elastic
diff --git a/‎packages/hashicorp_vault/_dev/build/build.yml‎
Lines changed: 1 addition & 1 deletion b/‎packages/hashicorp_vault/_dev/build/build.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎packages/hashicorp_vault/changelog.yml‎
Lines changed: 5 additions & 0 deletions b/‎packages/hashicorp_vault/changelog.yml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎packages/hashicorp_vault/data_stream/audit/_dev/test/pipeline/test-audit.log-expected.json‎
Lines changed: 16 additions & 16 deletions b/‎packages/hashicorp_vault/data_stream/audit/_dev/test/pipeline/test-audit.log-expected.json‎
Lines changed: 16 additions & 16 deletions
diff --git a/‎packages/hashicorp_vault/data_stream/audit/_dev/test/pipeline/test-faked-all-fields.log-expected.json‎
Lines changed: 8 additions & 8 deletions b/‎packages/hashicorp_vault/data_stream/audit/_dev/test/pipeline/test-faked-all-fields.log-expected.json‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎packages/hashicorp_vault/data_stream/audit/elasticsearch/ingest_pipeline/default.yml‎
Lines changed: 2 additions & 2 deletions b/‎packages/hashicorp_vault/data_stream/audit/elasticsearch/ingest_pipeline/default.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎packages/hashicorp_vault/data_stream/audit/sample_event.json‎
Lines changed: 16 additions & 17 deletions b/‎packages/hashicorp_vault/data_stream/audit/sample_event.json‎
Lines changed: 16 additions & 17 deletions
@@ -1,3 +1,3 @@
 dependencies:
   ecs:
-    reference: git@1.12
+    reference: git@8.0
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.0.0"
+  changes:
+    - description: Update to ECS 8.0
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/2409
 - version: "1.2.2"
   changes:
     - description: Regenerate test files using the new GeoIP database
 
@@ -3,7 +3,7 @@
         {
             "@timestamp": "2018-04-09T21:04:29.640Z",
             "ecs": {
-                "version": "1.12.0"
+                "version": "8.0.0"
             },
             "hashicorp_vault": {
                 "audit": {
@@ -48,7 +48,7 @@
                 "ip": "172.17.0.1"
             },
             "event": {
-                "ingested": "2021-12-14T14:46:43.994434636Z",
+                "ingested": "2021-12-31T06:19:24.952161756Z",
                 "original": "{\"time\":\"2018-04-09T21:04:29.6406536Z\",\"type\":\"request\",\"auth\":{\"client_token\":\"hmac-sha256:eb3da855a3fb8b1c3574064f7edd080a97c4ebcf4a8e6674126710915fe464ae\",\"accessor\":\"hmac-sha256:f5a8798113bb65c0676abb3eef5ca5482c0c7daac38da36d402282a5414fcf3d\",\"display_name\":\"token\",\"policies\":[\"default\",\"sudo\",\"surf-admin\"],\"metadata\":{\"loglevel\":\"raw\",\"remote\":\"false\",\"surf\":\"moderate\"},\"entity_id\":\"\"},\"request\":{\"id\":\"b2f72168-6cba-1bab-808a-72d9304b82f8\",\"operation\":\"read\",\"client_token\":\"hmac-sha256:eb3da855a3fb8b1c3574064f7edd080a97c4ebcf4a8e6674126710915fe464ae\",\"client_token_accessor\":\"hmac-sha256:f5a8798113bb65c0676abb3eef5ca5482c0c7daac38da36d402282a5414fcf3d\",\"path\":\"auth/token/lookup-self\",\"data\":null,\"policy_override\":false,\"remote_address\":\"172.17.0.1\",\"wrap_ttl\":0,\"headers\":{}},\"error\":\"\"}",
                 "kind": "event",
                 "action": "read",
@@ -70,7 +70,7 @@
         {
             "@timestamp": "2018-04-09T21:04:29.642Z",
             "ecs": {
-                "version": "1.12.0"
+                "version": "8.0.0"
             },
             "hashicorp_vault": {
                 "audit": {
@@ -143,7 +143,7 @@
                 "ip": "172.17.0.1"
             },
             "event": {
-                "ingested": "2021-12-14T14:46:43.994437407Z",
+                "ingested": "2021-12-31T06:19:24.952163821Z",
                 "original": "{\"time\":\"2018-04-09T21:04:29.6420203Z\",\"type\":\"response\",\"auth\":{\"client_token\":\"hmac-sha256:eb3da855a3fb8b1c3574064f7edd080a97c4ebcf4a8e6674126710915fe464ae\",\"accessor\":\"hmac-sha256:f5a8798113bb65c0676abb3eef5ca5482c0c7daac38da36d402282a5414fcf3d\",\"display_name\":\"token\",\"policies\":[\"default\",\"sudo\",\"surf-admin\"],\"metadata\":{\"loglevel\":\"raw\",\"remote\":\"false\",\"surf\":\"moderate\"},\"entity_id\":\"\"},\"request\":{\"id\":\"b2f72168-6cba-1bab-808a-72d9304b82f8\",\"operation\":\"read\",\"client_token\":\"hmac-sha256:eb3da855a3fb8b1c3574064f7edd080a97c4ebcf4a8e6674126710915fe464ae\",\"client_token_accessor\":\"hmac-sha256:f5a8798113bb65c0676abb3eef5ca5482c0c7daac38da36d402282a5414fcf3d\",\"path\":\"auth/token/lookup-self\",\"data\":null,\"policy_override\":false,\"remote_address\":\"172.17.0.1\",\"wrap_ttl\":0,\"headers\":{}},\"response\":{\"data\":{\"accessor\":\"hmac-sha256:f5a8798113bb65c0676abb3eef5ca5482c0c7daac38da36d402282a5414fcf3d\",\"creation_time\":1523307682,\"creation_ttl\":180000000,\"display_name\":\"hmac-sha256:e38035c165f0076d9288ba0363eb36733379cc5d370bec5e82f11632519c26a8\",\"entity_id\":\"hmac-sha256:2fced7e2c77266f5079d733bea71dc8c8413d3838584ca9d0f4867271df7a220\",\"expire_time\":\"2023-12-23T05:01:22.8929692Z\",\"explicit_max_ttl\":0,\"id\":\"hmac-sha256:eb3da855a3fb8b1c3574064f7edd080a97c4ebcf4a8e6674126710915fe464ae\",\"issue_time\":\"2018-04-09T21:01:22.8929624Z\",\"meta\":{\"loglevel\":\"hmac-sha256:eac4a7deb2df94609ab14ae48b9edea81d91de51be1dd59df6ca6852537227c5\",\"remote\":\"hmac-sha256:aa2d1dd64d4468bbd9c6b0ca275cdffb7473a2d91b5f42a047161620245fcc79\",\"surf\":\"hmac-sha256:8b29af9294da23c72de8d8d847ccebd450d978af5565807d0c9922b6b2e92988\"},\"num_uses\":0,\"orphan\":false,\"path\":\"hmac-sha256:36ea987a227a2c7aefe055a98f99751383f601955e9f1925bd3c2d6f9931a025\",\"policies\":[\"hmac-sha256:451623ebbe12fb9b1b3f444ceb5a5a46102452e46d640925c7b0dcb93a65a99a\",\"hmac-sha256:9a76c609b073848f2d9cb4a7fcddfc2103c0063480b87a9ee585e9e072e901d9\",\"hmac-sha256:8924f876eca967c68bbc8ac138e9f876f2144e300c08b1898224fc76902c1fe3\"],\"renewable\":true,\"ttl\":179999812}},\"error\":\"\"}",
                 "kind": "event",
                 "action": "read",
@@ -165,7 +165,7 @@
         {
             "@timestamp": "2021-07-21T12:37:50.936Z",
             "ecs": {
-                "version": "1.12.0"
+                "version": "8.0.0"
             },
             "hashicorp_vault": {
                 "audit": {
@@ -233,7 +233,7 @@
                 "ip": "127.0.0.1"
             },
             "event": {
-                "ingested": "2021-12-14T14:46:43.994437841Z",
+                "ingested": "2021-12-31T06:19:24.952164714Z",
                 "original": "{\"time\":\"2021-07-21T12:37:50.93608Z\",\"type\":\"request\",\"auth\":{\"client_token\":\"hmac-sha256:3aae134b7843218bf089cd9b01a55ec417346a242b5383a7fac2ab49692f403a\",\"accessor\":\"bar\",\"display_name\":\"testtoken\",\"policies\":[\"root\"],\"token_policies\":[\"web\"],\"identity_policies\":[\"ident1\",\"ident2\"],\"external_namespace_policies\":{\"ns1\":[\"baz\"]},\"no_default_policy\":true,\"metadata\":{\"id\":\"007\"},\"remaining_uses\":5,\"entity_id\":\"foobarentity\",\"token_type\":\"service\",\"token_ttl\":14400,\"token_issue_time\":\"2020-05-28T13:40:18-05:00\"},\"request\":{\"id\":\"002c8225-e859-44a0-9ccb-471c3655dbd8\",\"operation\":\"update\",\"mount_type\":\"kv\",\"client_token\":\"hmac-sha256:e890f27c5ee11e26bda7c8e6ec218af451a6b1e35f9fe6d0676f1b29889b406c\",\"client_token_accessor\":\"35e2f256-0fc3-4eea-9405-3e212435b6c7\",\"namespace\":{\"id\":\"root\"},\"path\":\"secrets/foo\",\"data\":{\"data\":\"hmac-sha256:46c0fd3146d89ff602279417df7ac9267ce58fa3c6d2535d2d9050a5323c21ec\"},\"policy_override\":true,\"remote_address\":\"127.0.0.1\",\"wrap_ttl\":3600,\"headers\":{\"foo\":[\"bar\"]}},\"error\":\"this is an error\"}",
                 "kind": "event",
                 "action": "update",
@@ -255,7 +255,7 @@
         {
             "@timestamp": "2021-07-21T12:37:50.936Z",
             "ecs": {
-                "version": "1.12.0"
+                "version": "8.0.0"
             },
             "hashicorp_vault": {
                 "audit": {
@@ -371,7 +371,7 @@
                 "ip": "127.0.0.1"
             },
             "event": {
-                "ingested": "2021-12-14T14:46:43.994438242Z",
+                "ingested": "2021-12-31T06:19:24.952165455Z",
                 "original": "{\"time\":\"2021-07-21T12:37:50.936443Z\",\"type\":\"response\",\"auth\":{\"client_token\":\"hmac-sha256:3aae134b7843218bf089cd9b01a55ec417346a242b5383a7fac2ab49692f403a\",\"accessor\":\"bar\",\"display_name\":\"testtoken\",\"policies\":[\"root\"],\"token_policies\":[\"web\"],\"identity_policies\":[\"ident1\",\"ident2\"],\"external_namespace_policies\":{\"ns1\":[\"baz\"]},\"no_default_policy\":true,\"metadata\":{\"id\":\"007\"},\"remaining_uses\":5,\"entity_id\":\"foobarentity\",\"token_type\":\"service\",\"token_ttl\":14400,\"token_issue_time\":\"2020-05-28T13:40:18-05:00\"},\"request\":{\"id\":\"002c8225-e859-44a0-9ccb-471c3655dbd8\",\"operation\":\"update\",\"mount_type\":\"kv\",\"client_token\":\"hmac-sha256:e890f27c5ee11e26bda7c8e6ec218af451a6b1e35f9fe6d0676f1b29889b406c\",\"client_token_accessor\":\"35e2f256-0fc3-4eea-9405-3e212435b6c7\",\"namespace\":{\"id\":\"root\"},\"path\":\"secrets/foo\",\"data\":{\"data\":\"hmac-sha256:46c0fd3146d89ff602279417df7ac9267ce58fa3c6d2535d2d9050a5323c21ec\"},\"policy_override\":true,\"remote_address\":\"127.0.0.1\",\"wrap_ttl\":3600,\"headers\":{\"foo\":[\"bar\"]}},\"response\":{\"auth\":{\"client_token\":\"hmac-sha256:3aae134b7843218bf089cd9b01a55ec417346a242b5383a7fac2ab49692f403a\",\"accessor\":\"bar\",\"display_name\":\"testtoken\",\"policies\":[\"root\"],\"token_policies\":[\"web\"],\"identity_policies\":[\"ident1\",\"ident2\"],\"external_namespace_policies\":{\"ns1\":[\"baz\"]},\"no_default_policy\":true,\"metadata\":{\"id\":\"007\"},\"entity_id\":\"foobarentity\",\"token_type\":\"service\",\"token_ttl\":14400,\"token_issue_time\":\"2020-05-28T13:40:18-05:00\"},\"mount_type\":\"kv\",\"data\":{\"certificate\":\"hmac-sha256:cb232c6394c9149b7f06f85e8ed9fcc55b7d1db82dd0ec1d321d0a83a7adda01\"},\"redirect\":\"redirect\",\"wrap_info\":{\"ttl\":3600,\"token\":\"hmac-sha256:09dff0fdb8db56293383d7d0347afdf64ceb672cb9aea2c66edd802bcd714094\",\"accessor\":\"xzW2I9CMqcALsllhYvqtlsvq\",\"creation_time\":\"2020-05-28T18:40:18Z\",\"creation_path\":\"auth/token/create\",\"wrapped_accessor\":\"Bh57rT8zuhspG9APjXpGpiAJ\"},\"headers\":{\"Extra-Extra\":[\"read\"]}},\"error\":\"this is an error\"}",
                 "kind": "event",
                 "action": "update",
 
@@ -6,7 +6,7 @@ processors:
       value: "{{ _ingest.timestamp }}"
   - set:
       field: ecs.version
-      value: '1.12.0'
+      value: '8.0.0'
   - rename:
       field: message
       target_field: event.original
@@ -180,4 +180,4 @@ processors:
 on_failure:
 - set:
     field: error.message
-    value: '{{ _ingest.on_failure_message }}'
+    value: '{{ _ingest.on_failure_message }}'
@@ -1,25 +1,24 @@
 {
-    "@timestamp": "2021-10-13T03:27:26.362Z",
+    "@timestamp": "2021-12-31T06:22:28.033Z",
     "agent": {
-        "ephemeral_id": "fb2d978e-e42d-49f5-8ca1-4fac9f7d9b52",
-        "hostname": "docker-fleet-agent",
-        "id": "348f4f6e-829a-463d-aed0-37c853e7ce84",
+        "ephemeral_id": "811bad69-22ce-4916-ba38-a3434ca08ca7",
+        "id": "44fee708-bbda-4ff1-b9ec-1205bdf389f9",
         "name": "docker-fleet-agent",
         "type": "filebeat",
-        "version": "7.15.0"
+        "version": "8.0.0-beta1"
     },
     "data_stream": {
         "dataset": "hashicorp_vault.audit",
         "namespace": "ep",
         "type": "logs"
     },
     "ecs": {
-        "version": "1.12.0"
+        "version": "8.0.0"
     },
     "elastic_agent": {
-        "id": "348f4f6e-829a-463d-aed0-37c853e7ce84",
-        "snapshot": true,
-        "version": "7.15.0"
+        "id": "44fee708-bbda-4ff1-b9ec-1205bdf389f9",
+        "snapshot": false,
+        "version": "8.0.0-beta1"
     },
     "event": {
         "action": "update",
@@ -28,10 +27,10 @@
             "authentication"
         ],
         "dataset": "hashicorp_vault.audit",
-        "id": "ce68275e-dce8-42b4-4a79-6b366a3b702e",
-        "ingested": "2021-10-13T03:27:54Z",
+        "id": "211d5d7e-92c3-1cce-1ecf-c7b03fff3763",
+        "ingested": "2021-12-31T06:22:55Z",
         "kind": "event",
-        "original": "{\"time\":\"2021-10-13T03:27:26.362354182Z\",\"type\":\"request\",\"auth\":{\"token_type\":\"default\"},\"request\":{\"id\":\"ce68275e-dce8-42b4-4a79-6b366a3b702e\",\"operation\":\"update\",\"namespace\":{\"id\":\"root\"},\"path\":\"sys/audit/test\"}}",
+        "original": "{\"time\":\"2021-12-31T06:22:28.033126729Z\",\"type\":\"request\",\"auth\":{\"token_type\":\"default\"},\"request\":{\"id\":\"211d5d7e-92c3-1cce-1ecf-c7b03fff3763\",\"operation\":\"update\",\"namespace\":{\"id\":\"root\"},\"path\":\"sys/audit/test\"}}",
         "outcome": "success",
         "type": [
             "change"
@@ -43,7 +42,7 @@
                 "token_type": "default"
             },
             "request": {
-                "id": "ce68275e-dce8-42b4-4a79-6b366a3b702e",
+                "id": "211d5d7e-92c3-1cce-1ecf-c7b03fff3763",
                 "namespace": {
                     "id": "root"
                 },
@@ -57,18 +56,18 @@
         "architecture": "x86_64",
         "containerized": true,
         "hostname": "docker-fleet-agent",
-        "id": "6505f7ca36739e7eb909bdb52bf3ec18",
+        "id": "4ccba669f0df47fa3f57a9e4169ae7f1",
         "ip": [
-            "192.168.176.4"
+            "172.18.0.4"
         ],
         "mac": [
-            "02:42:c0:a8:b0:04"
+            "02:42:ac:12:00:04"
         ],
         "name": "docker-fleet-agent",
         "os": {
             "codename": "Core",
             "family": "redhat",
-            "kernel": "5.11.0-37-generic",
+            "kernel": "5.11.0-43-generic",
             "name": "CentOS Linux",
             "platform": "centos",
             "type": "linux",