[Checkpoint] updating checkpoint package to ECS 1.10.0 (elastic#1033)

* updating checkpoint package to ECS 1.10.0

* updating changelog and adding menu entris

* updating UI file

* updating changelog and manifest

* adding last changes and making ready for review

* format files

* linting

packages/checkpoint/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.6.0"
+  changes:
+    - description: update to ECS 1.10.0 and syncing module changes
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/1033
 - version: "0.5.2"
   changes:
     - description: update to ECS 1.9.0

packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-with-time.log

@@ -1 +1,2 @@
 <134>1 2020-03-30T07:20:35Z gw-da58d3 CheckPoint 7776 - [action:"Accept"; flags:"444676"; ifdir:"outbound"; ifname:"eth0"; logid:"0"; loguid:"{0x5e819dc3,0x0,0x353707c7,0xee78a1dc}"; origin:"192.168.1.100"; originsicname:"cn=cp_mgmt,o=gw-da58d3..tmn8s8"; sequencenum:"1"; time:"1594646954"; version:"5"; __policy_id_tag:"product=VPN-1 & FireWall-1[db_tag={880771B0-FD92-2C4F-82FC-B96FC3DE5A07};mgmt=gw-da58d3;date=1585502566;policy_name=Standard\]"; dst:"192.168.1.153"; inzone:"Local"; layer_name:"Network"; layer_uuid:"63b7fe60-76d2-4287-bca5-21af87337b0a"; match_id:"1"; parent_rule:"0"; rule_action:"Accept"; rule_uid:"1fde807b-6300-4b1a-914f-f1c1f3e2e7d2"; outzone:"External"; product:"VPN-1 & FireWall-1"; proto:"17"; s_port:"43103"; service:"514"; service_id:"syslog"; src:"192.168.1.100"]
+<134>1 2021-05-05T12:27:09Z cp-m CheckPoint 1231 - [action:"Drop"; flags:"278528"; ifdir:"inbound"; ifname:"bond1.3999"; loguid:"{0x60928f1d,0x8,0x40de101f,0xfcdbb197}"; origin:"127.0.0.1"; originsicname:"CN=CP,O=cp.com.9jjkfo"; sequencenum:"62"; time:"1620217629"; version:"5"; __policy_id_tag:"product=VPN-1 & FireWall-1[db_tag={F6212FB3-54CE-6344-9164-B224119E2B92};mgmt=cp-m;date=1620031791;policy_name=CP-Cluster]"; action_reason:"Dropped by multiportal infrastructure"; dst:"1.1.1.1"; product:"VPN & FireWall"; proto:"6"; s_port:"52780"; service:"80"; src:"1.1.1.1"]

packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-checkpoint-with-time.log-expected.json

@@ -7,6 +7,26 @@
                 "rule_action": "Accept",
                 "match_id": "1"
             },
+            "destination": {
+                "port": 514,
+                "ip": "192.168.1.153"
+            },
+            "rule": {
+                "uuid": "1fde807b-6300-4b1a-914f-f1c1f3e2e7d2"
+            },
+            "source": {
+                "port": 43103,
+                "ip": "192.168.1.100"
+            },
+            "tags": [
+                "preserve_original_event"
+            ],
+            "network": {
+                "name": "Network",
+                "application": "syslog",
+                "iana_number": "17",
+                "direction": "outbound"
+            },
             "observer": {
                 "name": "192.168.1.100",
                 "ingress": {
@@ -23,26 +43,19 @@
                 }
             },
             "@timestamp": "2020-07-13T13:29:14.000Z",
+            "ecs": {
+                "version": "1.10.0"
+            },
             "related": {
                 "ip": [
                     "192.168.1.100",
                     "192.168.1.153"
                 ]
             },
-            "destination": {
-                "port": 514,
-                "ip": "192.168.1.153"
-            },
-            "rule": {
-                "uuid": "1fde807b-6300-4b1a-914f-f1c1f3e2e7d2"
-            },
-            "source": {
-                "port": 43103,
-                "ip": "192.168.1.100"
-            },
             "event": {
                 "sequence": 1,
-                "ingested": "2021-04-23T12:52:59.915203905Z",
+                "ingested": "2021-06-09T09:59:46.801105800Z",
+                "original": "\u003c134\u003e1 2020-03-30T07:20:35Z gw-da58d3 CheckPoint 7776 - [action:\"Accept\"; flags:\"444676\"; ifdir:\"outbound\"; ifname:\"eth0\"; logid:\"0\"; loguid:\"{0x5e819dc3,0x0,0x353707c7,0xee78a1dc}\"; origin:\"192.168.1.100\"; originsicname:\"cn=cp_mgmt,o=gw-da58d3..tmn8s8\"; sequencenum:\"1\"; time:\"1594646954\"; version:\"5\"; __policy_id_tag:\"product=VPN-1 \u0026 FireWall-1[db_tag={880771B0-FD92-2C4F-82FC-B96FC3DE5A07};mgmt=gw-da58d3;date=1585502566;policy_name=Standard\\]\"; dst:\"192.168.1.153\"; inzone:\"Local\"; layer_name:\"Network\"; layer_uuid:\"63b7fe60-76d2-4287-bca5-21af87337b0a\"; match_id:\"1\"; parent_rule:\"0\"; rule_action:\"Accept\"; rule_uid:\"1fde807b-6300-4b1a-914f-f1c1f3e2e7d2\"; outzone:\"External\"; product:\"VPN-1 \u0026 FireWall-1\"; proto:\"17\"; s_port:\"43103\"; service:\"514\"; service_id:\"syslog\"; src:\"192.168.1.100\"]",
                 "kind": "event",
                 "module": "checkpoint",
                 "action": "Accept",
@@ -55,12 +68,89 @@
                     "connection"
                 ],
                 "outcome": "success"
+            }
+        },
+        {
+            "checkpoint": {
+                "action_reason_msg": "Dropped by multiportal infrastructure"
             },
+            "destination": {
+                "geo": {
+                    "continent_name": "Oceania",
+                    "country_name": "Australia",
+                    "location": {
+                        "lon": 143.2104,
+                        "lat": -33.494
+                    },
+                    "country_iso_code": "AU"
+                },
+                "as": {
+                    "number": 13335,
+                    "organization": {
+                        "name": "Cloudflare, Inc."
+                    }
+                },
+                "port": 80,
+                "ip": "1.1.1.1"
+            },
+            "source": {
+                "geo": {
+                    "continent_name": "Oceania",
+                    "country_name": "Australia",
+                    "location": {
+                        "lon": 143.2104,
+                        "lat": -33.494
+                    },
+                    "country_iso_code": "AU"
+                },
+                "as": {
+                    "number": 13335,
+                    "organization": {
+                        "name": "Cloudflare, Inc."
+                    }
+                },
+                "port": 52780,
+                "ip": "1.1.1.1"
+            },
+            "tags": [
+                "preserve_original_event"
+            ],
             "network": {
-                "name": "Network",
-                "application": "syslog",
-                "iana_number": "17",
-                "direction": "outbound"
+                "iana_number": "6",
+                "direction": "inbound"
+            },
+            "observer": {
+                "name": "127.0.0.1",
+                "ingress": {
+                    "interface": {
+                        "name": "bond1.3999"
+                    }
+                },
+                "product": "VPN \u0026 FireWall",
+                "type": "firewall",
+                "vendor": "Checkpoint"
+            },
+            "@timestamp": "2021-05-05T12:27:09.000Z",
+            "ecs": {
+                "version": "1.10.0"
+            },
+            "related": {
+                "ip": [
+                    "1.1.1.1",
+                    "1.1.1.1"
+                ]
+            },
+            "event": {
+                "sequence": 62,
+                "ingested": "2021-06-09T09:59:46.801132800Z",
+                "original": "\u003c134\u003e1 2021-05-05T12:27:09Z cp-m CheckPoint 1231 - [action:\"Drop\"; flags:\"278528\"; ifdir:\"inbound\"; ifname:\"bond1.3999\"; loguid:\"{0x60928f1d,0x8,0x40de101f,0xfcdbb197}\"; origin:\"127.0.0.1\"; originsicname:\"CN=CP,O=cp.com.9jjkfo\"; sequencenum:\"62\"; time:\"1620217629\"; version:\"5\"; __policy_id_tag:\"product=VPN-1 \u0026 FireWall-1[db_tag={F6212FB3-54CE-6344-9164-B224119E2B92};mgmt=cp-m;date=1620031791;policy_name=CP-Cluster]\"; action_reason:\"Dropped by multiportal infrastructure\"; dst:\"1.1.1.1\"; product:\"VPN \u0026 FireWall\"; proto:\"6\"; s_port:\"52780\"; service:\"80\"; src:\"1.1.1.1\"]",
+                "kind": "event",
+                "module": "checkpoint",
+                "action": "Drop",
+                "id": "{0x60928f1d,0x8,0x40de101f,0xfcdbb197}",
+                "category": [
+                    "network"
+                ]
             }
         }
     ]