Skip to content

Commit

Permalink
Moving prebuilt rules update to the correct topic. (elastic#720)
Browse files Browse the repository at this point in the history
  • Loading branch information
jmikell821 committed May 25, 2021
1 parent de40649 commit 319f767
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 20 deletions.
20 changes: 0 additions & 20 deletions docs/detections/alerts-ui-manage.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -9,26 +9,6 @@ investigating and analyzing alerts in Timeline.
TIP: From Timeline, you can <<cases-ui-open, create cases>> to track issues and
share information with colleagues.

[float]
[[download-prebuilt-rules]]
=== Download latest prebuilt Elastic rules

[beta]

As of {stack} >=7.13.0., you can download the latest version of Elastic prebuilt rules outside of a regular release cycle. This feature ensures you have the latest detection capabilties before upgrading to the latest {stack}.

To download the latest version of prebuilt rules:

. In {kib}, go to *Fleet > Integrations*.
. Search for "Prebuilt Security Detection Rules."
. Select the integration, then click *Add Prebuilt Security Detection Rules*. The integration configuration page is displayed.
. (Optional) If you have an {agent} enrolled and have created an agent policy you want to assign to this integration, select it from the drop-down.
. Configure the integration settings by entering a name and optional description.
. Click *Save integration* in the lower right corner.

[role="screenshot"]
image::images/prebuilt-integration.png[]

[float]
[[detection-view-and-filter-alerts]]
=== View and filter detection alerts
Expand Down
20 changes: 20 additions & 0 deletions docs/detections/rules-ui-manage.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,26 @@ In the All rules table:
You can then modify the duplicated rules and, if required, delete the prebuilt
ones.

[float]
[[download-prebuilt-rules]]
=== Download latest prebuilt Elastic rules

beta::[]

As of {stack} >=7.13.0., you can download the latest version of Elastic prebuilt rules outside of a regular release cycle. This feature ensures you have the latest detection capabilties before upgrading to the latest {stack}.

To download the latest version of prebuilt rules:

. In {kib}, go to *Fleet > Integrations*.
. Search for "Prebuilt Security Detection Rules."
. Select the integration, then click *Add Prebuilt Security Detection Rules*. The integration configuration page is displayed.
. (Optional) If you have an {agent} enrolled and have created an agent policy you want to assign to this integration, select it from the drop-down.
. Configure the integration settings by entering a name and optional description.
. Click *Save integration* in the lower right corner.

[role="screenshot"]
image::images/prebuilt-integration.png[]

[float]
[[manage-rules-ui]]
=== Modify existing rules
Expand Down

0 comments on commit 319f767

Please sign in to comment.