Change ThreatFox initial interval to integer and note valid values 1-7 (#7143)

API details from https://threatfox.abuse.ch/api/ "Number of days to filter IOCs for (based on first_seen) Min: 1, Max: 7. Default: 3"

Author: MakoWish

packages/ti_abusech/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.15.2"
+ changes:
+ - description: Change ThreatFox initial interval to integer and note valid values 1-7
+ type: bugfix
+ link: https://github.com/elastic/integrations/pull/7143
 - version: "1.15.1"
  changes:
  - description: Remove fields with empty string values

packages/ti_abusech/data_stream/threatfox/agent/stream/httpjson.yml.hbs

@@ -28,6 +28,7 @@ request.transforms:
  target: body.days
  value: '[[.cursor.days]]'
  default: '{{initial_interval}}'
+ value_type: int
 
 response.split:
  target: body.data

packages/ti_abusech/data_stream/threatfox/manifest.yml

@@ -33,13 +33,13 @@ streams:
  show_user: true
  default: 24h
  - name: initial_interval
- type: text
- title: Interval
+ type: integer
+ title: Initial Interval
  multi: false
  required: true
  show_user: true
- default: "30"
- description: How far back to look for indicators the first time the agent is started. Defaults to 30 days, can be any number between 1-90.
+ default: 7
+ description: How far back to look for indicators the first time the agent is started. Defaults to 7 days, can be any number between 1-7.
  - name: ssl
  type: yaml
  title: SSL

packages/ti_abusech/manifest.yml

@@ -1,6 +1,6 @@
 name: ti_abusech
 title: AbuseCH
-version: "1.15.1"
+version: "1.15.2"
 release: ga
 description: Ingest threat intelligence indicators from URL Haus, Malware Bazaar, and Threat Fox feeds with Elastic Agent.
 type: integration