Skill UI

This guide provides a systematic, step-by-step workflow for Security Operations Center (SOC) analysts to perform alert triage using Elastic Security SIEM. It covers initial alert assessment, context gathering using advanced ES|QL queries, threat intelligence enrichment, and final classification decisions (True Positive, False Positive, etc.) to rapidly determine genuine security threats and prioritize incident response actions.

A comprehensive guide for Security Operations Center (SOC) teams to perform proactive threat hunting using Elastic SIEM. This skill teaches advanced techniques like KQL and EQL queries, analyzing event sequences, and investigating anomalies to uncover threats that bypass automated detection rules. Ideal for validating detection coverage gaps and responding to new TTPs based on the MITRE ATT&CK framework.

A comprehensive guide for migrating search functionality from alternatives like Elasticsearch, Typesense, or Meilisearch to Algolia. It details the necessary steps, including data migration, query translation (e.g., ES to Algolia), and implementing a zero-downtime swap using the Strangler Fig pattern.

A comprehensive technical guide detailing the process of migrating large-scale enterprise search platforms from sources like Elasticsearch or Algolia to Glean. It covers data export, schema transformation, using bulk indexing APIs, creating data sources, and validating search quality for smooth, large-scale deployment.