Extracting Detection Rule

Hi there, I was wondering if there is a way to extract all of the detection use cases (built-in and custom) in an excel sheet rather a json format file.

Any suggestions would be helpful.


hello @Aliz6 ! Welcome to our community!

At this moment it is not possible to export detections rules in other format, rather then .ndjson according to Export rules | Elastic Security Solution [8.7] | Elastic

But once rules exported, .ndjson can be converted into .csv with using third party tools.
I can't recommend any, as I never used any. But it looks like there are plenty of them.
There is also a similar question on the forum: Export rules into excel or CSV or PDF format

Note: to export pre-built rules, you can duplicate them and then export. See Manage detection rules | Elastic Security Solution [8.7] | Elastic

Hope this helps

Thank you, Vitalii

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.