This came up once in the past and we discussed adding a processor to lookup the SIDs in the event with the AD. The first step would be figure what features are needed in the processor and open an enhancement ticket.
See the topic at Winlogbeat displaying GUID in Windows events instead of object name