Elasticsearch

Elasticsearch is a distributed search and analytics engine that powers SIEM solutions and log analysis platforms, enabling analysts to query and correlate security events, logs, and threat data across enterprise infrastructure during incident investigations

Category: SIEM & Analytics
Homepage: https://www.elastic.co
Tags: siem, log-analysis, search-analytics, event-correlation, threat-hunting

Subscription Information

Registration Required: No
Subscription Required: No
Free Subscription Available: Yes

Analyzers (1)

Elasticsearch_Analysis `v1.0`

Search for IoCs in Elasticsearch

Author: Nick Prokop
License: MIT
Data Types: url, domain, ip, hash, filename, fqdn
Configuration: .upstream/cortex/analyzers/Elasticsearch/Elasticsearch_Analysis.json (raw)

External Integrations (1)

External integrations that connect Elasticsearch with TheHive:

TheHive Connector for Kibana

Native Kibana connector that allows Elasticsearch to create alerts and create cases in TheHive

Type: connector Documentation: https://www.elastic.co/docs/reference/kibana/connectors-kibana/thehive-action-type

Statistics

Total Analyzers: 1
Total Responders: 0
Total Functions: 0
Total External Integrations: 1
Total Integrations: 2

This file is auto-generated from the integration manifest. Do not edit manually.

Elasticsearch

Subscription Information​

Analyzers (1)​

Elasticsearch_Analysis v1.0​

External Integrations (1)​

TheHive Connector for Kibana​

Statistics​