Does Kibana or Painless Script have functions that can read input from files to filter out events in current index? Splunk has inputlookup and lookup to do this.
Logstash can for sure. Multiple ways from a static look up, read from CSV, read from Elastic index, etc.
Ingest processor in Elastic can also do something similar.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.