Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[7.13] Moving prebuilt rules update to the correct topic. (#720) #722

Merged
merged 1 commit into from
May 25, 2021
Merged

[7.13] Moving prebuilt rules update to the correct topic. (#720) #722

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 0 additions & 20 deletions docs/detections/alerts-ui-manage.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,26 +9,6 @@ investigating and analyzing alerts in Timeline.
TIP: From Timeline, you can <<cases-ui-open, create cases>> to track issues and
share information with colleagues.

[float]
[[download-prebuilt-rules]]
=== Download latest prebuilt Elastic rules

[beta]

As of {stack} >=7.13.0., you can download the latest version of Elastic prebuilt rules outside of a regular release cycle. This feature ensures you have the latest detection capabilties before upgrading to the latest {stack}.

To download the latest version of prebuilt rules:

. In {kib}, go to *Fleet > Integrations*.
. Search for "Prebuilt Security Detection Rules."
. Select the integration, then click *Add Prebuilt Security Detection Rules*. The integration configuration page is displayed.
. (Optional) If you have an {agent} enrolled and have created an agent policy you want to assign to this integration, select it from the drop-down.
. Configure the integration settings by entering a name and optional description.
. Click *Save integration* in the lower right corner.

[role="screenshot"]
image::images/prebuilt-integration.png[]

[float]
[[detection-view-and-filter-alerts]]
=== View and filter detection alerts
Expand Down
20 changes: 20 additions & 0 deletions docs/detections/rules-ui-manage.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,26 @@ In the All rules table:
You can then modify the duplicated rules and, if required, delete the prebuilt
ones.

[float]
[[download-prebuilt-rules]]
=== Download latest prebuilt Elastic rules

beta::[]

As of {stack} >=7.13.0., you can download the latest version of Elastic prebuilt rules outside of a regular release cycle. This feature ensures you have the latest detection capabilties before upgrading to the latest {stack}.

To download the latest version of prebuilt rules:

. In {kib}, go to *Fleet > Integrations*.
. Search for "Prebuilt Security Detection Rules."
. Select the integration, then click *Add Prebuilt Security Detection Rules*. The integration configuration page is displayed.
. (Optional) If you have an {agent} enrolled and have created an agent policy you want to assign to this integration, select it from the drop-down.
. Configure the integration settings by entering a name and optional description.
. Click *Save integration* in the lower right corner.

[role="screenshot"]
image::images/prebuilt-integration.png[]

[float]
[[manage-rules-ui]]
=== Modify existing rules
Expand Down