacy/agent/stream/aws-s3.yml.hbs index 10fa94ba174..dfcce63ce61 100644 --- a/packages/jamf_protect/data_stream/telemetry_legacy/agent/stream/aws-s3.yml.hbs +++ b/packages/jamf_protect/data_stream/telemetry_legacy/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless jamf_protect_bucket_name}} {{#unless global_bucket_name}} diff --git a/packages/jamf_protect/data_stream/telemetry_legacy/manifest.yml b/packages/jamf_protect/data_stream/telemetry_legacy/manifest.yml index c9448ea7d1e..ddd68da00f2 100644 --- a/packages/jamf_protect/data_stream/telemetry_legacy/manifest.yml +++ b/packages/jamf_protect/data_stream/telemetry_legacy/manifest.yml @@ -98,6 +98,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/jamf_protect/data_stream/web_threat_events/agent/stream/aws-s3.yml.hbs b/packages/jamf_protect/data_stream/web_threat_events/agent/stream/aws-s3.yml.hbs index 52878e551e3..143f8e52964 100644 --- a/packages/jamf_protect/data_stream/web_threat_events/agent/stream/aws-s3.yml.hbs +++ b/packages/jamf_protect/data_stream/web_threat_events/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless jamf_protect_bucket_name}} {{#unless global_bucket_name}} diff --git a/packages/jamf_protect/data_stream/web_threat_events/manifest.yml b/packages/jamf_protect/data_stream/web_threat_events/manifest.yml index df37b36aa51..5ceb92a2de3 100644 --- a/packages/jamf_protect/data_stream/web_threat_events/manifest.yml +++ b/packages/jamf_protect/data_stream/web_threat_events/manifest.yml @@ -107,6 +107,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/jamf_protect/data_stream/web_traffic_events/agent/stream/aws-s3.yml.hbs b/packages/jamf_protect/data_stream/web_traffic_events/agent/stream/aws-s3.yml.hbs index 921d634105e..5bef24019cb 100644 --- a/packages/jamf_protect/data_stream/web_traffic_events/agent/stream/aws-s3.yml.hbs +++ b/packages/jamf_protect/data_stream/web_traffic_events/agent/stream/aws-s3.yml.hbs @@ -21,6 +21,14 @@ bucket_list_prefix: {{ bucket_list_prefix }} bucket_list_interval: {{ bucket_list_interval }} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} + +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} + {{! AWS S3 bucket ARN options }} {{#unless jamf_protect_bucket_name}} {{#unless global_bucket_name}} diff --git a/packages/jamf_protect/data_stream/web_traffic_events/manifest.yml b/packages/jamf_protect/data_stream/web_traffic_events/manifest.yml index 06505547bd6..b9e3e9af07d 100644 --- a/packages/jamf_protect/data_stream/web_traffic_events/manifest.yml +++ b/packages/jamf_protect/data_stream/web_traffic_events/manifest.yml @@ -107,6 +107,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/jamf_protect/manifest.yml b/packages/jamf_protect/manifest.yml index 92aeb6adbfa..d5eef9fb3a6 100644 --- a/packages/jamf_protect/manifest.yml +++ b/packages/jamf_protect/manifest.yml @@ -1,14 +1,14 @@ format_version: 3.0.3 name: jamf_protect title: Jamf Protect -version: "2.9.2" +version: "2.10.0" description: Receives events from Jamf Protect with Elastic Agent. type: integration categories: - security conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" screenshots: - src: /img/jamfprotect_kibana.png title: Jamf Protect Kibana diff --git a/packages/sentinel_one_cloud_funnel/changelog.yml b/packages/sentinel_one_cloud_funnel/changelog.yml index 42084f94829..25c32ff3101 100644 --- a/packages/sentinel_one_cloud_funnel/changelog.yml +++ b/packages/sentinel_one_cloud_funnel/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.9.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.8.2" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/sentinel_one_cloud_funnel/data_stream/event/agent/stream/aws-s3.yml.hbs b/packages/sentinel_one_cloud_funnel/data_stream/event/agent/stream/aws-s3.yml.hbs index 81a815bb532..9a9b967d04e 100644 --- a/packages/sentinel_one_cloud_funnel/data_stream/event/agent/stream/aws-s3.yml.hbs +++ b/packages/sentinel_one_cloud_funnel/data_stream/event/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/sentinel_one_cloud_funnel/data_stream/event/manifest.yml b/packages/sentinel_one_cloud_funnel/data_stream/event/manifest.yml index bd71b5b0191..a0de2193848 100644 --- a/packages/sentinel_one_cloud_funnel/data_stream/event/manifest.yml +++ b/packages/sentinel_one_cloud_funnel/data_stream/event/manifest.yml @@ -39,6 +39,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/sentinel_one_cloud_funnel/manifest.yml b/packages/sentinel_one_cloud_funnel/manifest.yml index 3287a7d55f0..b9bdf8b2ecd 100644 --- a/packages/sentinel_one_cloud_funnel/manifest.yml +++ b/packages/sentinel_one_cloud_funnel/manifest.yml @@ -1,13 +1,13 @@ format_version: "3.0.2" name: sentinel_one_cloud_funnel title: SentinelOne Cloud Funnel -version: "1.8.2" +version: "1.9.0" description: Collect logs from SentinelOne Cloud Funnel with Elastic Agent. type: integration categories: ["security", "edr_xdr"] conditions: kibana: - version: ^8.16.2 + version: ^8.16.5 elastic: subscription: basic screenshots: diff --git a/packages/servicenow/changelog.yml b/packages/servicenow/changelog.yml index 7ad63dda95c..c5e85dbd6eb 100644 --- a/packages/servicenow/changelog.yml +++ b/packages/servicenow/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.10.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "0.9.1" changes: - description: Updated SSL description to be uniform and to include links to documentation. diff --git a/packages/servicenow/data_stream/event/agent/stream/aws-s3.yml.hbs b/packages/servicenow/data_stream/event/agent/stream/aws-s3.yml.hbs index bd2d6dd44c0..e33c0cdfcd4 100644 --- a/packages/servicenow/data_stream/event/agent/stream/aws-s3.yml.hbs +++ b/packages/servicenow/data_stream/event/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/servicenow/data_stream/event/manifest.yml b/packages/servicenow/data_stream/event/manifest.yml index e9541533dc9..b7b03671be8 100644 --- a/packages/servicenow/data_stream/event/manifest.yml +++ b/packages/servicenow/data_stream/event/manifest.yml @@ -250,6 +250,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: '[SQS] Visibility Timeout' diff --git a/packages/servicenow/manifest.yml b/packages/servicenow/manifest.yml index 9751cd62627..45fe6e03971 100644 --- a/packages/servicenow/manifest.yml +++ b/packages/servicenow/manifest.yml @@ -1,14 +1,14 @@ format_version: 3.2.1 name: servicenow title: "ServiceNow" -version: 0.9.1 +version: 0.10.0 description: "Collect logs from ServiceNow with Elastic Agent." type: integration categories: - security conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" elastic: subscription: "basic" screenshots: diff --git a/packages/sublime_security/changelog.yml b/packages/sublime_security/changelog.yml index 9116894c1fd..a5f9d175456 100644 --- a/packages/sublime_security/changelog.yml +++ b/packages/sublime_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.5.2" changes: - description: Fix `sublime_security.email_message.headers.hops.fields` group mappings. diff --git a/packages/sublime_security/data_stream/audit/agent/stream/aws-s3.yml.hbs b/packages/sublime_security/data_stream/audit/agent/stream/aws-s3.yml.hbs index 8c001d18ce5..09b6d9aa716 100644 --- a/packages/sublime_security/data_stream/audit/agent/stream/aws-s3.yml.hbs +++ b/packages/sublime_security/data_stream/audit/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/sublime_security/data_stream/email_message/agent/stream/aws-s3.yml.hbs b/packages/sublime_security/data_stream/email_message/agent/stream/aws-s3.yml.hbs index 3978b9354de..667119aca05 100644 --- a/packages/sublime_security/data_stream/email_message/agent/stream/aws-s3.yml.hbs +++ b/packages/sublime_security/data_stream/email_message/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/sublime_security/data_stream/email_message/manifest.yml b/packages/sublime_security/data_stream/email_message/manifest.yml index 54d53034931..b902c952aab 100644 --- a/packages/sublime_security/data_stream/email_message/manifest.yml +++ b/packages/sublime_security/data_stream/email_message/manifest.yml @@ -44,6 +44,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: queue_url type: text title: '[SQS] Queue URL' diff --git a/packages/sublime_security/data_stream/message_event/agent/stream/aws-s3.yml.hbs b/packages/sublime_security/data_stream/message_event/agent/stream/aws-s3.yml.hbs index 8c001d18ce5..09b6d9aa716 100644 --- a/packages/sublime_security/data_stream/message_event/agent/stream/aws-s3.yml.hbs +++ b/packages/sublime_security/data_stream/message_event/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/sublime_security/data_stream/message_event/manifest.yml b/packages/sublime_security/data_stream/message_event/manifest.yml index 98be176e355..d69cfcd8df6 100644 --- a/packages/sublime_security/data_stream/message_event/manifest.yml +++ b/packages/sublime_security/data_stream/message_event/manifest.yml @@ -123,6 +123,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: queue_url type: text title: '[SQS] Queue URL' diff --git a/packages/sublime_security/manifest.yml b/packages/sublime_security/manifest.yml index 0e1c2df58dd..1493a0e5ada 100644 --- a/packages/sublime_security/manifest.yml +++ b/packages/sublime_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.2.1 name: sublime_security title: Sublime Security -version: 1.5.2 +version: 1.6.0 description: Collect logs from Sublime Security with Elastic Agent. type: integration categories: @@ -9,7 +9,7 @@ categories: - email_security conditions: kibana: - version: '^8.16.2' + version: '^8.16.5' elastic: subscription: basic screenshots: diff --git a/packages/symantec_endpoint_security/changelog.yml b/packages/symantec_endpoint_security/changelog.yml index 5ef1883e793..62bf356a2ca 100644 --- a/packages/symantec_endpoint_security/changelog.yml +++ b/packages/symantec_endpoint_security/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.8.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.7.1" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/symantec_endpoint_security/data_stream/event/agent/stream/aws-s3.yml.hbs b/packages/symantec_endpoint_security/data_stream/event/agent/stream/aws-s3.yml.hbs index d6b7f6cdbab..e34f503839a 100644 --- a/packages/symantec_endpoint_security/data_stream/event/agent/stream/aws-s3.yml.hbs +++ b/packages/symantec_endpoint_security/data_stream/event/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/symantec_endpoint_security/data_stream/event/manifest.yml b/packages/symantec_endpoint_security/data_stream/event/manifest.yml index d16ce6fcce6..e325e840328 100644 --- a/packages/symantec_endpoint_security/data_stream/event/manifest.yml +++ b/packages/symantec_endpoint_security/data_stream/event/manifest.yml @@ -126,6 +126,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/symantec_endpoint_security/manifest.yml b/packages/symantec_endpoint_security/manifest.yml index aba457afea4..399fd5ca26f 100644 --- a/packages/symantec_endpoint_security/manifest.yml +++ b/packages/symantec_endpoint_security/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.0.3 name: symantec_endpoint_security title: Symantec Endpoint Security -version: "1.7.1" +version: "1.8.0" description: Collect logs from Symantec Endpoint Security with Elastic Agent. type: integration categories: @@ -9,7 +9,7 @@ categories: - edr_xdr conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" elastic: subscription: "basic" screenshots: diff --git a/packages/tanium/changelog.yml b/packages/tanium/changelog.yml index 76fdd8c6d5a..4e1bea5202f 100644 --- a/packages/tanium/changelog.yml +++ b/packages/tanium/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.15.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.14.1" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs index eb355709097..e4d2dab6226 100644 --- a/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/tanium/data_stream/action_history/manifest.yml b/packages/tanium/data_stream/action_history/manifest.yml index 46c4b292844..ad198d7fe73 100644 --- a/packages/tanium/data_stream/action_history/manifest.yml +++ b/packages/tanium/data_stream/action_history/manifest.yml @@ -30,6 +30,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs index eb355709097..e4d2dab6226 100644 --- a/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/tanium/data_stream/client_status/manifest.yml b/packages/tanium/data_stream/client_status/manifest.yml index ae997aa5866..2d423a0469a 100644 --- a/packages/tanium/data_stream/client_status/manifest.yml +++ b/packages/tanium/data_stream/client_status/manifest.yml @@ -85,6 +85,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs index eb355709097..e4d2dab6226 100644 --- a/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/tanium/data_stream/discover/manifest.yml b/packages/tanium/data_stream/discover/manifest.yml index 7c55cec0ce9..94d0060c4e0 100644 --- a/packages/tanium/data_stream/discover/manifest.yml +++ b/packages/tanium/data_stream/discover/manifest.yml @@ -30,6 +30,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs index 0f374456817..141bd8c7d06 100644 --- a/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/tanium/data_stream/endpoint_config/manifest.yml b/packages/tanium/data_stream/endpoint_config/manifest.yml index a76c23e4358..5a096bd7e60 100644 --- a/packages/tanium/data_stream/endpoint_config/manifest.yml +++ b/packages/tanium/data_stream/endpoint_config/manifest.yml @@ -30,6 +30,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs index eb355709097..e4d2dab6226 100644 --- a/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/tanium/data_stream/reporting/manifest.yml b/packages/tanium/data_stream/reporting/manifest.yml index d593416615a..fe44f6e7fcd 100644 --- a/packages/tanium/data_stream/reporting/manifest.yml +++ b/packages/tanium/data_stream/reporting/manifest.yml @@ -85,6 +85,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs index eb355709097..e4d2dab6226 100644 --- a/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs @@ -14,6 +14,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/tanium/data_stream/threat_response/manifest.yml b/packages/tanium/data_stream/threat_response/manifest.yml index 599bb72cdef..7f00c19c34e 100644 --- a/packages/tanium/data_stream/threat_response/manifest.yml +++ b/packages/tanium/data_stream/threat_response/manifest.yml @@ -30,6 +30,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/tanium/manifest.yml b/packages/tanium/manifest.yml index 1c74d313c51..f1e0af95688 100644 --- a/packages/tanium/manifest.yml +++ b/packages/tanium/manifest.yml @@ -1,14 +1,14 @@ format_version: "3.0.3" name: tanium title: Tanium -version: "1.14.1" +version: "1.15.0" description: This Elastic integration collects logs from Tanium with Elastic Agent. type: integration categories: - security conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" elastic: subscription: "basic" screenshots: diff --git a/packages/trellix_edr_cloud/changelog.yml b/packages/trellix_edr_cloud/changelog.yml index ae606f20ef6..51b89705583 100644 --- a/packages/trellix_edr_cloud/changelog.yml +++ b/packages/trellix_edr_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: Add support to configure start_timestamp & ignore_older configurations for AWS S3 backed inputs + type: enhancement + link: https://github.com/elastic/integrations/pull/12645 - version: "1.6.1" changes: - description: Updated SSL description in package manifest.yml to be uniform and to include links to documentation. diff --git a/packages/trellix_edr_cloud/data_stream/event/agent/stream/aws-s3.yml.hbs b/packages/trellix_edr_cloud/data_stream/event/agent/stream/aws-s3.yml.hbs index 9b511f47547..8303f9bdc21 100644 --- a/packages/trellix_edr_cloud/data_stream/event/agent/stream/aws-s3.yml.hbs +++ b/packages/trellix_edr_cloud/data_stream/event/agent/stream/aws-s3.yml.hbs @@ -13,6 +13,12 @@ bucket_list_interval: {{interval}} {{#if bucket_list_prefix}} bucket_list_prefix: {{bucket_list_prefix}} {{/if}} +{{#if start_timestamp}} +start_timestamp: {{start_timestamp}} +{{/if}} +{{#if ignore_older}} +ignore_older: {{ignore_older}} +{{/if}} {{else}} diff --git a/packages/trellix_edr_cloud/data_stream/event/manifest.yml b/packages/trellix_edr_cloud/data_stream/event/manifest.yml index 18c2cf9641f..7e8eedfac78 100644 --- a/packages/trellix_edr_cloud/data_stream/event/manifest.yml +++ b/packages/trellix_edr_cloud/data_stream/event/manifest.yml @@ -30,6 +30,20 @@ streams: show_user: true default: 5 description: Number of workers that will process the S3 objects listed. + - name: start_timestamp + type: text + title: "[S3] Start Timestamp" + multi: false + required: false + show_user: false + description: If set, only accept bucket entries with last modified timestamp newer than the given timestamp. Accepts a timestamp in `YYYY-MM-DDTHH:MM:SSZ` format. For example, "2020-10-10T10:30:00Z" (UTC) or "2020-10-10T10:30:00Z+02:30" (with zone offset). + - name: ignore_older + type: text + title: "[S3] Ignore Older Timespan" + multi: false + required: false + show_user: false + description: If set, ignore bucket entries not within the provided timespan. Timespan is checked from the current time to processing entry's last modified timestamp. Accepts a timestamp like `48h`, `2h30m`. - name: visibility_timeout type: text title: "[SQS] Visibility Timeout" diff --git a/packages/trellix_edr_cloud/manifest.yml b/packages/trellix_edr_cloud/manifest.yml index fd40239fcf5..ed2f01dd17f 100644 --- a/packages/trellix_edr_cloud/manifest.yml +++ b/packages/trellix_edr_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: trellix_edr_cloud title: Trellix EDR Cloud -version: "1.6.1" +version: "1.7.0" description: Collect logs from Trellix EDR Cloud with Elastic Agent. type: integration categories: @@ -9,7 +9,7 @@ categories: - security conditions: kibana: - version: "^8.16.2" + version: "^8.16.5" elastic: subscription: basic screenshots: