github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Docs] []Backport 7.4 siem advanced settings (#46429)

Browse source 
* Add advanced SIEM settings

* Correct description of siem:defaultIndex field
This commit is contained in:
benskelker 2019-09-24 10:19:07 +03:00 committed by GitHub
parent 0c241e1be0
commit 0a666eabba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
docs/management/advanced-options.asciidoc
View file

@ -204,6 +204,16 @@ be inconsistent because different shards might be in different refresh states.
Searching through frozen indices
might increase the search time.
[float]
[[kibana-siem-settings]]
=== SIEM settings
[horizontal]
`siem:defaultAnomalyScore`:: The threshold above which anomalies are displayed in the SIEM app.
`siem:defaultIndex`:: A comma-delimited list of Elasticsearch indices from which the SIEM app collects events.
`siem:refreshIntervalDefaults`:: The default refresh interval for the SIEM time filter, in milliseconds.
`siem:timeDefaults`:: The default period of time in the SIEM time filter.
[float]
[[kibana-timelion-settings]]
=== Timelion settings