Detection-rules

Hi,
i hope this message finds you well , so how to add the project elastic/detection-rules to my elk stack
regards and thanks

Hi

If you use v 7.12:
What you need to do is clicking into detections. (Kibana->Elastic Security->Detections) . Click on Manage rules.
There you find a button to load Pre build Elastic rules.

You can also download 3rd party detection rules like the ones from Sigma:

1 Like

thanks for your reply
could you tell me if there is a method to integrate this project (GitHub - elastic/detection-rules: Rules for Elastic Security's detection engine) into my elk stack
regards

Thats what happening when you click on load pre build elastic rules in Kibana as described above

1 Like

Thanks for your reply
does this features need a paid Xpack or free X-pack is enough ?
regards

Its available in the free version. However if you would like to also leverage Machine Learning based rules I recommend to test the Platinum version.

1 Like

So how much Platinum,Entreprise version cost

You need to fill in the contact form the get those information based on your region you are living

1 Like

thank you very much

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.