-
Notifications
You must be signed in to change notification settings - Fork 444
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
packages/windows/sysmon_operational: add sysmon event 26 handler #2566
Conversation
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
🤖 GitHub commentsTo re-run your PR in the CI, just comment with:
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
I think the same change needs to be done in |
PTAL |
…stic#2566) * packages/windows/sysmon_operational: normalise field order and remove event.ingested * packages/windows/sysmon_operational: add sysmon event 26 handler * packages/windows/forwarded: normalise field order and remove event.ingested * packages/windows/forwarded: add sysmon event 26 handler
What does this PR do?
Checklist
changelog.yml
file.Author's Checklist
First and third commits are mechanical, second and fourth are semantic.
How to test this PR locally
elastic-package test
in the windows package directory.Related issues
Screenshots
Test event 1:
Test event 2: