-
**Describe the enhancement:**
The Elastic Agent should have a module that replicates the functionality of Winlogbeat, including the Powershell, Security and Sysmon modules. If possible, Sysmon itself…
-
When Redis goes offline, endpoints running winlogbeat will not automatically reconnect to Redis when it comes back online. Only after restarting the winlogbeat service will the endpoint be connected t…
-
https://www.elastic.co/blog/elastic-stack-7-9-3-released
-
- Version: 6.3.1
- Operating System: Win 10 x64 (maybe all?)
- Discuss Forum URL: [https://discuss.elastic.co/t/add-locale-processor-not-refreshing-timezone-info/141397](https://discuss.elastic.co/t…
-
Since the `_id` field only uniquely identifies an alert within a single index, it's possible that when we update the status of a group of alerts across multiple indices we'll accidentally update the s…
-
照著助教的步驟做,在網頁上填上 your_Ubuntu_ IP:5601. ,上面卻跑出kibana server is not ready yet,這問題該如何解決?
還有…
-
`event.type:info` represents a process that was `ALREADY_RUNNING` for `event.category:process` events (need to validate this behavior of winlog/audit beat). All applicable rules should be checked to s…
-
I tried this, but "feilds.hostname" attribute in Kibana is still unknown.
What is the problem?
![image](https://user-images.githubusercontent.com/26405508/96415788-a700cb80-1221-11eb-83e6-94…
-
Is there a way to escape single quotes in alert emails?
I've got everything up and running, but would like to include a link to a related Kibana search.
I'll edit the URL to the search to dynamicall…
-
As shown in the screenshot below, certain features will always show `Error loading map features` even when the request to fetch the features is successful.
![image](https://user-images.githubuserc…
spong updated
4 years ago