Hello, I have installed the EKL stack on my test stand, for further work and analysis of logs we need to install SIEM. How can this be done? How can I load correlation rules for log analysis?
Elastic Security, which includes the SIEM feature, is part of the basic license and is included by default in the Elastic Stack (formerly ELK Stack). You don't need to install it separately.
To access Elastic Security, you just need to open Kibana and click on "Security" in the left-hand navigation menu.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.