Merge pull request #1295 from findthebad/fix-winlogbeat-config

Updated winlogbeat.yml config to include OriginalFileName
2020-11-26 23:17:45 +01:00
parent 084cd39505 ad899899ab
commit 3d39d49d65
1 changed files with 1 additions and 0 deletions
@@ -112,6 +112,7 @@ fieldmappings:
  ObjectName: winlog.event_data.ObjectName
  ObjectType: winlog.event_data.ObjectType
  ObjectValueName: winlog.event_data.ObjectValueName
+  OriginalFileName: winlog.event_data.OriginalFileName
  ParentCommandLine: winlog.event_data.ParentCommandLine
  ParentProcessName: winlog.event_data.ParentProcessName
  ParentImage: winlog.event_data.ParentImage