Trying to add a new javascript processor using the processors section for the Winlogbeat that is reading the Windows Application log events. The custom javascript processor needs to read out an xml from within the actual log event and then pick a certain property (node) to fetch its value.
Tried using the DOMParser.parseFromString but didn't work at all.
What is the best way to do this in this custom script processor that is tied with the Application type event log?
This idea is based of how the winlogbeat\module\powershell\winlogbeat-powershell.js OR the sysmon.js etc.
Trying to do something similar using the application.js file, but unable to parse data from the xml in the event.
Any help / suggestion would be appreciated.