crowdstrike: add support for http proxy configuration

packages/crowdstrike/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.7.0"
+  changes:
+    - description: Add support for HTTP proxy configuration for Event Streams.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15880
 - version: "2.6.0"
   changes:
     - description: Add a fallback parsing command_line to populate the process name in the FDR data stream.

packages/crowdstrike/data_stream/alert/agent/stream/cel.yml.hbs

@@ -7,6 +7,9 @@ resource.tracer:
 {{#if proxy_url}}
 resource.proxy_url: {{proxy_url}}
 {{/if}}
+{{#if proxy_headers}}
+resource.proxy_headers: {{proxy_headers}}
+{{/if}}
 {{#if ssl}}
 resource.ssl: {{ssl}}
 {{/if}}

packages/crowdstrike/data_stream/falcon/agent/stream/streaming.yml.hbs

@@ -5,6 +5,12 @@ auth:
   client_secret: {{client_secret}}
   token_url: {{token_url}}
 crowdstrike_app_id: {{app_id}}
+{{#if proxy_url}}
+proxy_url: {{proxy_url}}
+{{/if}}
+{{#if proxy_headers}}
+proxy_headers: {{proxy_headers}}
+{{/if}}
 redact:
   fields: ~
 program: |

packages/crowdstrike/data_stream/host/agent/stream/cel.yml.hbs

@@ -7,6 +7,9 @@ resource.tracer:
 {{#if proxy_url}}
 resource.proxy_url: {{proxy_url}}
 {{/if}}
+{{#if proxy_headers}}
+resource.proxy_headers: {{proxy_headers}}
+{{/if}}
 {{#if ssl}}
 resource.ssl: {{ssl}}
 {{/if}}

packages/crowdstrike/data_stream/vulnerability/agent/stream/cel.yml.hbs

@@ -7,6 +7,9 @@ resource.tracer:
 {{#if proxy_url}}
 resource.proxy_url: {{proxy_url}}
 {{/if}}
+{{#if proxy_headers}}
+resource.proxy_headers: {{proxy_headers}}
+{{/if}}
 {{#if ssl}}
 resource.ssl: {{ssl}}
 {{/if}}

packages/crowdstrike/manifest.yml

@@ -1,6 +1,6 @@
 name: crowdstrike
 title: CrowdStrike
-version: "2.6.0"
+version: "2.7.0"
 description: Collect logs from Crowdstrike with Elastic Agent.
 type: integration
 format_version: "3.4.0"
@@ -68,6 +68,21 @@ policy_templates:
       - type: streaming
         title: Collect CrowdStrike Falcon Logs via Event Stream
         description: Collecting CrowdStrike Falcon Logs via Event Stream.
+        vars:
+          - name: proxy_url
+            type: text
+            title: Proxy URL
+            multi: false
+            required: false
+            show_user: false
+            description: URL to proxy connections in the form of http[s]://<user>:<password>@<server name/ip>:<port>. Ensure your username and password are in URL encoded format.
+          - name: proxy_headers
+            type: yaml
+            title: Proxy headers
+            multi: false
+            required: false
+            show_user: false
+            description: This specifies the headers to be sent to the proxy server.
       - type: cel
         title: Collect CrowdStrike logs via API
         description: Collecting CrowdStrike logs via API.
@@ -108,6 +123,13 @@ policy_templates:
             required: false
             show_user: false
             description: URL to proxy connections in the form of http[s]://<user>:<password>@<server name/ip>:<port>. Please ensure your username and password are in URL encoded format.
+          - name: proxy_headers
+            type: yaml
+            title: Proxy headers
+            multi: false
+            required: false
+            show_user: false
+            description: This specifies the headers to be sent to the proxy server.
           - name: ssl
             type: yaml
             title: SSL Configuration