diff --git a/packages/abnormal_security/manifest.yml b/packages/abnormal_security/manifest.yml index 9776b70fd9a..071c0878ab1 100644 --- a/packages/abnormal_security/manifest.yml +++ b/packages/abnormal_security/manifest.yml @@ -6,6 +6,10 @@ description: Collect logs from Abnormal AI with Elastic Agent. type: integration categories: - security + # Added email_security category as this integration focuses on email security and mailbox protection + - email_security + # Added threat_intel category as it includes threat detection and case management for email security threats + - threat_intel conditions: kibana: version: "^8.17.0 || ^9.0.0" diff --git a/packages/activemq/manifest.yml b/packages/activemq/manifest.yml index 168587ad2f6..6a1361a363c 100644 --- a/packages/activemq/manifest.yml +++ b/packages/activemq/manifest.yml @@ -12,6 +12,10 @@ format_version: "3.0.2" categories: - message_queue - observability + # Added monitoring category as this integration collects metrics for monitoring ActiveMQ instances + - monitoring + # Added infrastructure category as ActiveMQ is part of the infrastructure stack + - infrastructure conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/admin_by_request_epm/manifest.yml b/packages/admin_by_request_epm/manifest.yml index 34e228c6d61..b7959b5035a 100644 --- a/packages/admin_by_request_epm/manifest.yml +++ b/packages/admin_by_request_epm/manifest.yml @@ -8,6 +8,10 @@ description: "Collect logs from Admin By Request EPM with Elastic Agent." type: integration categories: - security + # Added iam category as Admin By Request EPM is focused on privilege management and administrative access control + - iam + # Added credential_management category as it deals with elevated privileges management + - credential_management conditions: kibana: version: "^8.15.3 || ^9.0.0" diff --git a/packages/airflow/manifest.yml b/packages/airflow/manifest.yml index dc3a9166917..b2e5dfca6f5 100644 --- a/packages/airflow/manifest.yml +++ b/packages/airflow/manifest.yml @@ -6,6 +6,8 @@ type: integration format_version: "3.0.0" categories: - observability + # Added process_manager category as Airflow is a workflow management platform that schedules and monitors workflows + - process_manager conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/amazon_security_lake/manifest.yml b/packages/amazon_security_lake/manifest.yml index ab09695e85f..6933d48405a 100644 --- a/packages/amazon_security_lake/manifest.yml +++ b/packages/amazon_security_lake/manifest.yml @@ -4,7 +4,11 @@ title: Amazon Security Lake version: "2.7.0" description: Collect logs from Amazon Security Lake with Elastic Agent. type: integration -categories: ["aws", "security"] +categories: + - aws + - security + # Added siem category as it functions as a security information and event management system for AWS resources + - siem conditions: kibana: version: "^8.16.5 || ^9.0.0" diff --git a/packages/apache_spark/manifest.yml b/packages/apache_spark/manifest.yml index baf38a607a5..5a967c38c5e 100644 --- a/packages/apache_spark/manifest.yml +++ b/packages/apache_spark/manifest.yml @@ -7,6 +7,10 @@ type: integration categories: - observability - analytics_engine + # Added big_data category as Apache Spark is a unified analytics engine for large-scale data processing + - big_data + # Added stream_processing category as Spark includes capabilities for stream processing with Spark Streaming + - stream_processing conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/apache_tomcat/manifest.yml b/packages/apache_tomcat/manifest.yml index be40042b9e8..d2f96b4889e 100644 --- a/packages/apache_tomcat/manifest.yml +++ b/packages/apache_tomcat/manifest.yml @@ -3,7 +3,11 @@ name: apache_tomcat title: Apache Tomcat version: "1.11.0" description: Collect and parse logs and metrics from Apache Tomcat servers with Elastic Agent. -categories: ["web", "observability"] +categories: + - web + - observability + # Added application_observability category as Apache Tomcat is an application server, and this integration provides detailed application-level metrics and logs + - application_observability type: integration conditions: kibana: diff --git a/packages/apm/manifest.yml b/packages/apm/manifest.yml index 598d1a8bb04..3418c52616e 100644 --- a/packages/apm/manifest.yml +++ b/packages/apm/manifest.yml @@ -4,7 +4,11 @@ title: Elastic APM version: 9.1.0-preview-1747764883 description: Monitor, detect, and diagnose complex application performance issues. type: integration -categories: ["elastic_stack", "monitoring"] +categories: + - elastic_stack + - monitoring + # Observability is a parent category for monitoring + - observability conditions: elastic: capabilities: diff --git a/packages/arista_ngfw/manifest.yml b/packages/arista_ngfw/manifest.yml index d964d2a236a..b0ba2973fe8 100755 --- a/packages/arista_ngfw/manifest.yml +++ b/packages/arista_ngfw/manifest.yml @@ -8,6 +8,14 @@ description: "Collect logs and metrics from Arista NG Firewall." type: integration categories: - network + # Added network_security category as Arista NGFW is primarily a network security device + - network_security + # Added firewall_security category as it provides firewall capabilities and logs firewall events + - firewall_security + # Added ids_ips category as it includes intrusion prevention system functionality + - ids_ips + # Added global security category as this integration collects security-relevant data + - security conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/armis/manifest.yml b/packages/armis/manifest.yml index ad68bbbc522..df84c586e27 100644 --- a/packages/armis/manifest.yml +++ b/packages/armis/manifest.yml @@ -6,6 +6,10 @@ description: Collect logs from Armis with Elastic Agent. type: integration categories: - security + # Added vulnerability_management category as it detects and manages vulnerabilities across devices + - vulnerability_management + # Added network_security category as it monitors and protects devices across the network + - network_security conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/authentik/manifest.yml b/packages/authentik/manifest.yml index 8cb42650a8c..7ff63a32ead 100644 --- a/packages/authentik/manifest.yml +++ b/packages/authentik/manifest.yml @@ -6,6 +6,8 @@ description: Collect logs from authentik with Elastic Agent. type: integration categories: - security + # Added iam category as Authentik is an Identity Provider (IdP) and SSO solution + - iam conditions: kibana: version: "^8.16.0 || ^9.0.0" diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml index a4c4cf2b643..e3fa919b53d 100644 --- a/packages/aws/manifest.yml +++ b/packages/aws/manifest.yml @@ -7,6 +7,10 @@ type: integration categories: - aws - cloud + # Added observability category as AWS integration collects metrics and logs from various AWS services, which are essential for monitoring and observability. + - observability + # Added security category as AWS integration collects security-relevant data like CloudTrail logs, GuardDuty findings, and other security monitoring data + - security conditions: elastic: subscription: basic diff --git a/packages/azure/manifest.yml b/packages/azure/manifest.yml index 738bddf5a5f..30cb197152f 100644 --- a/packages/azure/manifest.yml +++ b/packages/azure/manifest.yml @@ -13,6 +13,8 @@ categories: - cloud - azure - observability + # Added security category as it collects security-relevant logs like Microsoft Entra ID sign-in logs, audit logs, and identity protection logs + - security conditions: kibana: version: "^8.15.1 || ^9.0.0" diff --git a/packages/azure_ai_foundry/manifest.yml b/packages/azure_ai_foundry/manifest.yml index 1812fc5cce5..41e58697b15 100644 --- a/packages/azure_ai_foundry/manifest.yml +++ b/packages/azure_ai_foundry/manifest.yml @@ -10,6 +10,8 @@ categories: - azure - cloud - observability + # Added security category as it collects audit logs and security-relevant data like content filter results + - security conditions: kibana: version: "^9.0.0" diff --git a/packages/azure_app_service/manifest.yml b/packages/azure_app_service/manifest.yml index cee86a92ffb..8759c30a8a9 100644 --- a/packages/azure_app_service/manifest.yml +++ b/packages/azure_app_service/manifest.yml @@ -10,6 +10,8 @@ categories: - azure - cloud - observability + # Added security category as it collects audit logs and security-relevant HTTP logs + - security conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/azure_frontdoor/manifest.yml b/packages/azure_frontdoor/manifest.yml index 6a287449f78..32c7a5cc58b 100644 --- a/packages/azure_frontdoor/manifest.yml +++ b/packages/azure_frontdoor/manifest.yml @@ -8,6 +8,8 @@ categories: - azure - cloud - network + # Observability is a parent category for web + - observability - security - web conditions: diff --git a/packages/azure_openai/manifest.yml b/packages/azure_openai/manifest.yml index 0b6546e9324..96cefd5dfca 100644 --- a/packages/azure_openai/manifest.yml +++ b/packages/azure_openai/manifest.yml @@ -10,6 +10,8 @@ categories: - azure - cloud - observability + # Added security category as it collects audit logs and content filtering data for AI prompts and responses + - security conditions: kibana: version: "^8.17.1 || ^9.0.0" diff --git a/packages/beaconing/manifest.yml b/packages/beaconing/manifest.yml index 76139de4aaa..d7bf51bebc6 100644 --- a/packages/beaconing/manifest.yml +++ b/packages/beaconing/manifest.yml @@ -9,6 +9,8 @@ type: integration categories: - security - advanced_analytics_ueba + # Added network_security category as this package identifies beaconing activity in network traffic which is critical for detecting C2 communications + - network_security conditions: kibana: version: "^8.10.1 || ^9.0.0" diff --git a/packages/beelzebub/manifest.yml b/packages/beelzebub/manifest.yml index 0161ae5edb5..b499079346b 100644 --- a/packages/beelzebub/manifest.yml +++ b/packages/beelzebub/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - network - security + # Added threat_intel category as Beelzebub is a honeypot framework that collects intelligence about attack techniques and behaviors + - threat_intel conditions: kibana: version: "^8.17.1 || ^9.0.0" diff --git a/packages/beyondinsight_password_safe/manifest.yml b/packages/beyondinsight_password_safe/manifest.yml index 8aabccaae96..e271bcd3b96 100644 --- a/packages/beyondinsight_password_safe/manifest.yml +++ b/packages/beyondinsight_password_safe/manifest.yml @@ -8,6 +8,10 @@ description: Ingest privileged access management (PAM) data from BeyondTrust's B type: integration categories: - security + # Added credential_management category as Password Safe is a privileged password management solution + - credential_management + # Added iam category as this integration provides user audit data and privileged access management functionality + - iam conditions: kibana: version: "^8.15.3 || ^9.0.0" diff --git a/packages/beyondtrust_pra/manifest.yml b/packages/beyondtrust_pra/manifest.yml index a1879c1fa45..82f22ad1157 100644 --- a/packages/beyondtrust_pra/manifest.yml +++ b/packages/beyondtrust_pra/manifest.yml @@ -6,6 +6,10 @@ type: integration format_version: 3.4.0 categories: - security + # Added iam category as BeyondTrust PRA provides privileged access management functionality + - iam + # Added network_security category as it secures remote access connections to critical systems + - network_security conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/bitdefender/manifest.yml b/packages/bitdefender/manifest.yml index 91e0ad92d7c..436040e7c7a 100644 --- a/packages/bitdefender/manifest.yml +++ b/packages/bitdefender/manifest.yml @@ -8,6 +8,8 @@ description: "Ingest BitDefender GravityZone logs and data" type: integration categories: - security + # Added edr_xdr category as BitDefender GravityZone provides endpoint detection and response capabilities + - edr_xdr conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/blacklens/manifest.yml b/packages/blacklens/manifest.yml index 91c32ccb47d..b2c96984ca8 100644 --- a/packages/blacklens/manifest.yml +++ b/packages/blacklens/manifest.yml @@ -8,6 +8,8 @@ description: "Collect logs from blacklens.io with Elastic Agent" type: integration categories: - security + # Added vulnerability_management category as Blacklens offers vulnerability scanning and attack surface management + - vulnerability_management conditions: kibana: version: "^8.15.2 || ^9.0.0" diff --git a/packages/canva/manifest.yml b/packages/canva/manifest.yml index 42e13564e87..d7e2a6cb120 100644 --- a/packages/canva/manifest.yml +++ b/packages/canva/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - productivity + # Added iam category as Canva integration collects audit logs related to user activities, permissions, and access management + - iam conditions: kibana: version: "^8.16.5 || ^9.0.0" diff --git a/packages/cef/manifest.yml b/packages/cef/manifest.yml index 3b340c4ad8d..9b245d6cd60 100644 --- a/packages/cef/manifest.yml +++ b/packages/cef/manifest.yml @@ -4,6 +4,10 @@ version: "2.21.2" description: Collect logs from CEF Logs with Elastic Agent. categories: - security + # Added custom category as CEF is a standardized log format that can be used by many different products + - custom + # Added network_security category as CEF is commonly used for network security monitoring and firewall logs + - network_security conditions: kibana: version: "^8.15.1 || ^9.0.0" diff --git a/packages/checkpoint_email/manifest.yml b/packages/checkpoint_email/manifest.yml index 653b82fdca8..00afae3203a 100644 --- a/packages/checkpoint_email/manifest.yml +++ b/packages/checkpoint_email/manifest.yml @@ -6,6 +6,8 @@ description: Collect logs from Check Point Harmony Email & Collaboration with El type: integration categories: - security + # Added email_security category as Check Point Harmony Email & Collaboration focuses on monitoring and securing email platforms + - email_security conditions: kibana: version: "^8.16.0 || ^9.0.0" diff --git a/packages/checkpoint_harmony_endpoint/manifest.yml b/packages/checkpoint_harmony_endpoint/manifest.yml index 77b8ece1765..3d48267218a 100644 --- a/packages/checkpoint_harmony_endpoint/manifest.yml +++ b/packages/checkpoint_harmony_endpoint/manifest.yml @@ -8,6 +8,8 @@ description: "Collect logs from Check Point Harmony Endpoint" type: integration categories: - security + # Added edr_xdr category as Check Point Harmony Endpoint provides endpoint detection and response capabilities with advanced threat prevention + - edr_xdr conditions: kibana: version: "^8.14.0 || ^9.0.0" diff --git a/packages/cisa_kevs/manifest.yml b/packages/cisa_kevs/manifest.yml index 0b99d8caf96..f65034758f1 100644 --- a/packages/cisa_kevs/manifest.yml +++ b/packages/cisa_kevs/manifest.yml @@ -6,6 +6,8 @@ description: "This package allows the ingest of known exploited vulnerabilities type: integration categories: - security + # Added vulnerability_management category as CISA KEVs provides information about known exploited vulnerabilities for vulnerability tracking and management + - vulnerability_management conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/cisco_ise/manifest.yml b/packages/cisco_ise/manifest.yml index 68166151bbe..2b8cdd28b5d 100644 --- a/packages/cisco_ise/manifest.yml +++ b/packages/cisco_ise/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - network + # Added iam category as Cisco ISE is an identity services engine that provides identity and access management + - iam conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/cisco_meraki/manifest.yml b/packages/cisco_meraki/manifest.yml index 4d37aaa0211..e6da22f28b8 100644 --- a/packages/cisco_meraki/manifest.yml +++ b/packages/cisco_meraki/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - network - security + # Added cloud category as Cisco Meraki is a cloud-managed networking solution + - cloud conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/cloud_defend/manifest.yml b/packages/cloud_defend/manifest.yml index e51941b4378..dc4b558be84 100644 --- a/packages/cloud_defend/manifest.yml +++ b/packages/cloud_defend/manifest.yml @@ -9,6 +9,8 @@ type: integration categories: - containers - kubernetes + # Observability is a parent category for kubernetes + - observability - security conditions: kibana: diff --git a/packages/docker_otel/manifest.yml b/packages/docker_otel/manifest.yml index 14a57f48535..cea485a5408 100644 --- a/packages/docker_otel/manifest.yml +++ b/packages/docker_otel/manifest.yml @@ -9,6 +9,8 @@ type: content categories: - containers - monitoring + # Observability is a parent category for monitoring + - observability conditions: kibana: version: "^8.17.2 || ^9.0.0" diff --git a/packages/elastic_connectors/manifest.yml b/packages/elastic_connectors/manifest.yml index d0f3abc2d17..4e600f55f4c 100644 --- a/packages/elastic_connectors/manifest.yml +++ b/packages/elastic_connectors/manifest.yml @@ -8,6 +8,8 @@ description: "Sync data from source to the Elasticsearch index." type: integration categories: - connector + # Enterprise Search is a parent category for connector + - enterprise_search conditions: kibana: version: "^9.0.0" diff --git a/packages/falco/manifest.yml b/packages/falco/manifest.yml index ed5b4ccc331..2a6271e826c 100644 --- a/packages/falco/manifest.yml +++ b/packages/falco/manifest.yml @@ -8,6 +8,8 @@ categories: - containers - kubernetes - monitoring + # Observability is a parent category for kubernetes and monitoring + - observability - security conditions: kibana: diff --git a/packages/fortinet_fortiproxy/manifest.yml b/packages/fortinet_fortiproxy/manifest.yml index 0cf6333b43e..406baf74f2f 100644 --- a/packages/fortinet_fortiproxy/manifest.yml +++ b/packages/fortinet_fortiproxy/manifest.yml @@ -6,6 +6,8 @@ description: "Collect logs from Fortinet FortiProxy with Elastic Agent." type: integration categories: - network + # Observability is a parent category for web + - observability - proxy_security - security - web diff --git a/packages/gigamon/manifest.yml b/packages/gigamon/manifest.yml index b7a0ff1416a..42c4bc24336 100644 --- a/packages/gigamon/manifest.yml +++ b/packages/gigamon/manifest.yml @@ -9,6 +9,8 @@ categories: - security - network - application_observability + # Observability is a parent category for application_observability + - observability conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/kubernetes_otel/manifest.yml b/packages/kubernetes_otel/manifest.yml index 164cd53aa08..2c36f69d64d 100644 --- a/packages/kubernetes_otel/manifest.yml +++ b/packages/kubernetes_otel/manifest.yml @@ -6,6 +6,8 @@ description: "Utilise the pre-built dashboard for OTel-native metrics and events type: content categories: - kubernetes + # Observability is a parent category for kubernetes + - observability conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/menlo/manifest.yml b/packages/menlo/manifest.yml index a05180ea1e2..6446bf9a908 100644 --- a/packages/menlo/manifest.yml +++ b/packages/menlo/manifest.yml @@ -9,6 +9,8 @@ type: integration categories: - monitoring - network + # Observability is a parent category for monitoring + - observability - security conditions: kibana: diff --git a/packages/microsoft_defender_endpoint/manifest.yml b/packages/microsoft_defender_endpoint/manifest.yml index 13ae6d29dce..33b6b584698 100644 --- a/packages/microsoft_defender_endpoint/manifest.yml +++ b/packages/microsoft_defender_endpoint/manifest.yml @@ -4,8 +4,10 @@ title: Microsoft Defender for Endpoint version: "2.43.0" description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent. categories: - - "security" - - "edr_xdr" + - security + - edr_xdr + # Added siem category as Microsoft Defender for Endpoint provides security event data for monitoring and incident response + - siem type: integration conditions: kibana: diff --git a/packages/microsoft_dhcp/manifest.yml b/packages/microsoft_dhcp/manifest.yml index bd801c715ca..cd9758b635a 100644 --- a/packages/microsoft_dhcp/manifest.yml +++ b/packages/microsoft_dhcp/manifest.yml @@ -6,6 +6,8 @@ description: Collect logs from Microsoft DHCP with Elastic Agent. type: integration categories: - security + # Added network category as it collects DHCP server logs that contain network address assignment information + - network conditions: kibana: version: ^8.11.0 || ^9.0.0 diff --git a/packages/microsoft_exchange_server/manifest.yml b/packages/microsoft_exchange_server/manifest.yml index 744825111c0..b32f8a8d568 100644 --- a/packages/microsoft_exchange_server/manifest.yml +++ b/packages/microsoft_exchange_server/manifest.yml @@ -8,6 +8,8 @@ description: Collect logs from Microsoft Exchange Server with Elastic Agent. type: integration categories: - security + # Added email_security category as it collects logs from Exchange Server including HTTP proxy, IMAP/POP3, message tracking, and SMTP logs + - email_security conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/miniflux/manifest.yml b/packages/miniflux/manifest.yml index ddc09e2cd9a..3c005e2a625 100644 --- a/packages/miniflux/manifest.yml +++ b/packages/miniflux/manifest.yml @@ -7,6 +7,8 @@ source: description: Collect RSS feed content from the Miniflux API with Elastic Agent. type: integration categories: + # Observability is a parent category for web + - observability - web conditions: kibana: diff --git a/packages/mongodb/manifest.yml b/packages/mongodb/manifest.yml index 5f404a85eaf..1642a51c210 100644 --- a/packages/mongodb/manifest.yml +++ b/packages/mongodb/manifest.yml @@ -6,6 +6,10 @@ type: integration categories: - datastore - observability + # Added database_security category as it collects database logs and metrics including collection statistics, database statistics, and replication status + - database_security + # Added global security category as this integration collects security-relevant data + - security icons: - src: /img/logo_mongodb.svg title: logo mongodb diff --git a/packages/mongodb_atlas/manifest.yml b/packages/mongodb_atlas/manifest.yml index 8e1d8b5e41a..594513dd8ef 100644 --- a/packages/mongodb_atlas/manifest.yml +++ b/packages/mongodb_atlas/manifest.yml @@ -10,6 +10,10 @@ categories: - cloud - datastore - observability + # Added database_security category as it collects audit logs, alerts, and security-relevant metrics from MongoDB Atlas + - database_security + # Added global security category as this integration collects security-relevant data + - security conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/mysql/manifest.yml b/packages/mysql/manifest.yml index fbb2ae47e62..b95f81fd85a 100644 --- a/packages/mysql/manifest.yml +++ b/packages/mysql/manifest.yml @@ -7,6 +7,10 @@ type: integration categories: - datastore - observability + # Added database_security category as it collects error logs, slow query logs, and replication status metrics that are relevant for database security monitoring + - database_security + # Added global security category as this integration collects security-relevant data + - security conditions: kibana: version: "^8.15.0 || ^9.0.0" diff --git a/packages/mysql_enterprise/manifest.yml b/packages/mysql_enterprise/manifest.yml index d4cf28684b7..c72f75e4199 100644 --- a/packages/mysql_enterprise/manifest.yml +++ b/packages/mysql_enterprise/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - datastore + # Added database_security category as it specifically collects MySQL Enterprise Audit logs which are critical for database security monitoring + - database_security conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/nats/manifest.yml b/packages/nats/manifest.yml index bec9c13c1c8..4d290dc135f 100644 --- a/packages/nats/manifest.yml +++ b/packages/nats/manifest.yml @@ -12,6 +12,8 @@ format_version: 3.0.4 categories: - observability - message_queue + # Added stream_processing category as NATS is commonly used for real-time data streaming and event processing + - stream_processing conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/netscout/manifest.yml b/packages/netscout/manifest.yml index bece9a9c96d..560646fde9a 100644 --- a/packages/netscout/manifest.yml +++ b/packages/netscout/manifest.yml @@ -3,7 +3,9 @@ name: netscout title: Arbor Peakflow SP Logs (Deprecated) version: "0.22.1" description: Deprecated. Netscout Arbor Peakflow SP is no longer supported. -categories: ["security", "network"] +categories: + - security + - network type: integration conditions: kibana.version: "^8.11.0" diff --git a/packages/o365/manifest.yml b/packages/o365/manifest.yml index c24aa99f573..4cf999c8bf1 100644 --- a/packages/o365/manifest.yml +++ b/packages/o365/manifest.yml @@ -4,7 +4,13 @@ version: "2.24.0" description: Collect logs from Microsoft Office 365 with Elastic Agent. type: integration format_version: "3.2.3" -categories: [security, productivity_security] +categories: + - security + - productivity_security + # Added cloud_security category as it monitors cloud-based Office 365 services, and iam category as it collects Azure AD activity logs related to identity and access management + - iam + # Added observability category as it provides visibility into user activity, service health, and performance metrics across Office 365 services + - observability conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/o365_metrics/manifest.yml b/packages/o365_metrics/manifest.yml index 2b114a2d3ce..4f84d32f895 100644 --- a/packages/o365_metrics/manifest.yml +++ b/packages/o365_metrics/manifest.yml @@ -4,7 +4,9 @@ version: "0.22.1" description: Collect metrics from Microsoft Office 365 with Elastic Agent. type: integration format_version: "3.0.2" -categories: [observability, security] +categories: + - observability + - security conditions: kibana: version: "^8.16.0 || ^9.0.0" diff --git a/packages/oracle/manifest.yml b/packages/oracle/manifest.yml index 06275a98c99..cf314b7b914 100644 --- a/packages/oracle/manifest.yml +++ b/packages/oracle/manifest.yml @@ -7,6 +7,10 @@ type: integration categories: - observability - datastore + # Added database_security category as it collects database audit logs which are critical for monitoring database security events + - database_security + # Added global security category as this integration collects security-relevant data + - security conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/panw/manifest.yml b/packages/panw/manifest.yml index 11facfa41b2..5614064bff1 100644 --- a/packages/panw/manifest.yml +++ b/packages/panw/manifest.yml @@ -4,7 +4,9 @@ version: "5.3.3" description: Collect logs from Palo Alto next-gen firewalls with Elastic Agent. type: integration format_version: "3.0.3" -categories: [security, network] +categories: + - security + - network conditions: kibana: version: ^8.11.0 || ^9.0.0 diff --git a/packages/panw_metrics/manifest.yml b/packages/panw_metrics/manifest.yml index 445c0b7fd8d..584ccb27281 100644 --- a/packages/panw_metrics/manifest.yml +++ b/packages/panw_metrics/manifest.yml @@ -8,6 +8,8 @@ categories: - network - security - observability + # Added network_security category as it collects metrics from Palo Alto Networks firewalls for monitoring network security + - network_security conditions: kibana: version: "^8.15.2 || ^9.0.0" diff --git a/packages/pfsense/manifest.yml b/packages/pfsense/manifest.yml index 880d788d4df..72f666ed212 100644 --- a/packages/pfsense/manifest.yml +++ b/packages/pfsense/manifest.yml @@ -13,6 +13,8 @@ categories: - network - security - firewall_security + # Added network_security category as it collects logs from pfSense and OPNsense firewalls for monitoring network traffic and security events + - network_security conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/ping_federate/manifest.yml b/packages/ping_federate/manifest.yml index e6e1f4e7cb1..26e1655bf1b 100644 --- a/packages/ping_federate/manifest.yml +++ b/packages/ping_federate/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - authentication + # Added iam category as PingFederate is an identity and access management solution + - iam conditions: kibana: version: "^8.16.0 || ^9.0.0" diff --git a/packages/sailpoint_identity_sc/manifest.yml b/packages/sailpoint_identity_sc/manifest.yml index 61c2266a802..860bc59e0c8 100644 --- a/packages/sailpoint_identity_sc/manifest.yml +++ b/packages/sailpoint_identity_sc/manifest.yml @@ -8,6 +8,8 @@ description: "Sailpoint identity security cloud provides enterprise identity gov type: integration categories: - security + # Added iam category as SailPoint provides identity and access management capabilities + - iam conditions: kibana: version: "^8.16.1 || ^9.0.0" diff --git a/packages/salesforce/manifest.yml b/packages/salesforce/manifest.yml index ae41375590a..b62a0ac39b6 100644 --- a/packages/salesforce/manifest.yml +++ b/packages/salesforce/manifest.yml @@ -7,6 +7,8 @@ description: | type: integration categories: - observability + # Added crm category as Salesforce is a customer relationship management platform + - crm conditions: elastic: subscription: basic diff --git a/packages/security_detection_engine/manifest.yml b/packages/security_detection_engine/manifest.yml index 98d1fc3290a..6cc6bd344ba 100644 --- a/packages/security_detection_engine/manifest.yml +++ b/packages/security_detection_engine/manifest.yml @@ -1,5 +1,7 @@ categories: - security + # Added siem category as these rules are used by the Elastic Security detection engine for security monitoring + - siem conditions: elastic: capabilities: diff --git a/packages/sentinel_one_cloud_funnel/manifest.yml b/packages/sentinel_one_cloud_funnel/manifest.yml index 733c80b58b2..389daa797ae 100644 --- a/packages/sentinel_one_cloud_funnel/manifest.yml +++ b/packages/sentinel_one_cloud_funnel/manifest.yml @@ -4,7 +4,9 @@ title: SentinelOne Cloud Funnel version: "1.13.1" description: Collect logs from SentinelOne Cloud Funnel with Elastic Agent. type: integration -categories: ["security", "edr_xdr"] +categories: + - security + - edr_xdr conditions: kibana: version: "^8.16.5 || ^9.0.0" diff --git a/packages/snort/manifest.yml b/packages/snort/manifest.yml index ccf94a2901e..71341a0a259 100644 --- a/packages/snort/manifest.yml +++ b/packages/snort/manifest.yml @@ -9,7 +9,11 @@ icons: size: 120x60 type: image/svg+xml format_version: "3.0.3" -categories: [ids_ips, security] +categories: + - ids_ips + - security + # Added network_security category as Snort monitors network traffic for security threats + - network_security conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/snyk/manifest.yml b/packages/snyk/manifest.yml index d5e55821922..fd37e897fd6 100644 --- a/packages/snyk/manifest.yml +++ b/packages/snyk/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - cloudsecurity_cdr + # Added vulnerability_management category as Snyk identifies and tracks vulnerabilities in code and dependencies + - vulnerability_management conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/sonicwall_firewall/manifest.yml b/packages/sonicwall_firewall/manifest.yml index b8b143898a7..002fe65aef2 100644 --- a/packages/sonicwall_firewall/manifest.yml +++ b/packages/sonicwall_firewall/manifest.yml @@ -8,6 +8,8 @@ categories: - network - security - firewall_security + # Added network_security category as SonicWall provides network security and traffic monitoring capabilities + - network_security conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/sophos/manifest.yml b/packages/sophos/manifest.yml index 95710f72d91..3daf7953db3 100644 --- a/packages/sophos/manifest.yml +++ b/packages/sophos/manifest.yml @@ -4,9 +4,9 @@ title: Sophos version: "3.15.1" description: Collect logs from Sophos with Elastic Agent. categories: - - "security" - - "network" - - "firewall_security" + - security + - network + - firewall_security type: integration conditions: kibana: diff --git a/packages/squid/manifest.yml b/packages/squid/manifest.yml index f6eb2233f45..60f73334638 100644 --- a/packages/squid/manifest.yml +++ b/packages/squid/manifest.yml @@ -4,6 +4,8 @@ title: Squid Proxy version: "1.3.1" description: Collect and parse logs from Squid devices with Elastic Agent. categories: + # Observability is a parent category for web + - observability - network - security - proxy_security diff --git a/packages/stan/manifest.yml b/packages/stan/manifest.yml index 83b4dd9c61c..1dc9f073549 100644 --- a/packages/stan/manifest.yml +++ b/packages/stan/manifest.yml @@ -11,6 +11,8 @@ icons: format_version: 3.0.4 categories: - observability + # Added stream_processing category as STAN provides streaming data processing capabilities + - stream_processing conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/stormshield/manifest.yml b/packages/stormshield/manifest.yml index 72fb7bdc746..818930088f9 100644 --- a/packages/stormshield/manifest.yml +++ b/packages/stormshield/manifest.yml @@ -10,6 +10,8 @@ categories: - network - security - firewall_security + # Added network_security category as Stormshield provides network security protection + - network_security conditions: kibana: version: "^8.11.4 || ^9.0.0" diff --git a/packages/suricata/manifest.yml b/packages/suricata/manifest.yml index be929ccc9ec..0b3d3e1dc65 100644 --- a/packages/suricata/manifest.yml +++ b/packages/suricata/manifest.yml @@ -9,7 +9,12 @@ icons: size: 309x309 type: image/svg+xml format_version: "3.0.3" -categories: [network, security, ids_ips] +categories: + - network + - security + - ids_ips + # Added network_security category as Suricata monitors network traffic for security threats + - network_security conditions: kibana: version: "^8.11.0 || ^9.0.0" diff --git a/packages/symantec_endpoint/manifest.yml b/packages/symantec_endpoint/manifest.yml index 4fcab7f049b..41ee01f59ee 100644 --- a/packages/symantec_endpoint/manifest.yml +++ b/packages/symantec_endpoint/manifest.yml @@ -4,7 +4,9 @@ version: "2.19.0" description: Collect logs from Symantec Endpoint Protection with Elastic Agent. type: integration format_version: "3.0.3" -categories: ["security", "edr_xdr"] +categories: + - security + - edr_xdr conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/synthetics/manifest.yml b/packages/synthetics/manifest.yml index 159b5e5b533..435742f3f13 100644 --- a/packages/synthetics/manifest.yml +++ b/packages/synthetics/manifest.yml @@ -3,7 +3,10 @@ name: synthetics title: Elastic Synthetics description: Internal Elastic integration for providing access to private locations. version: 1.4.2 -categories: ["observability"] +categories: + - observability + # Added monitoring category as Synthetics provides synthetic monitoring capabilities + - monitoring type: integration source: license: Elastic-2.0 diff --git a/packages/sysdig/manifest.yml b/packages/sysdig/manifest.yml index fc1e83d43e8..a8c4f1e886a 100644 --- a/packages/sysdig/manifest.yml +++ b/packages/sysdig/manifest.yml @@ -8,6 +8,8 @@ categories: - containers - kubernetes - monitoring + # Observability is a parent category for kubernetes and monitoring + - observability - security conditions: kibana: diff --git a/packages/system/manifest.yml b/packages/system/manifest.yml index 796360dfacc..f68bac0e79a 100644 --- a/packages/system/manifest.yml +++ b/packages/system/manifest.yml @@ -6,6 +6,10 @@ description: Collect system logs and metrics from your servers with Elastic Agen type: integration categories: - os_system + # Added monitoring category as System integration collects metrics for monitoring server health + - monitoring + # Added observability category as System integration provides comprehensive visibility into host performance, resource utilization, and system state + - observability conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/system_otel/manifest.yml b/packages/system_otel/manifest.yml index 7f1cde6283d..28c0c545205 100644 --- a/packages/system_otel/manifest.yml +++ b/packages/system_otel/manifest.yml @@ -6,6 +6,10 @@ description: "Dashboards for the OpenTelemetry data collected with the `hostmetr type: content categories: - os_system + # Added monitoring category as System OTEL provides dashboards for monitoring system metrics + - monitoring + # Added observability category as System OTEL uses OpenTelemetry for system observability + - observability conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/teleport/manifest.yml b/packages/teleport/manifest.yml index fa0a1b679e4..0c056935838 100644 --- a/packages/teleport/manifest.yml +++ b/packages/teleport/manifest.yml @@ -9,6 +9,8 @@ type: integration categories: - monitoring - network + # Observability is a parent category for monitoring + - observability - security conditions: kibana: diff --git a/packages/tetragon/manifest.yml b/packages/tetragon/manifest.yml index c46263f2ac3..22ae766ac3d 100644 --- a/packages/tetragon/manifest.yml +++ b/packages/tetragon/manifest.yml @@ -12,6 +12,8 @@ categories: - cloud - cloudsecurity_cdr - kubernetes + # Observability is a parent category for kubernetes + - observability conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/threat_map/manifest.yml b/packages/threat_map/manifest.yml index 6d5458b1584..b3b1ffcf84c 100644 --- a/packages/threat_map/manifest.yml +++ b/packages/threat_map/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - custom - security + # Added network_security category as Threat Map visualizes network traffic for security analysis + - network_security conditions: kibana: version: "^8.14.0 || ^9.0.0" diff --git a/packages/thycotic_ss/manifest.yml b/packages/thycotic_ss/manifest.yml index 7bd31165739..f330d4069da 100644 --- a/packages/thycotic_ss/manifest.yml +++ b/packages/thycotic_ss/manifest.yml @@ -8,6 +8,8 @@ description: "Thycotic Secret Server logs" type: integration categories: - security + # Added credential_management category as Thycotic Secret Server provides secure storage and management of credentials + - credential_management conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/ti_abusech/manifest.yml b/packages/ti_abusech/manifest.yml index ebd6d13c178..02b7a6ea741 100644 --- a/packages/ti_abusech/manifest.yml +++ b/packages/ti_abusech/manifest.yml @@ -4,7 +4,9 @@ version: "3.3.0" description: Ingest threat intelligence indicators from URL Haus, Malware Bazaar, and Threat Fox feeds with Elastic Agent. type: integration format_version: "3.3.2" -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.19.0 || ^9.1.0" diff --git a/packages/ti_anomali/manifest.yml b/packages/ti_anomali/manifest.yml index b008d84ad15..8caa694e4b0 100644 --- a/packages/ti_anomali/manifest.yml +++ b/packages/ti_anomali/manifest.yml @@ -4,7 +4,9 @@ version: "2.1.0" description: Ingest threat intelligence indicators from Anomali with Elastic Agent. type: integration format_version: 3.0.2 -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/ti_cybersixgill/manifest.yml b/packages/ti_cybersixgill/manifest.yml index 7c049c88c6b..0ffdd182e68 100644 --- a/packages/ti_cybersixgill/manifest.yml +++ b/packages/ti_cybersixgill/manifest.yml @@ -4,7 +4,9 @@ version: "1.33.0" description: Ingest threat intelligence indicators from Cybersixgill with Elastic Agent. type: integration format_version: "3.0.2" -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/ti_maltiverse/manifest.yml b/packages/ti_maltiverse/manifest.yml index b57a1b71bdf..c20bd5d663e 100644 --- a/packages/ti_maltiverse/manifest.yml +++ b/packages/ti_maltiverse/manifest.yml @@ -4,7 +4,9 @@ version: "1.5.0" description: Ingest threat intelligence indicators from Maltiverse feeds with Elastic Agent type: integration format_version: 3.0.2 -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/ti_misp/manifest.yml b/packages/ti_misp/manifest.yml index fd9f61da980..8e026592154 100644 --- a/packages/ti_misp/manifest.yml +++ b/packages/ti_misp/manifest.yml @@ -4,7 +4,9 @@ version: "1.38.0" description: Ingest threat intelligence indicators from MISP platform with Elastic Agent. type: integration format_version: "3.0.2" -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/ti_otx/manifest.yml b/packages/ti_otx/manifest.yml index 70c942d66c4..0abebf63537 100644 --- a/packages/ti_otx/manifest.yml +++ b/packages/ti_otx/manifest.yml @@ -4,7 +4,9 @@ version: "1.28.0" description: Ingest threat intelligence indicators from AlienVault Open Threat Exchange (OTX) with Elastic Agent. type: integration format_version: "3.0.2" -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/ti_rapid7_threat_command/manifest.yml b/packages/ti_rapid7_threat_command/manifest.yml index 89f5b263e9c..3bb0803b41f 100644 --- a/packages/ti_rapid7_threat_command/manifest.yml +++ b/packages/ti_rapid7_threat_command/manifest.yml @@ -4,7 +4,11 @@ title: Rapid7 Threat Command version: "2.5.0" description: Collect threat intelligence from Threat Command API with Elastic Agent. type: integration -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel + # Added vulnerability_management category as Rapid7 Threat Command includes CVE data for vulnerability management + - vulnerability_management conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/ti_recordedfuture/manifest.yml b/packages/ti_recordedfuture/manifest.yml index 4155f00db1a..082f506dfc2 100644 --- a/packages/ti_recordedfuture/manifest.yml +++ b/packages/ti_recordedfuture/manifest.yml @@ -4,7 +4,9 @@ version: "2.3.0" description: Ingest threat intelligence and alert data from Recorded Future with Elastic Agent. type: integration format_version: 3.4.0 -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/ti_threatq/manifest.yml b/packages/ti_threatq/manifest.yml index ae7196fb296..4a07a5784b5 100644 --- a/packages/ti_threatq/manifest.yml +++ b/packages/ti_threatq/manifest.yml @@ -4,7 +4,9 @@ version: "1.35.0" description: Ingest threat intelligence indicators from ThreatQuotient with Elastic Agent. type: integration format_version: "3.3.1" -categories: ["security", "threat_intel"] +categories: + - security + - threat_intel conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/tomcat/manifest.yml b/packages/tomcat/manifest.yml index ce28cd42f30..82044dd0d2a 100644 --- a/packages/tomcat/manifest.yml +++ b/packages/tomcat/manifest.yml @@ -3,7 +3,11 @@ name: tomcat title: Tomcat NetWitness Logs (Deprecated) version: "1.14.0" description: Collect and parse logs from Apache Tomcat servers with Elastic Agent. -categories: ["web", "observability"] +categories: + - web + - observability + # Added application_observability category as Tomcat is a web application server that provides observability data + - application_observability type: integration conditions: kibana: diff --git a/packages/traefik/manifest.yml b/packages/traefik/manifest.yml index 3911d2d1787..993aa0e4b1c 100644 --- a/packages/traefik/manifest.yml +++ b/packages/traefik/manifest.yml @@ -11,6 +11,12 @@ icons: format_version: "3.0.0" categories: - observability + # Added web category as Traefik is a modern reverse proxy for web traffic + - web + # Added load_balancer category as Traefik functions as a load balancer for web applications + - load_balancer + # Added network category as Traefik manages network traffic routing + - network conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/trellix_edr_cloud/manifest.yml b/packages/trellix_edr_cloud/manifest.yml index 3f48d0a9363..eaf8445aebb 100644 --- a/packages/trellix_edr_cloud/manifest.yml +++ b/packages/trellix_edr_cloud/manifest.yml @@ -7,6 +7,10 @@ type: integration categories: - cloud - security + # Added edr_xdr category as Trellix EDR Cloud is an Endpoint Detection and Response solution + - edr_xdr + # Added siem category as Trellix EDR Cloud provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.16.5 || ^9.0.0" diff --git a/packages/trellix_epo_cloud/manifest.yml b/packages/trellix_epo_cloud/manifest.yml index 78b3c8ce10c..c3554b7c9ec 100644 --- a/packages/trellix_epo_cloud/manifest.yml +++ b/packages/trellix_epo_cloud/manifest.yml @@ -8,6 +8,10 @@ description: Collect logs from Trellix ePO Cloud with Elastic Agent. type: integration categories: - security + # Added edr_xdr category as Trellix ePO Cloud is a centralized security management platform for endpoints + - edr_xdr + # Added siem category as Trellix ePO Cloud provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/trend_micro_vision_one/manifest.yml b/packages/trend_micro_vision_one/manifest.yml index 98a84c9c099..d9bbba0f6b6 100644 --- a/packages/trend_micro_vision_one/manifest.yml +++ b/packages/trend_micro_vision_one/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - edr_xdr + # Added siem category as Trend Micro Vision One provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.15.0 || ^9.0.0" diff --git a/packages/trendmicro/manifest.yml b/packages/trendmicro/manifest.yml index a4cf7aa554e..47e1d5d48b2 100644 --- a/packages/trendmicro/manifest.yml +++ b/packages/trendmicro/manifest.yml @@ -8,6 +8,8 @@ categories: - network - edr_xdr - security + # Added siem category as Trend Micro Deep Security provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/tychon/manifest.yml b/packages/tychon/manifest.yml index b91a0e87155..663ec68b5c3 100644 --- a/packages/tychon/manifest.yml +++ b/packages/tychon/manifest.yml @@ -10,6 +10,10 @@ categories: - security - config_management - vulnerability_management + # Added siem category as TYCHON provides comprehensive endpoint data for security monitoring and incident response + - siem + # Added edr_xdr category as TYCHON provides endpoint detection and response capabilities + - edr_xdr conditions: kibana: version: "^8.14.0 || ^9.0.0" diff --git a/packages/udp/manifest.yml b/packages/udp/manifest.yml index a822cc91f1f..f5abfa1a51d 100644 --- a/packages/udp/manifest.yml +++ b/packages/udp/manifest.yml @@ -10,6 +10,8 @@ conditions: categories: - custom - custom_logs + # Added network category as UDP is a network protocol and this integration collects network traffic data + - network policy_templates: - name: udp type: logs diff --git a/packages/unifiedlogs/manifest.yml b/packages/unifiedlogs/manifest.yml index 3d1b8f48189..2fd4976e1ab 100644 --- a/packages/unifiedlogs/manifest.yml +++ b/packages/unifiedlogs/manifest.yml @@ -12,6 +12,10 @@ conditions: categories: - custom - os_system + # Added observability category as macOS Unified Logs provide comprehensive system telemetry for observability purposes + - observability + # Added security category as macOS Unified Logs contain critical security events, authentication attempts, and system modifications that are essential for security monitoring and forensic analysis + - security policy_templates: - name: unifiedlogs type: logs diff --git a/packages/universal_profiling_agent/manifest.yml b/packages/universal_profiling_agent/manifest.yml index 18b17832e08..0b2132f4a52 100644 --- a/packages/universal_profiling_agent/manifest.yml +++ b/packages/universal_profiling_agent/manifest.yml @@ -1,7 +1,11 @@ name: profiler_agent title: Universal Profiling Agent version: 8.17.3 -categories: ["elastic_stack", "monitoring"] +categories: + - elastic_stack + - monitoring + # Added observability category as Universal Profiling provides comprehensive system and application performance data + - observability description: Fleet-wide, whole-system, continuous profiling with zero instrumentation. conditions: kibana: diff --git a/packages/universal_profiling_collector/manifest.yml b/packages/universal_profiling_collector/manifest.yml index 455cdf6080d..cea40717ac1 100644 --- a/packages/universal_profiling_collector/manifest.yml +++ b/packages/universal_profiling_collector/manifest.yml @@ -1,7 +1,11 @@ name: profiler_collector title: Universal Profiling Collector version: 8.17.3 -categories: ["elastic_stack", "monitoring"] +categories: + - elastic_stack + - monitoring + # Added observability category as Universal Profiling provides deep visibility into application and system performance + - observability description: Fleet-wide, whole-system, continuous profiling with zero instrumentation. conditions: kibana.version: "^8.17.3 || ^9.0.0" diff --git a/packages/universal_profiling_symbolizer/manifest.yml b/packages/universal_profiling_symbolizer/manifest.yml index 5883ddc8aaa..c4e07d473a3 100644 --- a/packages/universal_profiling_symbolizer/manifest.yml +++ b/packages/universal_profiling_symbolizer/manifest.yml @@ -1,7 +1,11 @@ name: profiler_symbolizer title: Universal Profiling Symbolizer version: 8.17.3 -categories: ["elastic_stack", "monitoring"] +categories: + - elastic_stack + - monitoring + # Added observability category as Universal Profiling provides deep visibility into application and system performance + - observability description: Fleet-wide, whole-system, continuous profiling with zero instrumentation. conditions: kibana.version: "^8.17.3 || ^9.0.0" diff --git a/packages/varonis/manifest.yml b/packages/varonis/manifest.yml index 9adeb4c1034..21ae9971536 100644 --- a/packages/varonis/manifest.yml +++ b/packages/varonis/manifest.yml @@ -8,6 +8,8 @@ description: Collect Varonis syslog alerts using TCP/UDP input. type: integration categories: - security + # Added siem category as Varonis provides security alerts for monitoring and incident response + - siem conditions: kibana: version: "^8.15.3 || ^9.0.0" diff --git a/packages/vectra_detect/manifest.yml b/packages/vectra_detect/manifest.yml index 025f768529b..1da8866553c 100644 --- a/packages/vectra_detect/manifest.yml +++ b/packages/vectra_detect/manifest.yml @@ -6,7 +6,11 @@ source: license: Elastic-2.0 description: Collect logs from Vectra Detect with Elastic Agent. type: integration -categories: ["security", "network_security"] +categories: + - security + - network_security + # Added siem category as Vectra Detect provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/vectra_rux/manifest.yml b/packages/vectra_rux/manifest.yml index 7292b912ea6..080623ad5b8 100644 --- a/packages/vectra_rux/manifest.yml +++ b/packages/vectra_rux/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - security - edr_xdr + # Added siem category as Vectra RUX provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.18.0 || ^9.0.0" diff --git a/packages/vsphere/manifest.yml b/packages/vsphere/manifest.yml index 6b91b76dc96..c2dc6591340 100644 --- a/packages/vsphere/manifest.yml +++ b/packages/vsphere/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - observability - virtualization + # Added cloud category as VMware vSphere is a cloud computing virtualization platform + - cloud conditions: kibana: version: "^8.19.0 || ^9.1.0" diff --git a/packages/watchguard_firebox/manifest.yml b/packages/watchguard_firebox/manifest.yml index 27c75640522..c7b8a2fb838 100644 --- a/packages/watchguard_firebox/manifest.yml +++ b/packages/watchguard_firebox/manifest.yml @@ -8,6 +8,8 @@ categories: - security - network - firewall_security + # Added siem category as Watchguard Firebox provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/websocket/manifest.yml b/packages/websocket/manifest.yml index cf75a1afefa..e13aab5a939 100644 --- a/packages/websocket/manifest.yml +++ b/packages/websocket/manifest.yml @@ -6,6 +6,8 @@ description: Collect custom events from a socket server with Elastic agent. type: input categories: - custom + # Added network category as WebSocket is a network protocol for real-time communication + - network conditions: kibana: version: "^8.16.3 || ^8.17.1 || ^9.0.0" diff --git a/packages/websphere_application_server/manifest.yml b/packages/websphere_application_server/manifest.yml index 296d3afb145..8ef5dd58f29 100644 --- a/packages/websphere_application_server/manifest.yml +++ b/packages/websphere_application_server/manifest.yml @@ -7,6 +7,8 @@ type: integration categories: - websphere - observability + # Added application_observability category as WebSphere Application Server provides metrics for monitoring application performance + - application_observability conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/windows/manifest.yml b/packages/windows/manifest.yml index c4235d7c528..bfc9e017256 100644 --- a/packages/windows/manifest.yml +++ b/packages/windows/manifest.yml @@ -6,6 +6,8 @@ type: integration categories: - os_system - security + # Added observability category as Windows integration provides comprehensive system metrics and logs for monitoring + - observability icons: - src: /img/logo_windows.svg title: logo windows diff --git a/packages/windows_etw/manifest.yml b/packages/windows_etw/manifest.yml index 73bf121ae17..1522cda9a1f 100644 --- a/packages/windows_etw/manifest.yml +++ b/packages/windows_etw/manifest.yml @@ -10,6 +10,10 @@ conditions: categories: - custom - os_system + # Added security category as Windows ETW provides critical security event data + - security + # Added observability category as Windows ETW provides system telemetry for monitoring + - observability policy_templates: - name: etw type: logs diff --git a/packages/winlog/manifest.yml b/packages/winlog/manifest.yml index a732af4c14b..aba2de45d94 100644 --- a/packages/winlog/manifest.yml +++ b/packages/winlog/manifest.yml @@ -10,6 +10,10 @@ conditions: categories: - custom - os_system + # Added security category as Windows event logs contain critical security information + - security + # Added observability category as Windows event logs provide system telemetry for monitoring + - observability policy_templates: - name: winlogs type: logs diff --git a/packages/wiz/manifest.yml b/packages/wiz/manifest.yml index 3ebc9090e59..ed289e4ee6a 100644 --- a/packages/wiz/manifest.yml +++ b/packages/wiz/manifest.yml @@ -7,6 +7,10 @@ type: integration categories: - security - cloudsecurity_cdr + # Added cloud category as Wiz provides cloud security analysis and monitoring + - cloud + # Added siem category as Wiz provides security event data for monitoring and incident response + - siem conditions: kibana: version: "~8.16.6 || ~8.17.4 || ^8.18.0 || ^9.0.0" diff --git a/packages/zeek/manifest.yml b/packages/zeek/manifest.yml index a1cc727e279..4f2d24a720a 100644 --- a/packages/zeek/manifest.yml +++ b/packages/zeek/manifest.yml @@ -9,7 +9,9 @@ icons: size: 214x203 type: image/svg+xml format_version: "3.0.3" -categories: [network, security] +categories: + - network + - security conditions: kibana: version: "^8.12.0 || ^9.0.0" diff --git a/packages/zerofox/manifest.yml b/packages/zerofox/manifest.yml index 13b959b6aff..9ba9b8c6ca2 100644 --- a/packages/zerofox/manifest.yml +++ b/packages/zerofox/manifest.yml @@ -11,6 +11,10 @@ icons: type: image/svg+xml categories: - security + # Added siem category as ZeroFox provides security alert data for monitoring and incident response + - siem + # Added threat_intel category as ZeroFox provides threat intelligence about external threats + - threat_intel conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/zeronetworks/manifest.yml b/packages/zeronetworks/manifest.yml index f8fa57d5001..6ad74adde15 100644 --- a/packages/zeronetworks/manifest.yml +++ b/packages/zeronetworks/manifest.yml @@ -8,6 +8,10 @@ description: "Zero Networks Logs integration" type: integration categories: - security + # Added siem category as Zero Networks provides security audit events for monitoring and incident response + - siem + # Added network_security category as Zero Networks is used to microsegment networks and secure network access + - network_security conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/zookeeper/manifest.yml b/packages/zookeeper/manifest.yml index adf1a133744..b6a204786d9 100644 --- a/packages/zookeeper/manifest.yml +++ b/packages/zookeeper/manifest.yml @@ -11,6 +11,8 @@ icons: format_version: "3.0.0" categories: - observability + # Added message_queue category as ZooKeeper is often used as a coordination service for distributed messaging systems + - message_queue conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/zoom/manifest.yml b/packages/zoom/manifest.yml index 2acc03f2af9..0fea090d6bd 100644 --- a/packages/zoom/manifest.yml +++ b/packages/zoom/manifest.yml @@ -4,7 +4,11 @@ version: "1.23.0" description: Collect logs from Zoom with Elastic Agent. type: integration format_version: "3.0.2" -categories: ["security", "productivity_security"] +categories: + - security + - productivity_security + # Added observability category as Zoom provides meeting and user activity data for monitoring + - observability conditions: kibana: version: "^8.13.0 || ^9.0.0" diff --git a/packages/zscaler_zia/manifest.yml b/packages/zscaler_zia/manifest.yml index 63b8a5ddd71..9c637beb656 100644 --- a/packages/zscaler_zia/manifest.yml +++ b/packages/zscaler_zia/manifest.yml @@ -10,6 +10,8 @@ type: integration categories: - security - network + # Added siem category as Zscaler ZIA provides security event data for monitoring and incident response + - siem source: license: "Elastic-2.0" conditions: diff --git a/packages/zscaler_zpa/manifest.yml b/packages/zscaler_zpa/manifest.yml index e716ee1a0b7..7daf8a2a33b 100644 --- a/packages/zscaler_zpa/manifest.yml +++ b/packages/zscaler_zpa/manifest.yml @@ -10,6 +10,8 @@ categories: - security - network - vpn_security + # Added siem category as Zscaler ZPA provides security event data for monitoring and incident response + - siem conditions: kibana: version: "^8.13.0 || ^9.0.0"