We want to deploy Elastic SIEM and do know what to choose Enterprise or Free?
What the difference in implementation or perfomance for Security?
I read docs, they mention Machine Learning, External Alerting and searchable snapshots...
Could you share if you had troubles in deploying or else with Elastic SIEM
Hi @Aliya_Khalel
Take a look here
besides what you mentioned, you also won't have LDAP or SSO support.
If you want to share collected data with other teams, then also creating roles and granting permissions is limited.
To overcome the external alerting limitation, Elastalert2 needs a bit of setup, but might be a way out.
cheers,
Sebastian
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.