Event id processor fails to start service

I'm trying to follow the configuration that is detailed on this page - https://www.elastic.co/guide/en/beats/winlogbeat/current/configuration-winlogbeat-options.html.

I am running winlogbeat version 6.2.3

I have the following in my config:

• name: Security
  event_id: ...
  processors:
  • drop_event.when.not.or:
    • equals.event_id: 4625
    • equals.event_id: 4767
    • equals.event_id: 4741
    • equals.event_id: 4720
    • equals.event_id: 662
    • equals.event_id: 4758
    • equals.event_id: 4743
    • equals.event_id: 4729
    • equals.event_id: 4756
    • equals.event_id: 4742
    • equals.event_id: 5137
    • equals.event_id: 631
    • equals.event_id: 635
    • equals.event_id: 658
    • equals.event_id: 4727
    • equals.event_id: 4730
    • equals.event_id: 4726
    • equals.event_id: 4624
    • equals.event_id: 4732
    • equals.event_id: 4757
    • equals.event_id: 5136
    • equals.event_id: 4731
    • equals.event_id: 4754
    • equals.event_id: 634
    • equals.event_id: 638
    • equals.event_id: 4734
    • equals.event_id: 630
    • equals.event_id: 4728
    • equals.event_id: 4733
    • equals.event_id: 4740
    • equals.event_id: 5141
      ignore_older: 72h

This is the error I receive when testing the config:

.\winlogbeat.exe test config -c .\winlogbeat.yml

Exiting: Failed to create new event log. 1 error: Invalid event log key 'processors' found. Valid keys are api, batch_read_size, event_id, fields, fields_under_root, forwarded, ignore_older, include_xml, level, name, provider, tags

What am I missing that is causing this to not work correctly?

Looks like its a bug!
Would be great to include that in either the specific documentation for 6.2 or the release notes for 6.3.

Also documentation shouldn't include "event_id: ..."
Fails with "Exiting: Failed to create new event log. 1 error: invalid event ID query component ('...')"

This is not correct and should include something that actually works.

I'm working on fixes for both issues.