Skip to content

[Elastic Security]New Elastic Security Integration #14129

New issue
New issue
Closed
#14305
Closed
[Elastic Security]New Elastic Security Integration#14129
#14305
Assignees
mohitjha-elastic
Labels
New IntegrationIssue or pull request for creating a new integration package.Team:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]Team:Sit-CrestCrest developers on the Security Integrations team [elastic/sit-crest-contractors]release-pending
@narph

Description

@narph
narph
opened on Jun 3, 2025

Integration release checklist

The Elastic Security integration will ingest elastic security alerts from different es instances.

Image

Integration name: Elastic Security
Data streams: alert
Input: CEL

We can collect the data using ES apis ingesting .internal.alerts-security.alerts-default-.. indices or kibana api https://www.elastic.co/docs/api/doc/kibana/operation/operation-searchalerts

Dashboard ideas:

  • TO DO

All changes

  • Change follows the contributing guidelines
  • Supported versions of the monitoring target are documented
  • Supported operating systems are documented (if applicable)
  • Integration or System tests exist
  • Documentation exists, useful guidelines to follow
  • Fields follow ECS and naming conventions
  • At least a manual test with ES / Kibana / Agent has been performed.
  • Required Kibana version set to:

Metadata

Metadata

Assignees

Labels

New IntegrationIssue or pull request for creating a new integration package.Team:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]Team:Sit-CrestCrest developers on the Security Integrations team [elastic/sit-crest-contractors]release-pending

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions