Detection-rules

Hi,
i hope this message finds you well , so how to add the project elastic/detection-rules to my elk stack
regards and thanks

Hi

If you use v 7.12:
What you need to do is clicking into detections. (Kibana->Elastic Security->Detections) . Click on Manage rules.
There you find a button to load Pre build Elastic rules.

You can also download 3rd party detection rules like the ones from Sigma:

thanks for your reply
could you tell me if there is a method to integrate this project (GitHub - elastic/detection-rules: Rules for Elastic Security's detection engine) into my elk stack
regards

Thats what happening when you click on load pre build elastic rules in Kibana as described above

Thanks for your reply
does this features need a paid Xpack or free X-pack is enough ?
regards

Its available in the free version. However if you would like to also leverage Machine Learning based rules I recommend to test the Platinum version.

image1258×536 31.6 KB

So how much Platinum,Entreprise version cost

You need to fill in the contact form the get those information based on your region you are living

thank you very much

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.