[integrations] - Making multiple integrations GA

[ShourieG]

Type of change

• Enhancement

What does this PR do?

Makes the following integrations/ data streams in certain integrations GA and updates the version to 1.0.0 :

• Barracuda CloudGen
• Box Events
• Cisco Aironet*
• Cisco Umbrella
• Cloudflare Logpush
• Cyberark PTA
• Darktrace
• F5 BIG-IP
• Github
• Infoblox BloxOne DDI
• Jamf Compliance Reporter
• LastPass
• Microsoft Exchange Message Trace
• PingOne
• Rapid7 Threat Command
• Slack Logs*
• Sophos Central
• Trend Micro Vision One

*Community developed

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

Related issues

• Closes Security Integrations GA #5033

[ShourieG]

Query: Should ECS version also be updated to the latest in every GA'd integration ?

[ShourieG]

@jamiehynds The Initial PR for GA is up. Just some concerns :

• Some of the integrations here still use older ECS of 8.4.
• Cloud Flare Logpush GCS stream is not stress tested by users yet due to adoption rates
• Packages like Rapid7 Threat Command and Journald Input only had initial commits before and very low versions like 0.0.x

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2023-03-31T11:30:01.097+0000

• Duration: 24 min 30 sec

Test stats 🧪

Test	Results
Failed	0
Passed	295
Skipped	0
Total	295

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[jamiehynds]

Journald Input only had initial commits before and very low version like 0.0.x

@andrewkroh do you know what we use the Journald input for and if there's any blockers to GA'ing it?

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (39/39)	💚
Files	100.0% (93/93)	💚
Classes	100.0% (93/93)	💚
Methods	98.222% (718/731)	👍 4.888
Lines	95.806% (20925/21841)	👎 -4.194
Conditionals	100.0% (0/0)	💚

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[andrewkroh]

We could make the journald input GA. AFAIK there are no known problems with it, and one feature request in #4032. And I have been asked to make the input GA in the past (and definitely forgot to open an issue for that).

Given that we haven't made the journald custom input package GA yet, I wonder if it would be a good time to convert it to an "input package". @P1llus, would this be worthwhile to do before making it GA?

[P1llus]

@andrewkroh I would highly recommend converting this as part of going GA, thats a great initative.

That also means we would have to set minimum version to 8.8 though, as that is when input packages goes GA right @hop-dev ?

[hop-dev]

Yes thats right, input packages can only be GA if they specify kibana version 8.8 or greater. This was introduced in package spec 2.6.0.

[ShourieG]

@jamiehynds for now removing the Journald input from the list and making the rest GA. Will take it up in 8.8 as suggested by converting it to an input package

[andrewkroh]

I created an issue for journald. #5750

[ShourieG]

@kcreddy I've resolved all the PR suggestions

[kcreddy]

LGTM 👍🏼

[ShourieG]

@jamiehynds PR is merged

[elasticmachine]

Package barracuda_cloudgen_firewall - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=barracuda_cloudgen_firewall

[elasticmachine]

Package box_events - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=box_events

[elasticmachine]

Package cisco_aironet - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cisco_aironet

[elasticmachine]

Package cisco_umbrella - 1.8.0 containing this change is available at https://epr.elastic.co/search?package=cisco_umbrella

[elasticmachine]

Package cloudflare_logpush - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cloudflare_logpush

[elasticmachine]

Package cyberark_pta - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cyberark_pta

[elasticmachine]

Package darktrace - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=darktrace

[elasticmachine]

Package f5_bigip - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=f5_bigip

[elasticmachine]

Package github - 1.9.0 containing this change is available at https://epr.elastic.co/search?package=github

[elasticmachine]

Package infoblox_bloxone_ddi - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=infoblox_bloxone_ddi

[elasticmachine]

Package jamf_compliance_reporter - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=jamf_compliance_reporter

[elasticmachine]

Package lastpass - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=lastpass

[elasticmachine]

Package microsoft_exchange_online_message_trace - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=microsoft_exchange_online_message_trace

[elasticmachine]

Package ping_one - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=ping_one

[elasticmachine]

Package slack - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=slack

[elasticmachine]

Package sophos_central - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=sophos_central

[elasticmachine]

Package ti_rapid7_threat_command - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=ti_rapid7_threat_command

[elasticmachine]

Package trend_micro_vision_one - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=trend_micro_vision_one