Hi,
I'm trying to find a way to resolve IP to host, for logs ingested from elastic-agents. Within Filebeat i can use dns processor, but i don't know how to do this for agent data...
That processor is available,u just need to add it to whatever integration u are using.
Not all integrations will be able to do reverse dns at the agent: Agent | Local DNS Processing · Issue #2532 · elastic/integrations · GitHub
You would have to modify the pipelines and do more processing at the agent instead of within Elasticsearch
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.