From 1ed6bb2e567251252f5eec61c5d33abb81bc9412 Mon Sep 17 00:00:00 2001
From: ph <phpellerin@gmail.com>
Date: Wed, 9 May 2018 11:07:09 -0400
Subject: [PATCH] fix

---
 winlogbeat/_meta/fields.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/winlogbeat/_meta/fields.yml b/winlogbeat/_meta/fields.yml
index 27499cb4083..cbae8b3a9f8 100644
--- a/winlogbeat/_meta/fields.yml
+++ b/winlogbeat/_meta/fields.yml
@@ -10,6 +10,13 @@
         "wineventlog" for the Windows Event Log API or "eventlogging" for the
         Event Logging API.
 
+        The Event Logging API was designed for Windows Server 2003
+        or Windows 2000 operating systems. In Windows Vista, the event logging
+        infrastructure was redesigned. On Windows Vista or later operating
+        systems, the Windows Event Log API is used. Winlogbeat automatically
+        detects which API to use for reading event logs.
+
+
 - key: eventlog
   title: Event log record
   description: >