We have a 3 node cluster on prem 7.6. Couple questions:
- Based on the docs we should be able to see and use pre-built detections with only a basic license?
- We do need (required to) have tls/ssl set up within the cluster, an encryption key created before we can access / see the detection rules? Is there anything else needed?
any insight that can be shared regarding set up of security in an on-prem situation that enables the default Security functions would be appreciated.