Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Winlogbeat][Sysmon] Remove top level hash property from sysmon events #20653

Merged
merged 2 commits into from
Aug 19, 2020
Merged

[Winlogbeat][Sysmon] Remove top level hash property from sysmon events #20653

merged 2 commits into from
Aug 19, 2020

Conversation

marc-gr
Copy link
Contributor

@marc-gr marc-gr commented Aug 18, 2020
edited
Loading

What does this PR do?

Removes top level hash property from sysmon events

Why is it important?

To be compliant with ECS, hash property should only be nested.

Checklist

- [ ] My code follows the style guidelines of this project
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [ ] I have made corresponding change to the default configuration files

  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

@marc-gr marc-gr requested a review from a team as a code owner August 18, 2020 10:15
@elasticmachine
Copy link
Collaborator

Pinging @elastic/siem (Team:SIEM)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Aug 18, 2020
@elasticmachine
Copy link
Collaborator

elasticmachine commented Aug 18, 2020
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: [Pull request #20653 updated]

  • Start Time: 2020-08-19T11:34:16.191+0000

  • Duration: 34 min 29 sec

Test stats 🧪

Test Results
Failed 0
Passed 90
Skipped 0
Total 90

andrewkroh
andrewkroh reviewed Aug 18, 2020
View reviewed changes
Copy link
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a breaking change entry to the changelog file too.

@marc-gr
Copy link
Contributor Author

marc-gr commented Aug 19, 2020

Please add a breaking change entry to the changelog file too.

Just noticed I previously added some CHANGELOG entries in the breaking change section by mistake 🤦 Will fix that in a following PR, both in master and in release branches

@marc-gr marc-gr merged commit ea3dfcf into elastic:master Aug 19, 2020
@marc-gr marc-gr deleted the winlogbeat-remove-hash branch August 19, 2020 14:40
melchiormoulin pushed a commit to melchiormoulin/beats that referenced this pull request Oct 14, 2020
@marc-gr @melchiormoulin
[Winlogbeat][Sysmon] Remove top level hash property from sysmon events (
caf3f54 
elastic#20653)

* Remove top level hash property from sysmon events

* Add CHANGELOG entry
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees
No one assigned
Labels
breaking change review Winlogbeat
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marc-gr @elasticmachine @andrewkroh