Hi,
We're making use of ELK to do daily Operational Searches in Kibana and it is proving extremely useful.
Is there a way to Automate searches, say once or twice a day against our Indices with a script if we had a structured subset of data to search?
We have a number of Indicators of Compromise that come in each day, IPs, URLs etc. It would be great if we could harness Elastic in some way to do batch searches with this data to see if we find any hits in our environment, we could then pivot on this data etc.
APologies if this subject has been broached before, but i couldnt find anything relevant.
Thank you
Gordon
