I'm a SOC Engineer at a MSSP SOC and we currently use AlienVault for the majority of our clients, but we started to play around with Elastic SIEM and we just started to work with a potential new client and we have deployed Elastic SIEM into their environment.
We currently have AlienVault setup so every alarm, we have AlienVault API automatically creates a ticket in JIRA Service Desk as a issue.
We want to to evenually use Elastic SIEM for other clients when our contracts end with our other clients, but we don't like the "CASE" section and want to bypass it and send all "Detection alerts" straight to JIRA Service Desk as issues...
Is there a way to use Elastic SIEM API to accomplish this?