0
10.3.4
Yokohama, Xanadu, Washington DC, Vancouver Patch 4, Vancouver
Elasticsearch Incident Enrichment Integration for Security Operations searches your logs and adds relevant sighting information to your security incidents.
The Elasticsearch Incident Enrichment Integration enables you to perform the following:
- Select the number of rows you want to search.
- Include raw data in your sighting search results.
Changed:
- Migration of Workflows to Flow Designer for Elasticsearch integration.
Before you can use the Elasticsearch - Incident Enrichment integration, you must activate the plugin and add the appropriate API Base URL and login credentials.