Skip to content

Latest commit

 

History

History
173 lines (98 loc) · 5.47 KB

CHANGELOG.next.asciidoc

File metadata and controls

173 lines (98 loc) · 5.47 KB
Raw

Beats version HEAD

Breaking changes

Affecting all Beats

  • Update docker client. 28716

  • include_matches option of journald input no longer accepts a list of string. 29294

Auditbeat

Filebeat

  • Remove Recorded Future integration from threatintel module. 30564

Heartbeat

Metricbeat

Packetbeat

Winlogbeat

Functionbeat

Bugfixes

Affecting all Beats

  • Fix field names with add_network_direction processor. 29747 29751

  • Fix a logging bug when ssl.verification_mode was set to full or certificate, the command test output incorrectly logged that TLS was disabled.

  • Fix the ability for subcommands to be ran properly from the beats containers. 30452

  • Update docker/distribution dependency library to fix a security issues concerning OCI Manifest Type Confusion Issue. 30462

Auditbeat

  • auditd: Add error.message to events when processing fails. 30009

Filebeat

  • Report the starting offset of the line in log.offset when using filestream instead of the end to be ECS compliant. 30445

  • auditd: Prevent mapping explosion when truncated EXECVE records are ingested. 30382

  • elasticsearch: fix duplicate ingest when using a common appender configuration 30428 30440

  • Fix ECS version string in threatintel to be consistent with other modules and add event.timezone. 30499 30570

Heartbeat

Metricbeat

  • Enhance metricbeat on openshift documentation 30054

  • Fixed missing ZooKeeper metrics due compatibility issues with versions >= 3.6.0 30068

  • Fix Docker module: rename fields on dashboards. 30500

Packetbeat

Winlogbeat

  • Add provider names to Security pipeline conditional check in routing pipeline. 27288 29781

Functionbeat

  • Pass AWS region configuration correctly. 28520 30238

Elastic Logging Plugin

Added

Affecting all Beats

  • Name all k8s workqueue. 28085

  • Discover changes in Kubernetes nodes metadata as soon as they happen. 23139

  • Update k8s library 29394

  • Add FIPS configuration option for all AWS API calls. 28899

  • Add support for latest k8s versions v1.23 and v1.22 29575

  • Add script processor to all beats 29269 29752

  • Only connect to Elasticsearch instances with the same version or newer. 29683

  • Move umask from code to service files. 29708

  • Add support for kafka message headers. 29940

  • Add FIPS configuration option for all AWS API calls. 28899

  • Add metadata change support for some processors 30183

  • Add support for non-unique Kafka headers for output messages. 30369

Auditbeat

  • system/socket: Add process.entity_id capture for socket events. 30230 30231

Filebeat

  • Add text/csv decoder to httpjson input 28564

  • Update aws-s3 input to connect to non AWS S3 buckets 28222 28234

  • Add support for '/var/log/pods/' path for add_kubernetes_metadata processor with resource_type: pod. 28868

  • Add documentation for add_kubernetes_metadata processors log_path matcher. 28868

  • Add support for parsers on journald input 29070

  • Add support in httpjson input for oAuth2ProviderDefault of password grant_type. 29087

  • Add support for filtering in journald input with unit, kernel, identifiers and include_matches. 29294

  • Add new userAgent and beatInfo template functions for httpjson input 29528

  • Add pipeline in FB’s supported hints. 30212

Auditbeat

Filebeat

Heartbeat

Metricbeat

  • Add add_resource_metadata configuration to Kubernetes module. 29133

  • Add containerd module with cpu, memory, blkio metricsets. 29247

  • Add container.id and container.runtime ECS fields in container metricset. 29560

  • Add memory.workingset.limit.pct field in Kubernetes container/pod metricset. 29547

  • Add k8s metadata in state_cronjob metricset. 29572

  • Add xpack.enabled support for Enterprise Search module. 29871

  • Add gcp firestore metricset. 29918

  • Remove strict parsing on RabbitMQ module 30090

  • Add kubernetes.container.status.last.reason metric 30306

  • Extend documentation about orchestrator.cluster fields 30518

Packetbeat

  • Add automated OEM Npcap installation handling. 29112 30438 30493

  • Add support for capturing TLS random number and OCSP status request details. 29962 30102

Functionbeat

Winlogbeat

  • Improve the error message when the registry file content is invalid. 30543

Elastic Log Driver

Deprecated

Affecting all Beats

Filebeat

Heartbeat

Metricbeat

Packetbeat

Winlogbeat

Functionbeat

Known Issue