Elastic Security for endpoint prevents ransomware and malware, detects advanced threats, and arms responders with vital investigative context
Integrating with Elastic Endpoint Security will provide visibility into devices with the agent installed to identify your endpoint coverage and state.
This integration pulls endpoints from Elastic Endpoint Security (aka Endgame).
- Configure plugin: Configure Elastic Endgame
|The URL used to access the source|
|Skip TLS Certification Validation||Skip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority.|
|The API key used to identify the authorization and permissions|
|The API secret used to authenticate with the source|
|Fetch devices associate with only the specified Group IDs. Comma separated|
Configure Name: OPTIONAL: You can give the configuration a name to provide an identifiable attribute of the configuration to delineate other similar configurations.
Activate Config: To enable this configuration and begin pulling data select "Activate". If you wish to save the configuration to come back later to finish, select "Save Draft". This will save the configuration, but keep it disabled until Activated.
You'll be asked to provide source credentials that Sevco will use to connect to Elastic Endgame. Please reference Elastic Endgame documentation for instructions on creating a user.
Sevco requires read only (GET) access to view Elastic Endgame endpoint objects.
If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].
Tags: cloud, endpoint security
Updated about 1 month ago