Detection-rules

dddddddddddddddd · April 5, 2021, 9:40am

Hi,
i hope this message finds you well , so how to add the project elastic/detection-rules to my elk stack
regards and thanks

Felix_Roessel · April 5, 2021, 2:23pm

Hi

If you use v 7.12:
What you need to do is clicking into detections. (Kibana->Elastic Security->Detections) . Click on Manage rules.
There you find a button to load Pre build Elastic rules.

You can also download 3rd party detection rules like the ones from Sigma:

dddddddddddddddd · April 6, 2021, 3:40pm

thanks for your reply
could you tell me if there is a method to integrate this project (GitHub - elastic/detection-rules: Rules for Elastic Security's detection engine) into my elk stack
regards

Felix_Roessel · April 6, 2021, 4:35pm

Thats what happening when you click on load pre build elastic rules in Kibana as described above

dddddddddddddddd · April 7, 2021, 9:52am

Thanks for your reply
does this features need a paid Xpack or free X-pack is enough ?
regards

Felix_Roessel · April 7, 2021, 10:42am

Its available in the free version. However if you would like to also leverage Machine Learning based rules I recommend to test the Platinum version.

dddddddddddddddd · April 7, 2021, 10:45am

So how much Platinum,Entreprise version cost

Felix_Roessel · April 7, 2021, 2:48pm

You need to fill in the contact form the get those information based on your region you are living

dddddddddddddddd · April 7, 2021, 4:26pm

thank you very much

Topic		Replies	Views
Detection Rule CLI still relevant? Elastic Security detection-rules	2	441	May 2, 2023
Prebuilt Security Detection Rules in policy or just install assets? Elastic Security	3	379	September 26, 2022
Prebuilt Security Detection Rules Integration Elastic Search	2	83	January 8, 2025
Is there any way to load elastic prebuilt rules by using command? Elastic Security	5	82	August 28, 2024
Detection Rules Update Failure Elastic Security detection-rules	9	334	November 19, 2024

Detection-rules

Related topics