IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Security module fields Winlogbeat fields »
Elastic Docs Winlogbeat Reference [7.5] Exported fields

Sysmon module fields

edit

Sysmon module fields

edit

These are the event fields specific to the Sysmon module.

sysmon.dns.status

Windows status code returned for the DNS query.

type: keyword

« Security module fields Winlogbeat fields »