From a79010fb600d6324b8d7484ea8c81657e87d2414 Mon Sep 17 00:00:00 2001
From: "D.Mavani" <D.Mavani@connectwise.com>
Date: Sun, 23 Jun 2024 16:04:48 +0530
Subject: [PATCH] Feat(SFP-15774): Added Custom Event For Windows Defender

---
 winlogbeat/winlogbeat.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/winlogbeat/winlogbeat.yml b/winlogbeat/winlogbeat.yml
index 9c178ca58030..37c0115287fa 100644
--- a/winlogbeat/winlogbeat.yml
+++ b/winlogbeat/winlogbeat.yml
@@ -23,6 +23,7 @@ winlogbeat.event_logs:
   - name: Security
   - name: System
   - name: Microsoft-Windows-Windows Defender/Operational
+    event_id: 1006, 1007, 1008, 1013, 1015, 1116, 1117, 1118, 1119, 5007, 5010, 5012
 
 #==================== Elasticsearch template setting ==========================