i am trying to work on elasticsearch security. i have installed elastic agent using fleet. Now i have enabled prebuilt security detection rules and status shows as successful when rules are executed however i dont see any alerts generated with respect to these.
i have enabled "hosts file modified" rule.
Hi @satendra1987 , I'm using Elastic Security 8.5 and I have a host, with Elastic Agent, collecting logs and metrics. I enabled the rule you mentioned, went to my linux host and edited the hosts file with vim: