Backup Detection Rules and Exceptions

Hello everybody,

I want to backup all security detection rules and the exceptions I defined for my Cluster. From the documentation I learned how to access rules via the kibana api but there must also be an elasticsearch index containing them - I just can't find out which one.
In which indices are the rules and exceptions stored? Can I include them in a Cluster snapshot? Or is there maybe a simpler way, that I do not know of?

Thank you for your help :sunny:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.