Introduction In this article, we’ll walk through how we can leverage Filebeat modules and the enrichment functionality built into the Elastic Stack to facilitate enrichment of log data to include threat intelligence from external sources in Security Onion. By adding pertinent information from threat intel events, we can more