Hello,
I have a setup where I collect PfSense VPN logs and pass them through Logstash to extract some fields. My VPN logs have LDAP usernames such as doejo, which implies the full name of John Doe. Now I need the logs having doejo to be translated to John Doe (if possible in Logstash) so that it is displayed as the full name on the index in Kibana.
Thank you.
You want to read logs, get username, do LDAP lookup, replace with full name and save in Elasticsearch?
Check ldap plugin
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.