[infoblox_nios] Add Infoblox NIOS package

[darshan-elastic]

What does this PR do?

• Generated the skeleton of the Infoblox NIOS integration package.
• Added a data stream.
• Added data collection logic to the data stream.
• Added the ingest pipeline for the data stream.
• Mapped fields according to the ECS schema and added Fields metadata in the appropriate yml files
• Added dashboards and visualizations.
• Added test for pipeline for the data stream.
• Added system test cases for the data stream.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

• Clone integrations repo.
• Install elastic-package locally.
• Start elastic stack using elastic-package.
• Move to integrations/packages/infoblox_nios directory.
• Run the following command to run tests.
  elastic-package test

Screenshots

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-04-28T11:55:17.167+0000

• Duration: 14 min 2 sec

Test stats 🧪

Test	Results
Failed	0
Passed	35
Skipped	0
Total	35

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[andrewkroh]

/test

[willemdh]

@jamiehynds Hey again.. :) Fyi I tested the Infoblox rsa module on 7.15 and unfortunately i must say its really bad....
Have there been consistent improvements in this PR to the parsing? Would you be interested in some example logs where the parsing goes wrong? This module needs a lot of work imho before it can be useful..
Another question, Can we use this integration in Filebeat without Elastic Agent? Or is agent a requirement?

[jamiehynds]

Hey @willemdh - we're in the process of rewriting a lot of those RSA modules from scratch, which is exactly what we've done with Infoblox. This integration has been built in collaboration with Infoblox. ECS mappings and dashboards are far superior to the old module. DHCP, DNS and Audit events all supported. Look forward to getting your feedback once it's available. Thanks for the offer of sample logs, but I think we're ok, as we've worked directly with Infoblox. Agent will be a requirement, there will not be a corresponding Filebeat module.

[willemdh]

Thanks for the info @jamiehynds
It was on my to do to rewrite my currently Infoblox Logstash pipeline and make it ecs compliant, but I'll wait for this integration then. Hopefully its better then the rsa module.
Sorry to hear it wont be available as a module in Filebeat though.

[andrewkroh]

Can we use this integration in Filebeat without Elastic Agent?

@willemdh It should be possible to route data collected by Filebeat into the data stream managed by this integration. It requires some understanding of how the parts work, but I've done this a bit while transitioning between Beats and Agent. In case it helps, here's my unofficial method. https://gist.github.com/andrewkroh/c253717ebe82f2ec47fe003eda99c1dc

[andrewkroh]

I'm not finished reviewing, but wanted to leave these comments for now until I get back to it.

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (1/1)	💚
Files	100.0% (4/4)	💚 2.857
Classes	100.0% (4/4)	💚 2.857
Methods	97.297% (36/37)	👍 9.202
Lines	98.778% (404/409)	👍 9.94
Conditionals	100.0% (0/0)	💚