[cisco_meraki] - Update to package-spec 2.7.0

packages/cisco_meraki/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.9.0"
+ changes:
+ - description: Update package-spec version to 2.7.0.
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/6439
 - version: "1.8.0"
  changes:
  - description: Update package to ECS 8.8.0.

packages/cisco_meraki/data_stream/events/_dev/test/pipeline/test-mx-events.json-expected.json

@@ -46,7 +46,9 @@
  "name": "Main Office"
  },
  "observer": {
- "mac": "00-11-22-33-44-55",
+ "mac": [
+ "00-11-22-33-44-55"
+ ],
  "name": "My appliance",
  "product": "MX",
  "serial_number": "Q234-ABCD-5678",
@@ -95,7 +97,9 @@
  "name": "Main Office"
  },
  "observer": {
- "mac": "00-11-22-33-44-55",
+ "mac": [
+ "00-11-22-33-44-55"
+ ],
  "serial_number": "Q234-ABCD-5678",
  "vendor": "Cisco"
  },
@@ -153,7 +157,9 @@
  "name": "Main Office"
  },
  "observer": {
- "mac": "00-11-22-33-44-55",
+ "mac": [
+ "00-11-22-33-44-55"
+ ],
  "name": "My switch",
  "product": "MS",
  "serial_number": "Q234-ABCD-5678",

packages/cisco_meraki/data_stream/events/elasticsearch/ingest_pipeline/default.yml

@@ -9,9 +9,13 @@ processors:
  copy_from: json.deviceSerial
 - gsub:
  field: json.deviceMac
- target_field: observer.mac
+ target_field: _tmp.observer.mac
  pattern: '[-:.]'
  replacement: '-'
+- append:
+ field: observer.mac
+ value: '{{{_tmp.observer.mac}}}'
+ if: ctx?._tmp?.observer?.mac != null
 - set:
  field: observer.name
  copy_from: json.deviceName
@@ -262,6 +266,7 @@ processors:
  - cisco_meraki.event.organizationName
  - cisco_meraki.event.alertType
  - cisco_meraki.event.alertLevel
+ - _tmp
  ignore_missing: true
 - remove:
  field: event.original

packages/cisco_meraki/data_stream/events/sample_event.json

@@ -1,11 +1,11 @@
 {
  "@timestamp": "2018-02-11T00:00:00.123Z",
  "agent": {
- "ephemeral_id": "6c6d06ce-b090-4f7c-a7e1-ac4ea241dc4b",
- "id": "c5f4a269-fab9-4c19-9b0f-2f270ed03375",
+ "ephemeral_id": "077a2d93-4b1d-4908-b2d5-7c3a0218df3a",
+ "id": "878982e9-a174-4ed8-abe3-19378c1473de",
  "name": "docker-fleet-agent",
  "type": "filebeat",
- "version": "8.5.1"
+ "version": "8.8.0"
  },
  "cisco_meraki": {
  "event": {
@@ -40,9 +40,9 @@
  "version": "8.8.0"
  },
  "elastic_agent": {
- "id": "c5f4a269-fab9-4c19-9b0f-2f270ed03375",
+ "id": "878982e9-a174-4ed8-abe3-19378c1473de",
  "snapshot": false,
- "version": "8.5.1"
+ "version": "8.8.0"
  },
  "event": {
  "action": "Cellular came up",
@@ -51,7 +51,7 @@
  "network"
  ],
  "dataset": "cisco_meraki.events",
- "ingested": "2023-01-30T01:28:32Z",
+ "ingested": "2023-06-01T20:29:21Z",
  "original": "{\"alertData\":{\"connection\":\"LTE\",\"local\":\"192.168.1.2\",\"model\":\"UML290VW\",\"provider\":\"Purview Wireless\",\"remote\":\"1.2.3.5\"},\"alertId\":\"0000000000000000\",\"alertLevel\":\"informational\",\"alertType\":\"Cellular came up\",\"alertTypeId\":\"cellular_up\",\"deviceMac\":\"00:11:22:33:44:55\",\"deviceModel\":\"MX\",\"deviceName\":\"My appliance\",\"deviceSerial\":\"Q234-ABCD-5678\",\"deviceTags\":[\"tag1\",\"tag2\"],\"deviceUrl\":\"https://n1.meraki.com//n//manage/nodes/new_list/000000000000\",\"networkId\":\"N_24329156\",\"networkName\":\"Main Office\",\"networkTags\":[],\"networkUrl\":\"https://n1.meraki.com//n//manage/nodes/list\",\"occurredAt\":\"2018-02-11T00:00:00.123450Z\",\"organizationId\":\"2930418\",\"organizationName\":\"My organization\",\"organizationUrl\":\"https://dashboard.meraki.com/o/VjjsAd/manage/organization/overview\",\"sentAt\":\"2021-10-07T08:42:00.926325Z\",\"sharedSecret\":\"secret\",\"version\":\"0.1\"}",
  "type": [
  "info",
@@ -68,7 +68,9 @@
  "name": "Main Office"
  },
  "observer": {
- "mac": "00-11-22-33-44-55",
+ "mac": [
+ "00-11-22-33-44-55"
+ ],
  "name": "My appliance",
  "product": "MX",
  "serial_number": "Q234-ABCD-5678",