update manifest and changelog

Author: leehinman

packages/cisco_asa/changelog.yml

@@ -1,4 +1,15 @@
 # newer versions go on top
+- version: "2.2.0"
+ changes:
+ - description: Add community_id processor, update 805001, 304001, 106023 and 602304 message parsing. elastic/beats#26879
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/XXX
+ - description: Add user.name field to ASA Security negotiation log line. elastic/beats#26975
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/XXX
+ - description: Change event.outcome and event.type handling to be more ECS compliant. elastic/beats#29698
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/XXX
 - version: "2.1.0"
  changes:
  - description: Add parsing for event code 113029-113040

packages/cisco_asa/data_stream/log/sample_event.json

@@ -1,8 +1,8 @@
 {
  "@timestamp": "2018-10-10T12:34:56.000Z",
  "agent": {
- "ephemeral_id": "07939676-bd51-4ca4-ac31-513b0df21144",
- "id": "9c3a0352-a8ed-4cf6-ab7d-f78439d723bc",
+ "ephemeral_id": "147a5d91-18f7-4a75-9392-267d0d1f7e3b",
+ "id": "76622dbf-9aac-410d-ad3f-a1e99729e87f",
  "name": "docker-fleet-agent",
  "type": "filebeat",
  "version": "8.0.0"
@@ -27,7 +27,7 @@
  "version": "8.0.0"
  },
  "elastic_agent": {
- "id": "9c3a0352-a8ed-4cf6-ab7d-f78439d723bc",
+ "id": "76622dbf-9aac-410d-ad3f-a1e99729e87f",
  "snapshot": false,
  "version": "8.0.0"
  },
@@ -39,7 +39,7 @@
  ],
  "code": "305011",
  "dataset": "cisco_asa.log",
- "ingested": "2022-03-10T23:27:34Z",
+ "ingested": "2022-03-10T23:57:18Z",
  "kind": "event",
  "original": "Oct 10 2018 12:34:56 localhost CiscoASA[999]: %ASA-6-305011: Built dynamic TCP translation from inside:172.31.98.44/1772 to outside:192.168.98.44/8256",
  "severity": 6,
@@ -57,7 +57,7 @@
  "log": {
  "level": "informational",
  "source": {
- "address": "172.31.0.4:40778"
+ "address": "192.168.32.7:40986"
  }
  },
  "network": {

packages/cisco_asa/docs/README.md

@@ -17,8 +17,8 @@ An example event for `log` looks as following:
 {
  "@timestamp": "2018-10-10T12:34:56.000Z",
  "agent": {
- "ephemeral_id": "db04ebf9-45c1-446a-904a-651450e4418b",
- "id": "cff46509-5938-47ff-ab4a-5f2e7ab95a34",
+ "ephemeral_id": "07939676-bd51-4ca4-ac31-513b0df21144",
+ "id": "9c3a0352-a8ed-4cf6-ab7d-f78439d723bc",
  "name": "docker-fleet-agent",
  "type": "filebeat",
  "version": "8.0.0"
@@ -43,7 +43,7 @@ An example event for `log` looks as following:
  "version": "8.0.0"
  },
  "elastic_agent": {
- "id": "cff46509-5938-47ff-ab4a-5f2e7ab95a34",
+ "id": "9c3a0352-a8ed-4cf6-ab7d-f78439d723bc",
  "snapshot": false,
  "version": "8.0.0"
  },
@@ -55,7 +55,7 @@ An example event for `log` looks as following:
  ],
  "code": "305011",
  "dataset": "cisco_asa.log",
- "ingested": "2022-03-10T23:01:42Z",
+ "ingested": "2022-03-10T23:27:34Z",
  "kind": "event",
  "original": "Oct 10 2018 12:34:56 localhost CiscoASA[999]: %ASA-6-305011: Built dynamic TCP translation from inside:172.31.98.44/1772 to outside:192.168.98.44/8256",
  "severity": 6,
@@ -73,7 +73,7 @@ An example event for `log` looks as following:
  "log": {
  "level": "informational",
  "source": {
- "address": "172.28.0.4:33307"
+ "address": "172.31.0.4:40778"
  }
  },
  "network": {

packages/cisco_asa/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: cisco_asa
 title: Cisco ASA
-version: 2.1.0
+version: 2.2.0
 license: basic
 description: Collect logs from Cisco ASA with Elastic Agent.
 type: integration