Started playing with SIEM after upgrading our Stack and some agents to 7.2. I currently have winlogbeat and auditbeat sending data to our stack. Auditbeat has the host and process modules enabled, winlogbeat is sending Application, Security, and System logs. The Overview page shows the following:
However, going into the Hosts section, most of the tables are empty.
What agent/configurations are needed to pull this information or are these tables only filled by non-Windows systems?