Heya, SIEM team is here 
It looks like you've installed prebuilt detection rules. One of them is "Endpoint Security" rule:
In order to run without warnings, it requires logs from Elastic Endpoint Security to be present in Elasticsearch. You can install it to your hosts ("endpoints") via Elastic Agent. The easiest way to configure and manage agents is via Fleet (in Kibana, see Management -> Fleet):
You can find more info about this case in this GitHub comment.
So, you could enable Endpoint Security integration and start collecting data from it. As soon as data is there (in logs-endpoint.alerts-* indices), the rule should stop populating warnings. Alternatively, you could disable the rule if you're not planning to use Endpoint Security.
Let me know if this helps.