Merge branch 'bugfix-system-metrics-overview' of github.com:milan-elastic/integrations into bugfix-system-metrics-overview

Author: milan-elastic

packages/apache/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.17.2"
+  changes:
+    - description: Rename field "apache2.error.integration" to "apache.error.module" in the Apache error visualizations.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/9822
 - version: "1.17.1"
   changes:
     - description: Update grok for accepting user-identity.

packages/apache/kibana/dashboard/apache-Logs-Apache-Dashboard.json

@@ -30,7 +30,7 @@
                     "columns": [
                         "source.address",
                         "log.level",
-                        "apache2.error.integration",
+                        "apache.error.module",
                         "message"
                     ],
                     "enhancements": {},

packages/apache/kibana/search/apache-errors-log.json

@@ -3,7 +3,7 @@
         "columns": [
             "source.address",
             "log.level",
-            "apache2.error.integration",
+            "apache.error.module",
             "message"
         ],
         "description": "",

packages/apache/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: apache
 title: Apache HTTP Server
-version: "1.17.1"
+version: "1.17.2"
 license: basic
 source:
   license: Elastic-2.0

packages/aws_bedrock/changelog.yml

@@ -1,3 +1,8 @@
+- version: "0.1.2"
+  changes:
+    - description: Add documentation image.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/9831
 - version: "0.1.1"
   changes:
     - description: Fix documentation markdown.

packages/aws_bedrock/img/add_aws_bedrock.png

@@ -3,7 +3,7 @@ name: aws_bedrock
 title: AWS Bedrock
 description: Collect AWS Bedrock model invocation logs with Elastic Agent.
 type: integration
-version: "0.1.1"
+version: "0.1.2"
 categories:
   - aws
 conditions:
@@ -22,6 +22,11 @@ policy_templates:
       - type: aws-cloudwatch
         title: Collect Logs from CloudWatch
         description: Collect bedrock logs from CloudWatch with Elastic Agent.
+screenshots:
+  - src: /img/add_aws_bedrock.png
+    title: Overview
+    size: 805x1921
+    type: image/png
 icons:
   - src: "/img/icon.svg"
     type: "image/svg+xml"

packages/aws_bedrock/manifest.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.17.1"
+  changes:
+    - description: Add ignore_failure to the community_id processor in the ingest node pipeline.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/9837
 - version: "2.17.0"
   changes:
     - description: Update package spec to 3.0.3.

packages/cef/changelog.yml

@@ -106,6 +106,8 @@ processors:
       name: '{{ IngestPipeline "cp-pipeline" }}'
       tag: checkpoint pipeline
   - community_id:
+      ignore_missing: true
+      ignore_failure: true
       tag: community id processor
   # Ensure source.mac and destination.mac are formatted to ECS specifications.
   - gsub:

packages/cef/data_stream/log/elasticsearch/ingest_pipeline/default.yml

@@ -1,6 +1,6 @@
 name: cef
 title: Common Event Format (CEF)
-version: "2.17.0"
+version: "2.17.1"
 description: Collect logs from CEF Logs with Elastic Agent.
 categories:
   - security

packages/cef/manifest.yml

@@ -1 +1 @@
-{"BotDetectionIDs":[7,8,9],"BotScore":20,"BotScoreSrc":"Verified Bot","BotTags":["bing","api"],"CacheCacheStatus":"dynamic","CacheResponseBytes":983828,"CacheResponseStatus":200,"CacheTieredFill":false,"ClientASN":43766,"ClientCountry":"sa","ClientDeviceType":"desktop","ClientIP":"175.16.199.0","ClientIPClass":"noRecord","ClientMTLSAuthCertFingerprint":"Fingerprint","ClientMTLSAuthStatus":"unknown","ClientRequestBytes":5800,"ClientRequestHost":"xyz.example.com","ClientRequestMethod":"POST","ClientRequestPath":"/xyz/checkout","ClientRequestProtocol":"HTTP/1.1","ClientRequestReferer":"https://example.com/s/example/default?sourcerer=(default:(id:!n,selectedPatterns:!(example,%27logs-endpoint.*-example%27,%27logs-system.*-example%27,%27logs-windows.*-example%27)))&timerange=(global:(linkTo:!(),timerange:(from:%272022-05-16T06:26:36.340Z%27,fromStr:now-24h,kind:relative,to:%272022-05-17T06:26:36.340Z%27,toStr:now)),timeline:(linkTo:!(),timerange:(from:%272022-04-17T22:00:00.000Z%27,kind:absolute,to:%272022-04-18T21:59:59.999Z%27)))&timeline=(activeTab:notes,graphEventId:%27%27,id:%279844bdd4-4dd6-5b22-ab40-3cd46fce8d6b%27,isOpen:!t)","ClientRequestScheme":"https","ClientRequestSource":"edgeWorkerFetch","ClientRequestURI":"/s/example/api/telemetry/v2/clusters/_stats","ClientRequestUserAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36","ClientSrcPort":0,"ClientSSLCipher":"NONE","ClientSSLProtocol":"TLSv1.2","ClientTCPRTTMs":0,"ClientXRequestedWith":"Request With","Cookies":{"key":"value"},"EdgeCFConnectingO2O":false,"EdgeColoCode":"RUH","EdgeColoID":339,"EdgeEndTimestamp":"2022-05-25T13:25:32Z","EdgePathingOp":"wl","EdgePathingSrc":"macro","EdgePathingStatus":"nr","EdgeRateLimitAction":"unknown","EdgeRateLimitID":0,"EdgeRequestHost":"abc.example.com","EdgeResponseBodyBytes":980397,"EdgeResponseBytes":981308,"EdgeResponseCompressionRatio":0,"EdgeResponseContentType":"application/json","EdgeResponseStatus":200,"EdgeServerIP":"1.128.0.0","EdgeStartTimestamp":"2022-05-25T13:25:26Z","EdgeTimeToFirstByteMs":5333,"OriginDNSResponseTimeMs":3,"OriginIP":"67.43.156.0","OriginRequestHeaderSendDurationMs":0,"OriginResponseBytes":0,"OriginResponseDurationMs":5319,"OriginResponseHeaderReceiveDurationMs":5155,"OriginResponseHTTPExpires":"2022-05-27T13:25:26Z","OriginResponseHTTPLastModified":"2022-05-26T13:25:26Z","OriginResponseStatus":200,"OriginResponseTime":5232000000,"OriginSSLProtocol":"TLSv1.2","OriginTCPHandshakeDurationMs":24,"OriginTLSHandshakeDurationMs":53,"ParentRayID":"710e98d93d50357d","RayID":"710e98d9367f357d","SecurityLevel":"off","SmartRouteColoID":20,"UpperTierColoID":0,"SecurityAction":"unknown","WAFFlags":"0","WAFMatchedVar":"example","WAFProfile":"unknown","SecurityRuleID":"98d93d5","SecurityRuleDescription":"matchad variable message","WorkerCPUTime":0,"WorkerStatus":"unknown","WorkerSubrequest":true,"WorkerSubrequestCount":0,"ZoneID":393347122,"ZoneName":"example.com"}
+{"BotDetectionIDs":[7,8,9],"BotScore":20,"BotScoreSrc":"Verified Bot","BotTags":["bing","api"],"CacheCacheStatus":"dynamic","CacheResponseBytes":983828,"CacheResponseStatus":200,"CacheTieredFill":false,"ClientASN":43766,"ClientCountry":"sa","ClientDeviceType":"desktop","ClientIP":"175.16.199.0","ClientIPClass":"noRecord","ClientMTLSAuthCertFingerprint":"Fingerprint","ClientMTLSAuthStatus":"unknown","ClientRequestBytes":5800,"ClientRequestHost":"xyz.example.com","ClientRequestMethod":"POST","ClientRequestPath":"/xyz/checkout","ClientRequestProtocol":"HTTP/1.1","ClientRequestReferer":"https://example.com/s/example/default?sourcerer=(default:(id:!n,selectedPatterns:!(example,%27logs-endpoint.*-example%27,%27logs-system.*-example%27,%27logs-windows.*-example%27)))&timerange=(global:(linkTo:!(),timerange:(from:%272022-05-16T06:26:36.340Z%27,fromStr:now-24h,kind:relative,to:%272022-05-17T06:26:36.340Z%27,toStr:now)),timeline:(linkTo:!(),timerange:(from:%272022-04-17T22:00:00.000Z%27,kind:absolute,to:%272022-04-18T21:59:59.999Z%27)))&timeline=(activeTab:notes,graphEventId:%27%27,id:%279844bdd4-4dd6-5b22-ab40-3cd46fce8d6b%27,isOpen:!t)","ClientRequestScheme":"https","ClientRequestSource":"edgeWorkerFetch","ClientRequestURI":"/s/example/api/telemetry/v2/clusters/_stats","ClientRequestUserAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36","ClientSrcPort":0,"ClientSSLCipher":"NONE","ClientSSLProtocol":"TLSv1.2","ClientTCPRTTMs":0,"ClientXRequestedWith":"Request With","Cookies":{"key":"value"},"EdgeCFConnectingO2O":false,"EdgeColoCode":"RUH","EdgeColoID":339,"EdgeEndTimestamp":"2022-05-25T13:25:32Z","EdgePathingOp":"wl","EdgePathingSrc":"macro","EdgePathingStatus":"nr","EdgeRateLimitAction":"unknown","EdgeRateLimitID":0,"EdgeRequestHost":"abc.example.com","EdgeResponseBodyBytes":980397,"EdgeResponseBytes":981308,"EdgeResponseCompressionRatio":0,"EdgeResponseContentType":"application/json","EdgeResponseStatus":200,"EdgeServerIP":"1.128.0.0","EdgeStartTimestamp":"2022-05-25T13:25:26Z","EdgeTimeToFirstByteMs":5333,"OriginDNSResponseTimeMs":3,"OriginIP":"67.43.156.0","OriginRequestHeaderSendDurationMs":0,"OriginResponseBytes":0,"OriginResponseDurationMs":5319,"OriginResponseHeaderReceiveDurationMs":5155,"OriginResponseHTTPExpires":"2022-05-27T13:25:26Z","OriginResponseHTTPLastModified":"2022-05-26T13:25:26Z","OriginResponseStatus":200,"OriginResponseTime":5232000000,"OriginSSLProtocol":"TLSv1.2","OriginTCPHandshakeDurationMs":24,"OriginTLSHandshakeDurationMs":53,"ParentRayID":"710e98d93d50357d","RayID":"710e98d9367f357d","SecurityLevel":"off","SmartRouteColoID":20,"UpperTierColoID":0,"SecurityAction":"unknown","WAFAttackScore":50,"WAFRCEAttackScore":1,"WAFSQLiAttackScore":99,"WAFXSSAttackScore":90,"WAFFlags":"0","WAFMatchedVar":"example","WAFProfile":"unknown","SecurityRuleID":"98d93d5","SecurityRuleDescription":"matchad variable message","WorkerCPUTime":0,"WorkerStatus":"unknown","WorkerSubrequest":true,"WorkerSubrequestCount":0,"ZoneID":393347122,"ZoneName":"example.com"}

packages/cloudflare_logpush/_dev/deploy/docker/sample_logs/http_request.log

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.19.0"
+  changes:
+    - description: Support new WAF AttackScore fields from HTTP Requests logs.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/9810
 - version: "1.18.0"
   changes:
     - description: Set sensitive values as secret.