Connecting Elastic

Last updated: October 7, 2024

After this article...

You'll be able to connect the Elastic integration to Lumos and resolve common issues that arise when connecting.

Required plan & roles

There's no minimum plan required to connect the Elastic integration.

Instructions

In Lumos

1. Click here to generate a Lumos API token.

Screenshot 2024-03-19 at 10.58.44 AM.png

2. Copy the generated token to use later in Elastic.

In Elastic

1. Log into Elastic and go to the home page.

2. Click Add Integrations.

3. Search for Lumos in the catalog. Ensure that the "Display beta integrations" setting is enabled!

Screenshot 2024-03-19 at 10.59.50 AM.png

4. Click on the Lumos tile, then click Add Lumos in the top right corner.

5. Paste your Lumos API token in the API Token field.

6. Select a new or existing Agent Policy to which you're adding Lumos.

Screenshot 2024-03-19 at 11.04.00 AM.png

7. Click Save and Continue in the bottom right corner.

Verifying the connection

Navigate to Logs > Stream in Elastic and search for "Lumos" to verify that the events from your Lumos Activity Log are being shipped to Elastic.