Merge branch 'main' into aws-cloud-trail-15057

moxarth-rathod · web-flow · commit 6cb11cae8aa6 · 2025-09-09T10:56:15.000+05:30
diff --git a/.github/workflows/bump-elastic-stack-version.yml b/.github/workflows/bump-elastic-stack-version.yml
@@ -25,7 +25,7 @@ jobs:
       - uses: actions/checkout@v5
 
       - name: Install Updatecli in the runner
-        uses: updatecli/updatecli-action@a327da0e796f543b8fa4706e5ed63014852ead0e #v2.91.0
+        uses: updatecli/updatecli-action@0224b21c3687ac1a7510298d58c9a42db84e5814 #v2.92.0
 
       - name: Select diff action
         if: ${{ github.event_name == 'pull_request' }}
diff --git a/go.mod b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/magefile/mage v1.15.0
 	github.com/pkg/errors v0.9.1
 	github.com/stretchr/testify v1.11.1
-	golang.org/x/mod v0.27.0
+	golang.org/x/mod v0.28.0
 	golang.org/x/tools v0.36.0
 	gopkg.in/yaml.v3 v3.0.1
 )
diff --git a/go.sum b/go.sum
@@ -677,8 +677,8 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
-golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
+golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U=
+golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
diff --git a/packages/dga/changelog.yml b/packages/dga/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.3.3"
+  changes:
+    - description: Remove instructions to change the `default_pipeline` for an index
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/15229
 - version: "2.3.2"
   changes:
     - description: Correct typo in Readme
diff --git a/packages/dga/docs/README.md b/packages/dga/docs/README.md
@@ -60,14 +60,6 @@ For more detailed information refer to the following blogs:
       ```
     - If the `@custom` component template already exists, you will need to edit it to add mappings for data to be properly enriched. Click the three dots next to it and select **Edit**. 
     ![Component Templates](../img/component-templates-edit.png)
-    - On the index settings step, add the following. Be sure to change `<VERSION>` to the current package version.
-      ```
-      {
-        "index": {
-          "default_pipeline": "<VERSION>-ml_dga_ingest_pipeline"
-        }
-      }
-      ```
     - Proceed to the mappings step in the UI. Click **Add Field** at the bottom of the page and create an an `Object` field for `ml_is_dga`. 
     ![Component Templates](../img/field1.png)
     - Finally create two properties under `ml_is_dga`.
diff --git a/packages/dga/manifest.yml b/packages/dga/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 3.0.4
 name: dga
 title: "Domain Generation Algorithm Detection"
-version: 2.3.2
+version: 2.3.3
 source:
   license: "Elastic-2.0"
 description: "ML solution package to detect domain generation algorithm (DGA) activity in your network data."
diff --git a/packages/pad/changelog.yml b/packages/pad/changelog.yml
@@ -1,3 +1,8 @@
+- version: "0.6.3"
+  changes:
+    - description: Remove instructions to change the `default_pipeline` for an index
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/15229
 - version: "0.6.2"
   changes:
     - description: Update transform mappings to use ECS
diff --git a/packages/pad/docs/README.md b/packages/pad/docs/README.md
@@ -32,11 +32,6 @@ The package transform supports data from Elastic Endpoint via Elastic Defend and
       PUT _component_template/{COMPONENT_TEMPLATE_NAME}@custom
       {
         "template": {
-          "settings": {
-            "index": {
-              "default_pipeline": "<VERSION>-ml_pad_ingest_pipeline"
-            }
-          },
           "mappings": {
             "properties": {
               "process": {
@@ -54,14 +49,6 @@ The package transform supports data from Elastic Endpoint via Elastic Defend and
       ```
     - If the `@custom` component template already exists, you will need to edit it to add mappings for data to be properly enriched. Click the three dots next to it and select **Edit**. 
     ![Component Templates](../img/component-templates-edit.png)
-    - On the index settings step, add the following. Be sure to change `<VERSION>` to the current package version.
-      ```
-      {
-        "index": {
-          "default_pipeline": "<VERSION>-ml_pad_ingest_pipeline"
-        }
-      }
-      ```
     - Proceed to the mappings step in the UI. Click **Add Field** at the bottom of the page and create an `Object` field for `process`:
     ![Component Templates](../img/field1.png)
     - Create a property under Process for `command_line_entropy` of type `Double`. 
diff --git a/packages/pad/manifest.yml b/packages/pad/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 3.0.0
 name: pad
 title: "Privileged Access Detection"
-version: 0.6.2
+version: 0.6.3
 source:
   license: "Elastic-2.0"
 description: "ML package to detect anomalous privileged access activity in Windows, Linux and Okta logs"
diff --git a/packages/problemchild/changelog.yml b/packages/problemchild/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.4.2"
+  changes:
+    - description: Remove instructions to change the `default_pipeline` for an index
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/15229
 - version: "2.4.1"
   changes:
     - description: Update platform support docs
diff --git a/packages/problemchild/docs/README.md b/packages/problemchild/docs/README.md
@@ -41,11 +41,6 @@ For more detailed information refer to the following blogs and webinar:
       PUT _component_template/{COMPONENT_TEMPLATE_NAME}@custom
       {
         "template": {
-          "settings": {
-            "index": {
-              "default_pipeline": "<VERSION>-problem_child_ingest_pipeline"
-            }
-          },
           "mappings": {
             "properties": {
               "blocklist_label": {
@@ -69,14 +64,6 @@ For more detailed information refer to the following blogs and webinar:
       ```
     - If the `@custom` component template already exists, you will need to edit it to add mappings for data to be properly enriched. Click the three dots next to it and select **Edit**. 
     ![Component Templates](../img/component-templates-edit.png)
-    - On the index settings step, add the following. Be sure to change `<VERSION>` to the current package version.
-      ```
-      {
-        "index": {
-          "default_pipeline": "<VERSION>-problem_child_ingest_pipeline"
-        }
-      }
-      ```
     - Proceed to the mappings step in the UI. Click **Add Field** at the bottom of the page and create a `blocklist_label` field of type `Long`:
     ![Component Templates](../img/field1.png)
     - Then create an `Object` field for `problemchild`. 
diff --git a/packages/problemchild/manifest.yml b/packages/problemchild/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 3.0.0
 name: problemchild
 title: "Living off the Land Attack Detection"
-version: 2.4.1
+version: 2.4.2
 source:
   license: "Elastic-2.0"
 description: "ML solution package to detect Living off the Land (LotL) attacks in your environment. Requires a Platinum subscription."

Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@ require (`
`13`	`13`	`github.com/magefile/mage v1.15.0`
`14`	`14`	`github.com/pkg/errors v0.9.1`
`15`	`15`	`github.com/stretchr/testify v1.11.1`
`16`		`- golang.org/x/mod v0.27.0`
	`16`	`+ golang.org/x/mod v0.28.0`
`17`	`17`	`golang.org/x/tools v0.36.0`
`18`	`18`	`gopkg.in/yaml.v3 v3.0.1`
`19`	`19`	`)`