The SIEM app is now a part of the Elastic Security solution.
Click
here to view SIEM documentation for previous releases.
Enable full disk access
editEnable full disk access
editElastic Endpoint Security requires full disk access to protect you from malware and other cybersecurity threats. Full Disk Access permissions is a new privacy feature introduced in macOS Mojave (10.14) that prevents some applications from accessing your data. This means you need to manually grant permission for Elastic Endpoint Security to access these protected areas of your Mac.
This article describes how to enable full disk access for both the Elastic Agent, required in order to enable Elastic Endpoint Security, and the legacy Endgame sensor.
- Open the System Preferences application.
- Click Security and Privacy. On the Security and Privacy panel, select the Privacy tab.
-
In the left pane, select Full Disk Access.
-
In the lower-left corner of the panel, click the Lock button and enter your username and password. You can now add the
elastic-agent
oresensor
file. -
Click the + button to view Finder. Navigate to the
/Library/Endgame
directory, select theelastic-agent
oresensor
file, and then click Open. -
In the Privacy tab, confirm that the
elastic-agent
oresensor
file appears in the list of applications that have full access permission, as seen in the following image:
Elastic Endpoint Security now has the access required to fully protect your system.