-
Notifications
You must be signed in to change notification settings - Fork 465
/
Copy pathchangelog.yml
824 lines (824 loc) · 31 KB
/
changelog.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
# newer versions go on top
- version: "1.66.1"
changes:
- description: For Windows security event logs, enrich group membership related events with an audit category and subcategory.
type: enhancement
link: https://github.com/elastic/integrations/pull/12335
- version: "1.66.0"
changes:
- description: Allow the usage of deprecated log input and support for stack 9.0
type: enhancement
link: https://github.com/elastic/integrations/pull/12503
- version: "1.65.0"
changes:
- description: Improve pipeline script to parse fully rendered events correctly.
type: enhancement
link: https://github.com/elastic/integrations/pull/12551
- version: "1.64.1"
changes:
- description: Fix dashboard query in [Metrics System] Host overview.
type: bugfix
link: https://github.com/elastic/integrations/pull/12612
- version: "1.64.0"
changes:
- description: Add support for Kibana `9.0.0`.
type: enhancement
link: https://github.com/elastic/integrations/pull/12251
- version: "1.63.2"
changes:
- description: Update links to getting started docs
type: bugfix
link: https://github.com/elastic/integrations/pull/12145
- version: "1.63.1"
changes:
- description: Defensively copy list parameters in 'Set ECS categorization fields' script.
type: bugfix
link: https://github.com/elastic/integrations/pull/12161
- version: "1.63.0"
changes:
- description: |
Add Journald support for system integration by adding the
journald input as an option for the auth and syslog data
streams.
type: enhancement
link: https://github.com/elastic/integrations/pull/11618
- version: "1.62.1"
changes:
- description: Fix typo in RDP Connections visualisation
type: bugfix
link: https://github.com/elastic/integrations/pull/10934
- version: "1.62.0"
changes:
- description: Deprecate third-party REST API import option.
type: enhancement
link: https://github.com/elastic/integrations/pull/11524
- version: "1.61.1"
changes:
- description: Parse `winlog.event_data.AccessList` and `winlog.event_data.AccessMask` into a list of values
type: bugfix
link: https://github.com/elastic/integrations/pull/9907
- version: "1.61.0"
changes:
- description: Tighten IPv4 extraction from IPv4-mapped IPv6 addresses.
type: enhancement
link: https://github.com/elastic/integrations/pull/11052
- version: "1.60.5"
changes:
- description: Fix host.os.version ECS field mapping
type: bugfix
link: https://github.com/elastic/integrations/pull/11106
- version: "1.60.4"
changes:
- description: Fix IPv6 cleanup step.
type: bugfix
link: https://github.com/elastic/integrations/pull/10801
- version: "1.60.3"
changes:
- description: Fix broken query on Users Renamed
type: bugfix
link: https://github.com/elastic/integrations/pull/10698
- version: "1.60.2"
changes:
- description: Add windows.forward where it was missing on visualizations and searches.
type: bugfix
link: https://github.com/elastic/integrations/pull/10439
- version: "1.60.1"
changes:
- description: Ensure process.name is populated from syslog messages
type: bugfix
link: https://github.com/elastic/integrations/pull/10646
- version: "1.60.0"
changes:
- description: Add caseless fields to process events.
type: enhancement
link: https://github.com/elastic/integrations/pull/10533
- version: "1.59.4"
changes:
- description: Mark system.diskio data stream as requires root
type: enhancement
link: https://github.com/elastic/integrations/pull/10512
- version: "1.59.3"
changes:
- description: Convert error.code to string for winlog inputs
type: bugfix
link: https://github.com/elastic/integrations/pull/10529
- version: "1.59.2"
changes:
- description: Reverting https://github.com/elastic/integrations/pull/10471.
type: bugfix
link: https://github.com/elastic/integrations/pull/10511
- version: "1.59.1"
changes:
- description: Ensure the syslog processor is not used with Elastic Agent 7.17.X versions.
type: bugfix
link: https://github.com/elastic/integrations/pull/10471
- version: "1.59.0"
changes:
- description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template.
type: enhancement
link: https://github.com/elastic/integrations/pull/10162
- version: "1.58.2"
changes:
- description: Fix filesystem ignore_types
type: bugfix
link: https://github.com/elastic/integrations/pull/10180
- version: "1.58.1"
changes:
- description: Fix metrics overview dashboard.
type: bugfix
link: https://github.com/elastic/integrations/pull/9771
- version: "1.58.0"
changes:
- description: Mark logs-system.syslog data stream as requires root
type: enhancement
link: https://github.com/elastic/integrations/pull/9893
- version: "1.57.0"
changes:
- description: Adjust `winlog.event_data.AttributeValue` ignore_above parameter and add wildcard multi-field.
type: enhancement
link: https://github.com/elastic/integrations/pull/9515
- version: "1.56.0"
changes:
- description: Add `custom` configuration option to windows system inputs.
type: enhancement
link: https://github.com/elastic/integrations/pull/9045
- version: "1.55.2"
changes:
- description: Fix typos in Failed and Block Accounts dashboard.
type: bugfix
link: https://github.com/elastic/integrations/pull/9691
- version: "1.55.1"
changes:
- description: Add missing preserve_original_event tag when toggled on.
type: bugfix
link: https://github.com/elastic/integrations/pull/9426
- version: "1.55.0"
changes:
- description: Add global filter on data_stream.dataset to improve performance.
type: enhancement
link: https://github.com/elastic/integrations/pull/9573
- version: "1.54.0"
changes:
- description: Enable 'secret' for the sensitive fields.
type: enhancement
link: https://github.com/elastic/integrations/pull/9009
- version: "1.53.1"
changes:
- description: Inline "by reference" visualizations
type: enhancement
link: https://github.com/elastic/integrations/pull/9053
- version: "1.53.0"
changes:
- description: Enable TSDB by default for core datastream. This improves storage usage and query performance. For more details, see https://www.elastic.co/guide/en/elasticsearch/reference/current/tsds.html
type: enhancement
link: https://github.com/elastic/integrations/pull/8637
- version: "1.52.0"
changes:
- description: Add missing num_threads field in system/process
type: enhancement
link: https://github.com/elastic/integrations/pull/8783
- version: "1.51.0"
changes:
- description: Add fields for IO metrics in system/process
type: enhancement
link: https://github.com/elastic/integrations/pull/8682
- version: "1.50.1"
changes:
- description: Improve the wording on milliseconds.
type: enhancement
link: https://github.com/elastic/integrations/pull/8706
- version: "1.50.0"
changes:
- description: Fix the message parsing failure in syslog datastream.
type: bugfix
link: https://github.com/elastic/integrations/pull/8621
- description: Make exclude files configurable in syslog datastream.
type: enhancement
link: https://github.com/elastic/integrations/pull/8621
- version: "1.49.1"
changes:
- description: Fix handling of preserve original event configuration in syslog datastream.
type: bugfix
link: https://github.com/elastic/integrations/pull/8600
- description: Fix exclude files pattern.
type: bugfix
link: https://github.com/elastic/integrations/pull/8600
- version: "1.49.0"
changes:
- description: Limit request tracer log count to five.
type: enhancement
link: https://github.com/elastic/integrations/pull/8489
- version: "1.48.0"
changes:
- description: Adding EventID 4662 and 5136, to use the winlog.event_data.SubjectUserName as user.name and related.user
type: enhancement
link: https://github.com/elastic/integrations/pull/8289
- version: "1.47.2"
changes:
- description: Fix UAC attribute bit table in security data stream.
type: bugfix
link: https://github.com/elastic/integrations/pull/8361
- version: "1.47.1"
changes:
- description: Fix indentation of tags inside syslog datastream.
type: bugfix
link: https://github.com/elastic/integrations/pull/8345
- description: Add system tests for syslog datastream.
type: enhancement
link: https://github.com/elastic/integrations/pull/8345
- description: Add missing fields "input.type", "log.file.path", and "log.offset" into syslog datastream.
type: bugfix
link: https://github.com/elastic/integrations/pull/8345
- version: "1.47.0"
changes:
- description: Add RFC 5424 support for Auth datastream
type: enhancement
link: https://github.com/elastic/integrations/pull/8103
- version: "1.46.1"
changes:
- description: Added dimension setting to host.name field in memory and diskio datastream
type: bugfix
link: https://github.com/elastic/integrations/pull/8261
- version: "1.46.0"
changes:
- description: Added field `winlog.event_data.EnabledPrivilegeList` as type keyword to security data stream.
type: enhancement
link: https://github.com/elastic/integrations/pull/8230
- version: "1.45.0"
changes:
- description: Upgrade to package spec 3.0.0.
type: enhancement
link: https://github.com/elastic/integrations/pull/8206
- version: "1.44.0"
changes:
- description: Enable TSDB by default for process datastream. This improves storage usage and query performance. For more details, see https://www.elastic.co/guide/en/elasticsearch/reference/current/tsds.html
type: enhancement
link: https://github.com/elastic/integrations/pull/7672
- version: "1.43.0"
changes:
- description: Remove all remaining legacy visualizations.
type: enhancement
link: https://github.com/elastic/integrations/pull/8139
- version: "1.42.0"
changes:
- description: Rework system metrics dashboards to use Lens and display current system state more reliably.
type: enhancement
link: https://github.com/elastic/integrations/pull/6743
- version: "1.41.0"
changes:
- description: Modified the field definitions to reference ECS where possible and remove invalid field attributes.
type: enhancement
link: https://github.com/elastic/integrations/pull/8100
- version: "1.40.0"
changes:
- description: Add metric_type metadata for object fields, set stack restriction to 8.9.0 version
type: enhancement
link: https://github.com/elastic/integrations/pull/7660
- version: "1.39.0"
changes:
- description: Update documentation to remove unpopulated Linux-only field mappings in diskio and memory datastreams.
type: enhancement
link: https://github.com/elastic/integrations/pull/7941
- version: "1.38.2"
changes:
- description: Validate ClientAddress IP for events 4778 and 4779
type: bugfix
link: https://github.com/elastic/integrations/pull/7237
- version: "1.38.1"
changes:
- description: Remove duplicated fields in diskio datastream
type: enhancement
link: https://github.com/elastic/integrations/pull/7006
- version: "1.38.0"
changes:
- description: Add source, destination and network fields for Windows Firewall events
type: enhancement
link: https://github.com/elastic/integrations/pull/6534
- version: "1.37.1"
changes:
- description: Add metric_type metadata to the process data_stream
type: enhancement
link: https://github.com/elastic/integrations/pull/6493
- version: "1.37.0"
changes:
- description: Improve `event.action`, `event.category` and `event.outcome` enrichment for auth datastream.
type: enhancement
link: https://github.com/elastic/integrations/pull/6966
- version: "1.36.2"
changes:
- description: Add ecs mapping for error.code to avoid type conflicts
type: bugfix
link: https://github.com/elastic/integrations/pull/6868
- version: "1.36.1"
changes:
- description: Fix EventIDs for Users Added to Group panel
type: bugfix
link: https://github.com/elastic/integrations/pull/6280
- version: "1.36.0"
changes:
- description: Revert changes to permissions to reroute events to logs-*-* for syslog datastream
type: enhancement
link: https://github.com/elastic/integrations/pull/6801
- version: "1.35.0"
changes:
- description: Adds configuration option for preserve_original_event for syslog datastream
type: enhancement
link: https://github.com/elastic/integrations/pull/6528
- version: "1.34.1"
changes:
- description: Add dimension fields to the core data_streams
type: enhancement
link: https://github.com/elastic/integrations/pull/6454
- version: "1.34.0"
changes:
- description: Enable time series data streams for the metrics datasets, except core and process datasets. This improves storage usage and query performance. For more details, see https://www.elastic.co/guide/en/elasticsearch/reference/current/tsds.html
type: enhancement
link: https://github.com/elastic/integrations/pull/6607
- version: "1.33.0"
changes:
- description: Add permissions to reroute events to logs-*-* for syslog datastream
type: enhancement
link: https://github.com/elastic/integrations/pull/6340
- version: "1.32.0-beta.2"
changes:
- description: Enable TSDS for network data_streams
type: enhancement
link: https://github.com/elastic/integrations/pull/6469
- version: "1.32.0-beta.1"
changes:
- description: Add dimensions for the network data_stream
type: enhancement
link: https://github.com/elastic/integrations/pull/6405
- version: "1.32.0-beta"
changes:
- description: Enable TSDS for metrics data_streams, except core, network and process data_streams for beta testing
type: enhancement
link: https://github.com/elastic/integrations/pull/6427
- version: "1.31.1"
changes:
- description: Add missing metric_type metadata
type: enhancement
link: https://github.com/elastic/integrations/pull/6395
- version: "1.31.0"
changes:
- description: Add dimension metadata to the process data_stream
type: enhancement
link: https://github.com/elastic/integrations/pull/6407
- version: "1.30.0"
changes:
- description: Add dimension fields to metrics all data_streams, except core, network and process to support TSDS migration
type: enhancement
link: https://github.com/elastic/integrations/pull/6118
- version: "1.29.0"
changes:
- description: support ip or domain in sshd messages
type: enhancement
link: https://github.com/elastic/integrations/pull/6256
- version: "1.28.0"
changes:
- description: Add a new flag to enable request tracing
type: enhancement
link: https://github.com/elastic/integrations/pull/6163
- version: "1.27.1"
changes:
- description: Remove managed tag.
type: bugfix
link: https://github.com/elastic/integrations/pull/6098
- version: "1.27.0"
changes:
- description: Convert TSVB visualisations to Lens.
type: enhancement
link: https://github.com/elastic/integrations/pull/5740
- version: "1.26.0"
changes:
- description: Adds /var/log/system* to default syslog input for macOS
type: enhancement
link: https://github.com/elastic/integrations/pull/4157
- version: "1.25.4"
changes:
- description: Fix visualization to reference Elastic Agent integrations, not Winlogbeat
type: bugfix
link: https://github.com/elastic/integrations/pull/5828
- version: "1.26.0-next"
changes:
- description: Clean Windows dashboards.
type: enhancement
link: https://github.com/elastic/integrations/pull/5653
- version: "1.25.3"
changes:
- description: Document 21 Event ID clause limit under certain situations.
type: enhancement
link: https://github.com/elastic/integrations/pull/5838
- version: "1.25.2"
changes:
- description: Remove duplicate Windows dashboards.
type: bugfix
link: https://github.com/elastic/integrations/pull/5525
- version: "1.25.1"
changes:
- description: Added categories and/or subcategories.
type: enhancement
link: https://github.com/elastic/integrations/pull/5123
- version: "1.25.0"
changes:
- description: Convert dashboard visualisations to storage by value.
type: enhancement
link: https://github.com/elastic/integrations/pull/5322
- version: "1.24.3"
changes:
- description: Fix mapping for winlog.time_created by setting to date instead of keyword
type: bugfix
link: https://github.com/elastic/integrations/pull/5350
- version: "1.24.2"
changes:
- description: Remove redundant regular expression quantifier.
type: bugfix
link: https://github.com/elastic/integrations/pull/5320
- version: "1.24.1"
changes:
- description: Added filters on dataset for system metrics dashboards
type: enhancement
link: https://github.com/elastic/integrations/pull/5198
- version: "1.24.0"
changes:
- description: Add basic dimension fields for cpu, load and memory
type: enhancement
link: https://github.com/elastic/integrations/pull/5160
- version: "1.23.1"
changes:
- description: Mark datasets as ga
type: bugfix
link: https://github.com/elastic/integrations/pull/5119
- version: "1.23.0"
changes:
- description: Add mapping for Windows events 4797, 5379, 5380, 5381, and 5382.
type: enhancement
link: https://github.com/elastic/integrations/pull/5087
- version: "1.22.0"
changes:
- description: Improve handling of user name and event outcome in auth dataset.
type: enhancement
link: https://github.com/elastic/integrations/pull/4478
- version: "1.21.0"
changes:
- description: Embed visualizations within dashboards (where possible) to make them self-contained and reduce Kibana saved object clutter.
type: enhancement
link: https://github.com/elastic/integrations/pull/5023
- version: "1.20.4"
changes:
- description: Remove wrong visualization from dashboard
type: bugfix
link: https://github.com/elastic/integrations/pull/4472
- version: "1.20.3"
changes:
- description: Allow adding multiple processors in syslog data stream
type: bugfix
link: https://github.com/elastic/integrations/pull/4437
- version: "1.20.2"
changes:
- description: Remove incorrect tag
type: bugfix
link: https://github.com/elastic/integrations/pull/4248
- version: "1.20.1"
changes:
- description: Fix adding processors in syslog data stream
type: bugfix
link: https://github.com/elastic/integrations/pull/4396
- version: "1.20.0"
changes:
- description: Improve system overview and host overview dashboards
type: enhancement
link: https://github.com/elastic/integrations/pull/3562
- version: "1.19.5"
changes:
- description: Fix duplicated processor field in syslog
type: bugfix
link: https://github.com/elastic/integrations/pull/4180
- version: "1.19.4"
changes:
- description: Add missing field mapping for `error.code` and `error.message`
type: bugfix
link: https://github.com/elastic/integrations/pull/4084
- version: "1.19.3"
changes:
- description: Add test cases for events 4738 and 4742.
type: bugfix
link: https://github.com/elastic/integrations/pull/3944
- version: "1.19.2"
changes:
- description: Add mapping for event.original for auth and security data streams.
type: bugfix
link: https://github.com/elastic/integrations/pull/4012
- version: "1.19.1"
changes:
- description: Fix handling of security events 4674, 4738 and 4742.
type: bugfix
link: https://github.com/elastic/integrations/pull/3930
- version: "1.19.0"
changes:
- description: Add ignore_older to remaining logs
type: enhancement
link: https://github.com/elastic/integrations/pull/3691
- version: "1.18.0"
changes:
- description: Separate grok parsing into stages and anchor the patterns in the system.auth pipeline.
type: bugfix
link: https://github.com/elastic/integrations/pull/3705
- description: Add processors, tags, and preserve original event options to the system.auth data stream.
type: enhancement
link: https://github.com/elastic/integrations/pull/3705
- version: "1.17.0"
changes:
- description: Add processor and tag fields
type: enhancement
link: https://github.com/elastic/integrations/pull/3563
- version: "1.16.2"
changes:
- description: Update documentation with additional context for new users.
type: enhancement
link: https://github.com/elastic/integrations/pull/3306
- version: "1.16.1"
changes:
- description: Fix missing key in env whitelist
type: bugfix
link: https://github.com/elastic/integrations/pull/3519
- version: "1.16.0"
changes:
- description: Migrating from tile map to map in system log dashboard
type: enhancement
link: https://github.com/elastic/integrations/pull/3509
- version: "1.15.1"
changes:
- description: Fix ECS schema
type: bugfix
link: https://github.com/elastic/integrations/pull/3424
- version: "1.15.0"
changes:
- description: Enrich security data set with GeoIP data
type: enhancement
link: https://github.com/elastic/integrations/pull/3375
- version: "1.14.0"
changes:
- description: Add support for events 5140 and 5145 to the security pipeline.
type: enhancement
link: https://github.com/elastic/integrations/pull/3299
- version: "1.13.0"
changes:
- description: Add parent process ID to security event for new process creation.
type: enhancement
link: https://github.com/elastic/integrations/pull/2966
- version: "1.12.1"
changes:
- description: Add documentation for multi-fields
type: enhancement
link: https://github.com/elastic/integrations/pull/2916
- version: "1.12.0"
changes:
- description: Add system/process pipeline to rename process.ppid to process.parent.pid as per ECS 8.0.
type: enhancement
link: https://github.com/elastic/integrations/pull/2610
- version: "1.11.0"
changes:
- description: Add option to configure ignored filesystem types
type: enhancement
link: https://github.com/elastic/integrations/pull/2679
- version: "1.10.0"
changes:
- description: Expose winlog input ignore_older option.
type: enhancement
link: https://github.com/elastic/integrations/pull/2542
- description: Fix preserve original event option
type: bugfix
link: https://github.com/elastic/integrations/pull/2542
- description: Make order of Security, Application, System options consistent with other winlog based integrations.
type: enhancement
link: https://github.com/elastic/integrations/pull/2542
- version: "1.9.0"
changes:
- description: Update to ECS 8.0
type: enhancement
link: https://github.com/elastic/integrations/pull/2512
- version: "1.8.0"
changes:
- description: Add routing pipeline to security data_stream, limit to specific providers.
type: enhancement
link: https://github.com/elastic/integrations/pull/2523
- version: "1.7.0"
changes:
- description: Expose winlog input language option.
type: enhancement
link: https://github.com/elastic/integrations/pull/2344
- version: "1.6.6"
changes:
- description: Regenerate test files using the new GeoIP database
type: bugfix
link: https://github.com/elastic/integrations/pull/2339
- version: "1.6.5"
changes:
- description: Change test public IPs to the supported subset
type: bugfix
link: https://github.com/elastic/integrations/pull/2327
- version: "1.6.4"
changes:
- description: More consistent use of Proc Filesystem Directory settings
type: bugfix
link: https://github.com/elastic/integrations/pull/2201
- description: Support Kibana 8
type: enhancement
link: https://github.com/elastic/integrations/pull/2201
- version: "1.6.3"
changes:
- description: Fix AccessList and AccessMask processing in security data_stream
type: bugfix
link: https://github.com/elastic/integrations/pull/2156
- version: "1.6.2"
changes:
- description: Fix missing null check in security pipeline
type: bugfix
link: https://github.com/elastic/integrations/pull/2148
- version: "1.6.1"
changes:
- description: Uniform with guidelines
type: enhancement
link: https://github.com/elastic/integrations/pull/2082
- version: "1.6.0"
changes:
- description: Consistently map message field in Windows integrations.
type: bugfix
link: https://github.com/elastic/integrations/pull/2008
- version: "1.5.0"
changes:
- description: Better user mappings for security events
type: enhancement
link: https://github.com/elastic/integrations/pull/1944
- version: "1.4.2"
changes:
- description: Prevent pipeline script error
type: bugfix
link: https://github.com/elastic/integrations/pull/1869
- version: "1.4.1"
changes:
- description: Fix logic that checks for the 'forwarded' tag
type: bugfix
link: https://github.com/elastic/integrations/pull/1855
- version: "1.4.0"
changes:
- description: Update to ECS 1.12.0
type: enhancement
link: https://github.com/elastic/integrations/pull/1709
- version: "1.3.0"
changes:
- description: Add custom processors and event_id to Application, Security & System data_streams
type: enhancement
link: https://github.com/elastic/integrations/pull/1548
- version: "1.2.1"
changes:
- description: Convert to generated ECS fields
type: enhancement
link: https://github.com/elastic/integrations/pull/1508
- version: "1.2.0"
changes:
- description: Update fields to include new cgroups fields
type: enhancement
link: https://github.com/elastic/integrations/pull/1539
- version: "1.1.5"
changes:
- description: Fix Windows links
type: bugfix
link: https://github.com/elastic/integrations/pull/1525
- version: "1.1.4"
changes:
- description: Fix issue with normalized CPU gauge
type: bugfix
link: https://github.com/elastic/integrations/pull/1458
- version: "1.1.3"
changes:
- description: update to ECS 1.11.0
type: enhancement
link: https://github.com/elastic/integrations/pull/1429
- version: "1.1.2"
changes:
- description: Mark integration as GA
type: bugfix
link: https://github.com/elastic/integrations/pull/1435
- version: "1.1.1"
changes:
- description: Escape special characters in docs
type: enhancement
link: https://github.com/elastic/integrations/pull/1405
- version: "1.1.0"
changes:
- description: Update integration description
type: enhancement
link: https://github.com/elastic/integrations/pull/1364
- version: "1.0.1"
changes:
- description: Move visualizations to cpu.norm.pct
type: enhancement
link: https://github.com/elastic/integrations/pull/1358
- version: "1.0.0"
changes:
- description: GA the system module
type: enhancement
link: https://github.com/elastic/integrations/pull/1282
- version: "0.13.6"
changes:
- description: Use event.dataset and event.module
type: enhancement
link: https://github.com/elastic/integrations/pull/1211
- version: "0.13.5"
changes:
- description: Add support for Splunk authorization tokens
type: enhancement
link: https://github.com/elastic/integrations/pull/1147
- version: "0.13.4"
changes:
- description: Use `wildcard` type for relevant ECS fields in `security` stream.
type: enhancement
link: https://github.com/elastic/integrations/pull/1185
- version: "0.13.3"
changes:
- description: Fix unneeded unit and metric type for field groups
type: bugfix
link: https://github.com/elastic/integrations/pull/1114
- version: "0.13.2"
changes:
- description: Fix security pipeline to support string event.code.
type: bugfix
link: https://github.com/elastic/integrations/pull/1089
- version: "0.13.1"
changes:
- description: Add system tests for security data_stream.
type: enhancement
link: https://github.com/elastic/integrations/pull/1069
- version: "0.13.0"
changes:
- description: Render units and metric types in exported fields table
type: enhancement
link: https://github.com/elastic/integrations/pull/1028
- version: "0.12.7"
changes:
- description: Fix security pipeline to support string event.code for 7.13.
type: bugfix
link: https://github.com/elastic/package-storage/pull/1372
- version: "0.12.6"
changes:
- description: Report system_summary properly.
type: bugfix
link: https://github.com/elastic/integrations/pull/778
- version: "0.12.5"
changes:
- description: Make event.original optional for application, security, and system data streams.
type: enhancement
link: https://github.com/elastic/integrations/pull/990
- version: "0.12.4"
changes:
- description: Fix inconsistent dashboard IDs
type: bugfix
link: https://github.com/elastic/integrations/pull/987
- version: "0.12.3"
changes:
- description: Remove edge processing for httpjson input.
type: enhancement
link: https://github.com/elastic/integrations/pull/969
- version: "0.12.2"
changes:
- description: Add event.code mappings
type: bugfix
link: https://github.com/elastic/integrations/pull/932
- version: "0.12.1"
changes:
- description: Convert Security processing to Ingest Node
type: enhancement
link: https://github.com/elastic/integrations/pull/917
- description: Change Splunk input to use the decode_xml_wineventlog processor.
type: enhancement
link: https://github.com/elastic/integrations/pull/924
- version: "0.12.0"
changes:
- description: Add Splunk input for application, system, and security data streams.
type: enhancement
link: https://github.com/elastic/integrations/pull/890
- version: "0.11.3"
changes:
- description: Updating package owner
type: enhancement
link: https://github.com/elastic/integrations/pull/766
- description: update to ECS 1.9.0
type: enhancement
link: https://github.com/elastic/integrations/pull/874
- version: "0.11.2"
changes:
- description: Update security data stream
type: bugfix # can be one of: enhancement, bugfix, breaking-change
link: https://github.com/elastic/integrations/pull/728
- version: "0.11.1" # unreleased
changes:
- description: remove duplicate ingest pipeline for syslog data stream
type: bugfix
link: https://github.com/elastic/integrations/pull/725
- version: "0.0.3"
changes:
- description: initial release
type: enhancement # can be one of: enhancement, bugfix, breaking-change
link: https://github.com/elastic/integrations/pull/8