Free Elastic Training

Elastic Security Quick Start

In this 3-step Quick Start series, you'll learn how to configure your endpoints with Elastic Security so you can stream, detect, and visualize threats in real time on Elastic Cloud. Topics include what is Elastic Security, streaming data to Elastic Security, and visualizing data in Elastic Security.

Start free trial

Read documentation

videoImage

Now it's your turn

Now that you've watched the Quick Start video, follow the steps below to practice what you've learned. If you don't have an Elastic Cloud instance, spin up a 14-day free trial.

  • Step 1

    1. Create a "Quick Start: Security" cluster.
    2. Launch Security App within Kibana.

  • Step 2

    1. Download Elastic Agent.
    2. Integrate Elastic Endpoint Security within Agent.
    3. Install Agent on your endpoint.
    4. Stream security data to Elastic Cloud.

  • Step 3

    1. Trigger an alert with the detection engine.
    2. Visualize the alert in a timeline.
    3. Start a case from the alert.
    4. Gather related information from the alert.

Explore more courses

Kibana for SPL Splunk Users

Learn how to translate your Splunk SPL analysis skills to Kibana.

arrow-white

Elastic Security Fundamentals

Learn how to leverage Elastic Security for SIEM functions and threat detection capabilities to drive your security operations.

arrow-white

Elastic Endgame Fundamentals

Learn the basics to protect your endpoints and investigate threats with Elastic Endgame.

arrow-white