You are viewing docs on Elastic's new documentation system, currently in technical preview. For all other Elastic docs, visit elastic.co/guide.

Threat Intelligence Utilities

Prebuilt Threat Intelligence dashboard for Elastic Security

Version
1.4.1 (View all)
Compatible Kibana version(s)
8.5.0 or higher
Supported Serverless project types

Security
Observability
Subscription level
Basic
Level of support
Elastic

The threat intelligence utilities package contains a dashboard that provides a high-level overview of data from all connected TI feeds.

To add the dashboard, click Settings > Install Threat Intelligence Utilities assets.

Changelog

VersionDetailsKibana version(s)

1.4.1

Enhancement View pull request
Changed owners

8.5.0 or higher

1.4.0

Enhancement View pull request
The format_version in the package manifest changed from 2.11.0 to 3.0.0. Removed dotted YAML keys from package manifest. Added 'owner.type: elastic' to package manifest.

8.5.0 or higher

1.3.0

Enhancement View pull request
Add tags.yml file so that integration's dashboards and saved searches are tagged with "Security Solution" and displayed in the Security Solution UI.

8.5.0 or higher

1.2.3

Bug fix View pull request
Fix the query type for matching 'event.dataset'.

8.5.0 or higher

1.2.2

Bug fix View pull request
Update to use new Threat Indicator Match rule names.

8.5.0 or higher

1.2.1

Bug fix View pull request
Update to use security-solution-default.

8.4.0 or higher

1.2.0

Enhancement View pull request
Update package-spec version to 2.7.0.

8.4.0 or higher

1.1.0

Enhancement View pull request
Include ti_util in threat_intel category.

8.4.0 or higher

1.0.1

Bug fix View pull request
Correcting index-pattern references in dashboard

8.4.0 or higher

1.0.0

Enhancement View pull request
Initial draft of the package

8.4.0 or higher

On this page