Skip to content

Getting Started updates - 7.10 #340

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 27, 2020
Merged

Getting Started updates - 7.10 #340

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a2a0592
added video to getting started and index update to advanced settings.
jmikell821 Oct 26, 2020
aae08c9
Slight change.
jmikell821 Oct 26, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions docs/getting-started/advanced-setting.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,15 +51,16 @@ NOTE: Index patterns use wildcards to specify a set of indices. For example, the
`filebeat-*` index pattern means all indices starting with `filebeat-` are
available in the {es-sec-app}.

All of the default index patterns match {beats-ref}/beats-reference.html[{beats}] and
All of the default index patterns match {beats-ref}/beats-reference.html[{beats}] and
{ingest-guide}/ingest-management-overview.html[{agent}] indices. This means all
data shipped via {beats} and the {agent} is automatically added to the
{es-sec-app}.

You can add or remove any indices and index patterns as required. For some
background information on {es} indices, see
{ref}/documents-indices.html[Data in: documents and indices].
{ref}/documents-indices.html[Data in: documents and indices].

NOTE: If you leave the `logs-*` index selected, by default, all Elastic cloud logs are excluded from all queries in the {security-app}. This is to avoid adding data from cloud monitoring to the app.

IMPORTANT: {es-sec} requires {ecs-ref}[ECS-compliant data]. If you use third-party data
collectors to ship data to {es}, the data must be mapped to ECS.
Expand Down Expand Up @@ -93,7 +94,7 @@ default values.
== Set machine learning score threshold

When security <<machine-learning, {ml} jobs>> are enabled, this setting
determines the threshold above which anomaly scores are displayed in {es-sec}:
determines the threshold above which anomaly scores are displayed in {es-sec}:

* `securitySolution:defaultAnomalyScore`

Expand Down
2 changes: 2 additions & 0 deletions docs/getting-started/index.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

Looking to get started with Elastic Security? This section describes the Elastic Security UI in Kibana, the system requirements required to run the Elastic Agent with the Elastic Endpoint Security integration, as well as instructions on how to configure and install Elastic Security on your host.

TIP: View the https://www.elastic.co/training/elastic-security-quick-start[Elastic Security Quick Start video] to learn how to configure your endpoints with Elastic Security so you can stream, detect, and visualize threats in real time on Elastic Cloud.

include::sec-app-requirements.asciidoc[leveloffset=+1]
include::detections-req.asciidoc[leveloffset=+2]
include::cases-req.asciidoc[leveloffset=+2]
Expand Down