I believe you know that this issues has been circulated in the wild and it seems that the issues still exist whereby the agent installed is not transporting windows event logs etc to the Elastic. The one can be received is metricbeat and the prevention of ransomware, malware or the logs not even sent to the Elasticsearch.
This is quite disappointing. Been think to bring this forward to the potential client in coming weeks. Can you guys please expedite this issues soonest possible?
Get your backend team to do some research and study more about Velocidex / Velociraptor team URL https://www.velocidex.com/ and they seems more skillful doing stuff related to tls/ssl for https connection to the server and able to retrieve windows logs via https for forensics and remediation.