[FR] Redesign Filed Mapping Check for Integration Packages

[shashank-elastic]

Repository Feature

Core Repo - (rule management, validation, testing, lib, cicd, etc.)

Problem Description

When fileds.yml was removed in version 2.0.3 of DGA as part of the PR, in the current design of our unit tests, we pull any YML field files for all integrations to do integration specific field validation within our queries, Refer making the tests dependent on static mappings somewhere.

Desired Solution

• Ideate on Possible ways to move from the static mapping of the fields.
  << TBD >>

Considered Alternatives

Currently for the Integrations tests to pass, DGA package was regenerated with the field mappings via https://github.com/elastic/security-ml/issues/474.

Additional Context

The ML team has a concern leaving the yaml files with the fields in these packages because it gives the illusion that the field mapping issue with them is already solved. The ML team has another issue open to try to help with the issue.