From 9594e4115c47d33511cb99f2a8fa8b6d7328832a Mon Sep 17 00:00:00 2001
From: weslambert <wlambertts@gmail.com>
Date: Tue, 30 Jul 2024 12:47:56 -0400
Subject: [PATCH] Elastic 8.14.3

---
 .../files/integrations/endpoints-initial/windows-defender.json  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/elasticfleet/files/integrations/endpoints-initial/windows-defender.json b/salt/elasticfleet/files/integrations/endpoints-initial/windows-defender.json
index ac4394e62..94bf4e3aa 100644
--- a/salt/elasticfleet/files/integrations/endpoints-initial/windows-defender.json
+++ b/salt/elasticfleet/files/integrations/endpoints-initial/windows-defender.json
@@ -15,7 +15,7 @@
           "enabled": true,
           "vars": {
             "channel": "Microsoft-Windows-Windows Defender/Operational",
-            "data_stream.dataset": "winlog.winlog",
+            "data_stream.dataset": "winlog.winlogs",
             "preserve_original_event": false,
             "providers": [],
             "ignore_older": "72h",