This is a meta issue to track ECS 8.3 updates to Fleet integrations maintained by the elastic/security-external-integrations team.
ECS 8.3 Changes
This is a summary of the changes in ECS 8.3. You can view the official changelog here.
Added
- Added
pattern attribute to .mac fields.
- Add
orchestrator.cluster.id
- Add
orchestrator.resource.id
SEI owned Integrations
All integrations are updated in #3353. Separate PRs were merged to correct packages that were not formatting MACs as expected and these could be merged since this was already part of ECS prior to 8.3.
Integrations SEI contributes to
I reviewed these to see if they were affected any changes to ECS. None of them were affected so I didn't open a PR.
- aws.cloudtrail
- aws.vpcflow
- system.application
- system.auth
- system.security
- system.system
- windows.forwarded
- windows.powershell
- windows.powershell_operational
- windows.sysmon_operational
This is a meta issue to track ECS 8.3 updates to Fleet integrations maintained by the
elastic/security-external-integrationsteam.ECS 8.3 Changes
This is a summary of the changes in ECS 8.3. You can view the official changelog here.
Added
patternattribute to.macfields.orchestrator.cluster.idorchestrator.resource.idSEI owned Integrations
All integrations are updated in #3353. Separate PRs were merged to correct packages that were not formatting MACs as expected and these could be merged since this was already part of ECS prior to 8.3.
Integrations SEI contributes to
I reviewed these to see if they were affected any changes to ECS. None of them were affected so I didn't open a PR.