I have defined my index pattern somewhat to be:
%{TIMESTAMP_ISO8601:record_time} %{IP:app-ip} %{NUMBER:time-taken}" }
I get the app-ip as IP. Now, I know that each app-IP also has an app-Name. I have the app-IP, app-Name dictionary as a separate excel sheet.
Suppose
10.10.10.10 - Thor
10.10.10.20 - Captain
Now in kibana, I want to it to display the name of the app-IP.
Is there any way to do this mapping in ELK? In Kibana or anywhere?