8.5.0

edit

Schema changes

edit
Added
edit
  • Adding risk.* fields as experimental. #1994, #2010
  • Adding process.io.* as beta fields. #1956, #2031
  • Adding process.tty.rows and process.tty.columns as beta fields. #2031
  • Changed process.env_vars field type to be an array of keywords. #2038
  • process.attested_user and process.attested_groups as beta fields. #2050
  • Added risk.* fieldset to beta. #2051, #2058
  • Moved Linux event model fields to GA. #2082
Improvements
edit
  • Advances threat.enrichments.indicator to GA. #1928
  • Added ios and android as valid values for os.type #1999

Tooling and artifact changes

edit
Bugfixes
edit
  • Added Deprecation Warning for misspell task #1993
  • Fix typo in client schema #2014