Security Solution settings in Kibana
Configure the following Security Solution settings in the kibana.yml file:
Cloud Security Posture settings
- xpack.cloudSecurityPosture.enabled
-
Supported on:
Set to
falseto disable the Kibana UI for Elastic's Cloud Security Posture solution, which provides compliance checks on Cloud and Kubernetes environments.Datatype:
boolDefault:
true
Value lists settings
- xpack.lists.maxImportPayloadBytes
-
Supported on:
Sets the maximum number of bytes allowed for uploading Security Solution value lists. For every 10 MB, it is recommended to have an additional 1 GB of RAM reserved for Kibana.
Datatype:
intDefault:
9000000 - xpack.lists.importBufferSize
-
Supported on:
Sets the buffer size used for uploading Security Solution value lists. Increase the value to improve upload throughput at the expense of higher Kibana memory usage; decrease it to reduce memory usage at the cost of throughput.
Datatype:
intDefault:
1000
Elastic Defend settings
- xpack.securitySolution.maxUploadResponseActionFileBytes
-
Supported on:
Allow to configure the max file upload size for use with the Upload File Response action available with the Defend Integration. To learn more, check Endpoint Response actions.
Datatype:
int - xpack.securitySolution.disableEndpointRuleAutoInstall
-
Supported on:
Set to
trueto disable the automatic installation of Elastic Defend SIEM rules when a new Endpoint integration policy is created.Datatype:
boolDefault:
false - xpack.securitySolution.maxEndpointScriptFileSize
-
Supported on:
The maximum file size in bytes for scripts uploaded to the Elastic Defend script library. Default is
26214400(25MB).Datatype:
intDefault:
26214400
Experimental features
- xpack.securitySolution.enableExperimental
-
Supported on:
A list of experimental feature flags to enable.
Datatype:
array of stringsNoteExperimental features should not be enabled in production environments. Experimental features may be changed or removed completely in future releases. Elastic will make a best effort to fix any issues, but experimental features are not supported to the same level as generally available (GA) features.
xpack.securitySolution.enableExperimental: - sentinelRulesMigration