Skip to content

Commit

Permalink
[Winlogbeat] Add registry and code signature information and ECS cate…
Browse files Browse the repository at this point in the history
…gorization fields for sysmon module (elastic#18058)

* [Winlogbeat] Add sysmon module ECS categorization fields

* Add registry and code signature information

* Add changelog entry

* Add baseline registry event json
  • Loading branch information
Andrew Stucki authored May 5, 2020
1 parent bc39eb8 commit eb3c191
Show file tree
Hide file tree
Showing 6 changed files with 3,144 additions and 193 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -402,6 +402,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Add experimental event log reader implementation that should be faster in most cases. {issue}6585[6585] {pull}16849[16849]
- Set process.command_line and process.parent.command_line from Sysmon Event ID 1. {pull}17327[17327]
- Add support for event IDs 4673,4674,4697,4698,4699,4700,4701,4702,4768,4769,4770,4771,4776,4778,4779,4964 to the Security module {pull}17517[17517]
- Add registry and code signature information and ECS categorization fields for sysmon module {pull}18058[18058]

==== Deprecated

Expand Down
Loading

0 comments on commit eb3c191

Please sign in to comment.