03.11 ElasticSearch - moovingon.ai

*Version: 1.0 | Last Updated: 19/02/2025* ## Overview - **Integration Name:** ElasticSearch - **Purpose:** Integrate Elasticsearch with MoovingON AI, enabling users to receive Elasticsearch notifications - **Audience:** Support team, TAM - **Prerequisites:** - A valid Elasticsearch account - MoovingON AI account access with integration permissions --- ## Table of Contents - [[#Setup Instructions]] - [[#Configuration]] - [[#Testing the Integration]] - [[#Related Links]] --- ## Setup Instructions 1. Step 1: In MoovingON AI, navigate to Settings -> Integrations. ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXcRlVOIXdQo-3K1ZK6_yb3RassT5Hwm4HV4HbrMYQXOEGy84c_b-GkCM8dniycVDIIFCnO2aZjV4JlFtbdfGglmJyazL4q0aVk0BgHiuV4HBeSf9DGLdSRe2LJ4YQR5PKlMwKNbag?key=KBEKAuRqwRONFDBsNTxVIo1q) 2. Step 2: On the right side of the page, select "Add Webhook." ![add-webhook.png](https://lh7-rt.googleusercontent.com/docsz/AD_4nXcGPe2XrFFCSR3jWfJf_uKWC98AdXP1Z0YbfWdMdnxPHb61HbdLBA9fuUspQ01x7IMKYjp4GqAJp7rjohYiZinjIwu90g53aV47x-vH6sbc0xWtH51UtT59lPFR36IZklUgjdqTZg?key=0AFYv1wEH0VxxgrHRlc_3I1G) 3. Step 3: Enter an integration name for the webhook and click "Submit." **![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXegXOiH_ed_yvnovas7N8A_4Gy0f7cdbR1R0eILGQ8iL5ZiuSCpGff9k1YuDRo5Xe2fdgQ4IWSCY-lIimkAyG44-YodYT8QzU6KZRk8mXP3_JEfaH3dKNLP-ThTE2Lmbhxcyis-DA?key=KBEKAuRqwRONFDBsNTxVIo1q)** 4. Step 4: After submission, a webhook basic authentication (Username and Token) will be created. **![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXdftB0KFsctdudQ70rgU0rCtuwFirMXIieZRJF5g8CSVfPwbokdBuDG0BcAOYWS3NApNu0xYPGRtP4SASRVuT9jjNn92sFW9iNDMRJsww8pEpzgWOaUoPJAv9uSGEGDCh_p0JV_?key=KBEKAuRqwRONFDBsNTxVIo1q)** 5. Save the generated Username and Token for use in Elastic. --- ## Configuration You can create connectors in Stack Management > Connectors or as needed when you’re creating a rule. For example: ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXeOqa5Rcfz52Ycor86qNzk9aguStxWJkiIrVLkObWUZNhY_KW_v7XIl5eR4jWsauieZ3m6-FOwsSaY_it6CYacCqeFUywJ0MiLrQ0XvXwJImplDfNFhNhjameEW0Cn3DsgRJ4GW3w?key=0AFYv1wEH0VxxgrHRlc_3I1G) Click on Create Connector Select Webhook ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXfa4b5H3tlZqu-S_eM3uZK33Bt-PQI1kP7Xq--J1HybhIunnQLFHxRJVTExFcrxkuRlAO3LZWLMyDtf-ESX4TAvfRNxgj9C_kGJ1-huu4i7sCDZ5m6dtEJd3GaqC1o0GcpqXPSl?key=0AFYv1wEH0VxxgrHRlc_3I1G) ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXdUp8afwbHeHfNyhgn2rY5bL9wXcXq9qQf9qvKun_xtw2zry3oKVrlkJAJ6VcdJUEnmVeKRLT9VM65xRuTiUACoxK7dTu0jLNRr4tCytgXXqRS5qGBLoSPxBpAB8kSwievJ11Q5Nw?key=0AFYv1wEH0VxxgrHRlc_3I1G) 1. Enter a webhook name and the URL to which you want to send an event notification. 2. The UUID field is auto-populated. 3. Use the Username and Password generated in MoovingON AI 4. URL: {ENDPOINT} 5. Select an HTTP method for the webhook (GET, POST, or PUT). 6. Enable HTTP header Key- Content-Type Value- application/json Click on Save You can choose rules ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXfZYuBdYCkqiNvMFWC6g7U9eO_a-nQZu45eAHDfYvEiG8aIs6W4uySxlduL6fcf6BPgppndcP_T8OCCpAquHNTp-4YsH_toQDo4xH1fIEmi8A7dWjjbw5uiVQXciOr-LThOYOFR1g?key=0AFYv1wEH0VxxgrHRlc_3I1G) --- ## Testing the Integration - **Test Cases:** You can test by sending an example format: { "host": "Test-Raed-Host", "service": "Test-Raed-Service", "severity": "High" } **![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXfRiDOISDvFMtfnZvIpuMQwlTHIMZS1B93jbA-ItXWZ308AKcNCetj6kPoKEAT3Zvac2cK5iwBqBvnYbwqw8LE6bMDdTKxMWVSjI7MsxhDEj4hYSFXGu8TGnid59kQKjV6A9s2Q?key=0AFYv1wEH0VxxgrHRlc_3I1G)** After testing ![](https://lh7-rt.googleusercontent.com/docsz/AD_4nXcmXrkwkdpH5JkDht4R3K7ZJw3deIGJQp7W4Zp2zQnleahpJsCUwjDHWWVtLumF8hwpIwtdj3v806kAVusVgN4gvmwtGPE_9zzidSI7hDI7KaZpeBRMxwwZdn6BCInRb-AKfcw8Yw?key=0AFYv1wEH0VxxgrHRlc_3I1G) --- ## Related Links - **External Resources:** [Elasticsearch documentations](https://www.elastic.co/docs)