Skip to content
Documentation

Elastic Security

Forward finding events to Elastic Security.

1 min read · For: Security Engineers Admins · Updated Mar 22, 2026 · Edit

Forwards finding and remediation events from Basirah to Elastic Security for correlation and analysis.

Prerequisites

  • Elasticsearch cluster with Elastic Security
  • API key or user credentials with index write permissions

Authentication

API key or basic authentication.

Configuration

index_prefix string

Index name prefix for Basirah events. Defaults to basirah-events.

Data flow

Forwards normalized finding events to Elastic Security for SIEM correlation.

Related

Splunk

Alternative SIEM integration.