Using Corelight Packages

For using and working with the sample Corelight data set, you can install the Corelight packages that can be used to parse and display the information through a collection of pre-configured queries and dashboards.

Two packages are available that support processing the data:

corelight/sensor
The corelight/sensor package includes the core parser and dashboard widgets for viewing the sensor data. The package includes the following dashboards:
- Corelight Connectivity
- Corelight DNS
- Corelight Exec Overview
- Corelight Files
- Corelight HTTP
- Corelight Intel
- Corelight Log Hunter
Figure 31. Corelight Sensor Sample Data Repository
- Corelight Notice
- Corelight SSH Inference
- Corelight SSL
- Corelight Software
- Corelight Suricata
  Figure 32. Suricata
  
  Corelight Sensor Sample Data Repository
- Corelight x509
corelight/threathuntingguide
The package includes the following dashboards:
- Saved Searches
- Alerts

Integrations

Integrations

Packages

LogScale APIs 1.118.0-1.138.0

APIs

API Authentication

Cluster Management API

Health Check API

Ingest API

Lookup API

Redact Events API

Search API

Software Libraries

LogScale Third-Party Log Shippers

Third-Party Log Shippers

Using Corelight Packages

Enter search term