Sidehistorik
...
the problem her, is that the data is persistent in Elasticsearch, and Changes to IP's and Devices are not reflected. In Splunk I solved this with a lookup, but now we can do it in Kibana with scripted fields in the new "Painless" language that also states : The Painless syntax is similar to Groovy.
Scripted fields are found in the Management section:
...