Beats version 7.10.1edit

View commits


Affecting all Beats

  • Fix denial of service flaw where a remote attacker could cause the Beats process to crash by presenting a specially malformed TLS public key. For more information, see Beats 7.10.1 Security Update.
  • Fix index template loading when the new index format is selected. 22482 22682


  • auditd: Fix error condition that caused a lot of audit_send_reply kernel threads to be created. 22673
  • system/socket: Fix start failure when run under config reloader. 20851 21693
  • system/socket: Fix startup error with some 5.x kernels. 18755 22787
  • system/socket: Fix startup errors and event loss caused by some CPUs being unavailable to Auditbeat. 22827


  • Fix missing variable when loading aws pipelines. 22645
  • Fix parsing error by dropping aws.vpcflow.pkt_srcaddr and aws.vpcflow.pkt_dstaddr when equal to "-". 22721 22716


  • Replace the service_name monitor option with, which is more correct. We will support the old option until 8.0. 20330
  • Fix problem where the enabled: false setting on monitors prevented Heartbeat from starting. 22829


  • Stop generating NaN values from Cloud Foundry module to avoid errors in outputs. 22634
  • Fix Logstash module to no longer emit redundant events when xpack.enabled: true is set. 22808



  • Add DNS response IP addresses to related.ip in Suricata module. 22291


  • Add support for parallelization factor for kinesis. 20727