@elastic/get-security-alerts
Get recent security alerts and detections
RUN SKILL get_security_alerts()With parameters:
RUN SKILL get_security_alerts WITH severity = 'value', limit = 0, index_pattern = 'value'| Name | Type | Default | Description |
|---|---|---|---|
| severity | STRING | — | Filter by severity: critical, high, medium, low |
| limit | INT | — | Maximum alerts to return |
| index_pattern | STRING | — | Security events index pattern |
-- Using curl
curl -u elastic-admin:elastic-password http://localhost:9200/_escript \
-H "Content-Type: application/json" \
-d '{"query": "RUN SKILL get_security_alerts()"}'
-- Response
{
"result": [...],
"_meta": {
"execution_id": "abc123",
"duration_ms": 45
}
}