Beats version 8.15.0

Filebeat

The Azure EventHub input in Filebeat is not found when running on Windows. Please refrain from upgrading to 8.15. See 40608 for details.

Filebeat

Tag events that come from a filestream in "take over" mode. 39828
Fix filestream’s registry garbage collection: registry entries will never be removed if clean_inactive is set to "-1". 40258

Metricbeat

Remove fallback to the node limit for the kubernetes.pod.cpu.usage.limit.pct and kubernetes.pod.memory.usage.limit.pct metrics calculation.
Add support for Kibana status metricset in v8 format. 40275

Osquerybeat

Add action responses data stream, allowing Osquerybeat to post action results directly to Elasticsearch. 39143

Affecting all Beats

Rename the field "apache2.module.error" to "apache.module.error" in Apache error visualization. 39480 39481
Validate config of the replace processor. 40047

Filebeat

Fix for Google Workspace duplicate events issue by adding canonical sorting over fingerprint keys array to maintain key order. 40055 39859
Prevent panic in CEL and salesforce inputs when github.com/hashicorp/go-retryablehttp exceeds maximum retries. 40144
Update CEL mito extensions to v1.13.1. 40307
Fix bug in CEL input rate limit logic. 40106 40270

Metricbeat

Set GCP metrics config period to the default (60s) when the value is below the minimum allowed period. 30434 40020
Fix statistic methods for metrics collected for SQS. 40207
Update beat module with apm-server monitoring metrics fields. 40127
Fix Azure Monitor metric timespan to restore Storage Account PT1H metrics. 40376 40367

Affecting all Beats

Update Go version to 1.22.5. 40082
Introduce log message for not supported annotations for Hints based autodiscover. 38213
Add persistent volume claim name to volume if available. 38839
Raw events are now logged to a different file, this prevents potentially sensitive information from leaking into log files. 38767
Websocket input: Added runtime URL modification support based on state and cursor values. 39858 39997

Auditbeat

Reduce data size for add_session_metadata processor by removing unneeded fields. 39500
Enrich process events with user and group names, with add_session_metadata processor. 39537

Filebeat

Ensure all responses sent by HTTP Endpoint are HTML-escaped. 39329
Improve logging of request and response with request trace logging in error conditions. 39455
Implement Elastic Agent status and health reporting for CEL Filebeat input. 39209
Add HTTP metrics to CEL input. 39501 39503
Add default user-agent to CEL HTTP requests. 39502 39587
Improve reindexing support in security module pipelines. 38224 39588
Make HTTP Endpoint input GA. 38979 39410
Add support for base64-encoded HMAC headers to HTTP Endpoint. 39655
Add user group membership support to Okta entity analytics provider. 39814 39815
Add request trace support for Okta and EntraID entity analytics providers. 39821
Allow elision of set and append failure logging. 34544 39929
Add ability to remove request trace logs from CEL input. 39969
Add ability to remove request trace logs from HTTPJSON input. 40003
Update CEL mito extensions version to v1.13.0 40035
Add Jamf entity analytics provider. 39996
Add ability to remove request trace logs from http_endpoint input. 40005
Add ability to remove request trace logs from entityanalytics input. 40004
Relax constraint on Base DN in entity analytics Active Directory provider. 40054
Enhance input state reporting for CEL evaluations that return a single error object in events. 40083
Allow absent credentials when using GCS with Application Default Credentials. 39977 40072
Allow cross-region bucket configuration in S3 input. 22161 40309

Metricbeat

Support schema_name for MySQL performance metricset. 38363
Add last_terminated_timestamp metric in Kubernetes module. 39200 3802
Add pod.status.ready_time and pod.status.reason metrics in Kubernetes module. 39316
Add "Buffer cache hit ratio base" to calculate "Buffer cache hit ratio" for performance metrics. 40022
Add support of Graphite series 1.1.0+ tagging extension for statsd module. 39619