Skip to main content


Download With Dependencies

Search for and analyze data in real time. Supports version 6 and later.

Elasticsearch is the distributed search and analytics engine at the heart of the Elastic Stack and where the indexing, search, and analysis magic happens.
Elasticsearch offers speed and flexibility to handle data in a wide variety of use cases.

What does this pack do?

  • Add a search box to an app or website.
  • Store and analyze logs, metrics, and security event data.
  • Use machine learning to automatically model the behavior of your data in real time.
  • Automate business workflows using Elasticsearch as a storage engine.
  • Manage, integrate, and analyze spatial information using Elasticsearch as a geographic information system (GIS).
  • Store and process genetic data using Elasticsearch as a bioinformatics research tool.

This pack provides an integration with the Elasticsearch API and allows you to query Elasticsearch instances using DSL, EQL and Lucene syntaxes.
In addition, you can fetch incidents with predefined query.




Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByCortex
CreatedJuly 20, 2020
Last ReleaseNovember 26, 2022

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.