A newer version is available. For the latest information, see the current release documentation.
The following field changes are potentially breaking for anything that relies on these fields:
In Filebeat, the
suricata.eve.timestampalias field has been removed from the Suricata module.
In Auditbeat, the file integrity dataset no longer includes a leading dot
file.extensionvalues. For example, it will report
.pngto comply with Elastic Common Schema (ECS).
See the release notes for a complete list of changes, including changes to beta or experimental functionality.