IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Elastic Docs Elastic Security Solution [8.2] Get started with Elastic Security Configure an Endpoint Security integration policy
« Configure an Endpoint Security integration policy Enable threat intelligence integrations »

Turn off Endpoint Security diagnostic dataedit

By default, Endpoint Security streams diagnostic data to your cluster, which Elastic uses to tune protection features. You can stop producing this diagnostic data by configuring the advanced settings in the Endpoint Security integration policy.

Kibana also collects usage telemetry, which includes Endpoint Security diagnostic data. You can control telemetry in Advanced Settings.

  1. In the Elastic Security app, go to ManageEndpoints to view the Endpoints list.
  2. Locate the endpoint for which you want to disable diagnostic data, then click the integration policy in the Policy column.
  3. Scroll down to the bottom of the policy and click Show advanced settings.

  4. Enter false for these settings:

    • windows.advanced.diagnostic.enabled
    • linux.advanced.diagnostic.enabled
    • mac.advanced.diagnostic.enabled
  5. Click Save.
« Configure an Endpoint Security integration policy Enable threat intelligence integrations »