ssi: add support for request trace deletion #13002
Description
Filebeat v8.15.x added the ability to delete request traces on the agent's host[1]. Since #11954 a number of other integrations have come into the version range that can make use of this.
- admin_by_request_epm ssi: add support for request trace deletion #13035
- authentik ssi: add or fix support for request trace deletion #17963
- beyondinsight_password_safe ssi: add support for request trace deletion #13035
- bitdefender ssi: add or fix support for request trace deletion #17963
- blacklens ssi: add support for request trace deletion #13035
- carbon_black_cloud ssi: add support for request trace deletion #13035
- checkpoint_email checkpoint_email,okta,wiz: add support for request trace deletion #11954
- checkpoint_harmony_endpoint ssi: add or fix support for request trace deletion #17963
- cisco_duo ssi: add or fix support for request trace deletion #17963
- claroty_ctd ssi: add or fix support for request trace deletion #17963
- cloudflare_logpush cloudflare_logpush: expand set of supported fields and add data streams #12782
- crowdstrike ssi: add support for request trace deletion #13035
- cyberark_epm [cyberark_epm] Initial release of the CyberArk EPM #12198
- digital_guardian ssi: add or fix support for request trace deletion #17963
- entro ssi: add or fix support for request trace deletion #17963
- eset_protect ssi: add or fix support for request trace deletion #17963
- first_epss ssi: add or fix support for request trace deletion #17963
- google_scc ssi: add support for request trace deletion #13452
- google_secops [google_secops] Initial release of the google secops #12767
- google_workspace ssi: add support for request trace deletion #13035
- imperva_cloud_waf ssi: add support for request trace deletion #13035
- m365_defender ssi: add support for request trace deletion #13452
- microsoft_defender_endpoint ssi: add support for request trace deletion #13452
- microsoft_sentinel ssi: add support for request trace deletion #13452
- mimecast ssi: add support for request trace deletion #13035
- o365 ssi: add support for request trace deletion #13452
- okta checkpoint_email,okta,wiz: add support for request trace deletion #11954 ssi: add support for request trace deletion #13035
- prisma_cloud ssi: add support for request trace deletion #13452
- proofpoint_itm [proofpoint_itm] Initial release of Proofpoint ITM #13153
- qualys_vmdr ssi: add support for request trace deletion #13035
- sailpoint_identity_sc ssi: add support for request trace deletion #13035
- sentinel_one ssi: add support for request trace deletion #13452
- servicenow ssi: add support for request trace deletion #13035
- spycloud ssi: add or fix support for request trace deletion #17963
- sublime_security ssi: add support for request trace deletion #13035
- symantec_endpoint_security ssi: add support for request trace deletion #13035
- sysdig ssi: add or fix support for request trace deletion #17963
- tenable_io ssi: add support for request trace deletion #13452
- tenable_ot_security ssi: add support for request trace deletion #13452
- ti_abusech ssi: add support for request trace deletion #13452
- ti_crowdstrike ssi: add or fix support for request trace deletion #17963
- ti_custom ssi: add or fix support for request trace deletion #17963
- ti_opencti ssi: add or fix support for request trace deletion #17963
- ti_threatq ssi: add support for request trace deletion #13452
- ti_domaintools ssi: add support for request trace deletion #13035
- withsecure_elements ssi: add or fix support for request trace deletion #17963
- wiz checkpoint_email,okta,wiz: add support for request trace deletion #11954
- zscaler_zia ssi: add support for request trace deletion #13452
The list can be obtained by running (there are probably nicer implementations of this, but it works).
yq -o=json 'select(.owner.github == "elastic/security-service-integrations")|select((.conditions.kibana.version|contains("8.18.")) or (.conditions.kibana.version|contains("8.17.")) or (.conditions.kibana.version|contains("8.16.")) or (.conditions.kibana.version|contains("8.15.")))|{"name":.name,"policy":.policy_templates}' packages/**/manifest.yml|jq -c|egrep '"type":"(cel|httpjson|http_endpoint)"'|jq -r .name
A similar list for packages that have not yet come into range (currently at a version before v8.15):
- auth0
- bbot
- carbonblack_edr
- cisa_kevs
- cisco_meraki
- cybereason
- darktrace
- gigamon
- jamf_compliance_reporter
- jumpcloud
- ti_cif3
- ti_cybersixgill
- ti_eclecticiq
- ti_maltiverse
- ti_misp
- ti_threatconnect
- trellix_epo_cloud
- zoom