How we can add threat intel data for elastic agent logs before they are entering into the Elasticsearch cluster?
I am trying to add some new fields to each log before based on the details present in that logs.
Example: If you consider Virus Total
Based on the process name collected by our elastic agent I need to add one more field in each row by calculating its Virus total score.
How we can add that additional field?