[winlogbeat] Add event_data properties to the install template #13700
Labels
Comments
andrewkroh
added a commit
to andrewkroh/beats
that referenced
this issue
Sep 16, 2019
Define fields used by machine-learning jobs in the index template installed by Winlogbeat. Fixes elastic#13700
andrewkroh
added a commit
that referenced
this issue
Sep 17, 2019
Define fields used by machine-learning jobs in the index template installed by Winlogbeat. Fixes #13700
andrewkroh
added a commit
to andrewkroh/beats
that referenced
this issue
Sep 17, 2019
Define fields used by machine-learning jobs in the index template installed by Winlogbeat. Fixes elastic#13700 (cherry picked from commit fdd9d25)
andrewkroh
added a commit
that referenced
this issue
Sep 17, 2019
leweafan
pushed a commit
to leweafan/beats
that referenced
this issue
Apr 28, 2023
…lastic#13710) Define fields used by machine-learning jobs in the index template installed by Winlogbeat. Fixes elastic#13700 (cherry picked from commit e1d8988)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the enhancement:
See:
elastic/kibana#45743
For the props and relevant information
Describe a specific use case for the enhancement or feature:
As a user of SIEM I might not have all the immediate data from
event_dataavailable to me before I flip on the job and that can cause errors starting the job. If the mappings are available ahead of time this would prevent the errors from showing when you flip on the job.This will make these jobs operate like the others where you can start jobs before you have all the data pushed to your index.
The text was updated successfully, but these errors were encountered: