Hello everyone,
I'm working on a project where I need to import data from OpenCTI connectors into Elasticsearch to create tasks. These tasks will be used for various purposes, including API development and data exchange with tools like Kibana.
Specifically, I'm looking for guidance on how to:
API Development: I want to expose a REST API endpoint (e.g., /threat-intelligence/query) that allows external tools to request specific threat intelligence data from the data stored in Elasticsearch. How can I achieve this integration with OpenCTI connectors and Elasticsearch?
Data Exchange: Additionally, I want to expose the data from my threat intelligence dashboard via a RESTful API endpoint (e.g., /threat-dashboard-data) so that external systems or security tools can retrieve the latest threat intelligence statistics. What's the best approach for this?
I have already installed OpenCTI and ELK. Furthermore, I have successfully integrated the Elastic connector with OpenCTI.
I would appreciate any insights or recommendations on how to implement these features effectively. Thank you in advance for your help! submitted by /u/rached2023
[link] [comments]
http://dlvr.it/SwW4Xm
Post Page Advertisement [Top]
How to Import Data from OpenCTI Connectors into Elasticsearch/kibana for Task Creation and Data Exchange?
Hey there,I am a simple blogger who likes to blog to make you uderstand what are the stuff we can learn on the internet and how to learn it.I am here to make you learn and feel the energy of learning by doing.
Subscribe to:
Post Comments (Atom)
';
(function() {
var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js';
(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
})();
No comments:
Post a Comment