kibana/config/serverless.security.yml

# Security Project config

## Disable plugins
enterpriseSearch.enabled: false
xpack.apm.enabled: false
xpack.infra.enabled: false
xpack.observabilityLogExplorer.enabled: false
xpack.observability.enabled: false
xpack.uptime.enabled: false
xpack.legacy_uptime.enabled: false

## Enable the Security Solution Serverless plugin
xpack.securitySolutionServerless.enabled: true
xpack.securitySolutionServerless.productTypes:
  [
    { product_line: 'security', product_tier: 'complete' },
    { product_line: 'endpoint', product_tier: 'complete' },
  ]

## Set the home route
uiSettings.overrides.defaultRoute: /app/security/get_started

## Set the dev project switcher current type
xpack.serverless.plugin.developer.projectSwitcher.currentType: 'security'

# Specify in telemetry the project type
telemetry.labels.serverless: security

# Fleet specific configuration
xpack.fleet.internal.registry.capabilities: ['security']
xpack.fleet.internal.registry.spec.max: '3.0'
# Disabled until packages implement the new spec https://github.com/elastic/kibana/issues/166742
# xpack.fleet.internal.registry.kibanaVersionCheckEnabled: false
# xpack.fleet.internal.registry.spec.min: '3.0'

# Serverless security specific options
xpack.securitySolution.enableExperimental:
  - discoverInTimeline
  - esqlRulesDisabled

xpack.ml.ad.enabled: true
xpack.ml.dfa.enabled: true
xpack.ml.nlp.enabled: false