From efc071eabd01b6114e3875c5998f99b84ab40456 Mon Sep 17 00:00:00 2001
From: elasticmachine <elasticmachine@elastic.co>
Date: Fri, 6 Sep 2024 18:24:44 +0000
Subject: [PATCH 1/4] Test elastic-package from PR 2063 -
 9d2902f391c2c03ae6b95e3d0e7a6652148c08dc

---
 go.mod | 2 ++
 go.sum | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/go.mod b/go.mod
index da89dac96e3..2c3097f958a 100644
--- a/go.mod
+++ b/go.mod
@@ -217,3 +217,5 @@ require (
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )
+
+replace github.com/elastic/elastic-package => github.com/haetamoudi/elastic-package v0.0.0-20240906135708-9d2902f391c2
diff --git a/go.sum b/go.sum
index 4f4feabfc06..7c447245678 100644
--- a/go.sum
+++ b/go.sum
@@ -108,8 +108,6 @@ github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkp
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/elastic/elastic-integration-corpus-generator-tool v0.10.0 h1:sx1lpZuTG5suJuvgix4FWQFCLFFbzkoOmPoHWYOPLCY=
 github.com/elastic/elastic-integration-corpus-generator-tool v0.10.0/go.mod h1:2/30n+2QRzRzus4TPVUV1T3U/j8g2ItUgvP0pcpjLGk=
-github.com/elastic/elastic-package v0.103.0 h1:iGfZCnt5jbBWvuwCAgqZ0aNCqgQhfrdaR5hwfoER0lQ=
-github.com/elastic/elastic-package v0.103.0/go.mod h1:X3pav1fywMMWSy+k5WsqxW4SItsCiYWC+kTymDnw+Cw=
 github.com/elastic/go-elasticsearch/v7 v7.17.10 h1:TCQ8i4PmIJuBunvBS6bwT2ybzVFxxUhhltAs3Gyu1yo=
 github.com/elastic/go-elasticsearch/v7 v7.17.10/go.mod h1:OJ4wdbtDNk5g503kvlHLyErCgQwwzmDtaFC4XyOxXA4=
 github.com/elastic/go-licenser v0.4.2 h1:bPbGm8bUd8rxzSswFOqvQh1dAkKGkgAmrPxbUi+Y9+A=
@@ -248,6 +246,8 @@ github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aN
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA=
 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
+github.com/haetamoudi/elastic-package v0.0.0-20240906135708-9d2902f391c2 h1:v/pm00i+UDH/+28XQ/075uNwm2uq9UWGdIy5YwQsm4A=
+github.com/haetamoudi/elastic-package v0.0.0-20240906135708-9d2902f391c2/go.mod h1:dWm9IlsamrFxAQcG4KNjK4vbT1I9RWfFYYOpOGddP/E=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=

From e4948cb1c4ffe38f09a446252f94f245bcfb9271 Mon Sep 17 00:00:00 2001
From: elasticmachine <elasticmachine@elastic.co>
Date: Mon, 9 Sep 2024 15:18:51 +0000
Subject: [PATCH 2/4] Test elastic-package from PR 2063 -
 ff6f176a3d5bba8652cc0465a8d980c5bbb67609

---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 2c3097f958a..4a46037387b 100644
--- a/go.mod
+++ b/go.mod
@@ -218,4 +218,4 @@ require (
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )
 
-replace github.com/elastic/elastic-package => github.com/haetamoudi/elastic-package v0.0.0-20240906135708-9d2902f391c2
+replace github.com/elastic/elastic-package => github.com/haetamoudi/elastic-package v0.0.0-20240909143700-ff6f176a3d5b
diff --git a/go.sum b/go.sum
index 7c447245678..b12c3a10fe2 100644
--- a/go.sum
+++ b/go.sum
@@ -246,8 +246,8 @@ github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aN
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA=
 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
-github.com/haetamoudi/elastic-package v0.0.0-20240906135708-9d2902f391c2 h1:v/pm00i+UDH/+28XQ/075uNwm2uq9UWGdIy5YwQsm4A=
-github.com/haetamoudi/elastic-package v0.0.0-20240906135708-9d2902f391c2/go.mod h1:dWm9IlsamrFxAQcG4KNjK4vbT1I9RWfFYYOpOGddP/E=
+github.com/haetamoudi/elastic-package v0.0.0-20240909143700-ff6f176a3d5b h1:CYIzAaf3WtvEFLh5LLg/AsTHe9B//2OjgLmDvuCljk0=
+github.com/haetamoudi/elastic-package v0.0.0-20240909143700-ff6f176a3d5b/go.mod h1:X3pav1fywMMWSy+k5WsqxW4SItsCiYWC+kTymDnw+Cw=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=

From 542506e257aa2d2a2d2cce93a7b8a5242f94b7c8 Mon Sep 17 00:00:00 2001
From: Hanna Tamoudi <hanna.tamoudi@elastic.co>
Date: Mon, 9 Sep 2024 17:51:16 +0200
Subject: [PATCH 3/4] test code coverage

---
 .../data_stream/audit/elasticsearch/ingest_pipeline/default.yml  | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/gcp/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/gcp/data_stream/audit/elasticsearch/ingest_pipeline/default.yml
index aeb43637671..82afa79c6fd 100644
--- a/packages/gcp/data_stream/audit/elasticsearch/ingest_pipeline/default.yml
+++ b/packages/gcp/data_stream/audit/elasticsearch/ingest_pipeline/default.yml
@@ -17,6 +17,7 @@ processors:
       field: gcp.audit.type
       copy_from: "json.protoPayload.@type"
       ignore_failure: true
+      
 ##
 # https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry
 # protoPayload @type must be type.googleapis.com/google.cloud.audit.AuditLog

From 10f28f1ea5d7c64762a5bde5316fb08876ef547a Mon Sep 17 00:00:00 2001
From: Hanna Tamoudi <hanna.tamoudi@elastic.co>
Date: Tue, 10 Sep 2024 10:30:55 +0200
Subject: [PATCH 4/4] trigger code coverage check

---
 .../elasticsearch/ingest_pipeline/default.yml      | 14 +++++++-------
 .../elasticsearch/ingest_pipeline/default.yml      |  1 +
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml b/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml
index af678d25914..f9eeaef6184 100644
--- a/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml
+++ b/packages/1password/data_stream/signin_attempts/elasticsearch/ingest_pipeline/default.yml
@@ -140,10 +140,10 @@ processors:
         - onepassword.target_user
         - onepassword.location # Use the included GeoIP processor
       ignore_missing: true
-on_failure:
-  - set:
-      field: event.kind
-      value: pipeline_error
-  - append:
-      field: error.message
-      value: '{{{ _ingest.on_failure_message }}}'
+# on_failure:
+#   - set:
+#       field: event.kind
+#       value: pipeline_error
+#   - append:
+#       field: error.message
+#       value: '{{{ _ingest.on_failure_message }}}'
diff --git a/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml b/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml
index 5fb1bad4fbe..3a4c1c3d852 100644
--- a/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml
+++ b/packages/teleport/data_stream/audit/elasticsearch/ingest_pipeline/default.yml
@@ -21,6 +21,7 @@ processors:
       field: event.original
       tag: json_original
       target_field: teleport.audit
+      
   # Metadata is a common event metadata.
   # All of these fields are mapped to ECS fields.
   - date: