I'm trying to send all security alerts generated in Elastic automatically to a webhook that I'll need to wrap some additional JSON (the entire log needs to be in an "alert" field, it's easy enough to do via copy-paste).
I tried this via Stack Management but it doesn't seem to work automatically. What's the best way to go about this?
Hi @John_Bambenek, Welcome to the Elastic community.
You can use webhook connector to forward your all alerts on your endpoint.
Let me know if this is what you were looking for.
Which version are you in? You didn't say.
Basically you create a webhook connector in Stack Management > Alerts and Insights > Connectors
After you created the webhook connection you need to configure an action on your security rules to use this connector.
But before being able to do that you need a paid license, the Webhook connector is not available is you are using the Basic (Free) license.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.