I have metricbeats configured to send process and services metrics to kibana.
Process and windows services have a common field i.e., pid . My requirement is to create a TSVB that will show memory utilization of all windows services. But unfortunately, utilization related metrics are exported from process module but not windows module.
So, I thought of creating a new scripted field that will compare common pid value in both process documents with service documents and create a field "Name_From_Service" with windows.service.name field from services document.
I don't have idea on painless script to create this field. Kindly help me with this. Thanks in advance.