Elasticsearch 7.x compatibility with ICDx

book

Article ID: 184821

calendar_today

Updated On:

Products

ICDx

Issue/Introduction

There is no information in the Integrated Cyber Defense Exchange (ICDx) manual for 1.3.1 or earlier that says that Elasticsearch (ELK stack) 7.x is compatible.

 

Environment

  • ICDx 1.3.1 or later
  • Elasticsearch 7.x (either fresh or migrated install)

Resolution

[Information valid as of 23 December, 2019]

Refer to the documentation here for the latest configuration for Elasticsearch and ICDx:

https://www.symantec.com/connect/sites/default/files/SOC%20Investigator%20App%20for%20Elastic%20Stack%20Installation%20and%20Configuration%20Guide%20-%20September%202019%20v1.pdf

 

Powered by Wolken Software