From 4188edf785c2ae382a24eec047e61405702826ba Mon Sep 17 00:00:00 2001 From: animehart Date: Wed, 3 Sep 2025 15:19:26 -0700 Subject: [PATCH 1/8] added new workflow category to related integrations, TODO: update changelogs --- packages/aws/manifest.yml | 3 +++ packages/cloud_security_posture/manifest.yml | 5 +++++ packages/google_scc/manifest.yml | 1 + packages/m365_defender/manifest.yml | 2 ++ packages/microsoft_defender_cloud/manifest.yml | 1 + packages/microsoft_defender_endpoint/manifest.yml | 1 + packages/qualys_vmdr/manifest.yml | 1 + packages/rapid7_insightvm/manifest.yml | 1 + packages/tenable_io/manifest.yml | 1 + packages/wiz/manifest.yml | 2 ++ 10 files changed, 18 insertions(+) diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml index 541a9003dcd..987bff82bdb 100644 --- a/packages/aws/manifest.yml +++ b/packages/aws/manifest.yml @@ -773,6 +773,8 @@ policy_templates: categories: - security - cloudsecurity_cdr + - vulnerability_workflow + - misconfiguration_workflow inputs: - type: httpjson title: Collect AWS Security Hub logs via API @@ -807,6 +809,7 @@ policy_templates: categories: - security - cloudsecurity_cdr + - vulnerability_workflow inputs: - type: httpjson title: Collect Amazon Inspector logs via API diff --git a/packages/cloud_security_posture/manifest.yml b/packages/cloud_security_posture/manifest.yml index effe9f7cba1..2b166305fb3 100644 --- a/packages/cloud_security_posture/manifest.yml +++ b/packages/cloud_security_posture/manifest.yml @@ -9,6 +9,8 @@ type: integration categories: - security - cloudsecurity_cdr + - misconfiguration_workflow + - vulnerability_workflow conditions: kibana: version: "^9.1.0" @@ -67,6 +69,7 @@ policy_templates: - kubernetes - security - aws + - misconfiguration_workflow icons: - src: /img/logo_kspm.svg title: KSPM logo @@ -95,6 +98,7 @@ policy_templates: - cloud - aws - google_cloud + - misconfiguration_workflow icons: - src: /img/logo_cspm.svg title: CSPM logo @@ -176,6 +180,7 @@ policy_templates: categories: - security - cloud + - vulnerability_workflow icons: - src: /img/logo_vuln_mgmt.svg title: Vulnerability Management logo diff --git a/packages/google_scc/manifest.yml b/packages/google_scc/manifest.yml index afe9068f6e7..ee8a78dd953 100644 --- a/packages/google_scc/manifest.yml +++ b/packages/google_scc/manifest.yml @@ -8,6 +8,7 @@ categories: - google_cloud - security - cloudsecurity_cdr + - vulnerability_workflow conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/m365_defender/manifest.yml b/packages/m365_defender/manifest.yml index 190a75cedab..2279b1a781e 100644 --- a/packages/m365_defender/manifest.yml +++ b/packages/m365_defender/manifest.yml @@ -6,6 +6,8 @@ description: Collect logs from Microsoft Defender XDR with Elastic Agent. categories: - "security" - "edr_xdr" + - "vulnerability_workflow" + - "misconfiguration_workflow" type: integration conditions: elastic: diff --git a/packages/microsoft_defender_cloud/manifest.yml b/packages/microsoft_defender_cloud/manifest.yml index c627f6c6a27..0efd78727aa 100644 --- a/packages/microsoft_defender_cloud/manifest.yml +++ b/packages/microsoft_defender_cloud/manifest.yml @@ -7,6 +7,7 @@ type: integration categories: - security - cloudsecurity_cdr + - vulnerability_workflow conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/microsoft_defender_endpoint/manifest.yml b/packages/microsoft_defender_endpoint/manifest.yml index 502fbadec3e..dfe1a6655a2 100644 --- a/packages/microsoft_defender_endpoint/manifest.yml +++ b/packages/microsoft_defender_endpoint/manifest.yml @@ -6,6 +6,7 @@ description: Collect logs from Microsoft Defender for Endpoint with Elastic Agen categories: - "security" - "edr_xdr" + - "vulnerability_workflow" type: integration conditions: kibana: diff --git a/packages/qualys_vmdr/manifest.yml b/packages/qualys_vmdr/manifest.yml index 688c104ae68..cfe23198d9e 100644 --- a/packages/qualys_vmdr/manifest.yml +++ b/packages/qualys_vmdr/manifest.yml @@ -7,6 +7,7 @@ type: integration categories: - security - vulnerability_management + - vulnerability_workflow conditions: kibana: version: "^8.19.0 || ^9.1.0" diff --git a/packages/rapid7_insightvm/manifest.yml b/packages/rapid7_insightvm/manifest.yml index 7469cd2a976..5292e1c3710 100644 --- a/packages/rapid7_insightvm/manifest.yml +++ b/packages/rapid7_insightvm/manifest.yml @@ -9,6 +9,7 @@ type: integration categories: - security - vulnerability_management + - vulnerability_workflow conditions: kibana: version: "^8.19.0 || ^9.1.0" diff --git a/packages/tenable_io/manifest.yml b/packages/tenable_io/manifest.yml index a0929fc5e0a..6b687a3847d 100644 --- a/packages/tenable_io/manifest.yml +++ b/packages/tenable_io/manifest.yml @@ -7,6 +7,7 @@ type: integration categories: - security - vulnerability_management + - vulnerability_workflow conditions: kibana: version: "^8.19.0 || ^9.1.0" diff --git a/packages/wiz/manifest.yml b/packages/wiz/manifest.yml index 4c1478e5883..21b4fc89bd3 100644 --- a/packages/wiz/manifest.yml +++ b/packages/wiz/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - cloudsecurity_cdr + - vulnerability_workflow + - misconfiguration_workflow conditions: kibana: version: "~8.16.6 || ~8.17.4 || ^8.18.0 || ^9.0.0" From 19d0d22916110b735ea5fd038295d8677afd9e85 Mon Sep 17 00:00:00 2001 From: animehart Date: Wed, 3 Sep 2025 15:51:59 -0700 Subject: [PATCH 2/8] updated changelog and versions on manifest --- packages/aws/changelog.yml | 5 +++++ packages/aws/manifest.yml | 2 +- packages/cloud_security_posture/changelog.yml | 5 +++++ packages/cloud_security_posture/manifest.yml | 2 +- packages/google_scc/changelog.yml | 5 +++++ packages/google_scc/manifest.yml | 2 +- packages/m365_defender/changelog.yml | 5 +++++ packages/m365_defender/manifest.yml | 2 +- packages/microsoft_defender_cloud/changelog.yml | 5 +++++ packages/microsoft_defender_cloud/manifest.yml | 2 +- packages/microsoft_defender_endpoint/changelog.yml | 5 +++++ packages/microsoft_defender_endpoint/manifest.yml | 2 +- packages/qualys_vmdr/changelog.yml | 5 +++++ packages/qualys_vmdr/manifest.yml | 2 +- packages/rapid7_insightvm/changelog.yml | 5 +++++ packages/rapid7_insightvm/manifest.yml | 2 +- packages/tenable_io/changelog.yml | 5 +++++ packages/tenable_io/manifest.yml | 2 +- packages/wiz/changelog.yml | 5 +++++ packages/wiz/manifest.yml | 2 +- 20 files changed, 60 insertions(+), 10 deletions(-) diff --git a/packages/aws/changelog.yml b/packages/aws/changelog.yml index 37f939ea300..932ac17b9c3 100644 --- a/packages/aws/changelog.yml +++ b/packages/aws/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.13.3" + changes: + - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "3.13.2" changes: - description: Remove Include Linked Accounts config option from AWS Health. diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml index 987bff82bdb..7ffbc7eeddd 100644 --- a/packages/aws/manifest.yml +++ b/packages/aws/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.2 name: aws title: AWS -version: 3.13.2 +version: 3.13.3 description: Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent. type: integration categories: diff --git a/packages/cloud_security_posture/changelog.yml b/packages/cloud_security_posture/changelog.yml index 47cf11c030b..26039de743d 100644 --- a/packages/cloud_security_posture/changelog.yml +++ b/packages/cloud_security_posture/changelog.yml @@ -15,6 +15,11 @@ # 1.4.x - 8.9.x # 1.3.x - 8.8.x # 1.2.x - 8.7.x +- version: "3.1.0-preview01" + changes: + - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "3.0.0" changes: - description: Release version 3.0.0. diff --git a/packages/cloud_security_posture/manifest.yml b/packages/cloud_security_posture/manifest.yml index 2b166305fb3..b0229051a6b 100644 --- a/packages/cloud_security_posture/manifest.yml +++ b/packages/cloud_security_posture/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.2 name: cloud_security_posture title: "Security Posture Management" -version: "3.0.0" +version: "3.1.0-preview01" source: license: "Elastic-2.0" description: "Identify & remediate configuration risks in your Cloud infrastructure" diff --git a/packages/google_scc/changelog.yml b/packages/google_scc/changelog.yml index 93262f48f16..8c58bfd40fc 100644 --- a/packages/google_scc/changelog.yml +++ b/packages/google_scc/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.10.2" + changes: + - description: Add vulnerability_workflow sub category label. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "1.10.1" changes: - description: Add temporary processor to remove the fields added by the Agentless policy. diff --git a/packages/google_scc/manifest.yml b/packages/google_scc/manifest.yml index ee8a78dd953..4fe46799b74 100644 --- a/packages/google_scc/manifest.yml +++ b/packages/google_scc/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.2.3" name: google_scc title: Google Security Command Center -version: "1.10.1" +version: "1.10.2" description: Collect logs from Google Security Command Center with Elastic Agent. type: integration categories: diff --git a/packages/m365_defender/changelog.yml b/packages/m365_defender/changelog.yml index 4413da3d3cb..7641f43491a 100644 --- a/packages/m365_defender/changelog.yml +++ b/packages/m365_defender/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.14.0" + changes: + - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "3.13.0" changes: - description: Add `process.name` ECS mapping in alert, event, and incident data streams. diff --git a/packages/m365_defender/manifest.yml b/packages/m365_defender/manifest.yml index 2279b1a781e..3c6c9319ba3 100644 --- a/packages/m365_defender/manifest.yml +++ b/packages/m365_defender/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: m365_defender title: Microsoft Defender XDR -version: "3.13.0" +version: "3.14.0" description: Collect logs from Microsoft Defender XDR with Elastic Agent. categories: - "security" diff --git a/packages/microsoft_defender_cloud/changelog.yml b/packages/microsoft_defender_cloud/changelog.yml index 0e5e52a296e..f3a9b963278 100644 --- a/packages/microsoft_defender_cloud/changelog.yml +++ b/packages/microsoft_defender_cloud/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.7.0" + changes: + - description: Add vulnerability_workflow sub category label. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "2.6.0" changes: - description: Normalize `event.severity` values across EDR integrations. diff --git a/packages/microsoft_defender_cloud/manifest.yml b/packages/microsoft_defender_cloud/manifest.yml index 0efd78727aa..4ca0d6685e7 100644 --- a/packages/microsoft_defender_cloud/manifest.yml +++ b/packages/microsoft_defender_cloud/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: microsoft_defender_cloud title: Microsoft Defender for Cloud -version: "2.6.0" +version: "2.7.0" description: Collect logs from Microsoft Defender for Cloud with Elastic Agent. type: integration categories: diff --git a/packages/microsoft_defender_endpoint/changelog.yml b/packages/microsoft_defender_endpoint/changelog.yml index 651b01f7cd2..04e398d1dad 100644 --- a/packages/microsoft_defender_endpoint/changelog.yml +++ b/packages/microsoft_defender_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.43.0" + changes: + - description: Add vulnerability_workflow sub category label. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "2.42.0" changes: - description: Add `process.name` ECS mapping in log data stream. diff --git a/packages/microsoft_defender_endpoint/manifest.yml b/packages/microsoft_defender_endpoint/manifest.yml index dfe1a6655a2..bd1a2133dd4 100644 --- a/packages/microsoft_defender_endpoint/manifest.yml +++ b/packages/microsoft_defender_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: microsoft_defender_endpoint title: Microsoft Defender for Endpoint -version: "2.42.0" +version: "2.43.0" description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent. categories: - "security" diff --git a/packages/qualys_vmdr/changelog.yml b/packages/qualys_vmdr/changelog.yml index c61dcac9487..173a4fedbfb 100644 --- a/packages/qualys_vmdr/changelog.yml +++ b/packages/qualys_vmdr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "6.8.1" + changes: + - description: Add vulnerability_workflow sub category label. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "6.8.0" changes: - description: Use `terminate` processor instead of `fail` processor to handle agent errors. diff --git a/packages/qualys_vmdr/manifest.yml b/packages/qualys_vmdr/manifest.yml index cfe23198d9e..73560f8c108 100644 --- a/packages/qualys_vmdr/manifest.yml +++ b/packages/qualys_vmdr/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: qualys_vmdr title: Qualys VMDR -version: "6.8.0" +version: "6.8.1" description: Collect data from Qualys VMDR platform with Elastic Agent. type: integration categories: diff --git a/packages/rapid7_insightvm/changelog.yml b/packages/rapid7_insightvm/changelog.yml index fc616a81d0d..c4b67dc527a 100644 --- a/packages/rapid7_insightvm/changelog.yml +++ b/packages/rapid7_insightvm/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.1" + changes: + - description: Add vulnerability_workflow sub category label. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "2.1.0" changes: - description: Use `terminate` processor instead of `fail` processor to handle agent errors. diff --git a/packages/rapid7_insightvm/manifest.yml b/packages/rapid7_insightvm/manifest.yml index 5292e1c3710..e004084d0b0 100644 --- a/packages/rapid7_insightvm/manifest.yml +++ b/packages/rapid7_insightvm/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: rapid7_insightvm title: Rapid7 InsightVM -version: "2.1.0" +version: "2.1.1" source: license: "Elastic-2.0" description: Collect logs from Rapid7 InsightVM with Elastic Agent. diff --git a/packages/tenable_io/changelog.yml b/packages/tenable_io/changelog.yml index 6211eef25e7..0863a6b25c8 100644 --- a/packages/tenable_io/changelog.yml +++ b/packages/tenable_io/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "4.2.2" + changes: + - description: Add vulnerability_workflow sub category label. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "4.2.1" changes: - description: | diff --git a/packages/tenable_io/manifest.yml b/packages/tenable_io/manifest.yml index 6b687a3847d..64be9b04cd4 100644 --- a/packages/tenable_io/manifest.yml +++ b/packages/tenable_io/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: tenable_io title: Tenable Vulnerability Management -version: "4.2.1" +version: "4.2.2" description: Collect logs from Tenable Vulnerability Management with Elastic Agent. type: integration categories: diff --git a/packages/wiz/changelog.yml b/packages/wiz/changelog.yml index e70f5c3a5bd..6a312a67980 100644 --- a/packages/wiz/changelog.yml +++ b/packages/wiz/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.6.1" + changes: + - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + type: enhancement + link: https://github.com/elastic/integrations/pull/15151 - version: "3.6.0" changes: - description: Add troubleshooting note in README on `event.ingested` requirement for standalone Elastic Agent. diff --git a/packages/wiz/manifest.yml b/packages/wiz/manifest.yml index 21b4fc89bd3..1800c97beb7 100644 --- a/packages/wiz/manifest.yml +++ b/packages/wiz/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.4.0 name: wiz title: Wiz -version: "3.6.0" +version: "3.6.1" description: Collect logs from Wiz with Elastic Agent. type: integration categories: From 6db7b1def1f6df61e7918c8255869339b09db01f Mon Sep 17 00:00:00 2001 From: animehart Date: Fri, 19 Sep 2025 09:26:57 -0700 Subject: [PATCH 3/8] fix --- packages/google_scc/changelog.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/google_scc/changelog.yml b/packages/google_scc/changelog.yml index b62c68ddc34..7facf9c4dbf 100644 --- a/packages/google_scc/changelog.yml +++ b/packages/google_scc/changelog.yml @@ -1,5 +1,5 @@ # newer versions go on top -- version: "2.0.1 +- version: "2.0.1" changes: - description: Add vulnerability_workflow sub category label. type: enhancement From c9a9ecbfaca213f40f4f75dee6cbabe049dc0492 Mon Sep 17 00:00:00 2001 From: animehart Date: Mon, 22 Sep 2025 10:06:29 -0700 Subject: [PATCH 4/8] pr comments part 1 --- packages/aws/changelog.yml | 2 +- packages/google_scc/changelog.yml | 4 ++-- packages/google_scc/manifest.yml | 2 +- packages/m365_defender/changelog.yml | 4 ++-- packages/m365_defender/manifest.yml | 2 +- packages/microsoft_defender_cloud/changelog.yml | 2 +- packages/microsoft_defender_endpoint/changelog.yml | 4 ++-- packages/microsoft_defender_endpoint/manifest.yml | 2 +- packages/qualys_vmdr/changelog.yml | 4 ++-- packages/qualys_vmdr/manifest.yml | 2 +- packages/rapid7_insightvm/changelog.yml | 4 ++-- packages/rapid7_insightvm/manifest.yml | 2 +- packages/tenable_io/changelog.yml | 4 ++-- packages/tenable_io/manifest.yml | 2 +- packages/wiz/changelog.yml | 2 +- 15 files changed, 21 insertions(+), 21 deletions(-) diff --git a/packages/aws/changelog.yml b/packages/aws/changelog.yml index 6c0131128db..5e12c36879a 100644 --- a/packages/aws/changelog.yml +++ b/packages/aws/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "4.1.0" changes: - - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "4.0.0" diff --git a/packages/google_scc/changelog.yml b/packages/google_scc/changelog.yml index 7facf9c4dbf..19504d25aac 100644 --- a/packages/google_scc/changelog.yml +++ b/packages/google_scc/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top -- version: "2.0.1" +- version: "2.1.0" changes: - - description: Add vulnerability_workflow sub category label. + - description: Add `vulnerability_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "2.0.0" diff --git a/packages/google_scc/manifest.yml b/packages/google_scc/manifest.yml index 43f9497c488..7c118aefc83 100644 --- a/packages/google_scc/manifest.yml +++ b/packages/google_scc/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.2.3" name: google_scc title: Google Security Command Center -version: "2.0.1" +version: "2.1.0" description: Collect logs from Google Security Command Center with Elastic Agent. type: integration categories: diff --git a/packages/m365_defender/changelog.yml b/packages/m365_defender/changelog.yml index abf665137c2..f7ef4ae8ee6 100644 --- a/packages/m365_defender/changelog.yml +++ b/packages/m365_defender/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top -- version: "4.0.3" +- version: "4.1.0" changes: - - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "4.0.2" diff --git a/packages/m365_defender/manifest.yml b/packages/m365_defender/manifest.yml index ed6abe9a592..819764b1717 100644 --- a/packages/m365_defender/manifest.yml +++ b/packages/m365_defender/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: m365_defender title: Microsoft Defender XDR -version: "4.0.3" +version: "4.1.0" description: Collect logs from Microsoft Defender XDR with Elastic Agent. categories: - "security" diff --git a/packages/microsoft_defender_cloud/changelog.yml b/packages/microsoft_defender_cloud/changelog.yml index c3817498f0d..c1bee0e10c1 100644 --- a/packages/microsoft_defender_cloud/changelog.yml +++ b/packages/microsoft_defender_cloud/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "3.1.0" changes: - - description: Add vulnerability_workflow sub category label. + - description: Add `vulnerability_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "3.0.0" diff --git a/packages/microsoft_defender_endpoint/changelog.yml b/packages/microsoft_defender_endpoint/changelog.yml index fdd5d93fe72..e87c85f3f58 100644 --- a/packages/microsoft_defender_endpoint/changelog.yml +++ b/packages/microsoft_defender_endpoint/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top -- version: "3.0.2" +- version: "3.1.0" changes: - - description: Add vulnerability_workflow sub category label. + - description: Add `vulnerability_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "3.0.1" diff --git a/packages/microsoft_defender_endpoint/manifest.yml b/packages/microsoft_defender_endpoint/manifest.yml index 4406b60c233..f128702d5c9 100644 --- a/packages/microsoft_defender_endpoint/manifest.yml +++ b/packages/microsoft_defender_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: microsoft_defender_endpoint title: Microsoft Defender for Endpoint -version: "3.0.2" +version: "3.1.0" description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent. categories: - security diff --git a/packages/qualys_vmdr/changelog.yml b/packages/qualys_vmdr/changelog.yml index 081746ffdb7..00e8aecbffc 100644 --- a/packages/qualys_vmdr/changelog.yml +++ b/packages/qualys_vmdr/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top -- version: "6.9.1" +- version: "6.10.0" changes: - - description: Add vulnerability_workflow sub category label. + - description: Add `vulnerability_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "6.9.0" diff --git a/packages/qualys_vmdr/manifest.yml b/packages/qualys_vmdr/manifest.yml index a35d1b554ed..327dbe8204d 100644 --- a/packages/qualys_vmdr/manifest.yml +++ b/packages/qualys_vmdr/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: qualys_vmdr title: Qualys VMDR -version: "6.9.1" +version: "6.10.0" description: Collect data from Qualys VMDR platform with Elastic Agent. type: integration categories: diff --git a/packages/rapid7_insightvm/changelog.yml b/packages/rapid7_insightvm/changelog.yml index 6a19bc7bbe9..01f13bdc008 100644 --- a/packages/rapid7_insightvm/changelog.yml +++ b/packages/rapid7_insightvm/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top -- version: "2.2.1" +- version: "2.3.0" changes: - - description: Add vulnerability_workflow sub category label. + - description: Add `vulnerability_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "2.2.0" diff --git a/packages/rapid7_insightvm/manifest.yml b/packages/rapid7_insightvm/manifest.yml index b5f4ccf9f86..0aefea9cdbd 100644 --- a/packages/rapid7_insightvm/manifest.yml +++ b/packages/rapid7_insightvm/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: rapid7_insightvm title: Rapid7 InsightVM -version: "2.2.1" +version: "2.3.0" source: license: "Elastic-2.0" description: Collect logs from Rapid7 InsightVM with Elastic Agent. diff --git a/packages/tenable_io/changelog.yml b/packages/tenable_io/changelog.yml index 025dde535f8..cc1e9d2d0c7 100644 --- a/packages/tenable_io/changelog.yml +++ b/packages/tenable_io/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top -- version: "4.3.1" +- version: "4.4.0" changes: - - description: Add vulnerability_workflow sub category label. + - description: Add `vulnerability_workflow`sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "4.3.0" diff --git a/packages/tenable_io/manifest.yml b/packages/tenable_io/manifest.yml index dfaa0db61ba..b552fdc24cd 100644 --- a/packages/tenable_io/manifest.yml +++ b/packages/tenable_io/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: tenable_io title: Tenable Vulnerability Management -version: "4.3.1" +version: "4.4.0" description: Collect logs from Tenable Vulnerability Management with Elastic Agent. type: integration categories: diff --git a/packages/wiz/changelog.yml b/packages/wiz/changelog.yml index fd3ced37ed3..e3edb117872 100644 --- a/packages/wiz/changelog.yml +++ b/packages/wiz/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "3.9.0" changes: - - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "3.8.0" From ce1088add1ba86990fb516c3e7816993a725b76f Mon Sep 17 00:00:00 2001 From: animehart Date: Mon, 22 Sep 2025 10:10:48 -0700 Subject: [PATCH 5/8] pr comments part 2 --- packages/aws/manifest.yml | 1 - packages/google_scc/changelog.yml | 2 +- packages/google_scc/manifest.yml | 1 + packages/m365_defender/changelog.yml | 2 +- packages/m365_defender/manifest.yml | 1 - packages/microsoft_defender_cloud/changelog.yml | 2 +- packages/microsoft_defender_cloud/manifest.yml | 1 + 7 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml index debae2c542d..9d9bd5193d5 100644 --- a/packages/aws/manifest.yml +++ b/packages/aws/manifest.yml @@ -777,7 +777,6 @@ policy_templates: categories: - security - cloudsecurity_cdr - - vulnerability_workflow - misconfiguration_workflow inputs: - type: httpjson diff --git a/packages/google_scc/changelog.yml b/packages/google_scc/changelog.yml index 19504d25aac..1920310d8b6 100644 --- a/packages/google_scc/changelog.yml +++ b/packages/google_scc/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "2.1.0" changes: - - description: Add `vulnerability_workflow` sub category label. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow`sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "2.0.0" diff --git a/packages/google_scc/manifest.yml b/packages/google_scc/manifest.yml index 7c118aefc83..8731c1bf713 100644 --- a/packages/google_scc/manifest.yml +++ b/packages/google_scc/manifest.yml @@ -9,6 +9,7 @@ categories: - security - cloudsecurity_cdr - vulnerability_workflow + - misconfiguration_workflow conditions: kibana: version: "^8.19.0 || ^9.1.0" diff --git a/packages/m365_defender/changelog.yml b/packages/m365_defender/changelog.yml index f7ef4ae8ee6..9c42c7cb7e3 100644 --- a/packages/m365_defender/changelog.yml +++ b/packages/m365_defender/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "4.1.0" changes: - - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels. + - description: Add `vulnerability_workflow` sub category labels. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "4.0.2" diff --git a/packages/m365_defender/manifest.yml b/packages/m365_defender/manifest.yml index 819764b1717..cd798a52379 100644 --- a/packages/m365_defender/manifest.yml +++ b/packages/m365_defender/manifest.yml @@ -7,7 +7,6 @@ categories: - "security" - "edr_xdr" - "vulnerability_workflow" - - "misconfiguration_workflow" type: integration conditions: elastic: diff --git a/packages/microsoft_defender_cloud/changelog.yml b/packages/microsoft_defender_cloud/changelog.yml index c1bee0e10c1..d0c402d1e25 100644 --- a/packages/microsoft_defender_cloud/changelog.yml +++ b/packages/microsoft_defender_cloud/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "3.1.0" changes: - - description: Add `vulnerability_workflow` sub category label. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "3.0.0" diff --git a/packages/microsoft_defender_cloud/manifest.yml b/packages/microsoft_defender_cloud/manifest.yml index 126a5aac828..5d18593d869 100644 --- a/packages/microsoft_defender_cloud/manifest.yml +++ b/packages/microsoft_defender_cloud/manifest.yml @@ -8,6 +8,7 @@ categories: - security - cloudsecurity_cdr - vulnerability_workflow + - misconfiguration_workflow conditions: kibana: version: '^8.19.4 || ^9.1.4' From 0e3019c724175dbc8c5c71f49412c0f31a49364f Mon Sep 17 00:00:00 2001 From: animehart Date: Mon, 22 Sep 2025 16:02:23 -0700 Subject: [PATCH 6/8] more comments --- packages/google_scc/changelog.yml | 2 +- packages/microsoft_defender_cloud/changelog.yml | 2 +- packages/tenable_io/changelog.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/google_scc/changelog.yml b/packages/google_scc/changelog.yml index 1920310d8b6..0ab105ee6f8 100644 --- a/packages/google_scc/changelog.yml +++ b/packages/google_scc/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "2.1.0" changes: - - description: Add `vulnerability_workflow` and `misconfiguration_workflow`sub category label. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "2.0.0" diff --git a/packages/microsoft_defender_cloud/changelog.yml b/packages/microsoft_defender_cloud/changelog.yml index d0c402d1e25..4e175d7b587 100644 --- a/packages/microsoft_defender_cloud/changelog.yml +++ b/packages/microsoft_defender_cloud/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "3.1.0" changes: - - description: Add `vulnerability_workflow` and `misconfiguration_workflow sub category label. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "3.0.0" diff --git a/packages/tenable_io/changelog.yml b/packages/tenable_io/changelog.yml index cc1e9d2d0c7..a37399bf0d7 100644 --- a/packages/tenable_io/changelog.yml +++ b/packages/tenable_io/changelog.yml @@ -1,7 +1,7 @@ # newer versions go on top - version: "4.4.0" changes: - - description: Add `vulnerability_workflow`sub category label. + - description: Add `vulnerability_workflow` sub category label. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "4.3.0" From 3532387bfb6583d31076661f79a6bdb56c5f3589 Mon Sep 17 00:00:00 2001 From: animehart Date: Mon, 22 Sep 2025 16:16:38 -0700 Subject: [PATCH 7/8] small fix --- packages/cloud_security_posture/changelog.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/cloud_security_posture/changelog.yml b/packages/cloud_security_posture/changelog.yml index 85004404f2a..77db1569b1f 100644 --- a/packages/cloud_security_posture/changelog.yml +++ b/packages/cloud_security_posture/changelog.yml @@ -18,7 +18,7 @@ # 1.2.x - 8.7.x - version: "3.1.0-preview06" changes: - - description: Add vulnerability_workflow and misconfiguration_workflow sub category labels. + - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels. type: enhancement link: https://github.com/elastic/integrations/pull/15151 - version: "3.1.0-preview05" From 5938b131cc1e62c932eba7d49e9e5249b267b3e3 Mon Sep 17 00:00:00 2001 From: animehart Date: Mon, 22 Sep 2025 22:21:26 -0700 Subject: [PATCH 8/8] add misconfiguration_workflow category to AWS config --- packages/aws/manifest.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml index 9d9bd5193d5..f3674e593b6 100644 --- a/packages/aws/manifest.yml +++ b/packages/aws/manifest.yml @@ -199,6 +199,7 @@ policy_templates: categories: - security - cloudsecurity_cdr + - misconfiguration_workflow inputs: - type: cel title: Collect AWS Config logs via API