Elastic Security requirements
Requirements for using and configuring Elastic Security.
The Support Matrix page lists officially supported operating systems, platforms, and browsers on which components such as Beats, Elastic Agent, Elastic Defend, and Elastic Endpoint have been tested.
Feature-specific requirements
There are some additional requirements for specific features:
- Detections prerequisites and requirements
- Cases prerequisites
- Entity risk scoring prerequisites
- Machine learning job and rule requirements
- Elastic Endpoint requirements
- Configure network map data
Third-party collectors mapped to ECS
The Elastic Common Schema (ECS) defines a common set of fields to be used for storing event data in Elasticsearch. ECS helps users normalize their event data to better analyze, visualize, and correlate the data represented in their events. Elastic Security can ingest and normalize events from any ECS-compliant data source.
Important
Elastic Security requires ECS-compliant data. If you use third-party data collectors to ship data to Elasticsearch, the data must be mapped to ECS. Elastic Security ECS field reference lists ECS fields used in Elastic Security.