Hi, Is it possible in Energy Logserver to correlate events from different indices and store the result as a single document in a separate index? Example: jira-* : task assigned to a user windows-* : the same user logs in later We want to correlate these events by username and write one merged record into a dedicated index (not just visualize via index patterns). What is the recommended approach for this (pipelines, correlation rules, transforms, etc.)?

Merge logs

Hi,

Is it possible in Energy Logserver to correlate events from different indices and store the result as a single document in a separate index?

Example:

We want to correlate these events by username and write one merged record into a dedicated index (not just visualize via index patterns).

What is the recommended approach for this (pipelines, correlation rules, transforms, etc.)?