Question About ELK stack

Hello Everybody !
I would like to know the difference between the X-PACK offered by Elastic Stack (with extra charges) and the application SIEM that can be installed in Kibana ?

Hello,

X-Pack is an Elastic Stack extension that provides security, alerting, monitoring, reporting, machine learning, and many other capabilities. By default, when you install Elasticsearch, X-Pack is installed.

SIEM is a user interface for tracking security events and incidents which are imported from datasources like auditlogs firewall logs,.. SIEM builds on XPack as SIEM uses machine learning reporting and so on.

Best regards
Wolfram

Adding that most of the SIEM features are available with the Basic (free) license.

Merci beaucoup (thanks a lot!)

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.