Blue-Baron icon indicating copy to clipboard operation
Blue-Baron copied to clipboard

Published 20 hours ago verified publisher icon operatorequals

Integrate with Elastic's "detection_rules"

Open operatorequals opened this issue 4 years ago • 0 comments

The Kibana SIEM rules can be synced with the Elastic Public ruleset [1]. The .detection-rules-cfg.json described here [2] can be auto-generated by the TF module, (using maybe some local-exec TF provisioner) to enable the maintainer to use the official Elastic rule management.

[1] :https://github.com/elastic/detection-rules [2] :https://github.com/elastic/detection-rules/blob/main/CLI.md

operatorequals avatar Nov 28 '20 14:11 operatorequals