Hi,
I'm trying to find a way to resolve IP to host, for logs ingested from elastic-agents. Within Filebeat i can use dns processor, but i don't know how to do this for agent data...
That processor is available,u just need to add it to whatever integration u are using.
Not all integrations will be able to do reverse dns at the agent: Agent | Local DNS Processing · Issue #2532 · elastic/integrations · GitHub
You would have to modify the pipelines and do more processing at the agent instead of within Elasticsearch