Hi all,
i’m trying to find out if Elastic has support for STIX/TAXII. I do not see any info about this in the documentation, does anyone know?
regards
Ognyan
HI, @oyuskeseliev!
I found this information in the intel threat module of filebeat:
Hey @oyuskeseliev ,
Thanks for reaching out. Some of the native TI integrations we have are indeed STIX feeds from a TAXII server. We support the protocol and the format as part of the wider Elastic Agent integration eco system using the "Custom API" integration.
Hope this helps.
James