juniper_*,m365_defender,microsoft_defender_endpoint,mimecast,modsecur…

…ity: remove duplicate fields
elastic · efd6 · Nov 29, 2022 · Nov 10, 2022 · Nov 10, 2022 · 7452e8d8a27f497d6a112b97e64ac7cc9b3a3d66
commit 7452e8d8a27f497d6a112b97e64ac7cc9b3a3d66
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.5.1"
+  changes:
+    - description: Remove duplicate fields.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/4611
 - version: "0.5.0"
   changes:
     - description: Update package to ECS 8.5.0.

@@ -62,11 +62,6 @@
     These fields help correlate data based containers from any runtime.'
   type: group
   fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
     - name: image.name
       level: extended
       type: keyword

@@ -202,8 +202,6 @@
   name: source.subdomain
 - external: ecs
   name: source.top_level_domain
-- external: ecs
-  name: tags
 - external: ecs
   name: url.domain
 - external: ecs

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: juniper_junos
 title: Juniper JunOS
-version: "0.5.0"
+version: "0.5.1"
 description: Collect logs from Juniper JunOS with Elastic Agent.
 categories: ["network", "security"]
 release: experimental

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.5.1"
+  changes:
+    - description: Remove duplicate fields.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/4611
 - version: "0.5.0"
   changes:
     - description: Update package to ECS 8.5.0.

@@ -62,11 +62,6 @@
     These fields help correlate data based containers from any runtime.'
   type: group
   fields:
-    - name: id
-      level: core
-      type: keyword
-      ignore_above: 1024
-      description: Unique container id.
     - name: image.name
       level: extended
       type: keyword

@@ -202,8 +202,6 @@
   name: source.subdomain
 - external: ecs
   name: source.top_level_domain
-- external: ecs
-  name: tags
 - external: ecs
   name: url.domain
 - external: ecs

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: juniper_netscreen
 title: Juniper NetScreen
-version: "0.5.0"
+version: "0.5.1"
 description: Collect logs from Juniper NetScreen with Elastic Agent.
 categories: ["network", "security"]
 release: experimental

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.6.1"
+  changes:
+    - description: Remove duplicate fields.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/4611
 - version: "1.6.0"
   changes:
     - description: Update package to ECS 8.5.0.

@@ -108,16 +108,8 @@
   name: code_signature.trusted
 - external: ecs
   name: code_signature.valid
-- external: ecs
-  name: container.id
-- external: ecs
-  name: container.image.name
 - external: ecs
   name: container.image.tag
-- external: ecs
-  name: container.labels
-- external: ecs
-  name: container.name
 - external: ecs
   name: container.runtime
 - external: ecs

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: juniper_srx
 title: Juniper SRX
-version: "1.6.0"
+version: "1.6.1"
 description: Collect logs from Juniper SRX devices with Elastic Agent.
 categories: ["network", "security"]
 release: ga

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.4.1"
+  changes:
+    - description: Remove duplicate fields.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/4611
 - version: "1.4.0"
   changes:
     - description: Add New Incident Data Stream.

@@ -52,8 +52,6 @@
   name: observer.vendor
 - external: ecs
   name: observer.name
-- external: ecs
-  name: url.full
 - external: ecs
   name: url.domain
 - external: ecs

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: m365_defender
 title: Microsoft M365 Defender
-version: 1.4.0
+version: 1.4.1
 description: Collect logs from Microsoft M365 Defender with Elastic Agent.
 categories:
   - "network"

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.5.1"
+  changes:
+    - description: Remove duplicate fields.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/4611
 - version: "2.5.0"
   changes:
     - description: Update package to ECS 8.5.0.

@@ -1,13 +1,5 @@
-- external: ecs
-  name: container.id
-- external: ecs
-  name: container.image.name
 - external: ecs
   name: container.image.tag
-- external: ecs
-  name: container.labels
-- external: ecs
-  name: container.name
 - external: ecs
   name: container.runtime
 - external: ecs

@@ -1,6 +1,5 @@
 - name: microsoft.defender_endpoint
   type: group
-  release: ga
   fields:
     - name: lastUpdateTime
       type: date

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: microsoft_defender_endpoint
 title: Microsoft Defender for Endpoint
-version: "2.5.0"
+version: "2.5.1"
 description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent.
 categories:
   - "network"

@@ -1,3 +1,8 @@
+- version: "1.4.1"
+  changes:
+    - description: Remove duplicate fields.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/4611
 - version: "1.4.0"
   changes:
     - description: Update package to ECS 8.5.0.

@@ -12,8 +12,6 @@
   name: email.attachments.file.mime_type
 - external: ecs
   name: email.attachments.file.name
-- external: ecs
-  name: email.attachments.file.name
 - external: ecs
   name: email.attachments.file.size
 - external: ecs
@@ -36,8 +34,6 @@
   name: error.type
 - external: ecs
   name: event.action
-- external: ecs
-  name: event.action
 - external: ecs
   name: event.created
 - external: ecs

@@ -6,8 +6,6 @@
   name: email.attachments.file.hash.sha256
 - external: ecs
   name: email.attachments.file.mime_type
-- external: ecs
-  name: email.attachments.file.mime_type
 - external: ecs
   name: email.attachments.file.name
 - external: ecs
@@ -22,8 +20,6 @@
   name: email.to.address
 - external: ecs
   name: event.action
-- external: ecs
-  name: event.action
 - external: ecs
   name: event.created
 - external: ecs

@@ -10,8 +10,6 @@
   name: email.to.address
 - external: ecs
   name: event.action
-- external: ecs
-  name: event.action
 - external: ecs
   name: event.created
 - external: ecs

@@ -12,8 +12,6 @@
   name: email.to.address
 - external: ecs
   name: event.action
-- external: ecs
-  name: event.action
 - external: ecs
   name: event.created
 - external: ecs

@@ -2,7 +2,7 @@
 format_version: 1.0.0
 name: mimecast
 title: "Mimecast"
-version: "1.4.0"
+version: "1.4.1"
 license: basic
 description: Collect logs from Mimecast with Elastic Agent.
 type: integration

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.4.1"
+  changes:
+    - description: Remove duplicate fields.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/4611
 - version: "1.4.0"
   changes:
     - description: Update package to ECS 8.5.0.

@@ -121,10 +121,6 @@
         As hostname is not always unique, use values that are meaningful in your environment.
 
         Example: The current usage of `beat.name`.'
-    - name: ip
-      level: core
-      type: ip
-      description: Host ip addresses.
     - name: mac
       level: core
       type: keyword

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: modsecurity
 title: "ModSecurity Audit"
-version: "1.4.0"
+version: "1.4.1"
 license: basic
 description: Collect logs from ModSecurity with Elastic Agent
 type: integration