IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Sysmon module fields
edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.
Sysmon module fields
editThese are the event fields specific to the Sysmon module.
-
sysmon.dns.status -
Windows status code returned for the DNS query.
type: keyword