Skip to content
All Skills

Security Generate Security Sample Data

Generate sample security events, attack scenarios, and synthetic alerts for Elastic Security. Use when demoing, populating dashboards, testing detection rules, or setting up a POC.

Security & Compliance|v1|Updated 7/2/2026|GitHub source
MCP get_skill({ skillId: "security-generate-security-sample-data-29ce32e7" })

Use this skill with your agent

Create a free account and connect via MCP

Get Started Free
# Generate Security Sample Data

Generate ECS-compliant security events, multi-step attack scenarios, and synthetic alert documents that populate Elastic
Security dashboards, the Alerts tab, and Attack Discovery.

## Quick start

For a zero-friction experience that generates everything and opens Kibana:

```bash
node skills/security/generate-security-sample-data/scripts/demo-walkthrough.js
```

## Workflow

```text
- [ ] Step 1: Set environment variables
- [ ] Step 2: Generate sample data
- [ ] Step 3: Explore in Kibana
- [ ] Step 4: Clean up when done
```

### Step 1: Set environment variables

```bash
export ELASTICSEARCH_URL="https://your-project.es.region.aws.elastic.cloud"
export ELASTICSEARCH_USERNAME="admin"
export ELASTICSEARCH_PASSWORD="your-password"
export KIBANA_URL="https://your-project.kb.region.aws.elastic.cloud"
```

### Step 2: Generate sample data

#### Generate everything at once

```bash
node skills/security/generate-security-sample-data/scripts/sample-data.js \
  system endpoint okta aws windows --scenarios --alerts
```

#### Generate only events

```bash
node skills/security/generate-security-sample-data/scripts/sample-data.js \
  system endpoint --count 100
```

#### Generate only attack scenarios

```bash

Continue reading

Sign up for a free account to view the full skill content

Login / Register
#elastic#elasticsearch#kibana#observability#penetration#testingnodejselasticsearchkibana
Security Generate Security Sample Data - AgentArmory Skill — AgentArmory