[LogsDB] [Subscription basic] [zscaler_zia] Failing test daily: pipeline test: test-alerts.log in zscaler_zia.alerts

[elastic-vault-github-plugin-prod]

• Stack version: maximum of either the version used in PR builds or 8.17.0 (GA version for LogsDB index mode)
• LogsDB: enabled
• Subscription: basic
• Package: zscaler_zia
• Failing test: pipeline test: test-alerts.log
• DataStream: alerts
• Owners:
  • @elastic/security-service-integrations

Failure:

test case failed: Expected results are different from actual ones: --- want
+++ got
@@ -37,7 +37,7 @@
                     },
                     "log_syslog_priority": 114,
                     "message": "ZscalerNSS: Zscaler cloud configuration connection to  175.16.199.1:443 lost and unavailable for the past 2325.00 minutes",
-                    "timestamp": "2025-12-31T12:01:04.000Z"
+                    "timestamp": "2026-12-31T12:01:04.000Z"
                 }
             }
         },
@@ -79,7 +79,7 @@
                     "log_feed_name": "DNS Logs Feed",
                     "log_syslog_priority": 114,
                     "message": "ZscalerNSS: SIEM Feed connection \"DNS Logs Feed\" to 81.2.69.193:9012 lost and unavailable for the past 2440.00 minutes",
-                    "timestamp": "2025-12-31T13:02:05.000Z"
+                    "timestamp": "2026-12-31T13:02:05.000Z"
                 }
             }
         },
@@ -117,7 +117,7 @@
                     },
         

First build failed: https://buildkite.com/elastic/integrations/builds/36132

Latest failed builds:

• https://buildkite.com/elastic/integrations/builds/36169

[brijesh-elastic]

It should be resolved with this PR.