IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.

« Beats version 8.10.1 Beats version 8.9.2 »

› ›

Beats version 8.10.0

edit

Beats version 8.10.0

edit

View commits

Bugfixes

edit

Affecting all Beats - Improve StreamBuf append to improve performance when reading long lines from files. 35928 - Eliminate cloning of event in deepUpdate 35945 - Fix ndjson parser to store JSON fields correctly under target 29395 - Add default cgroup regex for add_process_metadata processor 36484 32961 - Fix environment capture by add_process_metadata processor. 36469 36471 - Fix status reporting to Elastic Agent when output configuration is invalid running under Elastic-Agent 35719

Filebeat

Fix error message formatting from filestream input. 35658
Fixed concurrency and flaky tests issue in Azure Blob Storage input. 35983 36124
Filter out duplicate paths resolved from matching globs. 36253 36256
Remove onFilteredOut and onDroppedOnPublish callback logs 36299 36399
Ensure winlog input retains metric collection when handling recoverable errors. 36479 36483

Metricbeat

Fix the gap in fetching forecast API metrics at the end of each month for Azure billing module 36142
Add option in SQL module to execute queries for all databases. 35688
Add support for api_key authentication in elasticsearch module 36274
Add remaining dimensions for Azure storage account to make them available for TSDB enablement. 36331

Packetbeat

Fix panic in HTTP protocol parsing when host header has empty host part. 36497 36518

Winlogbeat

Ensure event loggers retains metric collection when handling recoverable errors. 36479 36483
Fix the ability to use filtering features (e.g. ignore_older, event_id, provider, level) while reading .evtx files. 16826 36173

Added

edit

Affecting all Beats

When running under Elastic-Agent the status is now reported per Unit instead of the whole Beat 35874 36183
Mark translate_sid processor is GA. 36279 36280
Upgrade Go to 1.20.7 36241

Auditbeat

Add support for security.selinux and system.posix_acl_access extended attributes to FIM. 36265 36310

Filebeat

Adding filename details from zip to response for httpjson 33952 34044
Allow specifying since when to read journald entries. 35408
Under elastic-agent the input metrics will now be included in agent diagnostics dumps. 35798
Improve CEL input performance. 35915
Added support for min/max template functions in httpjson input. 36094 36036
Add clean_session configuration setting for MQTT input. 35806
Add fingerprint mode for the filestream scanner and new file identity based on it 34419 35734
Add file system metadata to events ingested via filestream 35801 36065
Add support for localstack based input integration testing 35727
Allow parsing bytes in and bytes out as long integer in CEF processor. 36100 36108
Add support for registered owners and users to AzureAD entity analytics provider. 36092
Added support for Okta OAuth2 provider in the httpjson input. 36273
Add support of the interval parameter in Salesforce setupaudittrail-rest fileset. 35917 35938
Add device handling to Okta input package for entity analytics. 36049
Add setup option --force-enable-module-filesets, that will act as if all filesets have been enabled in a module during setup. 30915 36286
[Azure] Add input metrics to the azure-eventhub input. 35739

Metricbeat

Add support for multiple regions in GCP 32964
Add kubernetes.deployment.status.* fields for Kubernetes module 35999

Packetbeat

Under elastic-agent the input metrics will now be included in agent diagnostics dumps. 35798
Add support for multiple regions in GCP 32964

Winlogbeat

Under elastic-agent the input metrics will now be included in agent diagnostics dumps. 35798

Deprecated

edit

Heartbeat

Deprecate aws_elb autodiscover provider. 36191

« Beats version 8.10.1 Beats version 8.9.2 »