Hello, is it possible to compare data displayed in Kibana with a static list?
Let me explain what I need: I'm reading the data of login to the servers via syslog, and I want to create a dashboard that shows me the logins of users not found in a list of authorized users.
Nope, the best way to do this would be at index time. Use logstash to update each event with authoried: true/false and then you can easily visualize it with Kibana.
Interesting option. Is there a way in logstash to compare a field with a text file as a csv?
Look at the translate filter.