Hi,
i hope this message finds you well , so how to add the project elastic/detection-rules to my elk stack
regards and thanks
Hi
If you use v 7.12:
What you need to do is clicking into detections. (Kibana->Elastic Security->Detections) . Click on Manage rules.
There you find a button to load Pre build Elastic rules.
You can also download 3rd party detection rules like the ones from Sigma:
thanks for your reply
could you tell me if there is a method to integrate this project (GitHub - elastic/detection-rules: Rules for Elastic Security's detection engine) into my elk stack
regards
Thats what happening when you click on load pre build elastic rules in Kibana as described above
Thanks for your reply
does this features need a paid Xpack or free X-pack is enough ?
regards
Its available in the free version. However if you would like to also leverage Machine Learning based rules I recommend to test the Platinum version.
So how much Platinum,Entreprise version cost
You need to fill in the contact form the get those information based on your region you are living
thank you very much
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.