From ed6fef07ec19c2ac2a0c278b30231a3259d30cbe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20K=C3=B6tting?= <simon.koetting@elastic.co>
Date: Tue, 13 May 2025 08:54:17 +0200
Subject: [PATCH 1/2] [Windows] Stop enabling sysmon per default to avoid
 unhealthy agent status.

---
 packages/windows/changelog.yml                               | 5 +++++
 packages/windows/data_stream/sysmon_operational/manifest.yml | 1 +
 packages/windows/manifest.yml                                | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/packages/windows/changelog.yml b/packages/windows/changelog.yml
index da70b137710..63c400d5a48 100644
--- a/packages/windows/changelog.yml
+++ b/packages/windows/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "3.0.1"
+  changes:
+    - description: Stop enabling sysmon per default to avoid unhealthy agent status.
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/13891
 - version: "3.0.0"
   changes:
     - description: Remove deprecated httpjson input.
diff --git a/packages/windows/data_stream/sysmon_operational/manifest.yml b/packages/windows/data_stream/sysmon_operational/manifest.yml
index 15d83419f29..44326207a17 100644
--- a/packages/windows/data_stream/sysmon_operational/manifest.yml
+++ b/packages/windows/data_stream/sysmon_operational/manifest.yml
@@ -2,6 +2,7 @@ type: logs
 title: Windows Sysmon/Operational events
 streams:
   - input: winlog
+    enabled: false
     template_path: winlog.yml.hbs
     title: Sysmon Operational
     description: 'Collect Microsoft-Windows-Sysmon/Operational channel logs'
diff --git a/packages/windows/manifest.yml b/packages/windows/manifest.yml
index 8e47b9b7389..62859516a68 100644
--- a/packages/windows/manifest.yml
+++ b/packages/windows/manifest.yml
@@ -1,6 +1,6 @@
 name: windows
 title: Windows
-version: 3.0.0
+version: 3.0.1
 description: Collect logs and metrics from Windows OS and services with Elastic Agent.
 type: integration
 categories:

From 4f693bc89037332974364d83db12577766da4287 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20K=C3=B6tting?= <simon.koetting@elastic.co>
Date: Tue, 13 May 2025 08:57:27 +0200
Subject: [PATCH 2/2] [Windows] Stop enabling sysmon per default to avoid
 unhealthy agent status.

---
 packages/windows/changelog.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/windows/changelog.yml b/packages/windows/changelog.yml
index 63c400d5a48..3480c635abf 100644
--- a/packages/windows/changelog.yml
+++ b/packages/windows/changelog.yml
@@ -3,7 +3,7 @@
   changes:
     - description: Stop enabling sysmon per default to avoid unhealthy agent status.
       type: bugfix
-      link: https://github.com/elastic/integrations/pull/13891
+      link: https://github.com/elastic/integrations/pull/13893
 - version: "3.0.0"
   changes:
     - description: Remove deprecated httpjson input.