Back to source plugin
Export from CrowdStrike to Elasticsearch
CloudQuery is an open-source data integration platform that allows you to export data from any source to any destination.
The CloudQuery CrowdStrike plugin allows you to sync data from CrowdStrike to any destination, including Elasticsearch. It takes only minutes to get started.
CrowdStrike
v2.1.0
CrowdStrike
This plugin is in preview.
Sync data from Crowdstrike APIs
Elasticsearch
v3.2.10
Official
Elasticsearch
This plugin is in preview.
The Elasticsearch plugin syncs data from any CloudQuery source plugin(s) to an Elasticsearch cluster
Table of Contents
MacOS Setup
Step 1. Install CloudQuery
brew install cloudquery/tap/cloudqueryStep 2. Configure CrowdStrike source plugin
You can find more information about the configuration in the plugin documentation
# crowdstrike.yml
kind: source
spec:
name: "crowdstrike"
registry: "cloudquery"
path: "justmiles/crowdstrike"
version: "v2.0.0"
# use this to enable incremental syncing - unimplemented
# backend_options:
# table_name: "cq_state_crowdstrike"
# connection: "@@plugins.elasticsearch.connection"
destinations: ["sqlite"]
tables: ["*"]
spec:
# plugin spec sectionStep 3. Configure Elasticsearch destination plugin
You can find more information about the configuration in the plugin documentation
kind: destination
spec:
name: elasticsearch
path: cloudquery/elasticsearch
registry: cloudquery
version: "v3.2.10"
write_mode: "overwrite-delete-stale"
spec:
# Elastic Cloud configuration parameters
cloud_id: "${ELASTICSEARCH_CLOUD_ID}"
api_key: "${ELASTICSEARCH_API_KEY}"
# Self-hosted Elasticsearch configuration parameters
# addresses: ["http://localhost:9200"]
# username: ""
# password: ""
# service_token: ""
# certificate_fingerprint: ""
# ca_cert: ""
# Optional parameters
# concurrency: 5 # default: number of CPUs
# batch_size: 1000
# batch_size_bytes: 5242880 # 5 MiBStep 4. Run Sync
cloudquery sync crowdstrike.yml elasticsearch.yml