Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Rule integrations are displayed disabled while being enabled #200167

Open
maximpn opened this issue Nov 14, 2024 · 9 comments · May be fixed by #205103
Open

[Security Solution] Rule integrations are displayed disabled while being enabled #200167

maximpn opened this issue Nov 14, 2024 · 9 comments · May be fixed by #205103
Assignees
Labels
8.18 candidate bug Fixes for quality problems that affect the customer experience Feature:Related Integrations Security Solution Detection Rules Related Integrations feature Feature:Rule Management Security Solution Detection Rule Management area impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. sdh-linked Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@maximpn
Copy link
Contributor

maximpn commented Nov 14, 2024

Summary

In some cases rule integrations are shown being disabled while Fleet UI says integrations are enabled. Where enabled integrations have agent policies installed.

Details

Preliminary research revealed that functionality for integrations status calculation fetches only the first page of policies (which is 20 items per page by default). Occasionally an agent policy might be on a second or further pages which will be considered as that integration is disabled. Code chunk fetching agent policies for status calculation can be found here

const [packages, packagePolicies] = await Promise.all([
  fleet.packages.getPackages(),
  fleet.packagePolicy.list(fleet.savedObjects.createInternalScopedSoClient(), {}), // it should use perPage: 10000
]);

To fix the problem we need to all agent policies.

Steps to reproduce

ER: All installed integrations are shown as enabled
AR: Some of the installed integrations are shown as disabled

@maximpn maximpn added 8.17 candidate 9.1 candidate bug Fixes for quality problems that affect the customer experience Feature:Rule Management Security Solution Detection Rule Management area Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team labels Nov 14, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@syk-99
Copy link

syk-99 commented Nov 18, 2024

I dont't think this happens because the integration is not part of a policy on page one.
We regularly (approx. once/month) "touch" integrations that are part of policies appearing on page one like "Elastic Defend" or "Windows".
By "touching" an integration I mean to change anything inside a deployed policy-integration (e.g. the description) & save it to get the policies' "rev. number" increased.
(I previously discussed that topic in this community-post)

@banderror banderror added 8.18 candidate impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Feature:Related Integrations Security Solution Detection Rules Related Integrations feature and removed 8.17 candidate 9.1 candidate labels Nov 18, 2024
@banderror
Copy link
Contributor

@maximpn I managed to reproduce this bug while working on an SDH. Your guess was correct that it is related to pagination of integrations / integration policies.

Steps to reproduce:

  1. Install the Unusual Child Processes of RunDLL32 prebuilt rule
  2. On the Rule Details page, see that it's Windows related integration is Not installed
  3. Install only assets of the Windows integration (without creating / adding it to an agent policy)
  4. On the Rule Details page, see that it's Windows related integration is Disabled
  5. Add Windows integration to a new agent policy
  6. On the Rule Details page, see that it's Windows related integration is Enabled
  7. Install 15 more Fleet integrations, each time creating a new agent policy for each of them
  8. On the Rule Details page, see that it's Windows related integration becomes Disabled

I installed integrations in the following order:

  1. Windows
  2. I think Elastic Defend and System were installed automatically after that or around that time
  3. Tines
  4. Threat Intelligence Utilities
  5. AlienVault OTX
  6. AbuseCH
  7. Osquery Manager
  8. LastPass
  9. JumpCloud
  10. Google Workspace
  11. File Integrity Monitoring
  12. Data Exfiltration Detection

Here's how the Integrations page looks like after that:

Image

Here's how the Unusual Child Processes of RunDLL32 rule's Details page look like after that:

Image

And here's a response from the GET /internal/detection_engine/fleet/integrations/all API call that causes this bug in the UI on the Rule Details page: notice that "package_name": "windows" is "is_enabled": false

{
  "integrations": [
      {
          "package_name": "ded",
          "package_title": "Data Exfiltration Detection",
          "latest_package_version": "2.2.0",
          "installed_package_version": "2.2.0",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "fim",
          "package_title": "File Integrity Monitoring",
          "latest_package_version": "1.15.1",
          "installed_package_version": "1.15.1",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "google_workspace",
          "package_title": "Google Workspace",
          "latest_package_version": "2.25.4",
          "installed_package_version": "2.25.4",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "jumpcloud",
          "package_title": "JumpCloud",
          "latest_package_version": "1.12.1",
          "installed_package_version": "1.12.1",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "lastpass",
          "package_title": "LastPass",
          "latest_package_version": "1.17.0",
          "installed_package_version": "1.17.0",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "osquery_manager",
          "package_title": "Osquery Manager",
          "latest_package_version": "1.15.0",
          "installed_package_version": "1.15.0",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "ti_abusech",
          "package_title": "AbuseCH",
          "latest_package_version": "2.3.5",
          "installed_package_version": "2.3.5",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "ti_otx",
          "package_title": "AlienVault OTX",
          "latest_package_version": "1.25.3",
          "installed_package_version": "1.25.3",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "ti_util",
          "package_title": "Threat Intelligence Utilities",
          "latest_package_version": "1.6.0",
          "installed_package_version": "1.6.0",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "tines",
          "package_title": "Tines",
          "latest_package_version": "1.12.1",
          "installed_package_version": "1.12.1",
          "integration_name": "tines_api",
          "integration_title": "Tines Tines api",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "tines",
          "package_title": "Tines",
          "latest_package_version": "1.12.1",
          "installed_package_version": "1.12.1",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "system",
          "package_title": "System",
          "latest_package_version": "1.62.1",
          "installed_package_version": "1.62.1",
          "is_installed": true,
          "is_enabled": true
      },
      {
          "package_name": "endpoint",
          "package_title": "Elastic Defend",
          "latest_package_version": "8.16.0",
          "installed_package_version": "8.16.0",
          "is_installed": true,
          "is_enabled": false
      },
      {
          "package_name": "windows",
          "package_title": "Windows",
          "latest_package_version": "2.3.1",
          "installed_package_version": "2.3.1",
          "is_installed": true,
          "is_enabled": false
      },
      {
          "package_name": "elastic_agent",
          "package_title": "Elastic Agent",
          "latest_package_version": "2.0.3",
          "installed_package_version": "2.0.3",
          "is_installed": true,
          "is_enabled": false
      },
      {
          "package_name": "synthetics",
          "package_title": "Elastic Synthetics",
          "latest_package_version": "1.2.2",
          "installed_package_version": "1.2.2",
          "is_installed": true,
          "is_enabled": false
      },
      {
          "package_name": "1password",
          "package_title": "1Password",
          "latest_package_version": "1.30.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "abnormal_security",
          "package_title": "Abnormal Security",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "akamai",
          "package_title": "Akamai",
          "latest_package_version": "2.26.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "amazon_security_lake",
          "package_title": "Amazon Security Lake",
          "latest_package_version": "2.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "atlassian_bitbucket",
          "package_title": "Atlassian Bitbucket",
          "latest_package_version": "2.2.2",
          "integration_name": "audit",
          "integration_title": "Atlassian Bitbucket Audit logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "atlassian_bitbucket",
          "package_title": "Atlassian Bitbucket",
          "latest_package_version": "2.2.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "atlassian_confluence",
          "package_title": "Atlassian Confluence",
          "latest_package_version": "1.26.1",
          "integration_name": "audit",
          "integration_title": "Atlassian Confluence Audit logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "atlassian_confluence",
          "package_title": "Atlassian Confluence",
          "latest_package_version": "1.26.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "atlassian_jira",
          "package_title": "Atlassian Jira",
          "latest_package_version": "1.27.2",
          "integration_name": "audit",
          "integration_title": "Atlassian Jira Audit logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "atlassian_jira",
          "package_title": "Atlassian Jira",
          "latest_package_version": "1.27.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "auditd",
          "package_title": "Auditd Logs",
          "latest_package_version": "3.20.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "auditd_manager",
          "package_title": "Auditd Manager",
          "latest_package_version": "1.18.2",
          "integration_name": "auditd",
          "integration_title": "Auditd Manager Auditd",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "auditd_manager",
          "package_title": "Auditd Manager",
          "latest_package_version": "1.18.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "auth0",
          "package_title": "Auth0",
          "latest_package_version": "1.18.1",
          "integration_name": "auth0_events",
          "integration_title": "Auth0 Auth0 log stream events",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "auth0",
          "package_title": "Auth0",
          "latest_package_version": "1.18.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "authentik",
          "package_title": "authentik",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_frontdoor",
          "package_title": "Azure Frontdoor",
          "latest_package_version": "2.0.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_network_watcher_nsg",
          "package_title": "Azure Network Watcher NSG",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_network_watcher_vnet",
          "package_title": "Azure Network Watcher VNet",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "barracuda",
          "package_title": "Barracuda Web Application Firewall",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "barracuda_cloudgen_firewall",
          "package_title": "Barracuda CloudGen Firewall Logs",
          "latest_package_version": "1.13.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "bbot",
          "package_title": "BBOT (Bighuge BLS OSINT Tool)",
          "latest_package_version": "1.0.0",
          "integration_name": "BBOT Logs",
          "integration_title": "BBOT (Bighuge BLS OSINT Tool) Bbot scan data",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "bbot",
          "package_title": "BBOT (Bighuge BLS OSINT Tool)",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "beaconing",
          "package_title": "Network Beaconing Identification",
          "latest_package_version": "1.2.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "bitdefender",
          "package_title": "BitDefender",
          "latest_package_version": "2.1.3",
          "integration_name": "bitdefender_gravityzone",
          "integration_title": "BitDefender Bitdefender gravityzone",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "bitdefender",
          "package_title": "BitDefender",
          "latest_package_version": "2.1.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "bitwarden",
          "package_title": "Bitwarden",
          "latest_package_version": "1.13.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "box_events",
          "package_title": "Box Events",
          "latest_package_version": "2.10.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "carbon_black_cloud",
          "package_title": "VMware Carbon Black Cloud",
          "latest_package_version": "2.6.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "carbonblack_edr",
          "package_title": "VMware Carbon Black EDR",
          "latest_package_version": "1.18.1",
          "integration_name": "log",
          "integration_title": "VMware Carbon Black EDR Carbon black edr logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "carbonblack_edr",
          "package_title": "VMware Carbon Black EDR",
          "latest_package_version": "1.18.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cef",
          "package_title": "Common Event Format (CEF)",
          "latest_package_version": "2.17.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "checkpoint",
          "package_title": "Check Point",
          "latest_package_version": "1.34.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisa_kevs",
          "package_title": "CISA Known Exploited Vulnerabilities",
          "latest_package_version": "1.3.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_aironet",
          "package_title": "Cisco Aironet",
          "latest_package_version": "1.14.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_asa",
          "package_title": "Cisco ASA",
          "latest_package_version": "2.38.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_duo",
          "package_title": "Cisco Duo",
          "latest_package_version": "2.2.5",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_ftd",
          "package_title": "Cisco FTD",
          "latest_package_version": "3.4.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_ios",
          "package_title": "Cisco IOS",
          "latest_package_version": "1.28.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_ise",
          "package_title": "Cisco ISE",
          "latest_package_version": "1.24.1",
          "integration_name": "Cisco ISE",
          "integration_title": "Cisco ISE Cisco_ise logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_ise",
          "package_title": "Cisco ISE",
          "latest_package_version": "1.24.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_meraki",
          "package_title": "Cisco Meraki",
          "latest_package_version": "1.24.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_nexus",
          "package_title": "Cisco Nexus",
          "latest_package_version": "1.2.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_secure_email_gateway",
          "package_title": "Cisco Secure Email Gateway",
          "latest_package_version": "1.24.1",
          "integration_name": "Cisco Secure Email Gateway",
          "integration_title": "Cisco Secure Email Gateway Cisco secure email gateway logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_secure_email_gateway",
          "package_title": "Cisco Secure Email Gateway",
          "latest_package_version": "1.24.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_secure_endpoint",
          "package_title": "Cisco Secure Endpoint",
          "latest_package_version": "2.27.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cisco_umbrella",
          "package_title": "Cisco Umbrella",
          "latest_package_version": "1.26.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "citrix_waf",
          "package_title": "Citrix Web App Firewall",
          "latest_package_version": "1.16.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cloud_defend",
          "package_title": "Defend for Containers",
          "latest_package_version": "1.2.6",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cloud_security_posture",
          "package_title": "Security Posture Management",
          "latest_package_version": "1.11.0",
          "integration_name": "kspm",
          "integration_title": "Security Posture Management Kubernetes security posture management (kspm)",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cloud_security_posture",
          "package_title": "Security Posture Management",
          "latest_package_version": "1.11.0",
          "integration_name": "cspm",
          "integration_title": "Security Posture Management Cloud security posture management (cspm)",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cloud_security_posture",
          "package_title": "Security Posture Management",
          "latest_package_version": "1.11.0",
          "integration_name": "vuln_mgmt",
          "integration_title": "Security Posture Management Cloud native vulnerability management (cnvm)",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cloudflare",
          "package_title": "Cloudflare",
          "latest_package_version": "2.28.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cloudflare_logpush",
          "package_title": "Cloudflare Logpush",
          "latest_package_version": "1.25.0",
          "integration_name": "cloudflare",
          "integration_title": "Cloudflare Logpush Cloudflare logpush logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cloudflare_logpush",
          "package_title": "Cloudflare Logpush",
          "latest_package_version": "1.25.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "crowdstrike",
          "package_title": "CrowdStrike",
          "latest_package_version": "1.46.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cyberark_pta",
          "package_title": "Cyberark Privileged Threat Analytics",
          "latest_package_version": "1.10.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cyberarkpas",
          "package_title": "CyberArk Privileged Access Security",
          "latest_package_version": "2.24.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cybereason",
          "package_title": "Cybereason",
          "latest_package_version": "1.0.0",
          "integration_name": "Cybereason",
          "integration_title": "Cybereason Cybereason logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cybereason",
          "package_title": "Cybereason",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "darktrace",
          "package_title": "Darktrace",
          "latest_package_version": "1.20.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "dga",
          "package_title": "Domain Generation Algorithm Detection",
          "latest_package_version": "2.0.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "digital_guardian",
          "package_title": "Digital Guardian",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "entityanalytics_entra_id",
          "package_title": "Microsoft Entra ID Entity Analytics",
          "latest_package_version": "1.3.1",
          "integration_name": "entity",
          "integration_title": "Microsoft Entra ID Entity Analytics Identities",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "entityanalytics_entra_id",
          "package_title": "Microsoft Entra ID Entity Analytics",
          "latest_package_version": "1.3.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "entityanalytics_okta",
          "package_title": "Okta Entity Analytics",
          "latest_package_version": "1.5.1",
          "integration_name": "user",
          "integration_title": "Okta Entity Analytics User identities",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "entityanalytics_okta",
          "package_title": "Okta Entity Analytics",
          "latest_package_version": "1.5.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "eset_protect",
          "package_title": "ESET PROTECT",
          "latest_package_version": "1.2.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "f5_bigip",
          "package_title": "F5 BIG-IP",
          "latest_package_version": "1.20.0",
          "integration_name": "F5 BIG-IP",
          "integration_title": "F5 BIG-IP F5 big-ip logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "f5_bigip",
          "package_title": "F5 BIG-IP",
          "latest_package_version": "1.20.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "falco",
          "package_title": "Falco",
          "latest_package_version": "1.0.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fireeye",
          "package_title": "FireEye Network Security",
          "latest_package_version": "1.23.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "forcepoint_web",
          "package_title": "Forcepoint Web Security",
          "latest_package_version": "1.9.1",
          "integration_name": "logs",
          "integration_title": "Forcepoint Web Security Secret server",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "forcepoint_web",
          "package_title": "Forcepoint Web Security",
          "latest_package_version": "1.9.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "forgerock",
          "package_title": "ForgeRock",
          "latest_package_version": "1.18.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet",
          "package_title": "Fortinet",
          "latest_package_version": "1.9.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_forticlient",
          "package_title": "Fortinet FortiClient Logs",
          "latest_package_version": "1.10.3",
          "integration_name": "fortinet",
          "integration_title": "Fortinet FortiClient Logs Fortinet forticlient logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_forticlient",
          "package_title": "Fortinet FortiClient Logs",
          "latest_package_version": "1.10.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_fortiedr",
          "package_title": "Fortinet FortiEDR Logs",
          "latest_package_version": "1.15.1",
          "integration_name": "fortinet",
          "integration_title": "Fortinet FortiEDR Logs Fortinet fortiedr logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_fortiedr",
          "package_title": "Fortinet FortiEDR Logs",
          "latest_package_version": "1.15.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_fortigate",
          "package_title": "Fortinet FortiGate Firewall Logs",
          "latest_package_version": "1.26.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_fortimail",
          "package_title": "Fortinet FortiMail",
          "latest_package_version": "2.13.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_fortimanager",
          "package_title": "Fortinet FortiManager Logs",
          "latest_package_version": "2.13.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fortinet_fortiproxy",
          "package_title": "Fortinet FortiProxy",
          "latest_package_version": "1.0.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gigamon",
          "package_title": "Gigamon",
          "latest_package_version": "1.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "github",
          "package_title": "GitHub",
          "latest_package_version": "2.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gitlab",
          "package_title": "GitLab",
          "latest_package_version": "1.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "google_scc",
          "package_title": "Google Security Command Center",
          "latest_package_version": "1.4.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "hashicorp_vault",
          "package_title": "Hashicorp Vault",
          "latest_package_version": "1.25.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "hid_bravura_monitor",
          "package_title": "Bravura Monitor",
          "latest_package_version": "1.18.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "imperva",
          "package_title": "Imperva",
          "latest_package_version": "1.1.0",
          "integration_name": "securesphere",
          "integration_title": "Imperva Imperva securesphere",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "imperva",
          "package_title": "Imperva",
          "latest_package_version": "1.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "imperva_cloud_waf",
          "package_title": "Imperva Cloud WAF",
          "latest_package_version": "1.1.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "infoblox_bloxone_ddi",
          "package_title": "Infoblox BloxOne DDI",
          "latest_package_version": "1.18.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "infoblox_nios",
          "package_title": "Infoblox NIOS",
          "latest_package_version": "1.23.2",
          "integration_name": "Infoblox NIOS",
          "integration_title": "Infoblox NIOS Infoblox nios logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "infoblox_nios",
          "package_title": "Infoblox NIOS",
          "latest_package_version": "1.23.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "iptables",
          "package_title": "Iptables",
          "latest_package_version": "1.16.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "jamf_compliance_reporter",
          "package_title": "Jamf Compliance Reporter",
          "latest_package_version": "1.13.0",
          "integration_name": "Jamf Compliance Reporter",
          "integration_title": "Jamf Compliance Reporter Jamf compliance reporter logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "jamf_compliance_reporter",
          "package_title": "Jamf Compliance Reporter",
          "latest_package_version": "1.13.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "jamf_protect",
          "package_title": "Jamf Protect",
          "latest_package_version": "2.6.3",
          "integration_name": "Jamf Protect",
          "integration_title": "Jamf Protect Jamf protect events",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "jamf_protect",
          "package_title": "Jamf Protect",
          "latest_package_version": "2.6.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "juniper",
          "package_title": "Juniper Logs",
          "latest_package_version": "1.2.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "juniper_srx",
          "package_title": "Juniper SRX",
          "latest_package_version": "1.21.2",
          "integration_name": "juniper",
          "integration_title": "Juniper SRX Juniper srx logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "juniper_srx",
          "package_title": "Juniper SRX",
          "latest_package_version": "1.21.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "keycloak",
          "package_title": "Keycloak",
          "latest_package_version": "1.23.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "lmd",
          "package_title": "Lateral Movement Detection",
          "latest_package_version": "2.1.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "lumos",
          "package_title": "Lumos",
          "latest_package_version": "1.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "lyve_cloud",
          "package_title": "Lyve Cloud",
          "latest_package_version": "1.14.1",
          "integration_name": "Seagate Lyve Cloud",
          "integration_title": "Lyve Cloud Lyve cloud logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "lyve_cloud",
          "package_title": "Lyve Cloud",
          "latest_package_version": "1.14.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "m365_defender",
          "package_title": "Microsoft M365 Defender",
          "latest_package_version": "2.15.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "mattermost",
          "package_title": "Mattermost",
          "latest_package_version": "2.1.1",
          "integration_name": "logs",
          "integration_title": "Mattermost Mattermost logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "mattermost",
          "package_title": "Mattermost",
          "latest_package_version": "2.1.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "menlo",
          "package_title": "Menlo Security",
          "latest_package_version": "1.1.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft",
          "package_title": "Microsoft",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_defender_cloud",
          "package_title": "Microsoft Defender for Cloud",
          "latest_package_version": "2.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_defender_endpoint",
          "package_title": "Microsoft Defender for Endpoint",
          "latest_package_version": "2.25.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_dhcp",
          "package_title": "Microsoft DHCP",
          "latest_package_version": "1.24.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_dnsserver",
          "package_title": "Microsoft DNS Server",
          "latest_package_version": "1.0.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_exchange_online_message_trace",
          "package_title": "Microsoft Exchange Online Message Trace",
          "latest_package_version": "1.23.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_exchange_server",
          "package_title": "Microsoft Exchange Server",
          "latest_package_version": "1.1.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_sqlserver",
          "package_title": "Microsoft SQL Server",
          "latest_package_version": "2.9.3",
          "integration_name": "audit_logs",
          "integration_title": "Microsoft SQL Server Microsoft sql server logs and metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "microsoft_sqlserver",
          "package_title": "Microsoft SQL Server",
          "latest_package_version": "2.9.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "mimecast",
          "package_title": "Mimecast",
          "latest_package_version": "1.27.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "modsecurity",
          "package_title": "ModSecurity Audit",
          "latest_package_version": "1.18.2",
          "integration_name": "modsec",
          "integration_title": "ModSecurity Audit Modsecurity audit logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "modsecurity",
          "package_title": "ModSecurity Audit",
          "latest_package_version": "1.18.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "mysql_enterprise",
          "package_title": "MySQL Enterprise",
          "latest_package_version": "1.14.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "netflow",
          "package_title": "NetFlow Records",
          "latest_package_version": "2.20.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "netskope",
          "package_title": "Netskope",
          "latest_package_version": "1.20.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "network_traffic",
          "package_title": "Network Packet Capture",
          "latest_package_version": "1.32.1",
          "integration_name": "network",
          "integration_title": "Network Packet Capture Network packet capture",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "network_traffic",
          "package_title": "Network Packet Capture",
          "latest_package_version": "1.32.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "o365",
          "package_title": "Microsoft Office 365",
          "latest_package_version": "2.6.5",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "okta",
          "package_title": "Okta",
          "latest_package_version": "3.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "osquery",
          "package_title": "Osquery Logs",
          "latest_package_version": "1.19.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "panw",
          "package_title": "Palo Alto Next-Gen Firewall",
          "latest_package_version": "4.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "panw_cortex_xdr",
          "package_title": "Palo Alto Cortex XDR",
          "latest_package_version": "1.29.0",
          "integration_name": "xdr",
          "integration_title": "Palo Alto Cortex XDR Palo alto cortex xdr api",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "panw_cortex_xdr",
          "package_title": "Palo Alto Cortex XDR",
          "latest_package_version": "1.29.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "pfsense",
          "package_title": "pfSense",
          "latest_package_version": "1.20.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ping_one",
          "package_title": "PingOne",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "prisma_access",
          "package_title": "Palo Alto Prisma Access",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "prisma_cloud",
          "package_title": "Palo Alto Prisma Cloud",
          "latest_package_version": "1.4.0",
          "integration_name": "sample",
          "integration_title": "Palo Alto Prisma Cloud Sample logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "prisma_cloud",
          "package_title": "Palo Alto Prisma Cloud",
          "latest_package_version": "1.4.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "problemchild",
          "package_title": "Living off the Land Attack Detection",
          "latest_package_version": "2.1.5",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "proofpoint_on_demand",
          "package_title": "Proofpoint On Demand",
          "latest_package_version": "1.0.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "proofpoint_tap",
          "package_title": "Proofpoint TAP",
          "latest_package_version": "1.24.3",
          "integration_name": "Proofpoint TAP",
          "integration_title": "Proofpoint TAP Proofpoint_tap logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "proofpoint_tap",
          "package_title": "Proofpoint TAP",
          "latest_package_version": "1.24.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "pulse_connect_secure",
          "package_title": "Pulse Connect Secure",
          "latest_package_version": "2.2.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "qnap_nas",
          "package_title": "QNAP NAS",
          "latest_package_version": "1.20.1",
          "integration_name": "qnap",
          "integration_title": "QNAP NAS Qnap nas event & access logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "qnap_nas",
          "package_title": "QNAP NAS",
          "latest_package_version": "1.20.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "qualys_vmdr",
          "package_title": "Qualys VMDR",
          "latest_package_version": "5.2.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "rapid7_insightvm",
          "package_title": "Rapid7 InsightVM",
          "latest_package_version": "1.12.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "santa",
          "package_title": "Google Santa",
          "latest_package_version": "3.20.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sentinel_one",
          "package_title": "SentinelOne",
          "latest_package_version": "1.25.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sentinel_one_cloud_funnel",
          "package_title": "SentinelOne Cloud Funnel",
          "latest_package_version": "1.5.0",
          "integration_name": "SentinelOne Cloud Funnel",
          "integration_title": "SentinelOne Cloud Funnel Sentinelone cloud funnel logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sentinel_one_cloud_funnel",
          "package_title": "SentinelOne Cloud Funnel",
          "latest_package_version": "1.5.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "slack",
          "package_title": "Slack Logs",
          "latest_package_version": "1.22.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "snort",
          "package_title": "Snort",
          "latest_package_version": "1.15.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "snyk",
          "package_title": "Snyk",
          "latest_package_version": "1.25.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sonicwall_firewall",
          "package_title": "SonicWall Firewall",
          "latest_package_version": "1.16.0",
          "integration_name": "sample",
          "integration_title": "SonicWall Firewall Sample logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sonicwall_firewall",
          "package_title": "SonicWall Firewall",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sophos",
          "package_title": "Sophos",
          "latest_package_version": "3.9.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sophos_central",
          "package_title": "Sophos Central",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "spycloud",
          "package_title": "SpyCloud Enterprise Protection",
          "latest_package_version": "1.0.0",
          "integration_name": "SpyCloud Enterprise Protection",
          "integration_title": "SpyCloud Enterprise Protection Spycloud enterprise protection logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "spycloud",
          "package_title": "SpyCloud Enterprise Protection",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "squid",
          "package_title": "Squid Proxy",
          "latest_package_version": "1.0.2",
          "integration_name": "log",
          "integration_title": "Squid Proxy Squid",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "squid",
          "package_title": "Squid Proxy",
          "latest_package_version": "1.0.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "stormshield",
          "package_title": "StormShield SNS",
          "latest_package_version": "1.0.0",
          "integration_name": "stormshield_sns",
          "integration_title": "StormShield SNS Stormshield sns logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "stormshield",
          "package_title": "StormShield SNS",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sublime_security",
          "package_title": "Sublime Security",
          "latest_package_version": "1.1.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "suricata",
          "package_title": "Suricata",
          "latest_package_version": "2.21.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "symantec_edr_cloud",
          "package_title": "Symantec EDR Cloud",
          "latest_package_version": "1.4.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "symantec_endpoint",
          "package_title": "Symantec Endpoint Protection",
          "latest_package_version": "2.16.2",
          "integration_name": "symantec",
          "integration_title": "Symantec Endpoint Protection Symantec endpoint protection logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "symantec_endpoint",
          "package_title": "Symantec Endpoint Protection",
          "latest_package_version": "2.16.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "symantec_endpoint_security",
          "package_title": "Symantec Endpoint Security",
          "latest_package_version": "1.2.0",
          "integration_name": "Symantec Endpoint Security",
          "integration_title": "Symantec Endpoint Security Symantec endpoint security logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "symantec_endpoint_security",
          "package_title": "Symantec Endpoint Security",
          "latest_package_version": "1.2.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "sysmon_linux",
          "package_title": "Sysmon for Linux",
          "latest_package_version": "1.7.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "tanium",
          "package_title": "Tanium",
          "latest_package_version": "1.10.2",
          "integration_name": "Tanium",
          "integration_title": "Tanium Tanium logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "tanium",
          "package_title": "Tanium",
          "latest_package_version": "1.10.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "teleport",
          "package_title": "Teleport",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "tenable_io",
          "package_title": "Tenable Vulnerability Management",
          "latest_package_version": "3.2.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "tenable_sc",
          "package_title": "Tenable.sc",
          "latest_package_version": "1.24.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "thycotic_ss",
          "package_title": "Thycotic Secret Server",
          "latest_package_version": "1.8.1",
          "integration_name": "logs",
          "integration_title": "Thycotic Secret Server Secret server",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "thycotic_ss",
          "package_title": "Thycotic Secret Server",
          "latest_package_version": "1.8.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_anomali",
          "package_title": "Anomali",
          "latest_package_version": "1.23.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_cif3",
          "package_title": "Collective Intelligence Framework v3",
          "latest_package_version": "1.14.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_crowdstrike",
          "package_title": "CrowdStrike Falcon Intelligence",
          "latest_package_version": "2.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_cybersixgill",
          "package_title": "Cybersixgill",
          "latest_package_version": "1.30.5",
          "integration_name": "cybersixgill",
          "integration_title": "Cybersixgill Cybersixgill threat intel",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_cybersixgill",
          "package_title": "Cybersixgill",
          "latest_package_version": "1.30.5",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_eclecticiq",
          "package_title": "EclecticIQ",
          "latest_package_version": "1.2.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_eset",
          "package_title": "ESET Threat Intelligence",
          "latest_package_version": "1.2.5",
          "integration_name": "eset",
          "integration_title": "ESET Threat Intelligence Eti feeds (taxii version 2)",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_eset",
          "package_title": "ESET Threat Intelligence",
          "latest_package_version": "1.2.5",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_maltiverse",
          "package_title": "Maltiverse",
          "latest_package_version": "1.2.5",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_mandiant_advantage",
          "package_title": "Mandiant Advantage",
          "latest_package_version": "1.4.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_misp",
          "package_title": "MISP",
          "latest_package_version": "1.35.7",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_opencti",
          "package_title": "OpenCTI",
          "latest_package_version": "2.3.4",
          "integration_name": "opencti",
          "integration_title": "OpenCTI Opencti",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_opencti",
          "package_title": "OpenCTI",
          "latest_package_version": "2.3.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_rapid7_threat_command",
          "package_title": "Rapid7 Threat Command",
          "latest_package_version": "2.0.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_recordedfuture",
          "package_title": "Recorded Future",
          "latest_package_version": "1.26.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_threatconnect",
          "package_title": "ThreatConnect",
          "latest_package_version": "1.3.0",
          "integration_name": "threatconnect",
          "integration_title": "ThreatConnect Threatconnect indicators",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_threatconnect",
          "package_title": "ThreatConnect",
          "latest_package_version": "1.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ti_threatq",
          "package_title": "ThreatQuotient",
          "latest_package_version": "1.28.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "trellix_edr_cloud",
          "package_title": "Trellix EDR Cloud",
          "latest_package_version": "1.2.1",
          "integration_name": "Trellix EDR",
          "integration_title": "Trellix EDR Cloud Trellix edr logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "trellix_edr_cloud",
          "package_title": "Trellix EDR Cloud",
          "latest_package_version": "1.2.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "trellix_epo_cloud",
          "package_title": "Trellix ePO Cloud",
          "latest_package_version": "1.11.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "trend_micro_vision_one",
          "package_title": "Trend Micro Vision One",
          "latest_package_version": "1.21.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "trendmicro",
          "package_title": "Trend Micro Deep Security",
          "latest_package_version": "2.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "vectra_detect",
          "package_title": "Vectra Detect",
          "latest_package_version": "1.9.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "watchguard_firebox",
          "package_title": "WatchGuard Firebox",
          "latest_package_version": "1.0.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "wiz",
          "package_title": "Wiz",
          "latest_package_version": "2.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "zeek",
          "package_title": "Zeek",
          "latest_package_version": "2.25.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "zerofox",
          "package_title": "ZeroFox",
          "latest_package_version": "1.25.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "zeronetworks",
          "package_title": "Zero Networks",
          "latest_package_version": "1.15.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "zoom",
          "package_title": "Zoom",
          "latest_package_version": "1.20.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "zscaler_zia",
          "package_title": "Zscaler Internet Access",
          "latest_package_version": "3.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "zscaler_zpa",
          "package_title": "Zscaler Private Access",
          "latest_package_version": "1.18.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "activemq",
          "package_title": "ActiveMQ",
          "latest_package_version": "1.6.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "apache",
          "package_title": "Apache HTTP Server",
          "latest_package_version": "1.26.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "apache_spark",
          "package_title": "Apache Spark",
          "latest_package_version": "1.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "apache_tomcat",
          "package_title": "Apache Tomcat",
          "latest_package_version": "1.8.1",
          "integration_name": "Apache Tomcat",
          "integration_title": "Apache Tomcat Apache tomcat",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "apache_tomcat",
          "package_title": "Apache Tomcat",
          "latest_package_version": "1.8.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "apm",
          "package_title": "Elastic APM",
          "latest_package_version": "8.4.2",
          "integration_name": "apmserver",
          "integration_title": "Elastic APM Elastic apm integration",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "apm",
          "package_title": "Elastic APM",
          "latest_package_version": "8.4.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "arista_ngfw",
          "package_title": "Arista NG Firewall",
          "latest_package_version": "1.2.0",
          "integration_name": "log",
          "integration_title": "Arista NG Firewall Arista ng firewall logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "arista_ngfw",
          "package_title": "Arista NG Firewall",
          "latest_package_version": "1.2.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "awshealth",
          "integration_title": "AWS Aws health",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "billing",
          "integration_title": "AWS Aws billing",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "cloudtrail",
          "integration_title": "AWS Aws cloudtrail",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "cloudwatch",
          "integration_title": "AWS Aws cloudwatch",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "dynamodb",
          "integration_title": "AWS Amazon dynamodb",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "ebs",
          "integration_title": "AWS Amazon ebs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "ec2",
          "integration_title": "AWS Amazon ec2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "ecs",
          "integration_title": "AWS Amazon ecs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "elb",
          "integration_title": "AWS Aws elb",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "lambda",
          "integration_title": "AWS Aws lambda",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "natgateway",
          "integration_title": "AWS Amazon nat gateway",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "firewall",
          "integration_title": "AWS Aws network firewall",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "rds",
          "integration_title": "AWS Amazon rds",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "s3",
          "integration_title": "AWS Amazon s3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "s3_storage_lens",
          "integration_title": "AWS Amazon s3 storage lens",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "sns",
          "integration_title": "AWS Amazon sns",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "sqs",
          "integration_title": "AWS Amazon sqs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "transitgateway",
          "integration_title": "AWS Aws transit gateway",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "usage",
          "integration_title": "AWS Aws usage",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "vpcflow",
          "integration_title": "AWS Amazon vpc",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "vpn",
          "integration_title": "AWS Amazon vpn",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "waf",
          "integration_title": "AWS Aws waf",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "route53",
          "integration_title": "AWS Aws route 53",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "cloudfront",
          "integration_title": "AWS Amazon cloudfront",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "redshift",
          "integration_title": "AWS Amazon redshift",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "kinesis",
          "integration_title": "AWS Amazon kinesis data stream",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "securityhub",
          "integration_title": "AWS Aws security hub",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "inspector",
          "integration_title": "AWS Aws inspector",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "guardduty",
          "integration_title": "AWS Amazon guardduty",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "apigateway",
          "integration_title": "AWS Aws api gateway",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "emr",
          "integration_title": "AWS Amazon emr",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws",
          "package_title": "AWS",
          "latest_package_version": "2.31.3",
          "integration_name": "kafka",
          "integration_title": "AWS Amazon managed streaming for apache kafka (msk)",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "aws_logs",
          "package_title": "Custom AWS Logs",
          "latest_package_version": "1.4.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "awsfargate",
          "package_title": "AWS Fargate (for ECS clusters)",
          "latest_package_version": "1.2.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "awsfirehose",
          "package_title": "Amazon Data Firehose",
          "latest_package_version": "1.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "eventhub",
          "integration_title": "Azure Logs Azure event hub input",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "adlogs",
          "integration_title": "Azure Logs Microsoft entra id",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "platformlogs",
          "integration_title": "Azure Logs Azure platform logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "activitylogs",
          "integration_title": "Azure Logs Azure activity logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "graphactivitylogs",
          "integration_title": "Azure Logs Microsoft graph activity logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "springcloudlogs",
          "integration_title": "Azure Logs Azure spring apps logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "firewall_logs",
          "integration_title": "Azure Logs Azure firewall logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure",
          "package_title": "Azure Logs",
          "latest_package_version": "1.19.3",
          "integration_name": "application_gateway",
          "integration_title": "Azure Logs Azure application gateway",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_application_insights",
          "package_title": "Azure Application Insights Metrics Overview",
          "latest_package_version": "1.7.0",
          "integration_name": "app_insights",
          "integration_title": "Azure Application Insights Metrics Overview Azure application insights metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_application_insights",
          "package_title": "Azure Application Insights Metrics Overview",
          "latest_package_version": "1.7.0",
          "integration_name": "app_state",
          "integration_title": "Azure Application Insights Metrics Overview Azure application state insights metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_billing",
          "package_title": "Azure Billing Metrics",
          "latest_package_version": "1.7.1",
          "integration_name": "billing",
          "integration_title": "Azure Billing Metrics Azure billing metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_billing",
          "package_title": "Azure Billing Metrics",
          "latest_package_version": "1.7.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_blob_storage",
          "package_title": "Custom Azure Blob Storage Input",
          "latest_package_version": "2.1.0",
          "integration_name": "azure-blob-storage",
          "integration_title": "Custom Azure Blob Storage Input Custom azure blob storage input",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_blob_storage",
          "package_title": "Custom Azure Blob Storage Input",
          "latest_package_version": "2.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "monitor",
          "integration_title": "Azure Resource Metrics Azure monitor metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "compute_vm",
          "integration_title": "Azure Resource Metrics Azure virtual machines metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "compute_vm_scaleset",
          "integration_title": "Azure Resource Metrics Azure virtual machines scaleset metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "container_registry",
          "integration_title": "Azure Resource Metrics Azure container registry metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "container_instance",
          "integration_title": "Azure Resource Metrics Azure container instance metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "container_service",
          "integration_title": "Azure Resource Metrics Azure container service metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "database_account",
          "integration_title": "Azure Resource Metrics Azure database account metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_metrics",
          "package_title": "Azure Resource Metrics",
          "latest_package_version": "1.6.7",
          "integration_name": "storage_account",
          "integration_title": "Azure Resource Metrics Azure storage account metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_openai",
          "package_title": "Azure OpenAI",
          "latest_package_version": "1.4.0",
          "integration_name": "azure_open_ai",
          "integration_title": "Azure OpenAI Collects azure openai logs and metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "azure_openai",
          "package_title": "Azure OpenAI",
          "latest_package_version": "1.4.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cassandra",
          "package_title": "Cassandra",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cel",
          "package_title": "Custom API using Common Expression Language",
          "latest_package_version": "1.13.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ceph",
          "package_title": "Ceph",
          "latest_package_version": "1.7.0",
          "integration_name": "Ceph",
          "integration_title": "Ceph Ceph metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ceph",
          "package_title": "Ceph",
          "latest_package_version": "1.7.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "citrix_adc",
          "package_title": "Citrix ADC",
          "latest_package_version": "1.12.0",
          "integration_name": "Citrix ADC",
          "integration_title": "Citrix ADC Citrix adc metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "citrix_adc",
          "package_title": "Citrix ADC",
          "latest_package_version": "1.12.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cockroachdb",
          "package_title": "CockroachDB Metrics",
          "latest_package_version": "1.12.0",
          "integration_name": "status",
          "integration_title": "CockroachDB Metrics Cockroachdb",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "cockroachdb",
          "package_title": "CockroachDB Metrics",
          "latest_package_version": "1.12.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "couchbase",
          "package_title": "Couchbase",
          "latest_package_version": "1.8.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "couchdb",
          "package_title": "CouchDB",
          "latest_package_version": "1.4.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "docker",
          "package_title": "Docker",
          "latest_package_version": "2.12.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "elasticsearch",
          "package_title": "Elasticsearch",
          "latest_package_version": "1.15.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "enterprisesearch",
          "package_title": "Enterprise Search",
          "latest_package_version": "1.0.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "etcd",
          "package_title": "etcd",
          "latest_package_version": "1.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "fleet_server",
          "package_title": "Fleet Server",
          "latest_package_version": "1.5.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "audit",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) audit logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "firewall",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) firewall logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "vpcflow",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) vpc flow logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "dns",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) dns logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "billing",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) billing metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "compute",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) compute metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "firestore",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) firestore metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "loadbalancing",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) load balancing metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "storage",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) storage metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "gke",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) gke metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "dataproc",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) dataproc metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "pubsub",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) pubsub metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "redis",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) redis metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "cloudrun",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) cloud run metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp",
          "package_title": "Google Cloud Platform",
          "latest_package_version": "2.38.0",
          "integration_name": "cloudsql",
          "integration_title": "Google Cloud Platform Google cloud platform (gcp) cloudsql metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp_pubsub",
          "package_title": "Custom Google Pub/Sub Logs",
          "latest_package_version": "2.1.0",
          "integration_name": "gcp",
          "integration_title": "Custom Google Pub/Sub Logs Custom google pub/sub logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "gcp_pubsub",
          "package_title": "Custom Google Pub/Sub Logs",
          "latest_package_version": "2.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "golang",
          "package_title": "Golang",
          "latest_package_version": "1.6.0",
          "integration_name": "Golang",
          "integration_title": "Golang Golang metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "golang",
          "package_title": "Golang",
          "latest_package_version": "1.6.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "google_cloud_storage",
          "package_title": "Custom GCS (Google Cloud Storage) Input",
          "latest_package_version": "2.1.0",
          "integration_name": "gcs",
          "integration_title": "Custom GCS (Google Cloud Storage) Input Custom gcs (google cloud storage) input",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "google_cloud_storage",
          "package_title": "Custom GCS (Google Cloud Storage) Input",
          "latest_package_version": "2.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "hadoop",
          "package_title": "Hadoop",
          "latest_package_version": "1.7.0",
          "integration_name": "hadoop_metrics",
          "integration_title": "Hadoop Hadoop metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "hadoop",
          "package_title": "Hadoop",
          "latest_package_version": "1.7.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "haproxy",
          "package_title": "HAProxy",
          "latest_package_version": "1.14.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "http_endpoint",
          "package_title": "Custom HTTP Endpoint Logs",
          "latest_package_version": "2.2.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "httpjson",
          "package_title": "Custom API",
          "latest_package_version": "1.21.1",
          "integration_name": "generic",
          "integration_title": "Custom API Custom api input",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "httpjson",
          "package_title": "Custom API",
          "latest_package_version": "1.21.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "ibmmq",
          "package_title": "IBM MQ",
          "latest_package_version": "1.4.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "iis",
          "package_title": "IIS",
          "latest_package_version": "1.20.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "journald",
          "package_title": "Custom Journald logs",
          "latest_package_version": "1.1.0",
          "integration_name": "logs",
          "integration_title": "Custom Journald logs Journald logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "journald",
          "package_title": "Custom Journald logs",
          "latest_package_version": "1.1.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kafka",
          "package_title": "Kafka",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kafka_log",
          "package_title": "Custom Kafka Logs",
          "latest_package_version": "1.7.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kibana",
          "package_title": "Kibana",
          "latest_package_version": "2.5.4",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "kubelet",
          "integration_title": "Kubernetes Kubelet metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "kube-state-metrics",
          "integration_title": "Kubernetes Kube-state-metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "kube-apiserver",
          "integration_title": "Kubernetes Kube-apiserver metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "kube-proxy",
          "integration_title": "Kubernetes Kube-proxy metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "kube-scheduler",
          "integration_title": "Kubernetes Kube-scheduler metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "kube-controller-manager",
          "integration_title": "Kubernetes Kube-controller-manager metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "events",
          "integration_title": "Kubernetes Kubernetes event metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "container-logs",
          "integration_title": "Kubernetes Kubernetes container logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "kubernetes",
          "package_title": "Kubernetes",
          "latest_package_version": "1.68.1",
          "integration_name": "audit-logs",
          "integration_title": "Kubernetes Kubernetes audit logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "log",
          "package_title": "Custom Logs",
          "latest_package_version": "2.3.2",
          "integration_name": "logs",
          "integration_title": "Custom Logs Custom log file",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "log",
          "package_title": "Custom Logs",
          "latest_package_version": "2.3.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "logstash",
          "package_title": "Logstash",
          "latest_package_version": "2.4.11",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "memcached",
          "package_title": "Memcached",
          "latest_package_version": "1.6.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "mongodb",
          "package_title": "MongoDB",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "mysql",
          "package_title": "MySQL",
          "latest_package_version": "1.25.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "nagios_xi",
          "package_title": "Nagios XI",
          "latest_package_version": "1.4.0",
          "integration_name": "nagios",
          "integration_title": "Nagios XI Nagios xi logs and metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "nagios_xi",
          "package_title": "Nagios XI",
          "latest_package_version": "1.4.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "nats",
          "package_title": "NATS",
          "latest_package_version": "1.7.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "nginx",
          "package_title": "Nginx",
          "latest_package_version": "1.24.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "nginx_ingress_controller",
          "package_title": "Nginx Ingress Controller Logs",
          "latest_package_version": "1.10.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "oracle",
          "package_title": "Oracle",
          "latest_package_version": "1.28.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "oracle_weblogic",
          "package_title": "Oracle WebLogic",
          "latest_package_version": "1.8.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "php_fpm",
          "package_title": "PHP-FPM",
          "latest_package_version": "1.4.0",
          "integration_name": "PHP-FPM",
          "integration_title": "PHP-FPM Php-fpm metrics",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "php_fpm",
          "package_title": "PHP-FPM",
          "latest_package_version": "1.4.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "postgresql",
          "package_title": "PostgreSQL",
          "latest_package_version": "1.25.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "profiler_agent",
          "package_title": "Universal Profiling Agent",
          "latest_package_version": "8.17.0",
          "integration_name": "universal_profiling_agent",
          "integration_title": "Universal Profiling Agent Universal profiling agent integration",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "profiler_agent",
          "package_title": "Universal Profiling Agent",
          "latest_package_version": "8.17.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "prometheus",
          "package_title": "Prometheus",
          "latest_package_version": "1.20.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "rabbitmq",
          "package_title": "RabbitMQ Logs and Metrics",
          "latest_package_version": "1.16.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "redis",
          "package_title": "Redis",
          "latest_package_version": "1.18.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "salesforce",
          "package_title": "Salesforce",
          "latest_package_version": "1.0.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "spring_boot",
          "package_title": "Spring Boot",
          "latest_package_version": "1.7.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "stan",
          "package_title": "STAN",
          "latest_package_version": "1.7.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "synthetics_dashboards",
          "package_title": "Elastic Synthetics Dashboards",
          "latest_package_version": "1.0.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "system_audit",
          "package_title": "System Audit",
          "latest_package_version": "1.10.3",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "tcp",
          "package_title": "Custom TCP Logs",
          "latest_package_version": "1.19.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "tomcat",
          "package_title": "Tomcat NetWitness Logs",
          "latest_package_version": "1.11.0",
          "integration_name": "log",
          "integration_title": "Tomcat NetWitness Logs Apache tomcat",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "tomcat",
          "package_title": "Tomcat NetWitness Logs",
          "latest_package_version": "1.11.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "traefik",
          "package_title": "Traefik",
          "latest_package_version": "2.3.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "udp",
          "package_title": "Custom UDP Logs",
          "latest_package_version": "1.19.1",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "vsphere",
          "package_title": "VMware vSphere",
          "latest_package_version": "1.16.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "websphere_application_server",
          "package_title": "WebSphere Application Server",
          "latest_package_version": "1.5.0",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "winlog",
          "package_title": "Custom Windows Event Logs",
          "latest_package_version": "2.1.2",
          "integration_name": "winlogs",
          "integration_title": "Custom Windows Event Logs Custom windows event logs",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "winlog",
          "package_title": "Custom Windows Event Logs",
          "latest_package_version": "2.1.2",
          "is_installed": false,
          "is_enabled": false
      },
      {
          "package_name": "zookeeper",
          "package_title": "ZooKeeper Metrics",
          "latest_package_version": "1.13.0",
          "is_installed": false,
          "is_enabled": false
      }
  ]
}

The endpoint's handler should be fixed.

@banderror
Copy link
Contributor

@jkelas When you get to fixing this bug, please follow the steps to reproduce above. I think among the Related Integrations bugs we have this should be fixed first because it is linked to 2 SDHs.

@toby-sutor
Copy link
Contributor

Is this related to this issue? #150968

@banderror
Copy link
Contributor

@toby-sutor It's definitely related, but I'm not sure if these two bugs are caused by exactly the same reason, or two different reasons. But they are both localized in the same area of code.

@banderror
Copy link
Contributor

banderror commented Nov 25, 2024

We should also review and test the code that calculates version mismatch labels as part of fixing this bug, because a user had some false version mismatch labels displayed on the Rule Details page and they claimed that the corresponding integration had been updated to the latest version. More details in one of the linked SDHs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
8.18 candidate bug Fixes for quality problems that affect the customer experience Feature:Related Integrations Security Solution Detection Rules Related Integrations feature Feature:Rule Management Security Solution Detection Rule Management area impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. sdh-linked Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

6 participants