I have some lists which i use in some correlations.
Ussually i update this lists manually. Is there some way to do this automatically?
Heya @VellayLoket,
For value lists that can be used in rule exceptions there's a dedicated API in Kibana: Lists API | Elastic Security Solution [7.15] | Elastic
Threat indicators that are normally used in conjunction with Indicator Match rules can be uploaded to your indicator indices via a regular Elasticsearch API. Threat Intel module | Filebeat Reference [7.15] | Elastic is able to upload some of the indicators automatically.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.