From fe6e85f6c3a7a8545a9536c2f6c007e6a294538c Mon Sep 17 00:00:00 2001
From: Panos Koutsovasilis <panos.koutsovasilis@elastic.co>
Date: Wed, 24 Apr 2024 19:56:23 +0300
Subject: [PATCH] fix(fim): add auto option for backend and make it the default
 one

---
 packages/fim/changelog.yml |  5 +++++
 packages/fim/manifest.yml  | 18 ++++++++++--------
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/packages/fim/changelog.yml b/packages/fim/changelog.yml
index 64a8f4f89df7..99e5c13e1cba 100644
--- a/packages/fim/changelog.yml
+++ b/packages/fim/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.15.1"
+  changes:
+    - description: Fix default backend to auto
+      type: bugfix
+      link: https://github.com/elastic/integrations/pulls/9702
 - version: "1.15.0"
   changes:
     - description: New event sourcing backends added
diff --git a/packages/fim/manifest.yml b/packages/fim/manifest.yml
index 80265ed07845..34c1a524b076 100644
--- a/packages/fim/manifest.yml
+++ b/packages/fim/manifest.yml
@@ -1,7 +1,7 @@
 format_version: "3.0.0"
 name: fim
 title: "File Integrity Monitoring"
-version: "1.15.0"
+version: "1.15.1"
 description: "The File Integrity Monitoring integration reports filesystem changes in real time."
 type: integration
 categories:
@@ -79,15 +79,17 @@ vars:
       Forces a particular event source for file events on Linux. `fsnotify` does not provide
       user information.
     options:
-     - text: ebpf
-       value: ebpf
-     - text: fsnotify
-       value: fsnotify
-     - text: kprobes
-       value: kprobes
+      - text: auto
+        value: auto
+      - text: ebpf
+        value: ebpf
+      - text: fsnotify
+        value: fsnotify
+      - text: kprobes
+        value: kprobes
     show_user: true
     required: false
-    default: fsnotify
+    default: auto
   - name: max_file_size
     type: text
     title: File size limit