Security
Threathunting with Elasticsearch
All kinds of interesting information can be found using the Elasticsearch API. https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html I find it easier than using Kibana, but Kibana was necessary to figure out the query language. Using the same queries, you can save out results and sort through them. The simplest example would be something like Read more…