[Security Rules] Update security rules package to v8.1.1

[terrancedejesus]

What does this PR do?

Update the Security Rules package to version 8.1.1.
Autogenerated from commit https://github.com/elastic/detection-rules/tree/af4bf14723a7a2b4adf7ba16e2087ef31789e0c4

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• If I'm introducing a new feature, I have modified the Kibana version constraint in my package's manifest.yml file to point to the latest Elastic stack release (e.g. ^7.13.0).

Author's Checklist

• Install the most recently release security rules in the Detection Engine
• Install the package
• Confirm the update is available in Kibana. Click "Update X rules" or "Install X rules"
• Look at the changes made after the install and confirm they are consistent

How to test this PR locally

• Perform the above checklist, and use package-storage to build EPR from source

Related issues

• https://github.com/elastic/ia-trade-team/issues/47

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-06-23T19:29:18.751+0000

• Duration: 13 min 17 sec

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[brokensound77]

can you try to see why this name changed

[terrancedejesus]

Looks like the 7.x was deprecated in January. This has the ID of dc672cb7-d5df-4d1f-a6d7-0841b1caafb9. The only reference to the 8.x rule I can find is for rule tuning. with the ID 699e9fdb-b77c-4c01-995c-1c15019b9c43. Somewhere along this, it almost seems as if it is saying it is a change rather than an entirely different rule.

[terrancedejesus]

Interestingly enough - This happened during the last 8 series integration.

https://github.com/elastic/integrations/pull/3238/files#diff-532f7a2945bab0063ba6f60e17d5cf70553b180b5cfec4991c562e404b928952

[terrancedejesus]

Looks like that rule deprecation was not backported on purpose therefore 7x still exists in 7.16. Since we do 7.x series first, this rule exists in Integrations repository at the time of this PR. I am not sure why it thinks this file has a name change though as the file name and rule ID are entirely different.

[terrancedejesus]

Due to timing, I am going to move this question/investigation to an actual bug issue within Detection Rules since we now have evidence it is repetitive. While the potential bug itself is not harmful to these integrations, it could have bigger implications in later releases and should be investigated and solved.

[brokensound77]

1 question then LGTM 👍