Bruce upgrades

.ci/Jenkinsfile

@@ -14,8 +14,8 @@ pipeline {
     AWS_ACCOUNT_SECRET = "secret/observability-team/ci/elastic-observability-aws-account-auth"
     HOME = "${env.WORKSPACE}"
     DOCKER_COMPOSE_VERSION = "v2.17.2"
-    KIND_VERSION = "v0.17.0"
-    K8S_VERSION = "v1.26.0"
+    KIND_VERSION = "v0.20.0"
+    K8S_VERSION = "v1.27.3"
     JOB_GCS_BUCKET = 'fleet-ci-temp'
     JOB_GCS_BUCKET_INTERNAL = 'fleet-ci-temp-internal'
     JOB_GCS_CREDENTIALS = 'fleet-ci-gcs-plugin'
@@ -46,9 +46,12 @@ pipeline {
     ELASTIC_PACKAGE_COMPOSE_DISABLE_PULL_PROGRESS_INFORMATION = 'true'
     // links definitions
     ELASTIC_PACKAGE_LINKS_FILE_PATH = "${env.HOME}/${env.BASE_DIR}/links_table.yml"
+
+    // Default license to use by `elastic-package build`
+    ELASTIC_PACKAGE_REPOSITORY_LICENSE = "licenses/Elastic-2.0.txt"
   }
   options {
-    timeout(time: 4, unit: 'HOURS')
+    timeout(time: 6, unit: 'HOURS')
     buildDiscarder(logRotator(numToKeepStr: '20', artifactNumToKeepStr: '20', daysToKeepStr: '30'))
     timestamps()
     ansiColor('xterm')

.ci/schedule-daily.groovy

@@ -39,12 +39,12 @@ pipeline {
             )
           }
         }
-        stage('with stack v8.9') {
+        stage('with stack v8.10') {
           steps {
             build(
               job: env.INTEGRATION_JOB,
               parameters: [
-                stringParam(name: 'stackVersion', value: '8.9-SNAPSHOT'),
+                stringParam(name: 'stackVersion', value: '8.10-SNAPSHOT'),
                 booleanParam(name: 'force_check_all', value: true),
                 booleanParam(name: 'skip_publishing', value: true),
               ],

.github/CODEOWNERS

@@ -11,6 +11,7 @@
 /packages/activemq @elastic/obs-infraobs-integrations
 /packages/airflow @elastic/obs-infraobs-integrations
 /packages/akamai @elastic/security-external-integrations
+/packages/amazon_security_lake @elastic/security-external-integrations
 /packages/apache @elastic/obs-infraobs-integrations
 /packages/apache_spark @elastic/obs-infraobs-integrations
 /packages/apache_tomcat @elastic/obs-infraobs-integrations
@@ -22,13 +23,22 @@
 /packages/auditd_manager @elastic/security-external-integrations
 /packages/auth0 @elastic/security-external-integrations
 /packages/aws @elastic/obs-cloud-monitoring
+/packages/aws/changelog.yml @elastic/obs-cloud-monitoring @elastic/security-external-integrations
+/packages/aws/data_stream/guardduty @elastic/security-external-integrations
+/packages/aws/data_stream/securityhub_findings @elastic/security-external-integrations
+/packages/aws/data_stream/securityhub_insights @elastic/security-external-integrations
 /packages/aws/kibana @elastic/obs-cloud-monitoring @elastic/kibana-visualizations
+/packages/aws/manifest.yml @elastic/obs-cloud-monitoring @elastic/security-external-integrations
 /packages/aws_logs @elastic/obs-cloud-monitoring
 /packages/awsfargate @elastic/obs-cloud-monitoring
+/packages/awsfirehose @elastic/obs-cloud-monitoring
 /packages/azure @elastic/obs-cloud-monitoring
+/packages/azure_app_service @elastic/obs-infraobs-integrations
 /packages/azure_application_insights @elastic/obs-cloud-monitoring
 /packages/azure_billing @elastic/obs-cloud-monitoring
 /packages/azure_blob_storage @elastic/security-external-integrations
+/packages/azure @elastic/obs-cloud-monitoring
+/packages/azure_functions @elastic/obs-infraobs-integrations
 /packages/azure_frontdoor @elastic/security-external-integrations
 /packages/azure_metrics @elastic/obs-cloud-monitoring
 /packages/barracuda @elastic/security-external-integrations
@@ -45,7 +55,6 @@
 /packages/cel @elastic/security-external-integrations
 /packages/ceph @elastic/obs-infraobs-integrations
 /packages/checkpoint @elastic/security-external-integrations
-/packages/cisco @elastic/security-external-integrations
 /packages/cisco_aironet @elastic/security-external-integrations
 /packages/cisco_asa @elastic/security-external-integrations
 /packages/cisco_duo @elastic/security-external-integrations
@@ -69,7 +78,6 @@
 /packages/couchbase @elastic/obs-infraobs-integrations
 /packages/couchdb @elastic/obs-infraobs-integrations
 /packages/crowdstrike @elastic/security-external-integrations
-/packages/cyberark @elastic/security-external-integrations
 /packages/cyberark_pta @elastic/security-external-integrations
 /packages/cyberarkpas @elastic/security-external-integrations
 /packages/cylance @elastic/security-external-integrations
@@ -81,6 +89,8 @@
 /packages/elastic_package_registry @elastic/ecosystem
 /packages/elasticsearch @elastic/infra-monitoring-ui
 /packages/enterprisesearch @elastic/infra-monitoring-ui
+/packages/entityanalytics_entra_id @elastic/security-external-integrations
+/packages/entityanalytics_okta @elastic/security-external-integrations
 /packages/etcd @elastic/obs-infraobs-integrations
 /packages/f5 @elastic/security-external-integrations
 /packages/f5_bigip @elastic/security-external-integrations
@@ -89,18 +99,23 @@
 /packages/fleet_server @elastic/elastic-agent-control-plane
 /packages/forcepoint_web @elastic/security-external-integrations
 /packages/forgerock @elastic/security-external-integrations
-/packages/fortinet @elastic/security-external-integrations
 /packages/fortinet_forticlient @elastic/security-external-integrations
 /packages/fortinet_fortiedr @elastic/security-external-integrations
 /packages/fortinet_fortigate @elastic/security-external-integrations
 /packages/fortinet_fortimail @elastic/security-external-integrations
 /packages/fortinet_fortimanager @elastic/security-external-integrations
 /packages/gcp @elastic/security-external-integrations @elastic/obs-cloud-monitoring
+/packages/gcp/data_stream @elastic/obs-cloud-monitoring
+/packages/gcp/data_stream/audit @elastic/security-external-integrations
+/packages/gcp/data_stream/dns @elastic/security-external-integrations
+/packages/gcp/data_stream/firewall @elastic/security-external-integrations
+/packages/gcp/data_stream/vpcflow @elastic/security-external-integrations
 /packages/gcp_metrics @elastic/obs-cloud-monitoring
 /packages/gcp_pubsub @elastic/security-external-integrations
 /packages/github @elastic/security-external-integrations
 /packages/golang @elastic/obs-infraobs-integrations
 /packages/google_cloud_storage @elastic/security-external-integrations
+/packages/google_scc @elastic/security-external-integrations
 /packages/google_workspace @elastic/security-external-integrations
 /packages/hadoop @elastic/obs-infraobs-integrations
 /packages/haproxy @elastic/obs-infraobs-integrations
@@ -121,7 +136,6 @@
 /packages/jolokia_input @elastic/obs-infraobs-integrations
 /packages/journald @elastic/elastic-agent-data-plane
 /packages/jumpcloud @elastic/security-external-integrations
-/packages/juniper @elastic/security-external-integrations
 /packages/juniper_junos @elastic/security-external-integrations
 /packages/juniper_netscreen @elastic/security-external-integrations
 /packages/juniper_srx @elastic/security-external-integrations
@@ -140,7 +154,7 @@
 /packages/m365_defender @elastic/security-external-integrations
 /packages/mattermost @elastic/security-external-integrations
 /packages/memcached @elastic/obs-infraobs-integrations
-/packages/microsoft @elastic/security-external-integrations
+/packages/microsoft_defender_cloud @elastic/security-external-integrations
 /packages/microsoft_defender_endpoint @elastic/security-external-integrations
 /packages/microsoft_dhcp @elastic/security-external-integrations
 /packages/microsoft_exchange_online_message_trace @elastic/security-external-integrations
@@ -174,9 +188,9 @@
 /packages/problemchild @elastic/ml-ui @elastic/sec-applied-ml
 /packages/prometheus @elastic/obs-cloudnative-monitoring
 /packages/prometheus_input @elastic/obs-infraobs-integrations
-/packages/proofpoint @elastic/security-external-integrations
 /packages/proofpoint_tap @elastic/security-external-integrations
 /packages/pulse_connect_secure @elastic/security-external-integrations
+/packages/qualys_vmdr @elastic/security-external-integrations
 /packages/qnap_nas @elastic/security-external-integrations
 /packages/rabbitmq @elastic/obs-infraobs-integrations
 /packages/radware @elastic/security-external-integrations
@@ -191,7 +205,6 @@
 /packages/slack @elastic/security-external-integrations
 /packages/snort @elastic/security-external-integrations
 /packages/snyk @elastic/security-external-integrations
-/packages/sonicwall @elastic/security-external-integrations
 /packages/sonicwall_firewall @elastic/security-external-integrations
 /packages/sophos @elastic/security-external-integrations
 /packages/sophos_central @elastic/security-external-integrations
@@ -205,7 +218,11 @@
 /packages/synthetics @elastic/uptime
 /packages/sysmon_linux @elastic/security-external-integrations
 /packages/system @elastic/obs-infraobs-integrations
+/packages/system/changelog.yml @elastic/obs-infraobs-integrations @elastic/security-external-integrations
+/packages/system/data_stream/auth @elastic/security-external-integrations
+/packages/system/data_stream/security @elastic/security-external-integrations
 /packages/system/kibana @elastic/elastic-agent-data-plane @elastic/kibana-visualizations
+/packages/system/manifest.yml @elastic/obs-infraobs-integrations @elastic/security-external-integrations
 /packages/system_audit @elastic/security-external-integrations
 /packages/tanium @elastic/security-external-integrations
 /packages/tcp @elastic/security-external-integrations
@@ -216,6 +233,7 @@
 /packages/ti_anomali @elastic/security-external-integrations
 /packages/ti_cif3 @elastic/security-external-integrations
 /packages/ti_cybersixgill @elastic/security-external-integrations
+/packages/ti_maltiverse @elastic/security-external-integrations
 /packages/ti_misp @elastic/security-external-integrations
 /packages/ti_otx @elastic/security-external-integrations
 /packages/ti_rapid7_threat_command @elastic/security-external-integrations
@@ -225,6 +243,7 @@
 /packages/tines @elastic/security-external-integrations
 /packages/tomcat @elastic/obs-infraobs-integrations
 /packages/traefik @elastic/obs-infraobs-integrations
+/packages/trellix_edr_cloud @elastic/security-external-integrations
 /packages/trellix_epo_cloud @elastic/security-external-integrations
 /packages/trend_micro_vision_one @elastic/security-external-integrations
 /packages/trendmicro @elastic/security-external-integrations
@@ -237,12 +256,21 @@
 /packages/vsphere @elastic/obs-infraobs-integrations
 /packages/websphere_application_server @elastic/obs-infraobs-integrations
 /packages/windows @elastic/elastic-agent-data-plane @elastic/security-external-integrations
+/packages/windows/data_stream/applocker_exe_and_dll @elastic/security-external-integrations
+/packages/windows/data_stream/applocker_msi_and_script @elastic/security-external-integrations
+/packages/windows/data_stream/applocker_packaged_app_deployment @elastic/security-external-integrations
+/packages/windows/data_stream/applocker_packaged_app_execution @elastic/security-external-integrations
+/packages/windows/data_stream/forwarded @elastic/security-external-integrations
+/packages/windows/data_stream/perfmon @elastic/elastic-agent-data-plane
+/packages/windows/data_stream/powershell @elastic/security-external-integrations
+/packages/windows/data_stream/powershell_operational @elastic/security-external-integrations
+/packages/windows/data_stream/service @elastic/elastic-agent-data-plane
+/packages/windows/data_stream/sysmon_operational @elastic/security-external-integrations
 /packages/winlog @elastic/security-external-integrations
 /packages/zeek @elastic/security-external-integrations
 /packages/zerofox @elastic/security-external-integrations
 /packages/zeronetworks @elastic/security-external-integrations
 /packages/zookeeper @elastic/obs-infraobs-integrations
 /packages/zoom @elastic/security-external-integrations
-/packages/zscaler @elastic/security-external-integrations
 /packages/zscaler_zia @elastic/security-external-integrations
 /packages/zscaler_zpa @elastic/security-external-integrations

.go-version

@@ -1 +1 @@
-1.19.1
+1.21.1

LICENSE.txt

@@ -1,93 +1,9 @@
-Elastic License 2.0
+Source code in this repository is licensed under multiple licenses.
+Source code in a given file is licensed under the Elastic License
+Version 2.0, unless otherwise noted at the beginning of the file or
+a LICENSE.txt file present in the directory subtree declares another
+license.
 
-URL: https://www.elastic.co/licensing/elastic-license
+Built packages include a copy of the applicable license.
 
-## Acceptance
-
-By using the software, you agree to all of the terms and conditions below.
-
-## Copyright License
-
-The licensor grants you a non-exclusive, royalty-free, worldwide,
-non-sublicensable, non-transferable license to use, copy, distribute, make
-available, and prepare derivative works of the software, in each case subject to
-the limitations and conditions below.
-
-## Limitations
-
-You may not provide the software to third parties as a hosted or managed
-service, where the service provides users with access to any substantial set of
-the features or functionality of the software.
-
-You may not move, change, disable, or circumvent the license key functionality
-in the software, and you may not remove or obscure any functionality in the
-software that is protected by the license key.
-
-You may not alter, remove, or obscure any licensing, copyright, or other notices
-of the licensor in the software. Any use of the licensor’s trademarks is subject
-to applicable law.
-
-## Patents
-
-The licensor grants you a license, under any patent claims the licensor can
-license, or becomes able to license, to make, have made, use, sell, offer for
-sale, import and have imported the software, in each case subject to the
-limitations and conditions in this license. This license does not cover any
-patent claims that you cause to be infringed by modifications or additions to
-the software. If you or your company make any written claim that the software
-infringes or contributes to infringement of any patent, your patent license for
-the software granted under these terms ends immediately. If your company makes
-such a claim, your patent license ends immediately for work on behalf of your
-company.
-
-## Notices
-
-You must ensure that anyone who gets a copy of any part of the software from you
-also gets a copy of these terms.
-
-If you modify the software, you must include in any modified copies of the
-software prominent notices stating that you have modified the software.
-
-## No Other Rights
-
-These terms do not imply any licenses other than those expressly granted in
-these terms.
-
-## Termination
-
-If you use the software in violation of these terms, such use is not licensed,
-and your licenses will automatically terminate. If the licensor provides you
-with a notice of your violation, and you cease all violation of this license no
-later than 30 days after you receive that notice, your licenses will be
-reinstated retroactively. However, if you violate these terms after such
-reinstatement, any additional violation of these terms will cause your licenses
-to terminate automatically and permanently.
-
-## No Liability
-
-*As far as the law allows, the software comes as is, without any warranty or
-condition, and the licensor will not be liable to you for any damages arising
-out of these terms or the use or nature of the software, under any kind of
-legal claim.*
-
-## Definitions
-
-The **licensor** is the entity offering these terms, and the **software** is the
-software the licensor makes available under these terms, including any portion
-of it.
-
-**you** refers to the individual or entity agreeing to these terms.
-
-**your company** is any legal entity, sole proprietorship, or other kind of
-organization that you work for, plus all organizations that have control over,
-are under the control of, or are under common control with that
-organization. **control** means ownership of substantially all the assets of an
-entity, or the power to direct its management and policies by vote, contract, or
-otherwise. Control can be direct or indirect.
-
-**your licenses** are all the licenses granted to you for the software under
-these terms.
-
-**use** means anything you do with the software requiring one of your licenses.
-
-**trademark** means trademarks, service marks, and similar rights.
+Full text of licenses can be found in the licenses directory.