CounterCraft is designed to integrate easily with all your team’s top software solutions. CounterCraft Integrations is a video series showing you how our security technology plays well with software you already use and, in the process, makes your life a whole lot easier. Watch this video to find out more.
Elasticsearch is a real-time distributed and open source full-text search and analytics engine that allows you to store, search, and analyze big volumes of data quickly and in near real time.
When integrated with CounterCraft, this technology allows you to take event data from the deception environment and import it into your favorite event handling engine, Elasticsearch. It also allows you to leverage other parts of the Elastic stack, which helps analysis and visualization of event data.
A CounterCraft / Elasticsearch integration makes it simple to track down an exact event and specify exact behavior patterns—i.e., track the enemy.
To integrate Elasticsearch and CounterCraft, it’s simple. Just
- Open the Cyber Deception Platform
- Under “Integrations”, click “Set up” in the Elastic card.
- Give it a name, define the host IP and the port desired, and choose the protocol and the format.
- Click ‘Save’.
- From there, you just tell the deception director what event data you want to send to the ELK integration using a simple rule, and the integration is handled automatically. That’s it!
Watch this video for the step-by-step! Subscribe to our YouTube channel for more of the latest news on CounterCraft integrations.