I am using WinLogBeat to generate windows event data and processing this with ListenBeats. I 'm routing based on Event_ID and want to enrich this data. There is a JSON attriubute 'SHA1' (incoming DataFlow) that I want to compare against 'KnownHashes' (A JSON file on local disk) and route based on a match.
Is this functionalty with NiFi, or would I need to enrich this way elsewhere?
You can Lookup processor to do the enrichment. Check this articles to see how to use the different options : https://community.hortonworks.com/articles/138632/data-flow-enrichment-with-nifi-lookuprecord-proces...
@Jake Simmonds I have installed winlogbeats however I am not able to output to tcp or udp so that listenbeats could listen to it.
Can you help how you achieved it, what output you configured?
Thanks in advance and appreciate your help