Detection engine

Liora · March 7, 2021, 9:59pm

Hi everyone,

how can i please enable the Detections feature in Kibana? Who is the user with the mentioned privileges?

Thank you

thomasneirynck · March 8, 2021, 3:18pm

hi @Liora , I think these pages will get you started:

Liora · March 8, 2021, 3:33pm

Thank you. How can i please create these indices and cluster privileges?

thomasneirynck · March 8, 2021, 8:11pm

hi @Liora , this is outlined here Detections (beta) | SIEM Guide [7.8] | Elastic

You at least need an SSL-deployment. You can then set the appropriate priviliges in the Kibana spaces app. Spaces | Kibana Guide [7.8] | Elastic

Liora · March 9, 2021, 11:31pm

Thank you @thomasneirynck . The problem is i'm running elastic stack on docker. The documentation you sent to me is either for elastic cloud or for self-managed deployments
Do you please have a solution for docker?

Felix_Roessel · March 13, 2021, 6:26pm

This article desribes how to configure SSL comunication in dicker: Encrypting communications in an Elasticsearch Docker Container | Elasticsearch Reference [7.11] | Elastic

system · April 10, 2021, 6:26pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
7.11.0 Detections need permissions Elastic Security elastic-stack-security , docker	14	2235	April 23, 2021
Elastic Detections permissions issues Elastic Security elastic-stack-security , elastic-stack-alerting	7	2380	November 4, 2022
SIEM detection engine is not getting started SIEM elastic-stack-machine-learning , detection-rules	13	1953	October 18, 2020
Kibana <---> Elasticsearch integration with SSL enable Kibana elastic-stack-security , docker	6	479	September 16, 2022
ELK Docker TLS Encryption and Set up Elasticsearch elastic-stack-security , docker	2	318	March 23, 2022

Detection engine

Related Topics