elastic
diff --git a/‎packages/sentinel_one_cloud_funnel/changelog.yml‎
Lines changed: 5 additions & 0 deletions b/‎packages/sentinel_one_cloud_funnel/changelog.yml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎packages/sentinel_one_cloud_funnel/data_stream/event/agent/stream/gcs.yml.hbs‎
Lines changed: 6 additions & 0 deletions b/‎packages/sentinel_one_cloud_funnel/data_stream/event/agent/stream/gcs.yml.hbs‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/pipeline-registry.yml‎
Lines changed: 2 additions & 2 deletions b/‎packages/sentinel_one_cloud_funnel/data_stream/event/elasticsearch/ingest_pipeline/pipeline-registry.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎packages/sentinel_one_cloud_funnel/manifest.yml‎
Lines changed: 1 addition & 1 deletion b/‎packages/sentinel_one_cloud_funnel/manifest.yml‎
Lines changed: 1 addition & 1 deletion
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.14.1"
+ changes:
+ - description: Add missing event preservation template expansions for GCS input.
+ type: bugfix
+ link: https://github.com/elastic/integrations/pull/9627
 - version: "0.14.0"
  changes:
  - description: Improve `event.type` and `event.action` mappings, fix missing `preserve_original_event` setting for GCS input.
 
@@ -32,6 +32,12 @@ timestamp_epoch: {{timestamp_epoch}}
 {{/if}}
 {{#if tags}}
 tags:
+{{#if preserve_original_event}}
+ - preserve_original_event
+{{/if}}
+{{#if preserve_duplicate_custom_fields}}
+ - preserve_duplicate_custom_fields
+{{/if}}
 {{#each tags as |tag|}}
  - {{tag}}
 {{/each}}
 
@@ -19,7 +19,7 @@ processors:
  - set:
  field: event.action
  value: [creation]
- if: ctx.sentinel_one_cloud_funnel?.event?.type != null && 
+ if: ctx.sentinel_one_cloud_funnel?.event?.type != null &&
  (
  ctx.sentinel_one_cloud_funnel?.event?.meta_event_name.toLowerCase().contains('regvaluecreate') ||
  ctx.sentinel_one_cloud_funnel?.event?.meta_event_name.toLowerCase().contains('regkeycreate')
@@ -31,7 +31,7 @@ processors:
  - set:
  field: event.action
  value: [deletion]
- if: ctx.sentinel_one_cloud_funnel?.event?.type != null && 
+ if: ctx.sentinel_one_cloud_funnel?.event?.type != null &&
  (
  ctx.sentinel_one_cloud_funnel?.event?.meta_event_name.toLowerCase().contains('regvaluedelete') ||
  ctx.sentinel_one_cloud_funnel?.event?.meta_event_name.toLowerCase().contains('regkeydelete')
 
@@ -1,7 +1,7 @@
 format_version: "3.0.2"
 name: sentinel_one_cloud_funnel
 title: SentinelOne Cloud Funnel
-version: "0.14.0"
+version: "0.14.1"
 description: Collect logs from SentinelOne Cloud Funnel with Elastic Agent.
 type: integration
 categories: ["security", "edr_xdr"]