The SIEM app is now a part of the Elastic Security solution.
Click
here to view SIEM documentation for previous releases.
Cases API
editCases API
editThis functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.
You can create, manage, configure, and send cases to external systems with these APIs:
- Cases API: Used to open and manage security action items.
- Actions API: Used to send cases to external systems. Create connector stores the data required to interface with third-party systems, and Create or update an external incident sends Elastic Security cases to external systems.