[juniper_srx] Upgrade ECS to 8.0.0

packages/juniper_srx/_dev/build/build.yml

@@ -1,3 +1,3 @@
 dependencies:
  ecs:
- reference: git@1.12
+ reference: git@8.0

packages/juniper_srx/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.1.0"
+ changes:
+ - description: Update to ECS 8.0
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/2418
 - version: "1.0.1"
  changes:
  - description: Change test public IPs to the supported subset

packages/juniper_srx/data_stream/log/_dev/test/pipeline/test-atp.log-expected.json

@@ -66,7 +66,7 @@
  },
  "@timestamp": "2013-12-14T16:06:59.134Z",
  "ecs": {
- "version": "1.12.0"
+ "version": "8.0.0"
  },
  "related": {
  "user": [
@@ -86,7 +86,7 @@
  },
  "event": {
  "severity": 14,
- "ingested": "2021-12-10T10:15:56.414273600Z",
+ "ingested": "2022-01-01T23:02:00.272700293Z",
  "original": "\u003c14\u003e1 2013-12-14T16:06:59.134Z pinarello RT_AAMW - SRX_AAMW_ACTION_LOG [junos@xxx.x.x.x.x.28 http-host=\"www.mytest.com\" file-category=\"executable\" action=\"BLOCK\" verdict-number=\"8\" verdict-source=”cloud/blacklist/whitelist” source-address=\"10.10.10.1\" source-port=\"57116\" destination-address=\"67.43.156.15\" destination-port=\"80\" protocol-id=\"6\" application=\"UNKNOWN\" nested-application=\"UNKNOWN\" policy-name=\"argon_policy\" username=\"user1\" session-id-32=\"50000002\" source-zone-name=\"untrust\" destination-zone-name=\"trust\"]",
  "kind": "alert",
  "action": "malware_detected",
@@ -111,7 +111,7 @@
  },
  "@timestamp": "2016-09-20T17:43:30.330Z",
  "ecs": {
- "version": "1.12.0"
+ "version": "8.0.0"
  },
  "related": {
  "user": [
@@ -147,7 +147,7 @@
  },
  "event": {
  "severity": 14,
- "ingested": "2021-12-10T10:15:56.414284200Z",
+ "ingested": "2022-01-01T23:02:00.272702873Z",
  "original": "\u003c14\u003e1 2016-09-20T10:43:30.330-07:00 host-example RT_AAMW - AAMW_MALWARE_EVENT_LOG [junos@xxxx.1.1.x.x.xxx timestamp=\"Thu Jun 23 09:55:38 2016\" tenant-id=\"ABC123456\" sample-sha256=\"ABC123\" client-ip=\"192.168.2.0\" verdict-number=\"9\" malware-info=\"Eicar:TestVirus\" username=\"admin\" hostname=\"host.example.com\"]",
  "kind": "alert",
  "action": "malware_detected",
@@ -175,7 +175,7 @@
  },
  "@timestamp": "2016-09-20T17:40:30.050Z",
  "ecs": {
- "version": "1.12.0"
+ "version": "8.0.0"
  },
  "related": {
  "hosts": [
@@ -208,7 +208,7 @@
  },
  "event": {
  "severity": 11,
- "ingested": "2021-12-10T10:15:56.414290700Z",
+ "ingested": "2022-01-01T23:02:00.272704025Z",
  "original": "\u003c11\u003e1 2016-09-20T10:40:30.050-07:00 host-example RT_AAMW - AAMW_HOST_INFECTED_EVENT_LOG [junos@xxxx.1.1.x.x.xxx timestamp=\"Thu Jun 23 09:55:38 2016\" tenant-id=\"ABC123456\" client-ip=\"192.168.2.0\" hostname=\"host.example.com\" status=\"in_progress\" policy-name=\"default\" th=\"7\" state=\"added\" reason=\"malware\" message=\"malware analysis detected host downloaded a malicious_file with score 9, sha256 ABC123\"]",
  "kind": "alert",
  "category": [
@@ -303,7 +303,7 @@
  },
  "@timestamp": "2007-02-15T09:17:15.719Z",
  "ecs": {
- "version": "1.12.0"
+ "version": "8.0.0"
  },
  "related": {
  "hosts": [
@@ -319,7 +319,7 @@
  },
  "event": {
  "severity": 165,
- "ingested": "2021-12-10T10:15:56.414297Z",
+ "ingested": "2022-01-01T23:02:00.272704978Z",
  "original": "\u003c165\u003e1 2007-02-15T09:17:15.719Z aamw1 RT_AAMW - AAMW_ACTION_LOG [junos@67.43.156.15 hostname=\"dummy_host\" file-category=\"executable\" verdict-number=\"10\" malware-info=\"Testfile\" action=\"PERMIT\" list-hit=\"N/A\" file-hash-lookup=\"FALSE\" source-address=\"67.43.156.15\" source-port=\"60148\" destination-address=\"67.43.156.15\" destination-port=\"80\" protocol-id=\"6\" application=\"HTTP\" nested-application=\"N/A\" policy-name=\"test-policy\" username=\"N/A\" roles=\"N/A\" session-id-32=\"502156\" source-zone-name=\"Inside\" destination-zone-name=\"Outside\" sample-sha256=\"e038b5168d9209267058112d845341cae83d92b1d1af0a10b66830acb7529494\" file-name=\"dummy_file\" url=\"dummy_url\"]",
  "kind": "event",
  "category": [