Elastic Security

edit

This solution combines SIEM threat detection features with endpoint prevention and response capabilities, including:

  • SIEM - Detection of security threats and event monitoring across your environment.
  • Endpoint Security - Prevention and threat response for your endpoints.

For the rest of documentation, see the Elastic Security Guide.

Included in this solution:

  • Elasticsearch data nodes: Defaults to 1 GB memory x 1 availability zone. Use the data.default instance configuration.
  • APM: Defaults to 512 MB memory x 1 availability zone. Use the apm instance configuration.
  • Kibana: Defaults to 1 GB memory x 1 availability zone. Uses the kibana instance configuration.