diff --git a/packages/ti_abusech/_dev/build/build.yml b/packages/ti_abusech/_dev/build/build.yml index 5661d603a89..2254d90483c 100644 --- a/packages/ti_abusech/_dev/build/build.yml +++ b/packages/ti_abusech/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.3.0 + reference: git@v8.4.0-rc1 diff --git a/packages/ti_abusech/changelog.yml b/packages/ti_abusech/changelog.yml index 0fd9ded9324..ad725f1474c 100644 --- a/packages/ti_abusech/changelog.yml +++ b/packages/ti_abusech/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Update package to ECS 8.4.0 + type: enhancement + link: https://github.com/elastic/integrations/pull/3871 - version: "1.5.1" changes: - description: Fix proxy URL documentation rendering. diff --git a/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json b/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json index e051e713e06..7420b471a88 100644 --- a/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json +++ b/packages/ti_abusech/data_stream/malware/_dev/test/pipeline/test-malware-ndjson.log-expected.json @@ -5,7 +5,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -50,7 +50,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -101,7 +101,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -146,7 +146,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -191,7 +191,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -239,7 +239,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -284,7 +284,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -329,7 +329,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -376,7 +376,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -421,7 +421,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -466,7 +466,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -511,7 +511,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -556,7 +556,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -601,7 +601,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -648,7 +648,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -693,7 +693,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -738,7 +738,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -785,7 +785,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -830,7 +830,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -875,7 +875,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -922,7 +922,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -967,7 +967,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1012,7 +1012,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1057,7 +1057,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1102,7 +1102,7 @@ "malware": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml index 51148f16a53..9bf4d0aec09 100644 --- a/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malware/elasticsearch/ingest_pipeline/default.yml @@ -6,7 +6,7 @@ processors: #################### - set: field: ecs.version - value: "8.3.0" + value: '8.4.0' - set: field: event.kind value: enrichment diff --git a/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json b/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json index 18013ca97d4..2dd349611e3 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json +++ b/packages/ti_abusech/data_stream/malwarebazaar/_dev/test/pipeline/test-malwarebazaar-ndjson.log-expected.json @@ -15,7 +15,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -77,7 +77,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -139,7 +139,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -207,7 +207,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -269,7 +269,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -332,7 +332,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -394,7 +394,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -460,7 +460,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -531,7 +531,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml index 2ff021b668b..d76bedbf8a3 100644 --- a/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/malwarebazaar/elasticsearch/ingest_pipeline/default.yml @@ -6,7 +6,7 @@ processors: #################### - set: field: ecs.version - value: "8.3.0" + value: '8.4.0' - set: field: event.kind value: enrichment diff --git a/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json b/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json index 556438eaa22..4903795eeac 100644 --- a/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json +++ b/packages/ti_abusech/data_stream/url/_dev/test/pipeline/test-abusechurl-ndjson.log-expected.json @@ -18,7 +18,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -66,7 +66,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -114,7 +114,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -162,7 +162,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -210,7 +210,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -258,7 +258,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -306,7 +306,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -354,7 +354,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -402,7 +402,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -450,7 +450,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -498,7 +498,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -546,7 +546,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -594,7 +594,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -642,7 +642,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -690,7 +690,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -738,7 +738,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -786,7 +786,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -834,7 +834,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -882,7 +882,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -930,7 +930,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -978,7 +978,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1026,7 +1026,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1074,7 +1074,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1122,7 +1122,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1169,7 +1169,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1216,7 +1216,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1263,7 +1263,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1310,7 +1310,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1357,7 +1357,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1404,7 +1404,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1452,7 +1452,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1501,7 +1501,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1549,7 +1549,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1596,7 +1596,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1643,7 +1643,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1690,7 +1690,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1737,7 +1737,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1784,7 +1784,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1833,7 +1833,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1879,7 +1879,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1927,7 +1927,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1975,7 +1975,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2023,7 +2023,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2071,7 +2071,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2119,7 +2119,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2167,7 +2167,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2215,7 +2215,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2263,7 +2263,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2311,7 +2311,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2359,7 +2359,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2407,7 +2407,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2455,7 +2455,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2503,7 +2503,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2550,7 +2550,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2595,7 +2595,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2640,7 +2640,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2685,7 +2685,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2730,7 +2730,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2775,7 +2775,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2820,7 +2820,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2865,7 +2865,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2910,7 +2910,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2955,7 +2955,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3000,7 +3000,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3045,7 +3045,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3090,7 +3090,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3135,7 +3135,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3180,7 +3180,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3225,7 +3225,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3270,7 +3270,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3315,7 +3315,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3360,7 +3360,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3405,7 +3405,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3450,7 +3450,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3495,7 +3495,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3540,7 +3540,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3585,7 +3585,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3630,7 +3630,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3675,7 +3675,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3720,7 +3720,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3765,7 +3765,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3810,7 +3810,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3855,7 +3855,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3900,7 +3900,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3945,7 +3945,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3990,7 +3990,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4035,7 +4035,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4080,7 +4080,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4125,7 +4125,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4170,7 +4170,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4215,7 +4215,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4260,7 +4260,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4305,7 +4305,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4350,7 +4350,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4395,7 +4395,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4440,7 +4440,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4485,7 +4485,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4530,7 +4530,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4575,7 +4575,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4620,7 +4620,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4665,7 +4665,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4710,7 +4710,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4755,7 +4755,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4800,7 +4800,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4845,7 +4845,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4890,7 +4890,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4935,7 +4935,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4980,7 +4980,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5025,7 +5025,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5070,7 +5070,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5115,7 +5115,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5160,7 +5160,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5205,7 +5205,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5250,7 +5250,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5295,7 +5295,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5340,7 +5340,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5385,7 +5385,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5430,7 +5430,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5475,7 +5475,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5520,7 +5520,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5565,7 +5565,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5610,7 +5610,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5655,7 +5655,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5700,7 +5700,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5745,7 +5745,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5790,7 +5790,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5835,7 +5835,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5880,7 +5880,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5925,7 +5925,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -5970,7 +5970,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6015,7 +6015,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6060,7 +6060,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6105,7 +6105,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6150,7 +6150,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6195,7 +6195,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6240,7 +6240,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6285,7 +6285,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6330,7 +6330,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6375,7 +6375,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6420,7 +6420,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6465,7 +6465,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6510,7 +6510,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6555,7 +6555,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6600,7 +6600,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6645,7 +6645,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6692,7 +6692,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6740,7 +6740,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6788,7 +6788,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6836,7 +6836,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6884,7 +6884,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6932,7 +6932,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -6980,7 +6980,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7028,7 +7028,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7076,7 +7076,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7124,7 +7124,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7172,7 +7172,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7220,7 +7220,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7268,7 +7268,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7316,7 +7316,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7364,7 +7364,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7412,7 +7412,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7460,7 +7460,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7508,7 +7508,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7556,7 +7556,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7604,7 +7604,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7652,7 +7652,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7700,7 +7700,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7748,7 +7748,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7796,7 +7796,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7844,7 +7844,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7892,7 +7892,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7941,7 +7941,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -7988,7 +7988,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8036,7 +8036,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8084,7 +8084,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8132,7 +8132,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8180,7 +8180,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8228,7 +8228,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8276,7 +8276,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8324,7 +8324,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8372,7 +8372,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8420,7 +8420,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8468,7 +8468,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8517,7 +8517,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8564,7 +8564,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8612,7 +8612,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8660,7 +8660,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8708,7 +8708,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8756,7 +8756,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8804,7 +8804,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8852,7 +8852,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8900,7 +8900,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8948,7 +8948,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -8996,7 +8996,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9044,7 +9044,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9092,7 +9092,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9140,7 +9140,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9188,7 +9188,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9236,7 +9236,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9284,7 +9284,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9332,7 +9332,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9380,7 +9380,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9428,7 +9428,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9476,7 +9476,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9525,7 +9525,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9574,7 +9574,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9622,7 +9622,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9670,7 +9670,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9718,7 +9718,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9766,7 +9766,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9814,7 +9814,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9862,7 +9862,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9910,7 +9910,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -9958,7 +9958,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10006,7 +10006,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10054,7 +10054,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10102,7 +10102,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10150,7 +10150,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10198,7 +10198,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10246,7 +10246,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10294,7 +10294,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10342,7 +10342,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10390,7 +10390,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10438,7 +10438,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10486,7 +10486,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10534,7 +10534,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10582,7 +10582,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10630,7 +10630,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10678,7 +10678,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10726,7 +10726,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10774,7 +10774,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10823,7 +10823,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10872,7 +10872,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10919,7 +10919,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -10967,7 +10967,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11015,7 +11015,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11063,7 +11063,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11111,7 +11111,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11159,7 +11159,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11207,7 +11207,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11255,7 +11255,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11303,7 +11303,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11351,7 +11351,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11399,7 +11399,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11447,7 +11447,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11495,7 +11495,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11543,7 +11543,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11591,7 +11591,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11639,7 +11639,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11687,7 +11687,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11735,7 +11735,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11783,7 +11783,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11831,7 +11831,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11880,7 +11880,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11928,7 +11928,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -11976,7 +11976,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12022,7 +12022,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12070,7 +12070,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12118,7 +12118,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12166,7 +12166,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12214,7 +12214,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12262,7 +12262,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12310,7 +12310,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12358,7 +12358,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12406,7 +12406,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12454,7 +12454,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12503,7 +12503,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12550,7 +12550,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12598,7 +12598,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12646,7 +12646,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12694,7 +12694,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12742,7 +12742,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12790,7 +12790,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12838,7 +12838,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12886,7 +12886,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12934,7 +12934,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -12982,7 +12982,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13030,7 +13030,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13078,7 +13078,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13127,7 +13127,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13175,7 +13175,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13223,7 +13223,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13271,7 +13271,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13319,7 +13319,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13367,7 +13367,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13415,7 +13415,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13463,7 +13463,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13511,7 +13511,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13559,7 +13559,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13607,7 +13607,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13655,7 +13655,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13703,7 +13703,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13751,7 +13751,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13799,7 +13799,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13847,7 +13847,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13895,7 +13895,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13943,7 +13943,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -13991,7 +13991,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14039,7 +14039,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14087,7 +14087,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14135,7 +14135,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14183,7 +14183,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14231,7 +14231,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14279,7 +14279,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14327,7 +14327,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14375,7 +14375,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14424,7 +14424,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14473,7 +14473,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14520,7 +14520,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14568,7 +14568,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14616,7 +14616,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14664,7 +14664,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14712,7 +14712,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14760,7 +14760,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14808,7 +14808,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14856,7 +14856,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14904,7 +14904,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -14952,7 +14952,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15000,7 +15000,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15048,7 +15048,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15096,7 +15096,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15144,7 +15144,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15192,7 +15192,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15240,7 +15240,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15288,7 +15288,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15336,7 +15336,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15384,7 +15384,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15432,7 +15432,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15480,7 +15480,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15529,7 +15529,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15574,7 +15574,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15621,7 +15621,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15668,7 +15668,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15716,7 +15716,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15764,7 +15764,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15812,7 +15812,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15860,7 +15860,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15908,7 +15908,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -15956,7 +15956,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16004,7 +16004,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16052,7 +16052,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16100,7 +16100,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16148,7 +16148,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16196,7 +16196,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16244,7 +16244,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16292,7 +16292,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16340,7 +16340,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16388,7 +16388,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16436,7 +16436,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16484,7 +16484,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16532,7 +16532,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16581,7 +16581,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16629,7 +16629,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16677,7 +16677,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16725,7 +16725,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16773,7 +16773,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16822,7 +16822,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16871,7 +16871,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16918,7 +16918,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -16967,7 +16967,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17015,7 +17015,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17063,7 +17063,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17111,7 +17111,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17159,7 +17159,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17207,7 +17207,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17255,7 +17255,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17303,7 +17303,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17351,7 +17351,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17399,7 +17399,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17447,7 +17447,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17495,7 +17495,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17543,7 +17543,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17591,7 +17591,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17639,7 +17639,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17688,7 +17688,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17735,7 +17735,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17784,7 +17784,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17832,7 +17832,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17880,7 +17880,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17928,7 +17928,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -17976,7 +17976,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18024,7 +18024,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18072,7 +18072,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18120,7 +18120,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18168,7 +18168,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18216,7 +18216,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18263,7 +18263,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18310,7 +18310,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18357,7 +18357,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18404,7 +18404,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18451,7 +18451,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18498,7 +18498,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18546,7 +18546,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18593,7 +18593,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18640,7 +18640,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18688,7 +18688,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18735,7 +18735,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18782,7 +18782,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18830,7 +18830,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18877,7 +18877,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18924,7 +18924,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -18972,7 +18972,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19020,7 +19020,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19068,7 +19068,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19116,7 +19116,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19163,7 +19163,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19212,7 +19212,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19260,7 +19260,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19308,7 +19308,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19356,7 +19356,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19404,7 +19404,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19452,7 +19452,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19500,7 +19500,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19548,7 +19548,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19596,7 +19596,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19644,7 +19644,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19692,7 +19692,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19740,7 +19740,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19788,7 +19788,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19836,7 +19836,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19884,7 +19884,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19932,7 +19932,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -19980,7 +19980,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20028,7 +20028,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20076,7 +20076,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20124,7 +20124,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20172,7 +20172,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20220,7 +20220,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20268,7 +20268,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20316,7 +20316,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20364,7 +20364,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20412,7 +20412,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20460,7 +20460,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20508,7 +20508,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20556,7 +20556,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20604,7 +20604,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20652,7 +20652,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20700,7 +20700,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20748,7 +20748,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20796,7 +20796,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20845,7 +20845,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20894,7 +20894,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20942,7 +20942,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -20990,7 +20990,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21038,7 +21038,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21086,7 +21086,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21134,7 +21134,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21182,7 +21182,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21230,7 +21230,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21278,7 +21278,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21326,7 +21326,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21374,7 +21374,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21422,7 +21422,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21470,7 +21470,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21518,7 +21518,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21566,7 +21566,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21614,7 +21614,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21662,7 +21662,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21710,7 +21710,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21758,7 +21758,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21806,7 +21806,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21854,7 +21854,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21902,7 +21902,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21951,7 +21951,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -21999,7 +21999,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22047,7 +22047,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22095,7 +22095,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22143,7 +22143,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22191,7 +22191,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22239,7 +22239,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22287,7 +22287,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22335,7 +22335,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22383,7 +22383,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22431,7 +22431,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22479,7 +22479,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22527,7 +22527,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22575,7 +22575,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22623,7 +22623,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22671,7 +22671,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22719,7 +22719,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22767,7 +22767,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22815,7 +22815,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22863,7 +22863,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22911,7 +22911,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -22959,7 +22959,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23007,7 +23007,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23055,7 +23055,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23103,7 +23103,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23151,7 +23151,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23199,7 +23199,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23247,7 +23247,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23295,7 +23295,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23343,7 +23343,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23392,7 +23392,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23440,7 +23440,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23487,7 +23487,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23535,7 +23535,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23583,7 +23583,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23631,7 +23631,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23679,7 +23679,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23727,7 +23727,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23775,7 +23775,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23823,7 +23823,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23871,7 +23871,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23919,7 +23919,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23967,7 +23967,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24015,7 +24015,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24063,7 +24063,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24111,7 +24111,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24159,7 +24159,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24207,7 +24207,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24255,7 +24255,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24303,7 +24303,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24351,7 +24351,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24400,7 +24400,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24449,7 +24449,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24496,7 +24496,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24544,7 +24544,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24592,7 +24592,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24640,7 +24640,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24688,7 +24688,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24736,7 +24736,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24784,7 +24784,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24832,7 +24832,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24880,7 +24880,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24928,7 +24928,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -24976,7 +24976,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25024,7 +25024,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25072,7 +25072,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25120,7 +25120,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25168,7 +25168,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25216,7 +25216,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25264,7 +25264,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25313,7 +25313,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25361,7 +25361,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25409,7 +25409,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25457,7 +25457,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25505,7 +25505,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25554,7 +25554,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25601,7 +25601,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25647,7 +25647,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25695,7 +25695,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25743,7 +25743,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25791,7 +25791,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25839,7 +25839,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25887,7 +25887,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25935,7 +25935,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -25983,7 +25983,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26032,7 +26032,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26079,7 +26079,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26127,7 +26127,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26175,7 +26175,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26223,7 +26223,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26271,7 +26271,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26319,7 +26319,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26367,7 +26367,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26415,7 +26415,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26463,7 +26463,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26511,7 +26511,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26559,7 +26559,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26607,7 +26607,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26655,7 +26655,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26703,7 +26703,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26751,7 +26751,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26799,7 +26799,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26847,7 +26847,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26895,7 +26895,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26943,7 +26943,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -26991,7 +26991,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27039,7 +27039,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27087,7 +27087,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27135,7 +27135,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27184,7 +27184,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27231,7 +27231,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27279,7 +27279,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27327,7 +27327,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27375,7 +27375,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27423,7 +27423,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27471,7 +27471,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27519,7 +27519,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27568,7 +27568,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27615,7 +27615,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27663,7 +27663,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27711,7 +27711,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27759,7 +27759,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27807,7 +27807,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27855,7 +27855,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27903,7 +27903,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27951,7 +27951,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -27999,7 +27999,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28047,7 +28047,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28095,7 +28095,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28143,7 +28143,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28191,7 +28191,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28239,7 +28239,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28287,7 +28287,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28335,7 +28335,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28383,7 +28383,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28432,7 +28432,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28479,7 +28479,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28527,7 +28527,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28576,7 +28576,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28624,7 +28624,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28672,7 +28672,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28720,7 +28720,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28766,7 +28766,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28812,7 +28812,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28858,7 +28858,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28906,7 +28906,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -28954,7 +28954,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29002,7 +29002,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29050,7 +29050,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29098,7 +29098,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29146,7 +29146,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29194,7 +29194,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29242,7 +29242,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29290,7 +29290,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29338,7 +29338,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29386,7 +29386,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29434,7 +29434,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29482,7 +29482,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29530,7 +29530,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29578,7 +29578,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29626,7 +29626,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29674,7 +29674,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29722,7 +29722,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29770,7 +29770,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29818,7 +29818,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29867,7 +29867,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29914,7 +29914,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -29962,7 +29962,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30008,7 +30008,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30055,7 +30055,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30103,7 +30103,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30151,7 +30151,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30199,7 +30199,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30247,7 +30247,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30295,7 +30295,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30344,7 +30344,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30391,7 +30391,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30439,7 +30439,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30487,7 +30487,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30535,7 +30535,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30583,7 +30583,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30631,7 +30631,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30679,7 +30679,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30727,7 +30727,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30775,7 +30775,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30823,7 +30823,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30871,7 +30871,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30919,7 +30919,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -30967,7 +30967,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31015,7 +31015,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31063,7 +31063,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31111,7 +31111,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31159,7 +31159,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31207,7 +31207,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31255,7 +31255,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31303,7 +31303,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31351,7 +31351,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31400,7 +31400,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31447,7 +31447,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31495,7 +31495,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31543,7 +31543,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31591,7 +31591,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31639,7 +31639,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31687,7 +31687,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31735,7 +31735,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31783,7 +31783,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -31831,7 +31831,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml index 03e1f6e52fa..7fb2584cdc9 100644 --- a/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_abusech/data_stream/url/elasticsearch/ingest_pipeline/default.yml @@ -6,7 +6,7 @@ processors: #################### - set: field: ecs.version - value: "8.3.0" + value: '8.4.0' - set: field: event.kind value: enrichment diff --git a/packages/ti_abusech/docs/README.md b/packages/ti_abusech/docs/README.md index 9f5d41ed7c6..25f3fc12b8f 100644 --- a/packages/ti_abusech/docs/README.md +++ b/packages/ti_abusech/docs/README.md @@ -81,7 +81,7 @@ The AbuseCH URL data_stream retrieves threat intelligence indicators from the UR | threat.indicator.ip | Identifies a threat indicator as an IP address (irrespective of direction). | ip | | threat.indicator.provider | The name of the indicator's provider. | keyword | | threat.indicator.reference | Reference URL linking to additional information about this indicator. | keyword | -| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. Recommended values: \* autonomous-system \* artifact \* directory \* domain-name \* email-addr \* file \* ipv4-addr \* ipv6-addr \* mac-addr \* mutex \* port \* process \* software \* url \* user-account \* windows-registry-key \* x509-certificate | keyword | +| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. | keyword | | threat.indicator.url.domain | Domain of the url, such as "www.elastic.co". In some cases a URL may refer to an IP and/or port directly, without a domain name. In this case, the IP address would go to the `domain` field. If the URL contains a literal IPv6 address enclosed by `[` and `]` (IETF RFC 2732), the `[` and `]` characters should also be captured in the `domain` field. | keyword | | threat.indicator.url.extension | The field contains the file extension from the original request url, excluding the leading dot. The file extension is only set if it exists, as not every url has a file extension. The leading period must not be included. For example, the value must be "png", not ".png". Note that when the file name has multiple extensions (example.tar.gz), only the last one should be captured ("gz", not "tar.gz"). | keyword | | threat.indicator.url.full | If full URLs are important to your use case, they should be stored in `url.full`, whether this field is reconstructed or present in the event source. | wildcard | @@ -166,7 +166,7 @@ The AbuseCH malware data_stream retrieves threat intelligence indicators from th | threat.indicator.file.type | File type (file, dir, or symlink). | keyword | | threat.indicator.first_seen | The date and time when intelligence source first reported sighting this indicator. | date | | threat.indicator.provider | The name of the indicator's provider. | keyword | -| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. Recommended values: \* autonomous-system \* artifact \* directory \* domain-name \* email-addr \* file \* ipv4-addr \* ipv6-addr \* mac-addr \* mutex \* port \* process \* software \* url \* user-account \* windows-registry-key \* x509-certificate | keyword | +| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. | keyword | The AbuseCH malwarebazaar data_stream retrieves threat intelligence indicators from the MalwareBazaar API endpoint `https://mb-api.abuse.ch/api/v1/`. @@ -258,5 +258,5 @@ The AbuseCH malwarebazaar data_stream retrieves threat intelligence indicators f | threat.indicator.geo.country_iso_code | Country ISO code. | keyword | | threat.indicator.last_seen | The date and time when intelligence source last reported sighting this indicator. | date | | threat.indicator.provider | The name of the indicator's provider. | keyword | -| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. Recommended values: \* autonomous-system \* artifact \* directory \* domain-name \* email-addr \* file \* ipv4-addr \* ipv6-addr \* mac-addr \* mutex \* port \* process \* software \* url \* user-account \* windows-registry-key \* x509-certificate | keyword | +| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. | keyword | | threat.software.alias | The alias(es) of the software for a set of related intrusion activity that are tracked by a common name in the security community. While not required, you can use a MITRE ATT&CK® associated software description. | keyword | diff --git a/packages/ti_abusech/manifest.yml b/packages/ti_abusech/manifest.yml index 0da091824c0..21b904a01fa 100644 --- a/packages/ti_abusech/manifest.yml +++ b/packages/ti_abusech/manifest.yml @@ -1,6 +1,6 @@ name: ti_abusech title: AbuseCH -version: "1.5.1" +version: "1.6.0" release: ga description: Ingest threat intelligence indicators from URL Haus and Malware Bazaar feeds with Elastic Agent. type: integration diff --git a/packages/ti_cybersixgill/_dev/build/build.yml b/packages/ti_cybersixgill/_dev/build/build.yml index 5661d603a89..2254d90483c 100644 --- a/packages/ti_cybersixgill/_dev/build/build.yml +++ b/packages/ti_cybersixgill/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.3.0 + reference: git@v8.4.0-rc1 diff --git a/packages/ti_cybersixgill/changelog.yml b/packages/ti_cybersixgill/changelog.yml index a91e5702145..ed1d4d672f3 100644 --- a/packages/ti_cybersixgill/changelog.yml +++ b/packages/ti_cybersixgill/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: Update package to ECS 8.4.0 + type: enhancement + link: https://github.com/elastic/integrations/pull/3871 - version: "1.6.1" changes: - description: Fix proxy URL documentation rendering. diff --git a/packages/ti_cybersixgill/data_stream/threat/_dev/test/pipeline/test-cybersixgill-ndjson.log-expected.json b/packages/ti_cybersixgill/data_stream/threat/_dev/test/pipeline/test-cybersixgill-ndjson.log-expected.json index 4026a599deb..3815733f4f8 100644 --- a/packages/ti_cybersixgill/data_stream/threat/_dev/test/pipeline/test-cybersixgill-ndjson.log-expected.json +++ b/packages/ti_cybersixgill/data_stream/threat/_dev/test/pipeline/test-cybersixgill-ndjson.log-expected.json @@ -15,7 +15,7 @@ } }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -63,7 +63,7 @@ "virustotal": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -111,7 +111,7 @@ "virustotal": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -157,7 +157,7 @@ "virustotal": {} }, "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index b5050c3cf3d..cc69f7d291a 100644 --- a/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_cybersixgill/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Initial pipeline for parsing Cybersixgill webhooks processors: - set: field: ecs.version - value: "8.3.0" + value: '8.4.0' - set: field: event.kind value: enrichment diff --git a/packages/ti_cybersixgill/docs/README.md b/packages/ti_cybersixgill/docs/README.md index e34937287b7..671acab54f4 100644 --- a/packages/ti_cybersixgill/docs/README.md +++ b/packages/ti_cybersixgill/docs/README.md @@ -71,7 +71,7 @@ The Cybersixgill Darkfeed integration collects threat intelligence from the Dark | tags | List of keywords used to tag each event. | keyword | | threat.feed.dashboard_id | Dashboard ID used for Kibana CTI UI | constant_keyword | | threat.feed.name | Display friendly feed name | constant_keyword | -| threat.indicator.confidence | Identifies the vendor-neutral confidence rating using the None/Low/Medium/High scale defined in Appendix A of the STIX 2.1 framework. Vendor-specific confidence scales may be added as custom fields. Expected values are: \* Not Specified \* None \* Low \* Medium \* High | keyword | +| threat.indicator.confidence | Identifies the vendor-neutral confidence rating using the None/Low/Medium/High scale defined in Appendix A of the STIX 2.1 framework. Vendor-specific confidence scales may be added as custom fields. | keyword | | threat.indicator.description | Describes the type of action conducted by the threat. | keyword | | threat.indicator.file.hash.md5 | MD5 hash. | keyword | | threat.indicator.file.hash.sha1 | SHA1 hash. | keyword | @@ -81,7 +81,7 @@ The Cybersixgill Darkfeed integration collects threat intelligence from the Dark | threat.indicator.last_seen | The date and time when intelligence source last reported sighting this indicator. | date | | threat.indicator.provider | The name of the indicator's provider. | keyword | | threat.indicator.reference | Reference URL linking to additional information about this indicator. | keyword | -| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. Recommended values: \* autonomous-system \* artifact \* directory \* domain-name \* email-addr \* file \* ipv4-addr \* ipv6-addr \* mac-addr \* mutex \* port \* process \* software \* url \* user-account \* windows-registry-key \* x509-certificate | keyword | +| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. | keyword | | threat.indicator.url.domain | Domain of the url, such as "www.elastic.co". In some cases a URL may refer to an IP and/or port directly, without a domain name. In this case, the IP address would go to the `domain` field. If the URL contains a literal IPv6 address enclosed by `[` and `]` (IETF RFC 2732), the `[` and `]` characters should also be captured in the `domain` field. | keyword | | threat.indicator.url.extension | The field contains the file extension from the original request url, excluding the leading dot. The file extension is only set if it exists, as not every url has a file extension. The leading period must not be included. For example, the value must be "png", not ".png". Note that when the file name has multiple extensions (example.tar.gz), only the last one should be captured ("gz", not "tar.gz"). | keyword | | threat.indicator.url.fragment | Portion of the url after the `#`, such as "top". The `#` is not part of the fragment. | keyword | diff --git a/packages/ti_cybersixgill/manifest.yml b/packages/ti_cybersixgill/manifest.yml index 6422bf61864..5fd3e24922d 100644 --- a/packages/ti_cybersixgill/manifest.yml +++ b/packages/ti_cybersixgill/manifest.yml @@ -1,6 +1,6 @@ name: ti_cybersixgill title: Cybersixgill -version: "1.6.1" +version: "1.7.0" release: ga description: Ingest threat intelligence indicators from Cybersixgill with Elastic Agent. type: integration diff --git a/packages/ti_otx/_dev/build/build.yml b/packages/ti_otx/_dev/build/build.yml index 5661d603a89..2254d90483c 100644 --- a/packages/ti_otx/_dev/build/build.yml +++ b/packages/ti_otx/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.3.0 + reference: git@v8.4.0-rc1 diff --git a/packages/ti_otx/changelog.yml b/packages/ti_otx/changelog.yml index 028bbac09d9..0ec2d73bba0 100644 --- a/packages/ti_otx/changelog.yml +++ b/packages/ti_otx/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.0" + changes: + - description: Update package to ECS 8.4.0 + type: enhancement + link: https://github.com/elastic/integrations/pull/3871 - version: "1.4.2" changes: - description: Fix proxy URL documentation rendering. diff --git a/packages/ti_otx/data_stream/threat/_dev/test/pipeline/test-otx-sample-ndjson.log-expected.json b/packages/ti_otx/data_stream/threat/_dev/test/pipeline/test-otx-sample-ndjson.log-expected.json index ec00d2226c5..09ad1e3564f 100644 --- a/packages/ti_otx/data_stream/threat/_dev/test/pipeline/test-otx-sample-ndjson.log-expected.json +++ b/packages/ti_otx/data_stream/threat/_dev/test/pipeline/test-otx-sample-ndjson.log-expected.json @@ -2,7 +2,7 @@ "expected": [ { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -23,7 +23,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -51,7 +51,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -74,7 +74,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -95,7 +95,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -120,7 +120,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -147,7 +147,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -172,7 +172,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -199,7 +199,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -220,7 +220,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -245,7 +245,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -270,7 +270,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -297,7 +297,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -322,7 +322,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -347,7 +347,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -372,7 +372,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -397,7 +397,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -422,7 +422,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -450,7 +450,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -478,7 +478,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -506,7 +506,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -534,7 +534,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -561,7 +561,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -586,7 +586,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -611,7 +611,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -638,7 +638,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -663,7 +663,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -691,7 +691,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -719,7 +719,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -744,7 +744,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -772,7 +772,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -800,7 +800,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -821,7 +821,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -846,7 +846,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -871,7 +871,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -898,7 +898,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -925,7 +925,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -950,7 +950,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -977,7 +977,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1004,7 +1004,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1029,7 +1029,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1057,7 +1057,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1085,7 +1085,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1113,7 +1113,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1141,7 +1141,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1164,7 +1164,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1185,7 +1185,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1206,7 +1206,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1233,7 +1233,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1260,7 +1260,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1287,7 +1287,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1314,7 +1314,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1341,7 +1341,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1368,7 +1368,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1395,7 +1395,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1416,7 +1416,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1437,7 +1437,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1458,7 +1458,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1479,7 +1479,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1500,7 +1500,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1525,7 +1525,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1546,7 +1546,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1567,7 +1567,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1588,7 +1588,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1611,7 +1611,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1634,7 +1634,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1657,7 +1657,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1680,7 +1680,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1703,7 +1703,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1726,7 +1726,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1749,7 +1749,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1772,7 +1772,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1795,7 +1795,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1822,7 +1822,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1849,7 +1849,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1876,7 +1876,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1903,7 +1903,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1926,7 +1926,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1947,7 +1947,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1968,7 +1968,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1996,7 +1996,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2023,7 +2023,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2050,7 +2050,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index 57659917a14..6661c5ead38 100644 --- a/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_otx/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -6,7 +6,7 @@ processors: #################### - set: field: ecs.version - value: "8.3.0" + value: '8.4.0' - set: field: event.kind value: enrichment diff --git a/packages/ti_otx/docs/README.md b/packages/ti_otx/docs/README.md index b1ecfcaf305..5283b3f5cde 100644 --- a/packages/ti_otx/docs/README.md +++ b/packages/ti_otx/docs/README.md @@ -84,7 +84,7 @@ Retrieves all the related indicators over time, related to your pulse subscripti | threat.indicator.file.type | File type (file, dir, or symlink). | keyword | | threat.indicator.ip | Identifies a threat indicator as an IP address (irrespective of direction). | ip | | threat.indicator.provider | The name of the indicator's provider. | keyword | -| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. Recommended values: \* autonomous-system \* artifact \* directory \* domain-name \* email-addr \* file \* ipv4-addr \* ipv6-addr \* mac-addr \* mutex \* port \* process \* software \* url \* user-account \* windows-registry-key \* x509-certificate | keyword | +| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. | keyword | | threat.indicator.url.domain | Domain of the url, such as "www.elastic.co". In some cases a URL may refer to an IP and/or port directly, without a domain name. In this case, the IP address would go to the `domain` field. If the URL contains a literal IPv6 address enclosed by `[` and `]` (IETF RFC 2732), the `[` and `]` characters should also be captured in the `domain` field. | keyword | | threat.indicator.url.extension | The field contains the file extension from the original request url, excluding the leading dot. The file extension is only set if it exists, as not every url has a file extension. The leading period must not be included. For example, the value must be "png", not ".png". Note that when the file name has multiple extensions (example.tar.gz), only the last one should be captured ("gz", not "tar.gz"). | keyword | | threat.indicator.url.full | If full URLs are important to your use case, they should be stored in `url.full`, whether this field is reconstructed or present in the event source. | wildcard | diff --git a/packages/ti_otx/manifest.yml b/packages/ti_otx/manifest.yml index cfeacaf0c8f..e23e34aa1e7 100644 --- a/packages/ti_otx/manifest.yml +++ b/packages/ti_otx/manifest.yml @@ -1,6 +1,6 @@ name: ti_otx title: AlienVault OTX -version: "1.4.2" +version: "1.5.0" release: ga description: Ingest threat intelligence indicators from AlienVault Open Threat Exchange (OTX) with Elastic Agent. type: integration diff --git a/packages/ti_recordedfuture/_dev/build/build.yml b/packages/ti_recordedfuture/_dev/build/build.yml index 5661d603a89..2254d90483c 100644 --- a/packages/ti_recordedfuture/_dev/build/build.yml +++ b/packages/ti_recordedfuture/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.3.0 + reference: git@v8.4.0-rc1 diff --git a/packages/ti_recordedfuture/changelog.yml b/packages/ti_recordedfuture/changelog.yml index b6f0f54cf1c..862479b7c71 100644 --- a/packages/ti_recordedfuture/changelog.yml +++ b/packages/ti_recordedfuture/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.0" + changes: + - description: Update package to ECS 8.4.0 + type: enhancement + link: https://github.com/elastic/integrations/pull/3871 - version: "1.2.1" changes: - description: Expose request timeout setting and increase it to 5m. diff --git a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-domain-default.log-expected.json b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-domain-default.log-expected.json index 987428416ab..9772f6e70d8 100644 --- a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-domain-default.log-expected.json +++ b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-domain-default.log-expected.json @@ -3,7 +3,7 @@ null, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -99,7 +99,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -203,7 +203,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -307,7 +307,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -399,7 +399,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -491,7 +491,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -583,7 +583,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -675,7 +675,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -767,7 +767,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-hash-default.log-expected.json b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-hash-default.log-expected.json index ca14392fd14..30d3cafcead 100644 --- a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-hash-default.log-expected.json +++ b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-hash-default.log-expected.json @@ -3,7 +3,7 @@ null, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -192,7 +192,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -366,7 +366,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -549,7 +549,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -911,7 +911,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1028,7 +1028,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1142,7 +1142,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1327,7 +1327,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1426,7 +1426,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-httpjson.log-expected.json b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-httpjson.log-expected.json index 509d4cb7da3..e839ba1fac3 100644 --- a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-httpjson.log-expected.json +++ b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-httpjson.log-expected.json @@ -2,7 +2,7 @@ "expected": [ { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -98,7 +98,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -202,7 +202,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -306,7 +306,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -398,7 +398,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -490,7 +490,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -582,7 +582,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -674,7 +674,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -766,7 +766,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -858,7 +858,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -950,7 +950,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1139,7 +1139,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1313,7 +1313,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1496,7 +1496,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1858,7 +1858,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -1975,7 +1975,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2089,7 +2089,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2274,7 +2274,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2373,7 +2373,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2488,7 +2488,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2607,7 +2607,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2688,7 +2688,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2793,7 +2793,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -2897,7 +2897,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3057,7 +3057,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3124,7 +3124,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3240,7 +3240,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3321,7 +3321,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3459,7 +3459,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3563,7 +3563,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3687,7 +3687,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3767,7 +3767,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3868,7 +3868,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -3941,7 +3941,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4013,7 +4013,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4096,7 +4096,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4186,7 +4186,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4258,7 +4258,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4338,7 +4338,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -4417,7 +4417,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-ip-default.log-expected.json b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-ip-default.log-expected.json index 284be8c44c3..661005c70e6 100644 --- a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-ip-default.log-expected.json +++ b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-ip-default.log-expected.json @@ -3,7 +3,7 @@ null, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -84,7 +84,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -174,7 +174,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -279,7 +279,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -383,7 +383,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -543,7 +543,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -610,7 +610,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -726,7 +726,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -807,7 +807,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-url-default.log-expected.json b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-url-default.log-expected.json index a17d84f2464..bb9dd39a911 100644 --- a/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-url-default.log-expected.json +++ b/packages/ti_recordedfuture/data_stream/threat/_dev/test/pipeline/test-url-default.log-expected.json @@ -3,7 +3,7 @@ null, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -83,7 +83,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -184,7 +184,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -257,7 +257,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -329,7 +329,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -412,7 +412,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -502,7 +502,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -574,7 +574,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -654,7 +654,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", @@ -733,7 +733,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "event": { "category": "threat", diff --git a/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml b/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml index f87e304ea26..f6100954175 100644 --- a/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml +++ b/packages/ti_recordedfuture/data_stream/threat/elasticsearch/ingest_pipeline/default.yml @@ -6,7 +6,7 @@ processors: # - set: field: ecs.version - value: "8.3.0" + value: '8.4.0' - set: field: event.dataset value: "ti_recordedfuture.threat" diff --git a/packages/ti_recordedfuture/docs/README.md b/packages/ti_recordedfuture/docs/README.md index 53c21904706..51b6f8f480e 100644 --- a/packages/ti_recordedfuture/docs/README.md +++ b/packages/ti_recordedfuture/docs/README.md @@ -189,7 +189,7 @@ An example event for `threat` looks as following: | threat.indicator.as.number | Unique number allocated to the autonomous system. The autonomous system number (ASN) uniquely identifies each network on the Internet. | long | | threat.indicator.as.organization.name | Organization name. | keyword | | threat.indicator.as.organization.name.text | Multi-field of `threat.indicator.as.organization.name`. | match_only_text | -| threat.indicator.confidence | Identifies the vendor-neutral confidence rating using the None/Low/Medium/High scale defined in Appendix A of the STIX 2.1 framework. Vendor-specific confidence scales may be added as custom fields. Expected values are: \* Not Specified \* None \* Low \* Medium \* High | keyword | +| threat.indicator.confidence | Identifies the vendor-neutral confidence rating using the None/Low/Medium/High scale defined in Appendix A of the STIX 2.1 framework. Vendor-specific confidence scales may be added as custom fields. | keyword | | threat.indicator.email.address | Identifies a threat indicator as an email address (irrespective of direction). | keyword | | threat.indicator.file.hash.md5 | MD5 hash. | keyword | | threat.indicator.file.hash.sha1 | SHA1 hash. | keyword | @@ -201,9 +201,9 @@ An example event for `threat` looks as following: | threat.indicator.geo.location.lon | Longitude and latitude. | geo_point | | threat.indicator.ip | Identifies a threat indicator as an IP address (irrespective of direction). | ip | | threat.indicator.last_seen | The date and time when intelligence source last reported sighting this indicator. | date | -| threat.indicator.marking.tlp | Traffic Light Protocol sharing markings. Recommended values are: \* WHITE \* GREEN \* AMBER \* RED | keyword | +| threat.indicator.marking.tlp | Traffic Light Protocol sharing markings. | keyword | | threat.indicator.provider | The name of the indicator's provider. | keyword | -| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. Recommended values: \* autonomous-system \* artifact \* directory \* domain-name \* email-addr \* file \* ipv4-addr \* ipv6-addr \* mac-addr \* mutex \* port \* process \* software \* url \* user-account \* windows-registry-key \* x509-certificate | keyword | +| threat.indicator.type | Type of indicator as represented by Cyber Observable in STIX 2.0. | keyword | | threat.indicator.url.domain | Domain of the url, such as "www.elastic.co". In some cases a URL may refer to an IP and/or port directly, without a domain name. In this case, the IP address would go to the `domain` field. If the URL contains a literal IPv6 address enclosed by `[` and `]` (IETF RFC 2732), the `[` and `]` characters should also be captured in the `domain` field. | keyword | | threat.indicator.url.extension | The field contains the file extension from the original request url, excluding the leading dot. The file extension is only set if it exists, as not every url has a file extension. The leading period must not be included. For example, the value must be "png", not ".png". Note that when the file name has multiple extensions (example.tar.gz), only the last one should be captured ("gz", not "tar.gz"). | keyword | | threat.indicator.url.full | If full URLs are important to your use case, they should be stored in `url.full`, whether this field is reconstructed or present in the event source. | wildcard | diff --git a/packages/ti_recordedfuture/manifest.yml b/packages/ti_recordedfuture/manifest.yml index 89b427900de..252988eeff9 100644 --- a/packages/ti_recordedfuture/manifest.yml +++ b/packages/ti_recordedfuture/manifest.yml @@ -1,6 +1,6 @@ name: ti_recordedfuture title: Recorded Future -version: 1.2.1 +version: 1.3.0 release: ga description: Ingest threat intelligence indicators from Recorded Future risk lists with Elastic Agent. type: integration diff --git a/packages/tomcat/_dev/build/build.yml b/packages/tomcat/_dev/build/build.yml index 5661d603a89..2254d90483c 100644 --- a/packages/tomcat/_dev/build/build.yml +++ b/packages/tomcat/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.3.0 + reference: git@v8.4.0-rc1 diff --git a/packages/tomcat/changelog.yml b/packages/tomcat/changelog.yml index db91ad1fc5c..fe0c789e80e 100644 --- a/packages/tomcat/changelog.yml +++ b/packages/tomcat/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: Update package to ECS 8.4.0 + type: enhancement + link: https://github.com/elastic/integrations/pull/3871 - version: "1.5.0" changes: - description: Update package to ECS 8.3.0. diff --git a/packages/tomcat/data_stream/log/_dev/test/pipeline/test-generated.log-expected.json b/packages/tomcat/data_stream/log/_dev/test/pipeline/test-generated.log-expected.json index 21fa94a4c54..b317fd1c518 100644 --- a/packages/tomcat/data_stream/log/_dev/test/pipeline/test-generated.log-expected.json +++ b/packages/tomcat/data_stream/log/_dev/test/pipeline/test-generated.log-expected.json @@ -2,7 +2,7 @@ "expected": [ { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-1516-asdf: 10.251.224.219||eacommod||rci||[29/Jan/2016:6:09:59 OMST]||exercita||https://example.com/illumqui/ventore.html?min=ite#utl||vol||amremap||oremi||ntsunti||5293||https://mail.example.net/turadipi/aeca.htm?ntium=psaq#cer||Mozilla/5.0 (Linux; Android 9; G8142) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||aliqu", "tags": [ @@ -11,7 +11,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-259-CFYZ: 10.196.153.12||sequa||abo||[12/Feb/2016:1:12:33 PST]||umqui||https://www5.example.net/mdolo/mqui.htm?sumdo=litesse#orev||pisciv||uii||umexe||estlabo||5222||https://mail.example.com/uat/eporr.jpg?byCicer=luptat#agn||Opera/9.80 (Series 60; Opera Mini/7.1.32444/174.101; U; ru) Presto/2.12.423 Version/12.16||nulapari", "tags": [ @@ -20,7 +20,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "February 26 20:15:08 ctetur5806.api.home %APACHETOMCAT- COOK: 10.156.194.38||gnaali||enatus||[26/Feb/2016:8:15:08 PT]||incid||https://internal.example.com/tetur/idolor.html?ntex=eius#luptat||emape||aer||lupt||tia||7019||https://www.example.com/quis/orisn.txt?anti=ofdeF#metcons||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||nul", "tags": [ @@ -29,7 +29,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-1060-INDEX: 10.196.118.192||tinculp||tur||[12/Mar/2016:3:17:42 CT]||equat||https://www5.example.org/nci/ofdeFin.gif?amco=exe#iatu||ionofde||con||uia||quiavo||1156||https://mail.example.com/consec/taliquip.html?radip=tNequ#gelit||Mozilla/5.0 (Linux; Android 9; 5024D_RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36 YaApp_Android/10.61 YaSearchBrowser/10.61||tconsec", "tags": [ @@ -38,7 +38,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4141-BADMTHD: 10.246.209.145||oluptas||llu||[26/Mar/2016:10:20:16 GMT+02:00]||ommod||https://internal.example.com/aqui/radipis.jpg?llumd=enatuse#magn||equuntu||eos||enimad||rmagni||1998||https://internal.example.net/onev/tenima.jpg?seq=olorema#ccaecat||Mozilla/5.0 (Linux; Android 8.0.0; VS996) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||fug", "tags": [ @@ -47,7 +47,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-2964-BADMETHOD: 10.114.191.225||uian||tempo||[09/Apr/2016:5:22:51 PST]||exercit||https://internal.example.com/omnis/antium.txt?lupta=iusmodt#doloreeu||pori||occ||ect||reetdolo||2770||https://www5.example.org/uiano/mrema.htm?anim=autfugi#inBCSedu||Mozilla/5.0 (Linux; Android 6.0; QMobile X700 PRO II) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36||tanimi", "tags": [ @@ -56,7 +56,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "April 24 00:25:25 erep2696.www.home %APACHETOMCAT- INDEX: 10.38.77.13||aquaeab||liqu||[24/Apr/2016:12:25:25 PT]||ehend||https://www5.example.net/uidolore/niamqu.gif?iat=tevelit#nsequat||loremagn||ipis||gelits||tatevel||3856||https://api.example.com/uovol/dmi.txt?quunt=ptat#ore||Mozilla/5.0 (Linux; Android 4.1.2; Micromax P410i Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36||tsed", "tags": [ @@ -65,7 +65,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "May 8 07:27:59 mUt2398.invalid %APACHETOMCAT- DEBUG: 10.11.201.109||boree||ugits||[08/May/2016:7:27:59 CEST]||iinea||https://www.example.org/idexea/riat.txt?tvol=moll#tatione||inB||deomni||tquovol||ntsuntin||3341||https://mail.example.org/imav/ididu.htm?tion=orsitame#quiratio||Mozilla/5.0 (Linux; Android 6.0; Lenovo A2016a40 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.106 Mobile Safari/537.36 YaApp_Android/10.30 YaSearchBrowser/10.30||iam", "tags": [ @@ -74,7 +74,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-3097-BADMTHD: 10.182.166.181||apariat||mol||[22/May/2016:2:30:33 CT]||olupta||https://api.example.org/toccae/tatno.gif?taliqu=temUten#ccusan||iqu||ollit||usan||aper||5529||https://example.org/uaera/sitas.txt?aedic=atquovo#iumto||Mozilla/5.0 (Linux; Android 4.1.2; Micromax P410i Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36||mquaera", "tags": [ @@ -83,7 +83,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6283-null: 10.185.126.247||vel||quu||[05/Jun/2016:9:33:08 OMST]||avol||https://mail.example.net/atuse/ddoeiu.gif?idolore=onse#liq||metcon||smo||litessec||emporinc||5075||https://internal.example.com/atcu/oremagna.jpg?remipsum=liq#ist||Opera/9.80 (Series 60; Opera Mini/7.1.32444/174.101; U; ru) Presto/2.12.423 Version/12.16||caecatc", "tags": [ @@ -92,7 +92,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "June 20 04:35:42 siuta2896.www.localhost %APACHETOMCAT- SEARCH: 10.72.114.23||enia||nsequu||[20/Jun/2016:4:35:42 PST]||rsint||https://example.com/idestla/Nemoeni.htm?taed=lup#remeumf||antiumto||strude||ctetura||usmod||1640||https://mail.example.net/lor/fugit.jpg?rsitamet=lupt#xea||Mozilla/5.0 (Linux; Android 6.0; ZTE BLADE V7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||orain", "tags": [ @@ -101,7 +101,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "July 4 11:38:16 oin6316.www5.host %APACHETOMCAT- TRACE: 10.129.241.147||lores||lapariat||[04/Jul/2016:11:38:16 PST]||etc||https://example.net/nimadmin/ditautfu.html?lpa=entsu#dun||onproide||luptat||itaut||imaven||152||https://internal.example.net/onproide/Nemoen.gif?pitla=ccu#urE||Mozilla/5.0 (Linux; Android 10; ASUS_X01BDA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile Safari/537.36||inculpaq", "tags": [ @@ -110,7 +110,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "July 18 18:40:50 tionemu7691.www.local %APACHETOMCAT- BDMTHD: 10.185.101.76||errorsi||des||[18/Jul/2016:6:40:50 GMT+02:00]||stl||https://www5.example.com/ono/stru.jpg?emaperi=tame#tinvol||tectobe||colabor||iusmodt||etdolo||3768||https://internal.example.net/ommod/sequatur.txt?tlabo=suntexp#ugiatnu||Mozilla/5.0 (Linux; Android 5.1.1; Android Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36 YaApp_Android/9.80 YaSearchBrowser/9.80||itecto", "tags": [ @@ -119,7 +119,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-3217-GET: 10.57.170.140||nsec||onse||[02/Aug/2016:1:43:25 OMST]||inibusBo||https://example.net/tion/eataev.htm?uiineavo=tisetq#irati||ici||giatquov||eritquii||dexeac||3088||https://www.example.org/oreseos/uames.txt?msequi=isnostru#iquaUten||Mozilla/5.0 (Linux; Android 6.0; QMobile X700 PRO II) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36||iadese", "tags": [ @@ -128,7 +128,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-1109-PUT: 10.33.153.47||hil||atquovo||[16/Aug/2016:8:45:59 GMT+02:00]||iineavo||https://internal.example.com/isno/taliq.htm?nnu=dolo#Loremip||idolor||emeumfu||CSed||lupt||6136||https://internal.example.net/quip/mporain.txt?uatD=iunt#temveleu||Mozilla/5.0 (Linux; Android 10; STK-L21 Build/HUAWEISTK-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36 YaApp_Android/10.91 YaSearchBrowser/10.91||tio", "tags": [ @@ -137,7 +137,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "August 30 15:48:33 conse2991.internal.lan %APACHETOMCAT- FGET: 10.116.104.101||gnam||tat||[30/Aug/2016:3:48:33 CET]||lumqui||https://internal.example.net/mdolore/rQuisau.gif?iavolu=den#tutla||olorema||iades||siarchi||datatn||5076||https://internal.example.net/mipsumd/eFinib.jpg?remi=saute#ercit||Mozilla/5.0 (Linux; Android 9; Notepad_K10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Safari/537.36||remagn", "tags": [ @@ -146,7 +146,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-3361-null: 10.202.194.67||samvolu||ittenbyC||[13/Sep/2016:10:51:07 ET]||eirure||https://internal.example.com/oidentsu/atiset.jpg?ntor=lpaqui#sitame||iadese||nsectet||utla||utei||2716||https://example.com/tlabori/oin.jpg?quisnos=ite#ationul||Mozilla/5.0 (Linux; Android 9; ZTE Blade V1000RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36 YaApp_Android/10.91 YaSearchBrowser/10.91||eritqu", "tags": [ @@ -155,7 +155,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "September 28 05:53:42 wri2784.api.domain %APACHETOMCAT- PUT: 10.153.111.103||itquiin||modocon||[28/Sep/2016:5:53:42 PST]||taevit||https://www5.example.com/etconse/tincu.txt?lit=asun#estia||eaq||occae||ctetura||labore||4621||https://www.example.com/adeseru/emoe.html?atur=itanimi#itame||Mozilla/5.0 (Linux; U; Android 4.0.3; es-us; GT-P3100 Build/IML74K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30||rehender", "tags": [ @@ -164,7 +164,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-1637-DETECT_METHOD_TYPE: 10.52.186.29||equat||doloreme||[12/Oct/2016:12:56:16 GMT+02:00]||ione||https://www5.example.org/eriamea/amre.htm?magni=pisciv#iquidex||radipisc||tmo||fficiade||uscipit||4168||https://internal.example.net/oru/temqu.htm?etMalor=ipi#reseos||Mozilla/5.0 (Linux; Android 8.0.0; VS996) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||mcolab", "tags": [ @@ -173,7 +173,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "October 26 19:58:50 oquisqu2937.mail.domain %APACHETOMCAT- BDMTHD: 10.209.182.237||tper||olor||[26/Oct/2016:7:58:50 GMT-07:00]||osqui||https://www.example.org/iutali/fdeFi.jpg?liquide=etdol#uela||boN||eprehend||aevit||aboN||3423||https://example.net/tlabo/uames.gif?mpo=offi#giatnu||Mozilla/5.0 (iPhone; CPU iPhone OS 13_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 LightSpeed [FBAN/MessengerLiteForiOS;FBAV/266.0.0.32.114;FBBV/216059178;FBDV/iPhone10,6;FBMD/iPhone;FBSN/iOS;FBSV/13.4.1;FBSS/3;FBCR/;FBID/phone;FBLC/en_US;FBOP/0]||lor", "tags": [ @@ -182,7 +182,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "November 10 03:01:24 dolore1287.internal.lan %APACHETOMCAT- CFYZ: 10.63.194.87||quisno||sin||[10/Nov/2016:3:01:24 CT]||aliquam||https://mail.example.net/itatione/isnis.html?oluptate=issus#osamn||isnisiu||bore||tsu||tcons||3128||https://api.example.org/lorinre/olorsita.gif?idata=rumwritt#magnid||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||dol", "tags": [ @@ -191,7 +191,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4307-TRACE: 10.62.191.18||tevelite||orporiss||[24/Nov/2016:10:03:59 OMST]||tlabo||https://www.example.org/emvel/tmollita.htm?numqua=veni#eveli||eroi||dtemp||aliquide||ofde||4940||https://www5.example.org/maven/hende.jpg?labor=didunt#uptatema||Mozilla/5.0 (Linux; Android 10; STK-L21 Build/HUAWEISTK-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36 YaApp_Android/10.91 YaSearchBrowser/10.91||udan", "tags": [ @@ -200,7 +200,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6040-CFYZ: 10.238.164.29||aturQui||utlabor||[08/Dec/2016:5:06:33 ET]||temvel||https://example.net/nisi/dant.txt?ecte=tinvolu#iurer||iciadese||quidolor||tessec||olupta||2660||https://example.org/idolor/uisau.jpg?llumdolo=nre#ercitat||Mozilla/5.0 (Linux; Android 7.0; MEIZU M6 Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Mobile Safari/537.36 YaApp_Android/10.30 YaSearchBrowser/10.30||uiinea", "tags": [ @@ -209,7 +209,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-1612-SEARCH: 10.155.230.17||eni||ionevo||[23/Dec/2016:12:09:07 CT]||Ute||https://internal.example.com/sintocc/tlabor.txt?tDuisaut=oinBC#quameius||ipsumdol||tet||etdo||urerepr||4674||https://example.com/tetu/stru.htm?tlabore=Exc#pora||Mozilla/5.0 (Linux; Android 9; POCOPHONE F1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||uteirure", "tags": [ @@ -218,7 +218,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "January 6 07:11:41 ide2767.www5.local %APACHETOMCAT- RNDMMTD: 10.102.229.102||nnum||tenbyCi||[06/Jan/2017:7:11:41 PST]||tco||https://example.net/officiad/itam.html?madmi=tur#roi||niamqui||orem||sno||atno||5263||https://mail.example.net/ntocca/ostru.txt?quiavol=rrorsi#temquiav||Mozilla/5.0 (Linux; Android 9; G8142) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||sec", "tags": [ @@ -227,7 +227,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "January 20 14:14:16 sBon1759.invalid %APACHETOMCAT- HEAD: 10.194.14.7||ten||vita||[20/Jan/2017:2:14:16 OMST]||ullamcor||https://mail.example.org/tor/qui.txt?eavolup=fugiatn#docon||etconsec||ios||evolu||ersp||3536||https://www5.example.org/sauteiru/mod.gif?tes=mquame#nihilmol||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||orain", "tags": [ @@ -236,7 +236,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6113-get: 10.99.0.226||madmi||uidol||[03/Feb/2017:9:16:50 ET]||quameius||https://api.example.net/roid/inibusB.jpg?Nemoenim=squirati#Sedutp||utp||ema||rsitv||iciade||5649||https://example.com/lup/tatemUt.html?upida=tvolupt#eufugi||Mozilla/5.0 (Linux; Android 9; Pixel 3 Build/PD1A.180720.030) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.158 Mobile Safari/537.36||uredol", "tags": [ @@ -245,7 +245,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6945-DETECT_METHOD_TYPE: 10.107.174.213||tenimad||minimav||[18/Feb/2017:4:19:24 OMST]||taedicta||https://www.example.net/str/idolore.txt?eetdolo=cteturad#untut||uamni||ctet||ati||uine||2438||https://api.example.org/loreme/untu.htm?ven=con#nisist||Mozilla/5.0 (Linux; Android 6.0; QMobile X700 PRO II) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36||ium", "tags": [ @@ -254,7 +254,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "March 4 11:21:59 idunt4707.host %APACHETOMCAT- ABCD: 10.84.25.23||laudant||isnost||[04/Mar/2017:11:21:59 CET]||rQuisau||https://mail.example.org/iscinge/ofdeFini.jpg?molli=velitse#oditem||gitsedqu||borios||rsitvolu||quam||5315||https://www.example.org/ineavo/pexe.htm?iadolor=amcol#adeser||Mozilla/5.0 (Linux; Android 6.0; Lenovo A2016a40 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.106 Mobile Safari/537.36 YaApp_Android/10.30 YaSearchBrowser/10.30||gitsed", "tags": [ @@ -263,7 +263,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4367-uGET: 10.193.143.108||idolo||luptate||[18/Mar/2017:6:24:33 PT]||atisun||https://www.example.org/epre/tobeata.html?quia=iduntu#idestlab||rnatur||ofdeFin||essequam||acommo||3105||https://api.example.com/cusant/atemq.gif?itecto=reetdol#totamre||Mozilla/5.0 (Linux; Android 9; ZTE Blade V1000RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36 YaApp_Android/10.91 YaSearchBrowser/10.91||ercita", "tags": [ @@ -272,7 +272,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "April 2 01:27:07 emquia1497.www5.lan %APACHETOMCAT- INDEX: 10.190.51.22||uamei||siut||[02/Apr/2017:1:27:07 CT]||uisa||https://example.com/mexe/its.htm?ice=oles#edic||seq||tutlab||sau||atevelit||2450||https://example.org/aperia/ccaeca.gif?ttenby=boris#stenatu||Mozilla/5.0 (Linux; Android 9; Notepad_K10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Safari/537.36||orumSe", "tags": [ @@ -281,7 +281,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "April 16 08:29:41 riat3854.www5.home %APACHETOMCAT- BADMETHOD: 10.194.90.130||siut||tconsect||[16/Apr/2017:8:29:41 PT]||piscinge||https://www.example.com/velitess/naali.htm?nre=veli#volupta||rnatu||elitse||ima||quasia||2382||https://www5.example.com/quamqua/eacommod.html?iumdol=tpersp#stla||mobmail android 2.1.3.3150||sequamni", "tags": [ @@ -290,7 +290,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6198-BDMTHD: 10.10.213.83||nea||psum||[30/Apr/2017:3:32:16 OMST]||ncididun||https://www.example.org/xeacomm/cinge.txt?apariat=vitaedi#lorsita||dolore||uptate||quidexea||ect||23||https://internal.example.com/ate/odoconse.jpg?quatu=veli#tenim||Mozilla/5.0 (iPhone; CPU iPhone OS 13_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 LightSpeed [FBAN/MessengerLiteForiOS;FBAV/266.0.0.32.114;FBBV/216059178;FBDV/iPhone10,6;FBMD/iPhone;FBSN/iOS;FBSV/13.4.1;FBSS/3;FBCR/;FBID/phone;FBLC/en_US;FBOP/0]||labo", "tags": [ @@ -299,7 +299,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "May 14 22:34:50 aboreetd5461.host %APACHETOMCAT- uGET: 10.52.125.9||hit||urv||[14/May/2017:10:34:50 ET]||nimid||https://api.example.org/texpli/exeacom.jpg?rita=esseci#tametcon||liqua||mvele||isis||uasiar||2552||https://mail.example.net/loremqu/dantium.htm?teirured=onemulla#dolorem||Mozilla/5.0 (iPhone; CPU iPhone OS 13_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 LightSpeed [FBAN/MessengerLiteForiOS;FBAV/266.0.0.32.114;FBBV/216059178;FBDV/iPhone10,6;FBMD/iPhone;FBSN/iOS;FBSV/13.4.1;FBSS/3;FBCR/;FBID/phone;FBLC/en_US;FBOP/0]||rauto", "tags": [ @@ -308,7 +308,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-5770-RNDMMTD: 10.19.17.202||nby||mve||[29/May/2017:5:37:24 PT]||isau||https://api.example.net/ibusBon/ven.gif?nsequat=doloreme#dun||reprehe||tincu||suntin||itse||814||https://www5.example.org/intocc/amcorp.html?ssecillu=liqua#olo||Mozilla/5.0 (Linux; Android 9; G8142) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||aec", "tags": [ @@ -317,7 +317,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "June 12 12:39:58 iquidexe304.mail.test %APACHETOMCAT- RNDMMTD: 10.195.64.5||oreetd||uat||[12/Jun/2017:12:39:58 PT]||moenimi||https://mail.example.org/oconsequ/edquiac.gif?preh=ercit#etMal||qua||rsita||ate||ipsamvo||344||https://api.example.com/tdol/upt.htm?asper=idunt#luptat||Mozilla/5.0 (Linux; Android 9; POCOPHONE F1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||ica", "tags": [ @@ -326,7 +326,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "June 26 19:42:33 remips4828.www5.host %APACHETOMCAT- POST: 10.209.77.194||tvolup||itesseq||[26/Jun/2017:7:42:33 OMST]||snost||https://internal.example.com/llamc/nte.htm?utali=porinc#tetur||xce||dat||aincidu||nimadmin||4843||https://mail.example.com/eumfugi/etdolor.htm?dic=cola#amcor||Mozilla/5.0 (Linux; Android 10; ASUS_X01BDA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile Safari/537.36||elites", "tags": [ @@ -335,7 +335,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-1952-MKCOL: 10.168.6.90||rem||amvolupt||[11/Jul/2017:2:45:07 GMT+02:00]||atisund||https://example.net/ites/isetq.gif?nisiut=tur#avolupt||ariatur||rer||iconseq||porincid||6941||https://mail.example.org/nofd/dipisci.txt?ilmol=eri#quunt||Mozilla/5.0 (Linux; Android 5.1.1; Android Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36 YaApp_Android/9.80 YaSearchBrowser/9.80||tae", "tags": [ @@ -344,7 +344,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-7717-rndmmtd: 10.89.137.238||plica||ore||[25/Jul/2017:9:47:41 OMST]||emqu||https://mail.example.com/acommod/itsedd.html?admin=stenatu#inibu||est||uptatemU||leumiu||tla||4765||https://api.example.org/isa/niamqui.jpg?dqu=pid#rExc||Mozilla/5.0 (Linux; Android 9; 5024D_RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36 YaApp_Android/10.61 YaSearchBrowser/10.61||erun", "tags": [ @@ -353,7 +353,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4574-OPTIONS: 10.246.61.213||ntutlabo||iusmodte||[08/Aug/2017:4:50:15 CT]||loi||https://example.org/Nequepor/eirure.htm?idid=tesse#sequat||giatquov||tconsec||miurerep||toccaec||7645||https://www5.example.net/psaqua/ullamcor.txt?qui=cupi#tame||Mozilla/5.0 (Linux; Android 10; ASUS_X01BDA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile Safari/537.36||orroq", "tags": [ @@ -362,7 +362,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "August 22 23:52:50 orin5238.host %APACHETOMCAT- MKCOL: 10.117.44.138||orem||rcit||[22/Aug/2017:11:52:50 PST]||enderit||https://www.example.org/tanimi/rumSecti.jpg?emporain=ntiumto#umetMalo||oluptas||emvele||isnost||olorem||2760||https://www5.example.net/quunt/acommod.jpg?sit=rumSect#ita||Mozilla/5.0 (Linux; Android 10; ASUS_X01BDA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile Safari/537.36||aliq", "tags": [ @@ -371,7 +371,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4801-PRONECT: 10.69.30.196||tore||elits||[06/Sep/2017:6:55:24 OMST]||ruredo||https://example.net/temUt/ptassita.gif?uamnihi=risnis#uov||itlab||urmag||omm||equ||4808||https://www.example.net/siuta/urmagn.html?uptat=idex#ptateve||Opera/9.80 (Series 60; Opera Mini/7.1.32444/174.101; U; ru) Presto/2.12.423 Version/12.16||nimveni", "tags": [ @@ -380,7 +380,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-7668-BADMTHD: 10.135.91.88||ercit||eporroq||[20/Sep/2017:1:57:58 CT]||ugiatn||https://api.example.com/dictasun/abore.txt?modocon=ipsu#ntNeq||tate||urExce||asi||ectiono||2241||https://example.org/onu/liquaUte.txt?velillu=ria#atDu||Mozilla/5.0 (Linux; Android 9; U307AS) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||emq", "tags": [ @@ -389,7 +389,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "October 4 21:00:32 agnaaliq1829.mail.test %APACHETOMCAT- ABCD: 10.81.45.174||tin||fugitse||[04/Oct/2017:9:00:32 CEST]||liquide||https://example.net/Sedutpe/prehen.html?rcit=aecatcup#olabor||estl||erun||iruredol||incidid||7699||https://api.example.org/edquian/loremeu.gif?volupta=dmi#untexpl||Mozilla/5.0 (Linux; Android 9; G8142) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||mipsamvo", "tags": [ @@ -398,7 +398,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-3517-rndmmtd: 10.87.179.233||mnisiut||avolu||[19/Oct/2017:4:03:07 PST]||eum||https://www.example.org/umetMal/asper.htm?metcons=itasper#uae||mve||uia||iciad||lorem||6137||https://www.example.org/redol/gnaa.htm?aliquamq=dtempori#toditaut||Mozilla/5.0 (Linux; Android 7.0; SM-S337TL) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||dexerc", "tags": [ @@ -407,7 +407,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-2669-COOK: 10.198.57.130||hitec||henderit||[02/Nov/2017:11:05:41 OMST]||perspici||https://api.example.net/mquisn/queips.gif?emUte=molestia#quir||eavolup||emip||ver||erc||294||https://example.com/iuntNequ/esseq.txt?remq=veniamq#occ||Mozilla/5.0 (Linux; Android 6.0; U20 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.147 Mobile Safari/537.36 YaApp_Android/10.90 YaSearchBrowser/10.90||emo", "tags": [ @@ -416,7 +416,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-494-GET: 10.218.0.197||dolor||econs||[16/Nov/2017:6:08:15 ET]||eritin||https://www.example.net/yCic/nder.jpg?itanim=nesciun#saqu||iscive||quasiar||aeab||teur||609||https://www.example.org/mol/tur.jpg?usmodi=ree#saquaea||Mozilla/5.0 (Linux; Android 9; POCOPHONE F1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||eetd", "tags": [ @@ -425,7 +425,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "December 1 01:10:49 iatqu7310.api.home %APACHETOMCAT- get: 10.123.199.198||irured||illumqui||[01/Dec/2017:1:10:49 PST]||tionula||https://mail.example.com/ecatcupi/uamei.html?nreprehe=onse#olorem||turvel||eratv||ipsa||asuntexp||1390||https://example.com/oremquel/lmole.jpg?boNem=iumt#tsed||Mozilla/5.0 (Linux; Android 10; ASUS_X01BDA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile Safari/537.36||mpo", "tags": [ @@ -434,7 +434,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "December 15 08:13:24 uamnihil6127.api.domain %APACHETOMCAT- POST: 10.29.119.245||tatnon||leumiur||[15/Dec/2017:8:13:24 ET]||ore||https://internal.example.net/ection/roquisqu.html?ceroinB=nim#utaliqu||rsi||taliqui||mides||ciun||39||https://example.org/iatqu/inBCSedu.gif?urExcep=ema#suntex||Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 YaBrowser/20.3.0.2221 Yowser/2.5 Safari/537.36||anim", "tags": [ @@ -443,7 +443,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "December 29 15:15:58 uov1629.internal.invalid %APACHETOMCAT- DETECT_METHOD_TYPE: 10.130.175.17||quide||quaU||[29/Dec/2017:3:15:58 PT]||inimav||https://mail.example.net/iutali/itat.txt?Finibus=radi#xeacom||des||atnulapa||billo||rroqu||2170||https://www.example.org/taedi/tquido.html?etconsec=elillum#upt||Mozilla/5.0 (Linux; Android 9; U307AS) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||onsectet", "tags": [ @@ -452,7 +452,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-5752-PROPFIND: 10.166.90.130||mdolore||eosquira||[12/Jan/2018:10:18:32 CET]||lloinven||https://mail.example.net/lmolesti/apariatu.htm?moe=msequ#uat||lupta||npr||etconsec||caboNem||1043||https://internal.example.org/litesseq/atcupida.html?tob=dolores#equamnih||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||deF", "tags": [ @@ -461,7 +461,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "January 27 05:21:06 orumw5960.www5.home %APACHETOMCAT- GET: 10.248.111.207||dolor||tiumto||[27/Jan/2018:5:21:06 GMT-07:00]||quiavol||https://api.example.org/ratv/alorum.jpg?tali=BCS#qui||ugiatquo||incidid||quin||autemv||6174||https://internal.example.org/mipsumqu/tatio.jpg?admi=onnu#olorema||Mozilla/5.0 (Linux; Android 9; G8142) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||atatnon", "tags": [ @@ -470,7 +470,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-2940-asdf: 10.185.37.32||ame||tesseq||[10/Feb/2018:12:23:41 GMT+02:00]||tem||https://internal.example.net/gitse/ugitse.jpg?tvolup=tdolore#ventore||red||sinto||tatev||luptas||3286||https://api.example.net/aev/inrepr.gif?iadese=nisiu#imad||Mozilla/5.0 (Linux; Android 9; ZTE Blade V1000RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36 YaApp_Android/10.91 YaSearchBrowser/10.91||ptatem", "tags": [ @@ -479,7 +479,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4927-SEARCH: 10.5.194.202||onproide||ntmo||[24/Feb/2018:7:26:15 CET]||riosa||https://example.org/pisc/urEx.html?rautod=olest#eataev||atcupi||atem||qui||otamr||7278||https://internal.example.com/meaque/uid.htm?tion=tobeatae#maccusa||Mozilla/5.0 (Linux; Android 10; LM-V350) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||iqua", "tags": [ @@ -488,7 +488,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "March 11 02:28:49 deriti6952.mail.domain %APACHETOMCAT- PRONECT: 10.183.34.1||boree||isn||[11/Mar/2018:2:28:49 CEST]||der||https://www5.example.com/aconse/prehe.gif?diduntu=eiusmod#itation||veleum||piciatis||nes||lmolesti||1559||https://www.example.org/emaperia/Section.txt?iame=orroquis#aquio||Mozilla/5.0 (Linux; U; Android 4.0.3; es-us; GT-P3100 Build/IML74K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30||ntmoll", "tags": [ @@ -497,7 +497,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4472-CFYZ: 10.101.163.40||abor||nBCSe||[25/Mar/2018:9:31:24 CEST]||remips||https://mail.example.net/reetdolo/rationev.html?reetdol=uelauda#ema||odi||ptatems||runtmo||ore||3512||https://internal.example.com/undeom/emullamc.jpg?quaer=eetdo#tlab||Mozilla/5.0 (Linux; Android 4.1.2; Micromax P410i Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36||liq", "tags": [ @@ -506,7 +506,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "April 8 16:33:58 nse3421.mail.localhost %APACHETOMCAT- uGET: 10.216.188.152||oremi||ugitsedq||[08/Apr/2018:4:33:58 ET]||atDuis||https://www5.example.com/mUteni/quira.htm?ore=tation#loinve||tatevel||iumdolo||untu||ict||2699||https://internal.example.com/riosamni/icta.gif?umetMa=imadmin#iqui||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||Nequepo", "tags": [ @@ -515,7 +515,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-1033-nGET: 10.94.140.77||veniam||isnisiu||[22/Apr/2018:11:36:32 OMST]||dol||https://www5.example.org/setquas/minim.gif?tutlabor=reseosq#gna||isiutali||lumqu||onulamco||ons||5050||https://mail.example.net/unt/tass.html?tla=mquiad#CSe||Opera/9.80 (Series 60; Opera Mini/7.1.32444/174.101; U; ru) Presto/2.12.423 Version/12.16||psa", "tags": [ @@ -524,7 +524,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4133-PUT: 10.223.205.204||lor||ccaec||[07/May/2018:6:39:06 PST]||ommo||https://www.example.com/laudanti/umiurer.txt?rsitvolu=mnisi#usmo||iamea||imaveni||uiacon||iam||7526||https://mail.example.org/oin/itseddoe.html?citati=uamei#eursinto||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||tutla", "tags": [ @@ -533,7 +533,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "May 21 13:41:41 tautfug689.localdomain %APACHETOMCAT- PUT: 10.85.137.156||atiset||serror||[21/May/2018:1:41:41 CEST]||isiut||https://mail.example.org/ici/nisiuta.jpg?itae=dtempo#atnula||ditautf||itametc||ori||uamqu||2804||https://example.com/quiac/sunt.gif?etdol=dolorsi#nturmag||Mozilla/5.0 (Linux; Android 9; LG-US998) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||Except", "tags": [ @@ -542,7 +542,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "June 4 20:44:15 totam6886.api.localhost %APACHETOMCAT- QUALYS: 10.12.54.142||trudex||liquam||[04/Jun/2018:8:44:15 PST]||lor||https://mail.example.com/eseruntm/lpaquiof.html?magnaal=uscip#umS||iciadese||riatur||oeni||dol||3000||https://www5.example.net/teturadi/ditau.gif?piscivel=hend#eacommo||Mozilla/5.0 (Linux; Android 9; LG-US998) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||aer", "tags": [ @@ -551,7 +551,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-3864-RNDMMTD: 10.158.6.52||dolorem||sed||[19/Jun/2018:3:46:49 OMST]||Nemoenim||https://example.net/labori/porai.gif?utali=sed#xeac||umdolors||lumdo||acom||eFini||4262||https://internal.example.org/uovol/prehend.html?eque=eufug#est||Mozilla/5.0 (Linux; U; Android 7.1.2; uz-uz; Redmi 4X Build/N2G47H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.141 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.2.3-g||ntincul", "tags": [ @@ -560,7 +560,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "July 3 10:49:23 tquo854.api.domain %APACHETOMCAT- MKCOL: 10.195.160.182||ine||urerepre||[03/Jul/2018:10:49:23 CT]||itessequ||https://www5.example.org/orissu/fic.gif?ese=mmodoco#amni||atnul||umfugi||stquidol||Nemoenim||1325||https://example.com/tasnul/tuserr.jpg?amvo=tnul#expl||Mozilla/5.0 (Linux; Android 6.0; ZTE BLADE V7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||isau", "tags": [ @@ -569,7 +569,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6084-CONNECT: 10.20.68.117||rQuisaut||quas||[17/Jul/2018:5:51:58 ET]||metco||https://mail.example.com/iuntNeq/eddoei.jpg?sseq=eriam#pernat||udan||archi||iutaliq||urQuis||1742||https://example.net/orum/Bonoru.txt?agnamal=quei#quio||Mozilla/5.0 (Linux; Android 6.0; ZTE BLADE V7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||lamcola", "tags": [ @@ -578,7 +578,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "August 1 00:54:32 venia6656.api.domain %APACHETOMCAT- CONNECT: 10.94.136.235||mmod||iti||[01/Aug/2018:12:54:32 PST]||amqu||https://www5.example.com/tanimid/onpr.gif?gelitse=oremqu#idex||radip||upta||tetura||rumet||6923||https://www5.example.org/lestia/nde.jpg?pisci=sunt#texplica||Mozilla/5.0 (Linux; Android 6.0; Lenovo A2016a40 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.106 Mobile Safari/537.36 YaApp_Android/10.30 YaSearchBrowser/10.30||ore", "tags": [ @@ -587,7 +587,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "August 15 07:57:06 veniam1216.www5.invalid %APACHETOMCAT- NCIRCLE: 10.152.11.26||expli||ugiat||[15/Aug/2018:7:57:06 GMT+02:00]||oinBCSed||https://www.example.net/ntorever/pisciv.gif?eritq=rehen#ipsamvol||elillum||veleumi||nsequatu||nula||2783||https://example.com/santi/ritati.gif?turadip=dip#idolo||Mozilla/5.0 (compatible; Yahoo Ad monitoring; https://help.yahoo.com/kb/yahoo-ad-monitoring-SLN24857.html) yahoo.adquality.lwd.desktop/1591143192-10||aco", "tags": [ @@ -596,7 +596,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "August 29 14:59:40 runtm5729.invalid %APACHETOMCAT- PRONECT: 10.82.118.95||bore||ptate||[29/Aug/2018:2:59:40 GMT+02:00]||labo||https://www5.example.com/quu/xeac.htm?abor=oreverit#scip||Finibus||Utenimad||olupta||tau||5211||https://www5.example.com/itametco/vel.htm?rere=pta#nonn||Mozilla/5.0 (Linux; Android 9; 5024D_RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36 YaApp_Android/10.61 YaSearchBrowser/10.61||met", "tags": [ @@ -605,7 +605,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4322-id: 10.187.152.213||conse||ventor||[12/Sep/2018:10:02:15 CEST]||mag||https://www.example.net/mini/Loremip.html?tur=atnonpr#ita||amquaer||aqui||enby||lpa||3948||https://www5.example.net/iat/ffic.htm?cte=aparia#CSe||Mozilla/5.0 (Linux; Android 9; Notepad_K10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Safari/537.36||ugitsedq", "tags": [ @@ -614,7 +614,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "September 27 05:04:49 pta6012.www.local %APACHETOMCAT- uGET: 10.98.71.45||destla||fugitse||[27/Sep/2018:5:04:49 GMT+02:00]||eirur||https://www.example.net/duntutla/lamco.txt?isci=Dui#reetdo||ever||civelits||eos||ipitlabo||5440||https://internal.example.net/nonn/hite.htm?ariatur=labo#sautei||Mozilla/5.0 (Linux; Android 4.1.2; Micromax P410i Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36||unt", "tags": [ @@ -623,7 +623,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-5971-uGET: 10.86.123.33||ugia||meum||[11/Oct/2018:12:07:23 OMST]||doei||https://www5.example.net/tev/nre.html?occaeca=eturadip#ent||rumSecti||Utenima||olore||orumS||757||https://www5.example.org/eursint/orio.txt?iameaqu=aaliquaU#olu||Mozilla/5.0 (Linux; U; Android 7.1.2; uz-uz; Redmi 4X Build/N2G47H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.141 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.2.3-g||yCiceroi", "tags": [ @@ -632,7 +632,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-2852-FGET: 10.6.112.183||deom||oluptat||[25/Oct/2018:7:09:57 GMT-07:00]||eni||https://www5.example.net/uamnih/nseq.txt?uidolo=umdolore#dmi||tam||oremip||eufugi||dunt||6169||https://api.example.net/uidexeac/sequa.html?modoc=magnam#uinesc||Mozilla/5.0 (Linux; Android 10; LM-V350) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||idatat", "tags": [ @@ -641,7 +641,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "November 9 02:12:32 orsi2109.internal.home %APACHETOMCAT- LOCK: 10.227.156.143||sis||idolo||[09/Nov/2018:2:12:32 CEST]||tsedquia||https://example.net/umdolor/isiu.html?mmodi=snostr#eniamqu||inimav||tatevel||midestl||nci||6587||https://www5.example.org/nvolupt/meiusm.htm?aturv=ectetura#obeataev||Mozilla/5.0 (compatible; Yahoo Ad monitoring; https://help.yahoo.com/kb/yahoo-ad-monitoring-SLN24857.html) yahoo.adquality.lwd.desktop/1591143192-10||seq", "tags": [ @@ -650,7 +650,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "November 23 09:15:06 quaeabil2539.www5.lan %APACHETOMCAT- get: 10.124.129.248||iamqui||quide||[23/Nov/2018:9:15:06 CT]||cididun||https://example.org/ibusBo/untincu.jpg?lesti=sintocca#mipsumqu||eprehen||hilmole||sequ||sectetu||7182||https://example.net/dolor/lorumwri.htm?mquis=lab#uido||Mozilla/5.0 (Linux; Android 6.0; ZTE BLADE V7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||mwrit", "tags": [ @@ -659,7 +659,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "December 7 16:17:40 aal1598.mail.host %APACHETOMCAT- CONNECT: 10.173.125.112||quiavolu||upta||[07/Dec/2018:4:17:40 OMST]||umtota||https://www5.example.org/magnaa/sumquiad.gif?oluptate=Duisa#consequa||eaqueip||itaedict||olorema||rep||3380||https://www5.example.net/siarc/fdeFin.jpg?tobeata=nesciun#amcolab||Mozilla/5.0 (Linux; Android 8.0.0; VS996) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||isnisiut", "tags": [ @@ -668,7 +668,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-5227-GET: 10.37.156.140||uisnos||olores||[21/Dec/2018:11:20:14 PST]||epo||https://www.example.org/evolup/rvelil.gif?eavolup=ipsumq#evit||tno||iss||taspe||lum||5911||https://api.example.net/eturad/tDuis.htm?enimadmi=tateveli#osa||Opera/9.80 (Series 60; Opera Mini/7.1.32444/174.101; U; ru) Presto/2.12.423 Version/12.16||idolorem", "tags": [ @@ -677,7 +677,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-5776-PRONECT: 10.121.225.135||ufugi||cin||[05/Jan/2019:6:22:49 ET]||byC||https://example.com/oremip/its.jpg?iavol=natuserr#ostrudex||nse||miurere||evit||uatu||2448||https://www5.example.org/uamestqu/mpor.jpg?hender=ptatemU#seq||Mozilla/5.0 (Linux; Android 9; 5024D_RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36 YaApp_Android/10.61 YaSearchBrowser/10.61||tnulapa", "tags": [ @@ -686,7 +686,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-7708-DEBUG: 10.123.68.56||expl||olore||[19/Jan/2019:1:25:23 CEST]||dentsunt||https://www.example.org/animid/upta.jpg?onnumqua=quioff#iuntN||ipis||itautfu||nesci||tam||1206||https://mail.example.net/tetura/eeufug.txt?modt=iduntutl#rsitam||Mozilla/5.0 (Linux; Android 10; ASUS_X01BDA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile Safari/537.36||ntor", "tags": [ @@ -695,7 +695,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "February 2 20:27:57 oid218.api.invalid %APACHETOMCAT- RNDMMTD: 10.63.56.164||iquid||evo||[02/Feb/2019:8:27:57 GMT-07:00]||avolu||https://api.example.net/itesse/expl.html?prehende=lup#tpers||orsitv||temseq||uisaute||uun||4638||https://mail.example.net/nemulla/asp.html?ncul=taliq#tautfugi||Mozilla/5.0 (Linux; Android 4.1.2; Micromax P410i Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36||umd", "tags": [ @@ -704,7 +704,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "February 17 03:30:32 sectetur2674.www5.test %APACHETOMCAT- HEAD: 10.62.10.137||eeufugi||deomnisi||[17/Feb/2019:3:30:32 ET]||issus||https://example.net/deritinv/evelite.html?iav=odico#rsint||itl||ttenb||olor||quiav||6648||https://example.com/eumfu/lors.gif?upidata=ici#usant||Mozilla/5.0 (Linux; Android 10; SM-A305FN Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.96 Mobile Safari/537.36 YandexSearch/8.10 YandexSearchBrowser/8.10||con", "tags": [ @@ -713,7 +713,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "March 3 10:33:06 sequatD4487.internal.localhost %APACHETOMCAT- INDEX: 10.89.154.115||oeiusmo||nimv||[03/Mar/2019:10:33:06 GMT+02:00]||tconse||https://example.org/tseddoei/teursint.htm?remagnaa=lamcolab#ceroinB||umqui||citation||temsequi||mquia||1119||https://api.example.net/iveli/conseq.htm?ercitat=taspe#yCiceroi||Mozilla/5.0 (Linux; Android 8.0.0; VS996) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||cti", "tags": [ @@ -722,7 +722,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-4758-TRACE: 10.122.252.130||tuser||mmo||[17/Mar/2019:5:35:40 PST]||tlaboru||https://www5.example.com/ciad/ugiatqu.gif?turveli=isciv#natus||boreet||luptasnu||ento||snostr||3904||https://api.example.org/xerc/Nequep.htm?ria=beat#rro||Mozilla/5.0 (Linux; Android 9; 5024D_RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36 YaApp_Android/10.61 YaSearchBrowser/10.61||uisau", "tags": [ @@ -731,7 +731,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-2573-id: 10.195.152.53||ueporroq||ute||[01/Apr/2019:12:38:14 GMT-07:00]||tationu||https://api.example.com/olore/ntutlab.htm?ameaquei=gnama#esciun||tesse||olupta||isno||oluptas||5560||https://www.example.net/rinrepr/dutp.jpg?modo=uiavo#uisaut||mobmail android 2.1.3.3150||paq", "tags": [ @@ -740,7 +740,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "April 15 07:40:49 nul5107.www5.domain %APACHETOMCAT- ABCD: 10.9.255.204||illoin||emUtenim||[15/Apr/2019:7:40:49 CT]||uid||https://mail.example.com/rvelil/adese.htm?incidi=aedictas#rumetMa||mexerci||urEx||ditaut||ctetur||3089||https://mail.example.com/oreeu/mea.jpg?tis=oluptat#emi||Mozilla/5.0 (Linux; Android 4.1.2; Micromax P410i Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36||iaeconse", "tags": [ @@ -749,7 +749,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "April 29 14:43:23 nimadmin5630.localdomain %APACHETOMCAT- RNDMMTD: 10.214.235.133||equ||nulapari||[29/Apr/2019:2:43:23 GMT-07:00]||tsunt||https://www.example.org/oremi/ectobeat.gif?oreeu=uasiarch#Malor||boriosa||cillumdo||ditau||moenimip||5930||https://internal.example.net/oreetd/lor.txt?etc=eturadip#nost||Mozilla/5.0 (Linux; Android 9; LG-US998) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||evel", "tags": [ @@ -758,7 +758,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "May 13 21:45:57 sequuntu3563.internal.test %APACHETOMCAT- TRACE: 10.5.134.204||apari||iarchit||[13/May/2019:9:45:57 PT]||orum||https://api.example.com/orsitam/tiset.jpg?ati=rauto#doloreeu||lors||eumfu||docons||tur||3197||https://api.example.org/uasi/maveniam.html?rspicia=pitl#imi||Mozilla/5.0 (Linux; Android 5.1.1; Android Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36 YaApp_Android/9.80 YaSearchBrowser/9.80||taevit", "tags": [ @@ -767,7 +767,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6820-SEARCH: 10.144.111.42||sumquia||vento||[28/May/2019:4:48:31 CEST]||asnu||https://example.org/rep/mveni.txt?utpers=num#ctetura||quaerat||tDuisau||aturve||ptateve||7615||https://internal.example.com/tconsect/pariat.gif?etcon=ctobeat#isi||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||lorumw", "tags": [ @@ -776,7 +776,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-3071-FGET: 10.122.0.80||olupt||ola||[11/Jun/2019:11:51:06 CT]||etquasia||https://example.net/adm/snostr.jpg?tec=itaspe#con||illumdo||antium||remaper||eseosq||2945||https://www.example.com/uae/ata.htm?snulap=cidu#hilmol||Mozilla/5.0 (Linux; U; Android 7.1.2; uz-uz; Redmi 4X Build/N2G47H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.141 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.2.3-g||quamq", "tags": [ @@ -785,7 +785,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "June 25 18:53:40 tdolo2150.www.example %APACHETOMCAT- ABCD: 10.165.33.19||uamqu||iusmodi||[25/Jun/2019:6:53:40 ET]||aparia||https://mail.example.com/ccusant/epteurs.htm?oidentsu=oditau#onsec||dit||namaliqu||yCic||tetura||1569||https://www.example.net/ttenb/eirure.txt?rem=exer#eeufug||Mozilla/5.0 (Linux; Android 9; LG-US998) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||lapari", "tags": [ @@ -794,7 +794,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "July 10 01:56:14 cinge6032.api.local %APACHETOMCAT- BADMTHD: 10.87.92.17||utlabore||tamr||[10/Jul/2019:1:56:14 CT]||iutaliq||https://mail.example.org/onemul/trudexe.txt?ura=oreeufug#Quisa||quiav||ctionofd||elit||sam||6211||https://internal.example.org/unt/isni.htm?ecillum=olor#amei||Mozilla/5.0 (Linux; Android 7.0; SM-S337TL) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||quid", "tags": [ @@ -803,7 +803,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-7615-BADMETHOD: 10.51.52.203||wri||itame||[24/Jul/2019:8:58:48 ET]||dictasun||https://example.com/lorese/olupta.jpg?onsec=idestl#litani||emp||arch||non||mollit||5823||https://internal.example.org/tobeatae/ntut.gif?exe=naa#equat||Mozilla/5.0 (Linux; Android 8.0.0; VS996) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||mqu", "tags": [ @@ -812,7 +812,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "August 7 16:01:23 ende6053.local %APACHETOMCAT- rndmmtd: 10.0.211.86||rsp||imipsa||[07/Aug/2019:4:01:23 CEST]||int||https://internal.example.net/llitani/uscipit.html?etcons=etco#iuntN||utfugi||ursintoc||tio||mmodicon||6776||https://internal.example.net/tvol/lup.gif?ollita=qua#ionula||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||cusa", "tags": [ @@ -821,7 +821,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-264-OPTIONS: 10.106.34.244||eumiu||nim||[21/Aug/2019:11:03:57 PST]||rehen||https://mail.example.net/ptat/mipsu.htm?eturadip=amquaera#rsitamet||leumiur||ssequamn||ave||taliqui||3714||https://example.net/undeomn/ape.jpg?amco=ons#onsecte||Mozilla/5.0 (Linux; Android 7.0; SM-S337TL) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||atquo", "tags": [ @@ -830,7 +830,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-2943-nGET: 10.191.210.188||inculpa||ruredol||[05/Sep/2019:6:06:31 OMST]||ipit||https://www.example.org/quae/periam.html?emoenimi=iquipex#mqu||onorume||abill||ametcon||ofdeFini||7052||https://example.net/tionev/uasiarch.html?qui=ehender#equa||Mozilla/5.0 (Linux; Android 4.1.2; Micromax P410i Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.111 Mobile Safari/537.36||nimides", "tags": [ @@ -839,7 +839,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-6165-BDMTHD: 10.2.38.49||asiarc||lor||[19/Sep/2019:1:09:05 GMT+02:00]||snula||https://www.example.com/bori/dipi.gif?utf=dolor#dexe||nemul||Duis||lupt||quatur||5775||https://www.example.org/ipsa/con.gif?uianonnu=tatiset#quira||mobmail android 2.1.3.3150||aea", "tags": [ @@ -848,7 +848,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "October 3 20:11:40 didun1193.example %APACHETOMCAT- id: 10.66.92.90||orumwri||atisu||[03/Oct/2019:8:11:40 PST]||tse||https://example.com/iat/tqui.gif?utaliqui=emse#emqui||cipitla||tlab||vel||ionevo||4580||https://mail.example.com/volupta/umfu.gif?tisetq=tDuisaut#dolo||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||samvol", "tags": [ @@ -857,7 +857,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "October 18 03:14:14 apari2660.www5.lan %APACHETOMCAT- BADMTHD: 10.97.108.108||fficiad||teirured||[18/Oct/2019:3:14:14 PST]||sistena||https://example.com/caboN/imipsam.jpg?catcupid=ritquiin#quisnost||sequines||olor||sequa||lorum||7649||https://mail.example.com/Sedut/tatis.gif?reeufugi=sequines#minimve||Mozilla/5.0 (Linux; U; Android 7.1.2; uz-uz; Redmi 4X Build/N2G47H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.141 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.2.3-g||toditau", "tags": [ @@ -866,7 +866,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "November 1 10:16:48 nvolupta238.www.host %APACHETOMCAT- COOK: 10.147.147.248||onpr||uira||[01/Nov/2019:10:16:48 CET]||ptatev||https://api.example.net/uiaco/aliqu.txt?udexerci=uae#imveni||econ||aborio||rve||catcup||177||https://www5.example.org/busBon/norumetM.jpg?vitaedi=rna#cons||Mozilla/5.0 (Linux; Android 9; Notepad_K10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Safari/537.36||lupta", "tags": [ @@ -875,7 +875,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "November 15 17:19:22 icer123.mail.example %APACHETOMCAT- NCIRCLE: 10.152.190.61||imvenia||culp||[15/Nov/2019:5:19:22 GMT-07:00]||nesciu||https://www.example.org/roinBCSe/eetdolor.html?tla=iaconseq#sed||sedd||atione||tvolup||oremeu||6708||https://api.example.com/dan/pta.html?oNem=itaedict#eroi||Mozilla/5.0 (Linux; Android 8.0.0; VS996) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.83 Mobile Safari/537.36||uptateve", "tags": [ @@ -884,7 +884,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "November 30 00:21:57 lumqui6488.api.example %APACHETOMCAT- DETECT_METHOD_TYPE: 10.129.232.105||des||deFini||[30/Nov/2019:12:21:57 GMT-07:00]||aliquaU||https://www.example.net/tvolu/imve.txt?gnaaliq=quam#deriti||edictasu||eturadi||umS||noru||5321||https://api.example.org/taevitae/tevel.htm?vol=ita#iquipexe||Mozilla/5.0 (Linux; Android 8.1.0; SM-A260G Build/OPR6; rv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Rocket/2.1.17(19420) Chrome/81.0.4044.138 Mobile Safari/537.36||quamqua", "tags": [ @@ -893,7 +893,7 @@ }, { "ecs": { - "version": "8.3.0" + "version": "8.4.0" }, "message": "%APACHETOMCAT-5473-TRACE: 10.12.173.112||Excepteu||mco||[14/Dec/2019:7:24:31 PT]||undeom||https://internal.example.org/teturadi/radipi.gif?upidatat=mod#niamqui||litsedd||nidol||inBC||hite||423||https://api.example.net/dminimve/remips.txt?uiac=tquii#tesse||Mozilla/5.0 (Linux; Android 9; 5024D_RU Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.92 Mobile Safari/537.36 YaApp_Android/10.61 YaSearchBrowser/10.61||emeumfu", "tags": [ diff --git a/packages/tomcat/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/tomcat/data_stream/log/elasticsearch/ingest_pipeline/default.yml index c2bdf786024..7280be63fee 100644 --- a/packages/tomcat/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/tomcat/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -4,7 +4,7 @@ description: Pipeline for Apache Tomcat processors: - set: field: ecs.version - value: '8.3.0' + value: '8.4.0' # User agent - user_agent: field: user_agent.original diff --git a/packages/tomcat/docs/README.md b/packages/tomcat/docs/README.md index 13a5bf8236b..6d745dce6be 100644 --- a/packages/tomcat/docs/README.md +++ b/packages/tomcat/docs/README.md @@ -88,7 +88,7 @@ The `log` dataset collects Apache Tomcat logs. | message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | | network.application | When a specific application or service is identified from network connection details (source/dest IPs, ports, certificates, or wire format), this field captures the application's or service's name. For example, the original event identifies the network connection being from a specific web service in a `https` network connection, like `facebook` or `twitter`. The field value must be normalized to lowercase for querying. | keyword | | network.bytes | Total bytes transferred in both directions. If `source.bytes` and `destination.bytes` are known, `network.bytes` is their sum. | long | -| network.direction | Direction of the network traffic. Recommended values are: \* ingress \* egress \* inbound \* outbound \* internal \* external \* unknown When mapping events from a host-based monitoring context, populate this field from the host's point of view, using the values "ingress" or "egress". When mapping events from a network or perimeter-based monitoring context, populate this field from the point of view of the network perimeter, using the values "inbound", "outbound", "internal" or "external". Note that "internal" is not crossing perimeter boundaries, and is meant to describe communication between two hosts within the perimeter. Note also that "external" is meant to describe traffic between two hosts that are external to the perimeter. This could for example be useful for ISPs or VPN service providers. | keyword | +| network.direction | Direction of the network traffic. When mapping events from a host-based monitoring context, populate this field from the host's point of view, using the values "ingress" or "egress". When mapping events from a network or perimeter-based monitoring context, populate this field from the point of view of the network perimeter, using the values "inbound", "outbound", "internal" or "external". Note that "internal" is not crossing perimeter boundaries, and is meant to describe communication between two hosts within the perimeter. Note also that "external" is meant to describe traffic between two hosts that are external to the perimeter. This could for example be useful for ISPs or VPN service providers. | keyword | | network.forwarded_ip | Host IP address when the source IP address is the proxy. | ip | | network.interface.name | | keyword | | network.packets | Total packets transferred in both directions. If `source.packets` and `destination.packets` are known, `network.packets` is their sum. | long | @@ -833,7 +833,7 @@ The `log` dataset collects Apache Tomcat logs. | user_agent.os.name | Operating system name, without the version. | keyword | | user_agent.os.name.text | Multi-field of `user_agent.os.name`. | match_only_text | | user_agent.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | -| user_agent.os.type | Use the `os.type` field to categorize the operating system into one of the broad commercial families. One of these following values should be used (lowercase): linux, macos, unix, windows. If the OS you're dealing with is not in the list, the field should not be populated. Please let us know by opening an issue with ECS, to propose its addition. | keyword | +| user_agent.os.type | Use the `os.type` field to categorize the operating system into one of the broad commercial families. If the OS you're dealing with is not listed as an expected value, the field should not be populated. Please let us know by opening an issue with ECS, to propose its addition. | keyword | | user_agent.os.version | Operating system version as a raw string. | keyword | | user_agent.version | Version of the user agent. | keyword | diff --git a/packages/tomcat/manifest.yml b/packages/tomcat/manifest.yml index a00bbc7d31a..e42e731ba54 100644 --- a/packages/tomcat/manifest.yml +++ b/packages/tomcat/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: tomcat title: Apache Tomcat -version: "1.5.0" +version: "1.6.0" description: Collect and parse logs from Apache Tomcat servers with Elastic Agent. categories: ["web", "security"] release: ga diff --git a/packages/udp/_dev/build/build.yml b/packages/udp/_dev/build/build.yml index 5661d603a89..2254d90483c 100644 --- a/packages/udp/_dev/build/build.yml +++ b/packages/udp/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.3.0 + reference: git@v8.4.0-rc1 diff --git a/packages/udp/changelog.yml b/packages/udp/changelog.yml index f3510d3cc10..8a42daec986 100644 --- a/packages/udp/changelog.yml +++ b/packages/udp/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.4.0" + changes: + - description: Update package to ECS 8.4.0 + type: enhancement + link: https://github.com/elastic/integrations/pull/3871 - version: "1.3.1" changes: - description: Improve syslog parsing description diff --git a/packages/udp/manifest.yml b/packages/udp/manifest.yml index 94a6c4882c7..aa053bf5c13 100644 --- a/packages/udp/manifest.yml +++ b/packages/udp/manifest.yml @@ -3,7 +3,7 @@ name: udp title: Custom UDP Logs description: Collect raw UDP data from listening UDP port with Elastic Agent. type: integration -version: "1.3.1" +version: "1.4.0" release: ga conditions: kibana.version: "^8.2.1" diff --git a/packages/winlog/_dev/build/build.yml b/packages/winlog/_dev/build/build.yml index 5661d603a89..2254d90483c 100644 --- a/packages/winlog/_dev/build/build.yml +++ b/packages/winlog/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.3.0 + reference: git@v8.4.0-rc1 diff --git a/packages/winlog/changelog.yml b/packages/winlog/changelog.yml index 4d3145cdc75..bb9ab2f6d18 100644 --- a/packages/winlog/changelog.yml +++ b/packages/winlog/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: Update package to ECS 8.4.0 + type: enhancement + link: https://github.com/elastic/integrations/pull/3871 - version: "1.6.0" changes: - description: Update package to ECS 8.3.0. diff --git a/packages/winlog/manifest.yml b/packages/winlog/manifest.yml index afc29be4809..cbfb90e925a 100644 --- a/packages/winlog/manifest.yml +++ b/packages/winlog/manifest.yml @@ -3,7 +3,7 @@ name: winlog title: Custom Windows Event Logs description: Collect and parse logs from any Windows event log channel with Elastic Agent. type: integration -version: "1.6.0" +version: "1.7.0" release: ga conditions: kibana.version: '^7.16.0 || ^8.0.0'