Hi all!
I have an issue with the Elastic Security Rules.
I've installed the elastic agents on my target instances:
I can successfully see its data streams:
I've created default enrolment policy for my agents:
Here is my yml file generated by Elastic:
As you see, I've configured the Default policy with system-1, Endpoint Security integration, linux-1, Prebuilt Security Rules. But I can's see Prebuilt Security Rules integration in the yml.
Also, I can't understand why default prebuilt security rules don't work (no succeeded rules):
I will be pleased to receive any help!
Thank you!