What is an Elastic integration?

This integration is powered by Elastic Agent. Elastic Agent is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more. Refer to our documentation for a detailed comparison between Beats and Elastic Agent.

Prefer to use Beats for this use case? See Filebeat modules for logs or Metricbeat modules for metrics.

Overview

The detection rules package stores the prebuilt security rules for the Elastic Security detection engine.

To download or update the rules, click Settings > Install Prebuilt Security Detection Rules assets. Then import the rules into the Detection engine.

License Notice

Changelog

VersionDetails
8.3.1
Enhancement View pull request
Release security rules update
8.2.1
Enhancement View pull request
Release security rules update
7.16.4
Enhancement View pull request
Release security rules update
8.1.1
Enhancement View pull request
Release security rules update
7.16.3
Enhancement View pull request
Release security rules update
1.0.2
Enhancement View pull request
Release security rules update
0.16.2
Enhancement View pull request
Release security rules update
0.16.1
Enhancement View pull request
Release security rules update
1.0.1
Enhancement View pull request
Release security rules update
0.14.3
Enhancement View pull request
Release security rules update
0.14.2
Enhancement View pull request
Release security rules update
0.14.1
Enhancement View pull request
Release security rules update
0.13.3
Enhancement View pull request
Release security rules update
0.13.2
Enhancement View pull request
Release security rules update
0.13.1
Enhancement View pull request
Release security rules update
0.13.1-dev.0
Bug fix View pull request
Pre-release for 0.13.1 security rules
0.13.0
Bug fix View pull request
Fix package for 7.13.0 from detection-rules

Enhancement View pull request
Publish package for 7.13.0 from detection-rules
0.0.3
Bug fix View pull request
Fix security rules naming
0.0.2
Enhancement View pull request
Change the rules to match Kibana 7.13 prepackaged
0.0.1-dev.3
Enhancement View pull request
Change the integration title
0.0.1-dev.2
Enhancement View pull request
Change the saved object type to security-rule
0.0.1-dev.1
Enhancement View pull request
Create package for security's detection engine