Is SIEM still free as Elastic Security? I cant seem to find the download for it. Anyone?
Some features are available with the Basic License.
It is not clear, what do you want to download?
The SIEM features are part of Kibana, you need to download Kibana.
Its confusing because elastic talks about a SIEM that is an add-on to Kibana, also that its a SAS version that's paid for. IN the article is seems that the SIEM add-on can be downloaded and added to one's non-cloud version. It essentially prewrites queries (I think). Check out this article if you get a hot second. Thank you folks
I think it's a paid function thats SAS driven and ingests NETFLOW.
Couldnt upload link. :-\
It is not clear what you are referencing to.
SIEM is part of Kibana, some features of the SIEM app in Kibana are available with the Basic license.
If you are running Elasticsearch and Kibana on-premises, on your own hardware, the SIEM will also be present.
There is no major difference in features between the SaaS offering and the on-premises offering.
Thank you Leandrojmp. That is very helpful. Will proceed with my on-prem setup
Elastic Security is a combination of security solutions involving SIEM, Endpoint Protection, and Cloud Protection. SIEM features are free as well as some other functionality.
To use SIEM, you need the stack components: Kibana, Elasticsearch + Beats collectors. If you want to use Elastic Agent, you will need to configure a Fleet Server.
If a link from an Elastic Security project already containerized with Kibana, Elasticsearch, and Fleet Server:
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.