ThreatConnect Marketplace
  • Apps
  • Playbooks
  • Apps
  • Playbooks
Home » Apps Overview » ElasticSearch
Back to Apps

Categories:
  • SIEM and Analytics

ElasticSearch

Elasticsearch is a scalable search and analytics platform. It allows you to quickly and in near real-time store, scan, and analyze large volumes of data. With the Elasticsearch Playbook app, you can execute a search query and get back search hits that match the query. While the service app retrieves the executed search query on a set schedule returning hits that match the query. This integration supports Lucene, Query DSL, and EQL languages.

The following actions are available:

  • Query Index

This app can be found in the ThreatConnect App Catalog under the name: Elasticsearch

Related Apps

Devo
SIEM and Analytics

With the Devo integration, customers have the ability to query their Devo instance

Elastic Security
SIEM and Analytics

With the Elastic Security integration users are able to utilize Kibana SIEM threat detection features with endpoint prevention...

RSA Netwitness Playbooks
SIEM and Analytics

The Alert Processing template enables the ingestion and processing of incidents and alerts from the RSA NetWitness Platform...

Developers

  • Knowledge Base
  • Training Site

Company

  • ThreatConnect
  • Contact Us
  • Blog
  • Twitter
  • Facebook
  • Linkedin

© Copyright - ThreatConnect Marketplace
Scroll to top