Elastic SIEM Rules/Exceptions/Lists in Terraform

Hello people!

I created a repo to manage Rules and Exceptions/Lists in Terraform.

Working with detection-rules repo [1], I needed to somehow keep a source of truth on what is deployed in the SIEM. So I created a Terraform Provider for Elastic SIEM [2] and a template repository for handling Rules and Exception connections [3], complete - with Sample Github Workflows and Example Pull Request.

[1] : GitHub - elastic/detection-rules: Rules for Elastic Security's detection engine
[2] : GitHub - operatorequals/terraform-provider-elastic-siem
[3] : GitHub - operatorequals/elastic-siem-terraform-template: Keeps Elastic SIEM Rules, Exception, Lists as Code

2 Likes

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.