How to configure detection SIEM

syafeera · June 24, 2020, 5:49am

Hi,

Problem: data from filebeat appear in SIEM, but at detection the it just empty and show this notification

"Let’s set up your detection engine

To use the detection engine, a user with the required cluster and index privileges must first access this page. For more help, contact your administrator."

what should i do to setup detection?

Frank_Hassanabad · June 26, 2020, 1:16am

Hi @syafeera and welcome to the forums!

Check out this guide here and this should help you understand how to set things up:
https://www.elastic.co/guide/en/siem/guide/current/detection-engine-overview.html#detections-permissions

syafeera · June 29, 2020, 6:41am

Hi there, thanks its working now..huhu

Frank_Hassanabad · June 29, 2020, 12:43pm

Great news!

system · July 27, 2020, 12:43pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Configuring SIEM SIEM	3	763	August 2, 2019
Detections will not setup SIEM	5	1234	May 8, 2020
SIEM detection engine is not getting started SIEM elastic-stack-machine-learning , detection-rules	13	1971	October 18, 2020
SIEM > Detections will not setup SIEM	2	644	March 11, 2020
"SMTP to Internet" signal detection rule is not fired up by Elastic SIEM SIEM	3	491	July 14, 2020

How to configure detection SIEM

Related topics