[8.16] Revert "[filebeat][winlog] implement status reporter for winlog input…#41468
Merged
cmacknz merged 2 commits intoelastic:8.16from Oct 28, 2024
Merged
Conversation
…elastic#40163)" This reverts commit 5e4e7e5.
cmacknz
added
the
Team:Security-Windows Platform
Contributor
|
Pinging @elastic/sec-windows-platform (Team:Security-Windows Platform) |
botelastic
bot
added
needs_team
|
Do we need to revert the accompanying |
Member
Author
|
We would if the original PR added one, which it doesn't look like it did. I don't see any reference to this in https://github.com/elastic/beats/blob/8.16/CHANGELOG.next.asciidoc |
Member
Author
|
FYI @VihasMakwana, nothing wrong with the code functionally but it is correctly detecting that the sysmon operational channel is missing and causing most windows agents to appear degraded, which we don't want and can't fix prior to the 8.16.0 release. |
Member
Author
|
1636258 there was indeed a changelog entry to remove. |
bjmcnic
approved these changes
Oct 28, 2024
cmacknz
added
forwardport-main
cmacknz
added a commit
that referenced
this pull request
Nov 18, 2024
…atus reporter for winlog input… (#41666) * [8.16] Revert "[filebeat][winlog] implement status reporter for winlog input… (#41468) * Revert "[filebeat][winlog] implement status reporter for winlog input (#40163)" This reverts commit 5e4e7e5. * Remove changelog entry. (cherry picked from commit 05125a9) * Fix changelog merge conflicts * Restore accidentally removed entries * Restore whitespace --------- Co-authored-by: Craig MacKenzie <craig.mackenzie@elastic.co>
cmacknz
added a commit
that referenced
this pull request
Nov 18, 2024
…tatus reporter for winlog input… (#41665) * [8.16] Revert "[filebeat][winlog] implement status reporter for winlog input… (#41468) * Revert "[filebeat][winlog] implement status reporter for winlog input (#40163)" This reverts commit 5e4e7e5. * Remove changelog entry. (cherry picked from commit 05125a9) * Fix changelog merge conflicts * Restore accidentally removed entries * Remove correct changelog entry. --------- Co-authored-by: Craig MacKenzie <craig.mackenzie@elastic.co>
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Revert #40543 because of elastic/elastic-agent#5746.
Specifically the status reporting in winlog causes the winlog input to be degraded as when agent is privileged (i.e. the default configuration) when the Sysmon operational channel is missing (also true by default because it is not a core Windows component).