⚠️ Elastic Search
⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Microsoft Corporation |
| Support Tier | Microsoft |
| Support Link | https://support.microsoft.com |
| Categories | domains |
| Version | 2.0.0 |
| Author | Microsoft - support@microsoft.com |
| First Published | 2022-09-30 |
| Solution Folder | Elastic Search |
Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data for lightning fast search, fine‑tuned relevancy, and powerful analytics that scale with ease. This Sentinel Solution contain playbooks to help enriching sentinel incident by querying elastic search ondemand or as and when incident occurs
Data Connectors
This solution does not include data connectors.
This solution may contain other components such as analytics rules, workbooks, hunting queries, or playbooks.
Content Items
This solution includes 1 content item(s):
| Content Type | Count |
|---|---|
| Playbooks | 1 |
Playbooks
| Name | Description | Tables Used |
|---|---|---|
| ElasticSearch-EnrichIncident | This playbook search in Elastic Search for based on the entities (Account, Host, IP, FileHash, URL) ... | - |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊