Hello All,
We have imported some csv files in Elastic. Now we want to compare some event fields with the values of the fields in csv and use it in filter for various purpose.
For example, we have imported csv of domain user account names in ELasticSearch. We have integrated Windows Active directory with ELK and receiving authentication events in Elastic. Now we want to monitor the domain account users activities and need to compare user names from the csv imported in ELasticSearch. It is not feasible to put all the user name in OR condition and use in filter. So, we are thinking of comparing it from the csv.
Is there a way to accomplish this in Kibana?
Thanks.