In the ML section, if we know the type of log file that we want to upload for visualization and analysis, would it be possible to redirect it to an existing ingest pipeline (with associated mappings and index settings) instead of having the ML guess?
Such as "winlogbeat-[version]-security" for example.
Manually modifying these settings in the Advanced section for every file during import is simply not feasible.
I believe that I will be closing this thread since I'm not sure that this is quite what the ML section is for.
The original purpose was to upload logs that had been manually gathered on an offline server.
Although the solution is not perfect as I still haven't found a way to have the data parsed through winlogbeat pipelines, I did manage to send large series of ndjson data through filebeat, which I consider the (partial) solution for the time being.
I'm also exploring ways to achieve this via logstash in this thread, in case anyone's interested.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.