You can send your macOS Security data to Elastic. Two integration options are available:
Creating a Jamf Protect Action Configuration for Elastic
You can create an Elastic integration that collects data via an HTTP endpoint. This allows you to use an action configuration in macOS Security to send data from computers directly to Elastic.
Setting up Data Forwarding with Elastic Using Amazon S3
You can create an Elastic integration that uses an Amazon S3 bucket. This allows you to use data forwarding in macOS Security to send data from Jamf Protect Cloud to Elastic. Data forwarding to Amazon S3 also allows you to optionally set up Amazon SQS and notifications.
When integrated, you can visualize your macOS Security data in Kibana, create alerts to notify you if an error with the integration occurs, and reference data when troubleshooting an issue.
For more information about this integration, see Jamf Protect integration documentation from Elastic.