I've been using Kibana through Security Onion to collect authorization logs. I have a solid stream of logs and parsing operations. When I create a rule, there is no place to create an action that occurs when that rule is true. The rules will run and tell me that they've started an alert but there's nowhere to see where it alerted, or what made it alert in the first place. I see a ton of tutorials for using connectors on top of rules to send emails and alerts straight from kibana, but that's not showing in my panel. Not sure if there is reduced functionality because it's through security onion, or if there's something I'm missing inside of kibana.
@swminnick Welcome to the Elastic community. Could you please share which doc you referring? Also on which exact step you are stuck on, which is not visible on your panel?
Thanks