RiskIQ Threat Enrichment is Generally Available with ElastiFlow 5.1

New Features

• The RiskIQ integration to enrich flow records with threat details and autonomous system attributes is now generally available, and can be used in large scale production environments.

• The ability to configure index.lifecycle.rollover_alias has been added for the Elasticsearch output, when it is used with Elastic's X-Pack ILM rollover features. The configuration option is EF_FLOW_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_ILM_ROLLOVER_ALIAS.

Learn more at https://docs.elastiflow.com/docs/5.6/changelog#510