[ti_threatq] - change to ECS version [email protected]

ECS version in build manifest changed from [email protected] to [email protected]. The set
ecs.version processor in pipelines was changed 8.11.0. Previously the pipeline
was setting version 8.10.0. The ecs.version in sample_event.json files was
changed to 8.11.0. Previously sample_event.json files contained 8.10.0.

[git-generate]
go run github.com/andrewkroh/go-examples/[email protected] -ecs-version=8.11.0 [email protected] -pr=8436 packages/ti_threatq

packages/ti_threatq/_dev/build/build.yml

@@ -1,3 +1,3 @@
 dependencies:
   ecs:
-    reference: "git@v8.10.0"
+    reference: "git@v8.11.0"

packages/ti_threatq/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: 1.22.0
+  changes:
+    - description: ECS version updated to 8.11.0.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/8436
 - version: "1.21.0"
   changes:
     - description: Improve 'event.original' check to avoid errors if set.

packages/ti_threatq/data_stream/threat/_dev/test/pipeline/test-threatq-no-preserve-ndjson.log-expected.json

@@ -3,7 +3,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -52,7 +52,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -101,7 +101,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [

packages/ti_threatq/data_stream/threat/_dev/test/pipeline/test-threatq-sample-ndjson.log-expected.json

@@ -3,7 +3,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -56,7 +56,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -109,7 +109,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -162,7 +162,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -209,7 +209,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -262,7 +262,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -318,7 +318,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -371,7 +371,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -424,7 +424,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [
@@ -477,7 +477,7 @@
         {
             "@timestamp": "2020-11-15T00:00:02.000Z",
             "ecs": {
-                "version": "8.10.0"
+                "version": "8.11.0"
             },
             "event": {
                 "category": [

packages/ti_threatq/data_stream/threat/elasticsearch/ingest_pipeline/default.yml

@@ -6,7 +6,7 @@ processors:
   ####################
   - set:
       field: ecs.version
-      value: '8.10.0'
+      value: '8.11.0'
   - set:
       field: event.kind
       value: enrichment

packages/ti_threatq/data_stream/threat/sample_event.json

@@ -13,7 +13,7 @@
         "type": "logs"
     },
     "ecs": {
-        "version": "8.10.0"
+        "version": "8.11.0"
     },
     "elastic_agent": {
         "id": "5607d6f4-6e45-4c33-a087-2e07de5f0082",
@@ -67,4 +67,4 @@
         "published_at": "2021-10-01T18:36:03.000Z",
         "status": "Active"
     }
-}
+}

packages/ti_threatq/docs/README.md

@@ -118,7 +118,7 @@ An example event for `threat` looks as following:
         "type": "logs"
     },
     "ecs": {
-        "version": "8.10.0"
+        "version": "8.11.0"
     },
     "elastic_agent": {
         "id": "5607d6f4-6e45-4c33-a087-2e07de5f0082",
@@ -173,4 +173,5 @@ An example event for `threat` looks as following:
         "status": "Active"
     }
 }
+
 ```

packages/ti_threatq/manifest.yml

@@ -1,6 +1,6 @@
 name: ti_threatq
 title: ThreatQuotient
-version: "1.21.0"
+version: "1.22.0"
 description: Ingest threat intelligence indicators from ThreatQuotient with Elastic Agent.
 type: integration
 format_version: "3.0.0"