> ## Documentation Index > Fetch the complete documentation index at: https://docs.tracecat.com/llms.txt > Use this file to discover all available pages before exploring further. # Elastic Security > Reference for the Tracecat Elastic Security integration: registered actions, required secrets, expected inputs, and example workflow usage. ## List detection alerts Action ID: `tools.elastic_security.list_detection_signals` Query for Elastic Security detection alerts. Reference: [https://www.elastic.co/docs/api/doc/kibana/v8/operation/operation-searchalerts](https://www.elastic.co/docs/api/doc/kibana/v8/operation/operation-searchalerts) ### Secrets Required secrets: * `elastic_security`: required values `ELASTIC_API_KEY`. ### Input fields End time for the query (exclusive). Start time for the query (inclusive). Kibana endpoint URL (e.g. [https://localhost:5601](https://localhost:5601)). Default: `null`. Maximum number of alerts to return. Default: `100`. Elastic JSON query DSL. If specified, overrides `start_time` and `end_time`. Default: `null`. Source field filter applied to each alert. Pass a list of dotted field names to include only those fields, or a dict of `includes` / `excludes` for fine-grained control. Maps directly to the Kibana `_source` request body parameter. When `null` (default), every field is returned. Default: `null`. Whether to verify SSL certificates. Default: `true`.