Solved: Trouble with Enterprise Security configuration

spodda01da · ‎03-21-2023

Hi All,

We have recently installed Enterprise Security but strangely the default dashboard doesn't display the indexes we have in our environment.

Initially I though the indexes are not CIM compliant but it wasn't the case as many of them are.

Unfortunately, I am running out of ideas and need some help configuring it.

Need someone who can help me with it.

Thanks much,

richgalloway · ‎03-21-2023

There is no such thing as CIM-compliance for indexes. CIM compliance applies to field names (and some values).

To make ES aware of your index names, install your "all_indexes" app on the ES search head.

---
If this reply helps you, Karma would be appreciated.

richgalloway · ‎03-21-2023

There is no such thing as CIM-compliance for indexes. CIM compliance applies to field names (and some values).

To make ES aware of your index names, install your "all_indexes" app on the ES search head.

---
If this reply helps you, Karma would be appreciated.

spodda01da · ‎03-23-2023

Thanks @richgalloway , It worked !!

I can see dashboards filled with contents but not sure if ES is able to utilize all indexes.

Are there any links to documentation, videos which will help understand and build correlations & investigations.

richgalloway · ‎03-24-2023

---
If this reply helps you, Karma would be appreciated.

Trouble with Enterprise Security configuration