The Elastic Operation enriches submitted system objects with information found in Elastic Security.

Elastic Security unifies SIEM, endpoint security, and cloud security on an open platform, arming SecOps teams to protect, detect, and respond at scale. These analytical and protection capabilities, leveraged by the speed and extensibility of Elasticsearch, enable analysts to defend their organization from threats before damage and loss occur.

The operation provides the following action:

• Query - Executes an Elastic search query and gets back the hits that match the query.

The operation is compatible with the following system objects:

• Indicator
• Asset