Additionally, 8.10->8.13 have subsequently been released - there are a wide variety of enhancements in them, but what chiefly interests me is that in 8.13, libbeat was updated to a newer version with a lot of enhancements. At the risk of overselling it, filebeats 8.13+ now has an ETW input which opens up an entire ecosystem of windows logging which Graylog had previously been unable to capture. Here's the documentation.
Does unlocking the collection of Windows Event Traces alongside some performance enhancements merit cutting a new release with updated packages? I would argue that it's a significant enhancement of capabilities, achieved at a low cost.
Problem description
Latest collector sidecar ships with beats that are 4 minor releases behind current
Color
Collector sidecar release 1.5.0 ships with Beats 8.9.0, which is 2 patches from latest on the 8.9.x release tree 8.9.2
Additionally, 8.10->8.13 have subsequently been released - there are a wide variety of enhancements in them, but what chiefly interests me is that in 8.13, libbeat was updated to a newer version with a lot of enhancements. At the risk of overselling it, filebeats 8.13+ now has an ETW input which opens up an entire ecosystem of windows logging which Graylog had previously been unable to capture. Here's the documentation.
Does unlocking the collection of Windows Event Traces alongside some performance enhancements merit cutting a new release with updated packages? I would argue that it's a significant enhancement of capabilities, achieved at a low cost.