Elasticsearch Filebeat - Learn more about the Elasticsearch Filebeat custom collector (standard data source) in Cortex Cloud. - Administrator Guide

Elasticsearch Filebeat - Learn more about the Elasticsearch Filebeat custom collector (standard data source) in Cortex Cloud. - Administrator Guide - Cortex CLOUD

Cortex Cloud Runtime Security Documentation

Product

Cortex Cloud Application Security > Cortex CLOUD

License

Cloud Runtime Security

Creation date

2024-12-24

Last date published

2026-06-10

Note

You can configure collecting container logs from Google Kubernetes Engine using Elasticsearch Filebeat with a Custom - Filebeat based Collector or with a content pack Integration. For more information, see Google Kubernetes Engine.

You can ingest logs related to file activity on your endpoints and servers without using the Cortex XDR agent by installing Elasticsearch Filebeat as a system logger and then forward those logs to Cortex Cloud using a Custom - Filebeat based Collector.

Elasticsearch Filebeat vendor	Description
Custom - Filebeat based Collector (standard data source) overview	Forward logs from Elasticsearch Filebeat to Cortex Cloud using the Custom - Filebeat based Collector data source.
Link to custom - Filebeat based Collector (standard data source) instructions	Ingest logs from Elasticsearch Filebeat