diff --git a/packages/winlog/_dev/build/docs/README.md b/packages/winlog/_dev/build/docs/README.md index 324078ddc69..bafb73dbddc 100644 --- a/packages/winlog/_dev/build/docs/README.md +++ b/packages/winlog/_dev/build/docs/README.md @@ -1,8 +1,8 @@ # Custom Windows event log package The custom Windows event log package allows you to ingest events from -any Windows event log channel. You can get a list of available event -log channels by running Get-EventLog * in PowerShell. Custom ingest +any [Windows event log](https://docs.microsoft.com/en-us/windows/win32/wes/windows-event-log) channel. You can get a list of available event +log channels by running `Get-EventLog *` in PowerShell. Custom ingest pipelines may be added by setting one up in [Ingest Node Pipelines](/app/management/ingest/ingest_pipelines/). @@ -14,7 +14,7 @@ This integration offers the ability to seamlessly ingest data from a Splunk Ente These integrations work by using the [httpjson input](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-httpjson.html) in Elastic Agent to run a Splunk search via the Splunk REST API and then extract the raw event from the results. The raw event is then processed via the Elastic Agent. The Splunk search is customizable and the interval between searches is customizable. -For more information on the Splunk API integration please see [here](https://www.elastic.co/guide/en/observability/current/ingest-splunk.html). +See the [Splunk API integration documentation](https://www.elastic.co/guide/en/observability/current/ingest-splunk.html) for more information. This integration requires Windows Events from Splunk to be in XML format. To achieve this, `renderXml` needs to be set to `1` in your [inputs.conf](https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf) file. diff --git a/packages/winlog/changelog.yml b/packages/winlog/changelog.yml index ab370f1b7ef..3ceb0a3ec5b 100644 --- a/packages/winlog/changelog.yml +++ b/packages/winlog/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.1" + changes: + - description: update readme added link to Microsoft documentation and reworded a link + type: enhancement + link: https://github.com/elastic/integrations/pull/3177 - version: "1.5.0" changes: - description: Update to ECS 8.2 (documentation reference only) diff --git a/packages/winlog/docs/README.md b/packages/winlog/docs/README.md index 34329c54271..3279e226a23 100644 --- a/packages/winlog/docs/README.md +++ b/packages/winlog/docs/README.md @@ -1,8 +1,8 @@ # Custom Windows event log package The custom Windows event log package allows you to ingest events from -any Windows event log channel. You can get a list of available event -log channels by running Get-EventLog * in PowerShell. Custom ingest +any [Windows event log](https://docs.microsoft.com/en-us/windows/win32/wes/windows-event-log) channel. You can get a list of available event +log channels by running `Get-EventLog *` in PowerShell. Custom ingest pipelines may be added by setting one up in [Ingest Node Pipelines](/app/management/ingest/ingest_pipelines/). @@ -14,7 +14,7 @@ This integration offers the ability to seamlessly ingest data from a Splunk Ente These integrations work by using the [httpjson input](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-httpjson.html) in Elastic Agent to run a Splunk search via the Splunk REST API and then extract the raw event from the results. The raw event is then processed via the Elastic Agent. The Splunk search is customizable and the interval between searches is customizable. -For more information on the Splunk API integration please see [here](https://www.elastic.co/guide/en/observability/current/ingest-splunk.html). +See the [Splunk API integration documentation](https://www.elastic.co/guide/en/observability/current/ingest-splunk.html) for more information. This integration requires Windows Events from Splunk to be in XML format. To achieve this, `renderXml` needs to be set to `1` in your [inputs.conf](https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf) file. diff --git a/packages/winlog/manifest.yml b/packages/winlog/manifest.yml index 15f5a35950c..c4b8e3bf603 100644 --- a/packages/winlog/manifest.yml +++ b/packages/winlog/manifest.yml @@ -3,7 +3,7 @@ name: winlog title: Custom Windows Event Logs description: Collect and parse logs from any Windows event log channel with Elastic Agent. type: integration -version: 1.5.0 +version: 1.5.1 release: ga conditions: kibana.version: '^7.16.0 || ^8.0.0'