SSI Integration: Use terminate processor instead of fail (#14393)

This will utilize the `terminate` processor instead of the `fail` processor, as the `fail` processor
introduces an unwanted side effect by creating an additional `error.message` value.
Upgrade the `format_version` to latest 8.4.0

Author: brijesh-elastic

packages/abnormal_security/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.10.0"
+  changes:
+    - description: Use `terminate` processor instead of `fail` processor to handle agent errors.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/14393
 - version: "1.9.0"
   changes:
     - description: |

packages/abnormal_security/data_stream/ai_security_mailbox/elasticsearch/ingest_pipeline/default.yml

@@ -5,10 +5,10 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.11.0
-  - fail:
+  - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
-      message: error message set and no data to process.
+      description: error message set and no data to process.
   - rename:
       field: message
       tag: rename_message_to_event_original

packages/abnormal_security/data_stream/ai_security_mailbox_not_analyzed/elasticsearch/ingest_pipeline/default.yml

@@ -5,10 +5,10 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.11.0
-  - fail:
+  - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
-      message: error message set and no data to process.
+      description: error message set and no data to process.
   - rename:
       tag: rename_message_to_event_original
       description: Renames the original `message` field to `event.original` to store a copy of the original message. The `event.original` field is not touched if the document already has one; it may happen when Logstash sends the document.

packages/abnormal_security/data_stream/audit/elasticsearch/ingest_pipeline/default.yml

@@ -5,10 +5,10 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.11.0
-  - fail:
+  - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
-      message: error message set and no data to process.
+      description: error message set and no data to process.
   - rename:
       field: message
       tag: rename_message_to_event_original

packages/abnormal_security/data_stream/case/elasticsearch/ingest_pipeline/default.yml

@@ -5,10 +5,10 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.11.0
-  - fail:
+  - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
-      message: error message set and no data to process.
+      description: error message set and no data to process.
   - rename:
       field: message
       tag: rename_message_to_event_original

packages/abnormal_security/data_stream/threat/elasticsearch/ingest_pipeline/default.yml

@@ -5,10 +5,10 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.11.0
-  - fail:
+  - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
-      message: error message set and no data to process.
+      description: error message set and no data to process.
   - rename:
       field: message
       tag: rename_message_to_event_original

packages/abnormal_security/data_stream/vendor_case/elasticsearch/ingest_pipeline/default.yml

@@ -5,10 +5,10 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.11.0
-  - fail:
+  - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
-      message: error message set and no data to process.
+      description: error message set and no data to process.
   - rename:
       field: message
       tag: rename_message_to_event_original

packages/abnormal_security/manifest.yml

@@ -1,7 +1,7 @@
-format_version: 3.2.1
+format_version: 3.4.0
 name: abnormal_security
 title: Abnormal AI
-version: "1.9.0"
+version: "1.10.0"
 description: Collect logs from Abnormal AI with Elastic Agent.
 type: integration
 categories:

packages/beyondtrust_pra/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.3.0"
+  changes:
+    - description: Use `terminate` processor instead of `fail` processor to handle agent errors.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/14393
 - version: "0.2.1"
   changes:
     - description: Add temporary processor to remove the fields added by the Agentless policy.

packages/beyondtrust_pra/data_stream/access_session/elasticsearch/ingest_pipeline/default.yml

@@ -5,10 +5,10 @@ processors:
       field: ecs.version
       tag: set_ecs_version
       value: 8.17.0
-  - fail:
+  - terminate:
       tag: data_collection_error
       if: ctx.error?.message != null && ctx.message == null && ctx.event?.original == null
-      message: error message set and no data to process.
+      description: error message set and no data to process.
   - remove:
       field:
         - organization