Articles by Tony Meehan


Getting started with adding a new security data source in your Elastic SIEM: Part 1

In this blog post, we show how to use Filebeat to collect data from the CrowdStrike Falcon platform, using an ingest pipeline to convert the relevant fields to ECS. This same two-step process can also be used to add new Observability data sources.