github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

Added endgame-* index and new heading 3 Elastic Endpoint SMP. (#51071) (#51829)

Browse source
This commit is contained in:
Janeen Mikell-Straughn 2019-11-27 14:44:25 -05:00 committed by GitHub
parent ecc85d9b29
commit 4ff52acf0e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

9
docs/siem/index.asciidoc
View file

@ -24,7 +24,7 @@ Kibana provides step-by-step instructions to help you add data. The
detailed information and instructions.
[float]
=== {Beats}
=== {Beats}
https://www.elastic.co/products/beats/auditbeat[{auditbeat}],
https://www.elastic.co/products/beats/filebeat[{filebeat}],
@ -33,9 +33,14 @@ https://www.elastic.co/products/beats/packetbeat[{packetbeat}]
send security events and other data to Elasticsearch.
The default index patterns for SIEM events are `auditbeat-*`, `winlogbeat-*`,
`filebeat-*`, and `packetbeat-*``. You can change the default index patterns in
`filebeat-*`, `endgame-*`, and `packetbeat-*``. You can change the default index patterns in
*Kibana > Management > Advanced Settings > siem:defaultIndex*.
[float]
=== Elastic Endpoint Sensor Management Platform
The Elastic Endpoint Sensor Management Platform (SMP) ships host and network events directly to the SIEM application, and is fully ECS compliant.
[float]
=== Elastic Common Schema (ECS) for normalizing data