Hi all,
i’m trying to find out if Elastic has support for STIX/TAXII. I do not see any info about this in the documentation, does anyone know?
regards
Ognyan
HI, @oyuskeseliev!
I found this information in the intel threat module of filebeat:
Hey @oyuskeseliev ,
Thanks for reaching out. Some of the native TI integrations we have are indeed STIX feeds from a TAXII server. We support the protocol and the format as part of the wider Elastic Agent integration eco system using the "Custom API" integration.
Hope this helps.
James
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.