You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
I have a machine running Ubuntu 22.04. I have installed HELK with option 4. Everything is working fine.
I want to explore writing queries using EQL. I want to write queries to check if a sequence of events occurred.
I suppose this is available on a normal ELK stack under the Security-> Detect-> Alert/ Rules.
How do I do it with a HELK installation? On the Kibana screen, I dont see the Security option under Management at all.
Or is there some other option available, using KSQL or other tools?
Thanks in anticipation
Raja
The text was updated successfully, but these errors were encountered:
Hello,
I have a machine running Ubuntu 22.04. I have installed HELK with option 4. Everything is working fine.
I want to explore writing queries using EQL. I want to write queries to check if a sequence of events occurred.
I suppose this is available on a normal ELK stack under the Security-> Detect-> Alert/ Rules.
How do I do it with a HELK installation? On the Kibana screen, I dont see the Security option under Management at all.
Or is there some other option available, using KSQL or other tools?
Thanks in anticipation
Raja
The text was updated successfully, but these errors were encountered: