Strona główna Odkrywaj Pomoc
Zaloguj się
lqb
/
elasticsearch
kopia lustrzana https://gitee.com/mirrors/elasticsearch.git
1
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: 2aade9dd66
Gałęzie Tagi
elasticsearch
/
docs
/
reference
/
esql
/
esql-security-solution.asciidoc

esql-security-solution.asciidoc 1.4 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041 
  1. [[esql-elastic-security]]
    2. 

  2. === Using {esql} in {elastic-sec}
    3. 

  3. 

  4. ++++
    5. 

  5. <titleabbrev>Using {esql} in {elastic-sec}</titleabbrev>
    6. 

  6. ++++
    7. 

  7. 

  8. You can use {esql} in {elastic-sec} to investigate events in Timeline and create
    9. 

  9. detection rules. Use the Elastic AI Assistant to build {esql} queries, or answer
    10. 

  10. questions about the {esql} query language.
    11. 

  11. 

  12. [discrete]
    13. 

  13. [[esql-elastic-security-timeline]]
    14. 

  14. === Use {esql} to investigate events in Timeline
    15. 

  15. 

  16. You can use {esql} in Timeline to filter, transform, and analyze event data
    17. 

  17. stored in {es}. To start using {esql}, open the **{esql}** tab. To learn
    18. 

  18. more, refer to {security-guide}/timelines-ui.html#esql-in-timeline[Investigate
    19. 

  19. events in Timeline].
    20. 

  20. 

  21. [discrete]
    22. 

  22. [[esql-elastic-security-detection-rules]]
    23. 

  23. === Use {esql} to create detection rules
    24. 

  24. 

  25. Use the {esql} rule type to create detection rules using {esql} queries. The
    26. 

  26. {esql} rule type supports aggregating and non-aggregating queries. To learn
    27. 

  27. more, refer to {security-guide}/rules-ui-create.html#create-esql-rule[Create an
    28. 

  28. {esql} rule].
    29. 

  29. 

  30. [discrete]
    31. 

  31. [[esql-elastic-security-ai-assistant]]
    32. 

  32. === Elastic AI Assistant
    33. 

  33. 

  34. Use the Elastic AI Assistant to build {esql} queries, or answer questions about
    35. 

  35. the {esql} query language. To learn more, refer to
    36. 

  36. {security-guide}/security-assistant.html[AI Assistant].
    37. 

  37. 

  38. NOTE: For AI Assistant to answer questions about {esql} and write {esql}
    39. 

  39. queries, you need to
    40. 

  40. {security-guide}/security-assistant.html#set-up-ai-assistant[enable knowledge
    41. 

  41. base].
    42.