Hello everyone. There is a task: when a certain event arrives in opensearch, you need to request information in ad. Let’s say the user account is logged into the server. You need to request a list of groups in ad. As far as I understand, this can be implemented either through enrichment in logstash, or by running external scripts via a webhook in alerts. Perhaps there are some other easier options, or someone has already done this. Please share your experience.
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| How to get data from opensearch index in Logstash and add field to new event if the field doesnt exist | 3 | 122 | October 14, 2024 | |
| As a Newbie, I'd love to have see a "walk-thru" type of article that gets OpenSearch and agents up and running in a test environment for newbies like me | 1 | 250 | October 16, 2023 | |
| Is there a way to dynamically group overlapping events? | 0 | 193 | June 30, 2023 | |
| Getting Help in the Forum | 4 | 647 | July 25, 2024 | |
| OpenSearch Community Meeting - 2023-0509 | 6 | 378 | May 15, 2023 |