Integrating Keeper SIEM push to Elastic
Keeper supports event streaming into Elastic deployments. External logging is real-time, and new events will appear almost immediately. Setup instructions are below.
Elastic integration uses a TCP push to the destination endpoint. The fields required are:
- Host (e.g. mycompany.gcp.cloud.us.io:9243)
- Search Index (e.g. keeper)
- API Key
Please refer to the Elastic documentation for generating an API key.