Skip to content

Commit

Permalink
[Winlogbeat] Update sysmon pipeline with latest changes from integrat…
Browse files Browse the repository at this point in the history 
…ion (#31556)

Updates Winlogbeat's sysmon ingest pipeline with changes from the integrations package:

- Support for Sysmon Registry non-QWORD/DWORD events integrations#2962 (enhancement)
- Drop unset fields in sysmon_operational data stream integrations#3283 (bug)
  • Loading branch information
@adriansr
adriansr committed May 10, 2022
1 parent ba3bce4 commit 0c20dbb
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 66 deletions.
3 changes: 2 additions & 1 deletion CHANGELOG.next.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...main[Check the HEAD dif
*Winlogbeat*

- Fix resource handle leak during event log enrichment. {pull}31504[31504]
- Sysmon: Drop fields with "-" value (unset) {pull}31556[31556]

*Functionbeat*

Expand Down Expand Up @@ -131,7 +132,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...main[Check the HEAD dif
*Winlogbeat*

- Add parent process ID to new process creation events. {issue}29237[29237] {pull}31102[31102]

- Sysmon: Support for Sysmon Registry non-QWORD/DWORD events. {pull}31556[31556]

*Elastic Log Driver*

Expand Down
Loading

0 comments on commit 0c20dbb

Please sign in to comment.