EN
Request a demo
EN
Products
Pricing
Company
Resources
Events
Request a demo
See all integrations

Elasticsearch

Elasticsearch is a distributed search and analytics engine that powers SIEM solutions and log analysis platforms, enabling analysts to query and correlate security events, logs, and threat data across enterprise infrastructure during incident investigations
SIEM & Analytics
1 Analyzer
1 External integration
www.elastic.co GitHub

Analyzers (1)

Elasticsearch Analysis v1.0

Search for IoCs in Elasticsearch

  • Author: Nick Prokop
  • License: MIT
  • Data Types: url, domain, ip, hash, filename, fqdn, mail, mail-subject, user-agent, hostname, username

External Integrations (1)

External integrations that connect Elasticsearch with TheHive:

TheHive Connector for Kibana

Native Kibana connector that allows Elasticsearch to create alerts and create cases in TheHive

  • Type: connector
CrowdStrike Falcon
Splunk
VirusTotal
Microsoft Defender for Endpoint
Microsoft Entra ID
MISP
Google Threat Intelligence
Recorded Future
Microsoft Defender for Office 365
Proofpoint
Shodan
Slack
AbuseIPDB
Cloudflare
URLScan.io
URLhaus
ONYPHE
YARA
CAPA
Telegram
Airtable
AnyRun
Autofocus
AWSLambda
AWX
Axur
BackscatterIO
BinalyzeAIR
Censys
CERTatPassiveDNS
ChainAbuse
CheckPhish
CheckPoint
CiscoUmbrella
CISMCAP
ClamAV
Cluster25
ClusterHawk
Crtsh
CuckooSandbox
CyberChef
Cyberprotect
Cylance
DNS-RPZ
DNSDB
DNSdumpster
DNSLookingglass
DNSSinkhole
DomainTools
DShield
Duo Security
EchoTrail
EclecticIQ
EmergingThreats
EmlParser
FileInfo
FireHOLBlocklists
FoxIO
Gatewatcher CTI
Gmail
GoogleDNS
GRR
HarfangLab
Hashdd
Inoitsu
IntezerCommunity
Investigate
IP-API
IPVoid
isMalicious
IVRE
JAMFProtect
JIRA
Jupyter
KnowBe4
LdapQuery
Lookyloo
LupovisProwl
Mailer
MailIncidentStatus
Malpedia
MalwareClustering
Malwares
MetaDefender
MsgParser
NERD
Nessus
Netcraft
NSRL
Okta
ONYPHEActiveScan
OpenCTI
OrionMalware
PassiveTotal
Patrowl
PhishingInitiative
Pulsedive
QrDecode
Redmine
Robtex
RT4
SecurityTrails
SendGrid
SentinelOne
SinkDB
SophosIntelix
SpamAssassin
SpamhausDBL
StamusNetworks
StopForumSpam
ThreatGrid
ThreatMiner
ThreatResponse
Thunderstorm
TorBlutmagie
TorProject
Triage
UnshortenLink
urlDNA.io
Valhalla
ValidateObservable
Verifalia
VMRay
Vulners
Watcher
Wazuh
WOT
Yeti
ZEROFOX
Zscaler
Abuse Finder
AIL Onion-Lookup
AlienVault OTX
CIRCL Hash Lookup
CIRCL Passive DNS
CIRCL Passive SSL
CIRCL Vulnerability-Lookup
Cisco Secure Endpoint (Formerly AMP for Endpoints)
CrowdSec
Domain Mail SPF DMARC
DomainTools Iris
EmailRep
FireEye iSIGHT
Forcepoint WebsensePing
Google Safe Browsing
Google Vision API
GreyNoise
Have I Been Pwned
Hunter.io
Hybrid Analysis
IBM QRadar
IBM X-Force
IPinfo
Joe Sandbox
Kaspersky TIP
Maltiverse
MalwareBazaar
Malware Hash Registry (MHR)
MaxMind
MISP Warning Lists
Mnemonic Passive DNS
n8n
PAN Cortex XDR
PAN Cortex XSOAR
PAN Next Generation Firewall
PAN WildFire
PhishTank
Rapid7 InsightConnect
SEKOIA Intelligence Center
Shuffle
ThreatConnect
Tines
Velociraptor
VirusShare
Back to all integrations
Explore similar integrations
Splunk
SIEM & Analytics
11 Analyzers
1 Functions
2 External integrations
See how TheHive can help your team
Thousands of analysts worldwide rely on our platform to manage security incidents more efficiently than ever.
See what the buzz is about:
Request a demo