This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
« Beats version 8.2.1 Beats version 8.1.3 »
Elastic Docs Beats Platform Reference [8.16] Release notes

Beats version 8.2.0

edit

Beats version 8.2.0

edit

View commits

Breaking changes

edit

Affecting all Beats

  • Fix mapping of parent process information provided by add_process_metadata. 29874 30727

Bugfixes

edit

Filebeat

  • m365_defender: Fix processing when alerts.entities is an empty list. 31223 31227
  • Prevent filestream from rereading whole files if they are rotated using rename. 31268

Heartbeat

  • Heartbeat now successfully runs synthetic monitors on ARM processors. 31114

Metricbeat

  • Add back missing metrics to system/linux. 30774
  • GCP metrics query instances with aggregatedList API to improve efficiency. #30153
  • Fix Jolokia module to print URI for one of the debug logs. #30943
  • Handle docker reporting different capitalization for disk usage metrics. #30978

Winlogbeat

  • Fix routing for PowerShell events. 31287 31291
  • Fix missing annotation of event.module. 31330 31331

Added

edit

Affecting all Beats

  • Add support for port mapping in docker hints. 31243
  • Relax timestamp syntax for RFC3164 syslog to allow leading zero on day. 16824 31254

Filebeat

  • Add extraction of related.hosts to Microsoft 365 Defender ingest pipeline 29859 29863
  • Improve recovery from corrupted registries. 25135 30994
  • Add support in httpjson input for chain calls. 29816

Auditbeat

  • Include config file (auditbeat.elastic-agent.yml) in tar.gz and zip packages for use with Elastic Agent.

Metricbeat

  • Add kubernetes.container.status.last.reason metric 30306
  • Fix overflow in iostat metrics 30679
  • Add commandstats field to Redis module 29662
  • Add kubernetes.volume.fs.inodes.pct field. 30785
  • Improve Kubernetes dashboard. 30913
  • Populate new container ECS fields in Docker module. 30399
  • Populate new container ECS fields in Kubernetes module. 30181
  • Populate ecs container fields in Containerd module. 31025
  • Add new metricset shovel to RabbitMQ module 31534

Winlogbeat

  • Improve the error message when the registry file content is invalid. 30543
« Beats version 8.2.1 Beats version 8.1.3 »