diff --git a/packages/crowdstrike/_dev/build/docs/README.md b/packages/crowdstrike/_dev/build/docs/README.md index 28ea753bac7..964a2b4d41f 100644 --- a/packages/crowdstrike/_dev/build/docs/README.md +++ b/packages/crowdstrike/_dev/build/docs/README.md @@ -4,6 +4,10 @@ The [CrowdStrike](https://www.crowdstrike.com/) integration allows you to efficiently connect your CrowdStrike Falcon platform to Elastic for seamless onboarding of alerts and telemetry from CrowdStrike Falcon and Falcon Data Replicator. Elastic Security can leverage this data for security analytics including correlation, visualization, and incident response. +For a demo, refer to the following video (click to view). + +[![CrowdStrike integration video](https://play.vidyard.com/VKKWSpg4sDEk1DBXATkyEP.jpg)](https://videos.elastic.co/watch/VKKWSpg4sDEk1DBXATkyEP) + ### Compatibility This integration is compatible with CrowdStrike Falcon SIEM Connector v2.0, REST API, and CrowdStrike Event Streams API. diff --git a/packages/crowdstrike/changelog.yml b/packages/crowdstrike/changelog.yml index 3e030e7c00c..5bdf3afc183 100644 --- a/packages/crowdstrike/changelog.yml +++ b/packages/crowdstrike/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.12.0" + changes: + - description: Add demo video link to integration documentation. + type: enhancement + link: https://github.com/elastic/integrations/pull/17889 - version: "3.11.0" changes: - description: Append preserve_original_event in pipeline on_failure handlers to support error correction and debugging. diff --git a/packages/crowdstrike/docs/README.md b/packages/crowdstrike/docs/README.md index 8dbe1368e42..b550fbe5c53 100644 --- a/packages/crowdstrike/docs/README.md +++ b/packages/crowdstrike/docs/README.md @@ -4,6 +4,10 @@ The [CrowdStrike](https://www.crowdstrike.com/) integration allows you to efficiently connect your CrowdStrike Falcon platform to Elastic for seamless onboarding of alerts and telemetry from CrowdStrike Falcon and Falcon Data Replicator. Elastic Security can leverage this data for security analytics including correlation, visualization, and incident response. +For a demo, refer to the following video (click to view). + +[![CrowdStrike integration video](https://play.vidyard.com/VKKWSpg4sDEk1DBXATkyEP.jpg)](https://videos.elastic.co/watch/VKKWSpg4sDEk1DBXATkyEP) + ### Compatibility This integration is compatible with CrowdStrike Falcon SIEM Connector v2.0, REST API, and CrowdStrike Event Streams API. diff --git a/packages/crowdstrike/manifest.yml b/packages/crowdstrike/manifest.yml index 15a2fb5bcb2..e405b7bd06e 100644 --- a/packages/crowdstrike/manifest.yml +++ b/packages/crowdstrike/manifest.yml @@ -1,6 +1,6 @@ name: crowdstrike title: CrowdStrike -version: "3.11.0" +version: "3.12.0" description: Collect logs from Crowdstrike with Elastic Agent. type: integration format_version: "3.4.0" diff --git a/packages/m365_defender/_dev/build/docs/README.md b/packages/m365_defender/_dev/build/docs/README.md index 58ffb2bd3d8..6fb96e85f4a 100644 --- a/packages/m365_defender/_dev/build/docs/README.md +++ b/packages/m365_defender/_dev/build/docs/README.md @@ -8,6 +8,10 @@ The [Microsoft Defender XDR](https://learn.microsoft.com/en-us/defender-xdr/) in The integration works by collecting data from the Microsoft Azure Event Hub, Microsoft Graph Security REST API, and the Microsoft Defender Endpoint API. +For a demo, refer to the following video (click to view). + +[![Microsoft Defender XDR integration video](https://play.vidyard.com/fSxgBbf7QArpgX345x28v5.jpg)](https://videos.elastic.co/watch/fSxgBbf7QArpgX345x28v5) + ### Compatibility This integration supports below API versions to collect data. diff --git a/packages/m365_defender/changelog.yml b/packages/m365_defender/changelog.yml index 339a7f8eb4c..c34b9da4bda 100644 --- a/packages/m365_defender/changelog.yml +++ b/packages/m365_defender/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "5.12.0" + changes: + - description: Add demo video link to integration documentation. + type: enhancement + link: https://github.com/elastic/integrations/pull/17889 - version: "5.11.1" changes: - description: Fix table formatting in README. @@ -6,9 +11,7 @@ link: https://github.com/elastic/integrations/pull/17797 - version: "5.11.0" changes: - - description: | - Add support for "CloudAuditEvents", "CloudProcessEvents", and - "CloudStorageAggregatedEvents" table in event data stream. + - description: "Add support for \"CloudAuditEvents\", \"CloudProcessEvents\", and \n\"CloudStorageAggregatedEvents\" table in event data stream.\n" type: enhancement link: https://github.com/elastic/integrations/pull/17612 - version: "5.10.1" diff --git a/packages/m365_defender/docs/README.md b/packages/m365_defender/docs/README.md index fc52970531b..051eb6404a8 100644 --- a/packages/m365_defender/docs/README.md +++ b/packages/m365_defender/docs/README.md @@ -8,6 +8,10 @@ The [Microsoft Defender XDR](https://learn.microsoft.com/en-us/defender-xdr/) in The integration works by collecting data from the Microsoft Azure Event Hub, Microsoft Graph Security REST API, and the Microsoft Defender Endpoint API. +For a demo, refer to the following video (click to view). + +[![Microsoft Defender XDR integration video](https://play.vidyard.com/fSxgBbf7QArpgX345x28v5.jpg)](https://videos.elastic.co/watch/fSxgBbf7QArpgX345x28v5) + ### Compatibility This integration supports below API versions to collect data. diff --git a/packages/m365_defender/manifest.yml b/packages/m365_defender/manifest.yml index ea35104716e..128f780b398 100644 --- a/packages/m365_defender/manifest.yml +++ b/packages/m365_defender/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: m365_defender title: Microsoft Defender XDR -version: "5.11.1" +version: "5.12.0" description: Collect logs from Microsoft Defender XDR with Elastic Agent. categories: - "security" diff --git a/packages/microsoft_defender_endpoint/_dev/build/docs/README.md b/packages/microsoft_defender_endpoint/_dev/build/docs/README.md index 23fb44d13bd..1a568aeba91 100644 --- a/packages/microsoft_defender_endpoint/_dev/build/docs/README.md +++ b/packages/microsoft_defender_endpoint/_dev/build/docs/README.md @@ -4,6 +4,10 @@ This integration is for [Microsoft Defender for Endpoint](https://docs.microsoft Microsoft Defender for Endpoint integration collects data for Alert, Machine, Machine Action, and Vulnerability logs using REST API. +For a demo, refer to the following video (click to view). + +[![Microsoft Defender for Endpoint integration video](https://play.vidyard.com/fSxgBbf7QArpgX345x28v5.jpg)](https://videos.elastic.co/watch/fSxgBbf7QArpgX345x28v5) + ## Data streams This integration collects the following logs: diff --git a/packages/microsoft_defender_endpoint/changelog.yml b/packages/microsoft_defender_endpoint/changelog.yml index 34a003d4f68..8b9d2d09573 100644 --- a/packages/microsoft_defender_endpoint/changelog.yml +++ b/packages/microsoft_defender_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "4.5.0" + changes: + - description: Add demo video link to integration documentation. + type: enhancement + link: https://github.com/elastic/integrations/pull/17889 - version: "4.4.0" changes: - description: Removed ECS field definitions from CDR transform destinations, now covered by ecs@mappings component template. Renamed overridden ECS fields files to ecs-overridden.yml. @@ -40,10 +45,7 @@ Fetch vulnerability data using SoftwareVulnerabilitiesExport API endpoint. type: enhancement link: https://github.com/elastic/integrations/pull/15603 - - description: | - The following fields are no longer available in the new implementation: "cloud.provider", "cloud.resource_id", - "cloud.instance.id", "host.geo", "host.ip", "host.risk.calculated_level", "related.ip", - "vulnerability.description", "vulnerability.published_date", "vulnerability.score.version". + - description: "The following fields are no longer available in the new implementation: \"cloud.provider\", \"cloud.resource_id\", \n\"cloud.instance.id\", \"host.geo\", \"host.ip\", \"host.risk.calculated_level\", \"related.ip\", \n\"vulnerability.description\", \"vulnerability.published_date\", \"vulnerability.score.version\".\n" type: breaking-change link: https://github.com/elastic/integrations/pull/15603 - version: "3.1.2" @@ -68,9 +70,7 @@ link: https://github.com/elastic/integrations/pull/15226 - version: "3.0.0" changes: - - description: | - Add mapping changes and latest transform in `vulnerability` data stream for - Cloud Detection and Response (CDR) vulnerability workflow. + - description: "Add mapping changes and latest transform in `vulnerability` data stream for \nCloud Detection and Response (CDR) vulnerability workflow.\n" type: breaking-change link: https://github.com/elastic/integrations/pull/14809 - version: "2.43.0" diff --git a/packages/microsoft_defender_endpoint/docs/README.md b/packages/microsoft_defender_endpoint/docs/README.md index dad5b5c2d6b..03dd087170a 100644 --- a/packages/microsoft_defender_endpoint/docs/README.md +++ b/packages/microsoft_defender_endpoint/docs/README.md @@ -4,6 +4,10 @@ This integration is for [Microsoft Defender for Endpoint](https://docs.microsoft Microsoft Defender for Endpoint integration collects data for Alert, Machine, Machine Action, and Vulnerability logs using REST API. +For a demo, refer to the following video (click to view). + +[![Microsoft Defender for Endpoint integration video](https://play.vidyard.com/fSxgBbf7QArpgX345x28v5.jpg)](https://videos.elastic.co/watch/fSxgBbf7QArpgX345x28v5) + ## Data streams This integration collects the following logs: diff --git a/packages/microsoft_defender_endpoint/manifest.yml b/packages/microsoft_defender_endpoint/manifest.yml index 466793e052d..a760ff9a64f 100644 --- a/packages/microsoft_defender_endpoint/manifest.yml +++ b/packages/microsoft_defender_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: microsoft_defender_endpoint title: Microsoft Defender for Endpoint -version: "4.4.0" +version: "4.5.0" description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent. categories: - security diff --git a/packages/sentinel_one/_dev/build/docs/README.md b/packages/sentinel_one/_dev/build/docs/README.md index c8868c874a3..b4dc75ac177 100644 --- a/packages/sentinel_one/_dev/build/docs/README.md +++ b/packages/sentinel_one/_dev/build/docs/README.md @@ -4,6 +4,10 @@ The [SentinelOne](https://www.sentinelone.com/) integration collects and parses data from SentinelOne REST APIs. This integration also offers the capability to perform response actions on SentinelOne hosts directly through the Elastic Security interface (introduced with v8.12.0). Additional configuration is required; for detailed guidance, refer to [documentation](https://www.elastic.co/guide/en/security/current/response-actions-config.html). +For a demo, refer to the following video (click to view). + +[![SentinelOne integration video](https://play.vidyard.com/gQovyr6REJoU4eotQsnTTB.jpg)](https://videos.elastic.co/watch/gQovyr6REJoU4eotQsnTTB) + ### Compatibility This module has been tested against `SentinelOne Management Console API version 2.1`. diff --git a/packages/sentinel_one/changelog.yml b/packages/sentinel_one/changelog.yml index 85cd9a5246d..c7bce5ab011 100644 --- a/packages/sentinel_one/changelog.yml +++ b/packages/sentinel_one/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.5.0" + changes: + - description: Add demo video link to integration documentation. + type: enhancement + link: https://github.com/elastic/integrations/pull/17889 - version: "2.4.1" changes: - description: Use triple-brace Mustache templating when referencing variables in ingest pipelines. diff --git a/packages/sentinel_one/docs/README.md b/packages/sentinel_one/docs/README.md index 153ff7bc590..5b6f7b6bc51 100644 --- a/packages/sentinel_one/docs/README.md +++ b/packages/sentinel_one/docs/README.md @@ -4,6 +4,10 @@ The [SentinelOne](https://www.sentinelone.com/) integration collects and parses data from SentinelOne REST APIs. This integration also offers the capability to perform response actions on SentinelOne hosts directly through the Elastic Security interface (introduced with v8.12.0). Additional configuration is required; for detailed guidance, refer to [documentation](https://www.elastic.co/guide/en/security/current/response-actions-config.html). +For a demo, refer to the following video (click to view). + +[![SentinelOne integration video](https://play.vidyard.com/gQovyr6REJoU4eotQsnTTB.jpg)](https://videos.elastic.co/watch/gQovyr6REJoU4eotQsnTTB) + ### Compatibility This module has been tested against `SentinelOne Management Console API version 2.1`. diff --git a/packages/sentinel_one/manifest.yml b/packages/sentinel_one/manifest.yml index 81548a922b3..e96138028c3 100644 --- a/packages/sentinel_one/manifest.yml +++ b/packages/sentinel_one/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.4.0" name: sentinel_one title: SentinelOne -version: "2.4.1" +version: "2.5.0" description: Collect logs from SentinelOne with Elastic Agent. type: integration categories: