[Bug] execution_scheduled_task_powershell_source doesn't work against logs-windows.sysmon_operational

### Describe the Bug

When running on a cluster with only windows.sysmon_operational the detection rule fails as destination.address is not a field that gets exported. 

destination.ip is but it does not support the keyword syntax used in the eql rule `destination.ip in ("127.0.0.1", "::1")` results in  1st argument of [destination.ip in ("127.0.0.1", "::1")] must be [ip], found value ["127.0.0.1"] type [keyword]

### To Reproduce

View exported fields listed here: https://www.elastic.co/docs/reference/integrations/windows#sysmonoperational

### Expected Behavior

Failures to not occur when using one of the listed index patterns It should either be removed or the rule updated to use destination.ip

### Screenshots

<img width="1531" height="346" alt="Image" src="https://github.com/user-attachments/assets/c16ee320-25f3-4c6b-bdf1-88cf2c9e1183" />

### Desktop - OS

macOS

### Desktop - Version

15.7.1

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Bug] execution_scheduled_task_powershell_source doesn't work against logs-windows.sysmon_operational #5286

Describe the Bug

To Reproduce

Expected Behavior

Screenshots

Desktop - OS

Desktop - Version

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Bug] execution_scheduled_task_powershell_source doesn't work against logs-windows.sysmon_operational #5286

Description

Describe the Bug

To Reproduce

Expected Behavior

Screenshots

Desktop - OS

Desktop - Version

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions