Can we update the Elasticsearch connector to ingest triggered alerts in the same way we do for other SIEMs like FortiSIEM and Splunk? Additionally, can we create playbook collections that can be scheduled to ingest these alerts?
Here is the API documentation for retrieving alerts:
https://www.elastic.co/guide/en/security/current/signals-api-overview.html
Please let me know if you need any further information
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.