github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

siem 7.6 updates (#57169)

Browse source
This commit is contained in:
Ben Skelker 2020-02-10 21:59:28 +02:00 committed by GitHub
parent a3dd282588
commit 404ac3bc28
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/management/advanced-options.asciidoc
View file

@ -220,8 +220,10 @@ might increase the search time. This setting is off by default. Users must opt-i
[horizontal]
`siem:defaultAnomalyScore`:: The threshold above which Machine Learning job anomalies are displayed in the SIEM app.
`siem:defaultIndex`:: A comma-delimited list of Elasticsearch indices from which the SIEM app collects events.
`siem:enableNewsFeed`:: Enables the News feed
`siem:newsFeedUrl`:: News feed content will be retrieved from this URL
`siem:enableNewsFeed`:: Enables the security news feed on the SIEM *Overview*
page.
`siem:newsFeedUrl`:: The URL from which the security news feed content is
retrieved.
`siem:refreshIntervalDefaults`:: The default refresh interval for the SIEM time filter, in milliseconds.
`siem:timeDefaults`:: The default period of time in the SIEM time filter.

3
docs/siem/index.asciidoc
View file

@ -33,7 +33,8 @@ https://www.elastic.co/products/beats/packetbeat[{packetbeat}]
send security events and other data to Elasticsearch.
The default index patterns for SIEM events are `auditbeat-*`, `winlogbeat-*`,
`filebeat-*`, `endgame-*`, and `packetbeat-*``. You can change the default index patterns in
`filebeat-*`, `packetbeat-*`, `endgame-*`, and `apm-*-transaction*`. You can
change the default index patterns in
*Kibana > Management > Advanced Settings > siem:defaultIndex*.
[float]