Skip to content

Latest commit

 

History

History
161 lines (84 loc) · 4.39 KB

CHANGELOG.next.asciidoc

File metadata and controls

161 lines (84 loc) · 4.39 KB

Beats version HEAD

Breaking changes

Affecting all Beats

  • Fix mapping of parent process information provided by add_process_metadata. 29874 30727

Auditbeat

Filebeat

Heartbeat

Metricbeat

Packetbeat

Winlogbeat

Functionbeat

Bugfixes

Affecting all Beats

  • Fix field names with add_network_direction processor. 29747 29751

  • Fix a logging bug when ssl.verification_mode was set to full or certificate, the command test output incorrectly logged that TLS was disabled.

  • Fix the ability for subcommands to be ran properly from the beats containers. 30452

  • Update docker/distribution dependency library to fix a security issues concerning OCI Manifest Type Confusion Issue. 30462

  • Fixes Beats crashing when glibc >= 2.35 is used 30576

  • Log errors when parsing and applying config blocks and if the input is disabled. 30534

  • Wildcard fields no longer have a default ignore_above setting of 1024. 30096 30668

  • Ignore bugfix version when running version compatibility check against Elasticsearch. 30746

Auditbeat

Filebeat

  • Report the starting offset of the line in log.offset when using filestream instead of the end to be ECS compliant. 30445

  • auditd: Prevent mapping explosion when truncated EXECVE records are ingested. 30382

  • elasticsearch: fix duplicate ingest when using a common appender configuration 30428 30440

  • Fix compatibility with ECS by renaming source log key to source_file 30667

  • Fix add_kubernetes_metadata matcher: support rotated logs when resource_type: pod 30720

Filebeat

Heartbeat

Metricbeat

  • Enhance metricbeat on openshift documentation 30054

  • Fixed missing ZooKeeper metrics due compatibility issues with versions >= 3.6.0 30068

  • Fix Docker module: rename fields on dashboards. 30500

Packetbeat

Winlogbeat

Functionbeat

Elastic Logging Plugin

Added

Affecting all Beats

  • Add FIPS configuration option for all AWS API calls. 28899

  • Add support for kafka message headers. 29940

  • Add FIPS configuration option for all AWS API calls. 28899

  • Add support for non-unique Kafka headers for output messages. 30369

  • Add action_input_type for the .fleet-actions-results 30562

Auditbeat

Filebeat

  • Add text/csv decoder to httpjson input 28564

  • Update aws-s3 input to connect to non AWS S3 buckets 28222 28234

  • Add support for '/var/log/pods/' path for add_kubernetes_metadata processor with resource_type: pod. 28868

  • Add documentation for add_kubernetes_metadata processors log_path matcher. 28868

  • Add support for parsers on journald input 29070

  • Add support in httpjson input for oAuth2ProviderDefault of password grant_type. 29087

  • Add support for filtering in journald input with unit, kernel, identifiers and include_matches. 29294

  • Add new userAgent and beatInfo template functions for httpjson input 29528

  • Add extraction of related.hosts to Microsoft 365 Defender ingest pipeline 29859 29863

  • threatintel module: Add new Recorded Future integration. 30030

  • Add pipeline in FB’s supported hints. 30212

Auditbeat

Filebeat

Heartbeat

Metricbeat

  • Add kubernetes.container.status.last.reason metric 30306

  • Extend documentation about orchestrator.cluster fields 30518

  • Fix overflow in iostat metrics 30679

Packetbeat

Functionbeat

Winlogbeat

  • Improve the error message when the registry file content is invalid. 30543

Elastic Log Driver

Deprecated

Affecting all Beats

Filebeat

Heartbeat

Metricbeat

Packetbeat

Winlogbeat

Functionbeat

Known Issue