There is a native security alerts based on eql in elasticsearch, but after installing ror plugin i’ve missed possibilty to edit the existing rules or create new ones. Am i doing something wrong?
Elasticsearch && Kibana version 8.7
ROR version 1.48
The ROR plugin is typically used to provide read-only access to Elasticsearch for specific use cases, such as allowing external systems to query data without modifying it. However, this restriction can impact your ability to edit or create security rules in Elasticsearch.