Event ID 4688 is not capturing all data from 2016 systems. This is the process creation event, it includes some critical data like parent processes on Windows 10 / 2016 Systems, the parser is missing this information
Is there an ETA for when Windows 2016 and Windows 10 events will be parsed fully? I think it's a little disingenuous to announce Windows 2016 support when none of the new events or older event enhancements are parsed correctly. Is there a channel I should be escalating to?
Appreciate the help.