ElasticSearch

Elasticsearch is a scalable search and analytics platform. It allows you to quickly and in near real-time store, scan, and analyze large volumes of data. With the Elasticsearch Playbook app, you can execute a search query and get back search hits that match the query. While the service app retrieves the executed search query on a set schedule returning hits that match the query. This integration supports Lucene, Query DSL, and EQL languages.

The following actions are available:

Query Index

This app can be found in the ThreatConnect App Catalog under the name: Elasticsearch

Categories:

ThreatConnect

ElasticSearch

Developers

Company

Categories:

ThreatConnect

ElasticSearch

Related Apps

Devo

SIEM and Analytics

Elastic Security

SIEM and Analytics

RSA Netwitness Playbooks

SIEM and Analytics

Developers

Company