Skip to content

Commit

Permalink
[Winlogbeat] Add registry and code signature information and ECS cate…
Browse files Browse the repository at this point in the history
…gorization fields for sysmon module (#18058) (#18255)

* [Winlogbeat] Add sysmon module ECS categorization fields

* Add registry and code signature information

* Add changelog entry

* Add baseline registry event json

(cherry picked from commit eb3c191)
  • Loading branch information
Andrew Stucki authored May 5, 2020
1 parent f1e596b commit cf65d69
Show file tree
Hide file tree
Showing 6 changed files with 3,144 additions and 193 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -473,6 +473,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Add experimental event log reader implementation that should be faster in most cases. {issue}6585[6585] {pull}16849[16849]
- Set process.command_line and process.parent.command_line from Sysmon Event ID 1. {pull}17327[17327]
- Add support for event IDs 4673,4674,4697,4698,4699,4700,4701,4702,4768,4769,4770,4771,4776,4778,4779,4964 to the Security module {pull}17517[17517]
- Add registry and code signature information and ECS categorization fields for sysmon module {pull}18058[18058]

==== Deprecated

Expand Down
Loading

0 comments on commit cf65d69

Please sign in to comment.