We've been using ES for some time and have a number of indices that contain all the data we want to capture from windows hosts and other data sources such as firewalls etc... The reality is that I've already captured everything so i would like to bypass the agents and such entirely if possible since i already have to data in existing indices.
Is this possible? If so how?
Added, i should mention that I've already tried adding the indices to the Elastic Security advanced settings, but no data ever populated the portal site.