Elastic Security

Use the Elastic Security node to automate work in Elastic Security, and integrate Elastic Security with other applications. Mosaic Workflows's has built-in support for a wide range of Elastic Security features, including creating, updating, deleting, retrieving, and getting cases.

On this page, you'll find a list of operations the Elastic Security node supports and links to more resources.

Credentials

Refer to Elastic Security credentials for guidance on setting up authentication.

Basic operations

  • Case
    • Create a case
    • Delete a case
    • Get a case
    • Retrieve all cases
    • Retrieve a summary of all case activity
    • Update a case
  • Case Comment
    • Add a comment to a case
    • Get a case comment
    • Retrieve all case comments
    • Remove a comment from a case
    • Update a comment in a case
  • Case Tag
    • Add a tag to a case
    • Remove a tag from a case
  • Connector
    • Create a connector