is null

As per below logs from endpoint the field name from kibana should contain the value of data string from ImagePath, but it is giving Null value. the data which I want to be in it is coming under winlog.event_data.Details
Can someone please explain?

Any suggestions?

Need help

Since I don't use winlogbeat I can only assume that is how the module is set to parse the data. Look here,, to see the scripts used for each module. If u think our should be different, submit an issue on GitHub.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.