Skip to main content
Skip table of contents

Elastic

What is Elastic Cloud?

Elastic Cloud includes Elastic Enterprise Search, Elastic Observability, Elastic Security, and Elastic Stack. Elastic Stack includes Elasticsearch, Kibana, Beats, and Logstash. Elastic Cloud runs in the public cloud of your choice.

Why Should You Use the Elastic Cloud Connector?

The Elastic Cloud connector provides visibility into the assets in your environment. You can use this visibility to:

  • ensure assets are managed per your security policies

  • derive relationships between assets, users, applications, and data

How Does This Connector Work?

Lucidum executes read-only requests to the Elastic Cloud REST API and ingests only metadata about Elastic Cloud devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum

Field

Description

Example

Profile Name

Name of this configuration

Lucidum connector

Cloud ID

Unique ID automatically assigned to the Elasticsearch cluster. You can find this value in the Elastic Cloud web console.

Lucidum_Test:dXMtY2********GU0NA==

API Key ID

Unique ID for an Elastic Cloud API key.

VuaCfGcBCdbkQm-e5aOx

API Key

Unique Key for for an Elastic Cloud API key.

ui2lp2axTNmsyakw9tvNnw

Asset Data Index

Elasticsearch index where asset data is stored

lucidum-assets

Asset Data Query

Query in Query DSL format, usually a “match” query.

{"match": {"message": "Please disable this account"}}

Asset Data Mapping

Maps field values from Elastic to a fields in the Lucidum Asset Database.

“Lucidum Asset Name”->Asset_Name

User Data Index

Elasticsearch index where user data is stored

lucidum-users

User Data Query

Query in Query DSL format, usually a “match” query.

{"match": {"message": "Please disable this account"}}

User Data Mappings

Maps field values from Elastic field to a field in the Lucidum User database.

“user.roles”->Role_Name

Asset Data Mapping

Lucidum has populated the Asset Data Mapping field with most commonly used Lucidum fields. The value on the right side of the mapping is the Lucidum field.

To create a mapping:

  1. You can map only the Lucidum fields (values to the right of ->) that are already included in the Asset Data Mapping field. Currently, uou cannot add new mappings.

  2. Put your cursor in the Asset Data Mapping field.

  3. Note the name of the Lucidum Field you want to map. Then delete it (garbage can icon).

  4. Enter

    “Elastic field name”->Lucidum field name.

    where:

    • “Elastic field name” is a field name used in Elastic Cloud

    • Lucidum_Field_Name is the name of the field in the Lucidum Asset database.

  5. Press Enter.

  6. The new mapping appears in the Asset Data Mapping field.

User Data Mapping

Lucidum has populated the User Data Mapping field with most commonly used Lucidum fields. The value on the right side of the mapping is the Lucidum field.

To create a mapping:

  1. You can map only the Lucidum fields (values to the right of ->) that are already included in the User Data Mapping field. Currently, you cannot add new mappings.

  2. Put your cursor in the User Data Mapping field.

  3. Note the name of the Lucidum Field you want to map. Then delete it (garbage can icon).

  4. Enter

    “Elastic field name”->Lucidum field name.

    where:

    • “Elastic field name” is a field name used in Elastic Cloud

    • Lucidum_Field_Name is the name of the field in the Lucidum Asset database.

  5. Press Enter.

  6. The new mapping appears in the User Data Mapping field.

Source Documentation

Creating Credentials

Contact your Lucidum Sales Representative for help with creating credentials.

To find your Cloud ID:

  1. Log in to the Elastic Cloud Console.

  2. Click on the name of your deployment.

  3. Click on the Search tile.

  4. The Cloud ID is displayed in the Home Page.

To create an API Key ID and API Key, see:

https://www.elastic.co/guide/en/cloud/current/ec-api-keys.html

To view existing API Key IDs and API Keys, see:

https://www.elastic.co/guide/en/cloud/current/ec-api-keys.html

Required Permissions

To create API Keys, you must be an Organization Owner.

API Documentation

https://www.elastic.co/guide/en/cloud/current/ec-restful-api.html

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.