Skip to content

[Internal]: [Security] Entity Analytics - Consolidated Management Page UI #5381

New issue
New issue
Open
#5443
Open
[Internal]: [Security] Entity Analytics - Consolidated Management Page UI#5381
#5443
Assignees
natasha-moore-elastic
Labels
Team:ExperienceIssues owned by the Experience Docs Team
@seanrathier

Description

@seanrathier
seanrathier
opened on Mar 5, 2026

Description

Summary

The Entity Analytics management experience has been consolidated from multiple separate pages into a single unified management page with a tabbed interface. This change affects Serverless immediately upon merge and will be available in Elastic Stack 9.4.

What Changed

Navigation Changes

  • The separate "Entity Store" menu item has been removed from Security > Manage navigation
  • "Entity Risk Score" has been renamed to "Entity Analytics" in the navigation
  • The consolidated page is accessible at: Security > Manage > Entity Analytics

New Tabbed Interface

The unified page now has three tabs:

Tab Description
Entity Risk Score Configure and manage risk engine settings (lookback period, alert filters, score retainment, etc.)
Asset Criticality Import entity data with asset criticality via CSV upload
Engine Status Monitor entity store engine status (only visible when entity store is installed)

Unified Enable/Disable Toggle

  • A single toggle now controls both the Risk Engine AND Entity Store together
  • Shows health status indicator (On/Off) and loading states during operations
  • Supports Entity Store V2 when the feature flag is enabled

URL Redirects

Old URLs continue to work via automatic redirects:

Old URL Redirects To
/entity_analytics/entity_store_management /entity_analytics/management/status
/entity_analytics/asset_criticality /entity_analytics/management/asset_criticality

Documentation Updates Needed

  1. Update the Entity Analytics management documentation to reflect the new consolidated UI
  2. Update any screenshots showing the old separate pages
  3. Document the new tabbed interface and unified toggle behavior
  4. Update navigation references from "Entity Risk Score" to "Entity Analytics"
  5. Note that enabling Entity Analytics now enables both Risk Engine and Entity Store together

Test Environment

Creds

https://p.elstc.co/?cc4abbc8c87389c3#33GBNGRtHuMEMrKW1nmAeXtqiaPhW9ZV2rYK9rYrXevc

Management Link

https://entity-analytics-consolidate-settings-d94213.kb.us-west2.gcp.elastic-cloud.com/app/security/manage

Risk Score

https://entity-analytics-consolidate-settings-d94213.kb.us-west2.gcp.elastic-cloud.com/app/security/entity_analytics_management/risk_score

Asset Criticality

https://entity-analytics-consolidate-settings-d94213.kb.us-west2.gcp.elastic-cloud.com/app/security/entity_analytics_management/asset_criticality

Engine Status

https://entity-analytics-consolidate-settings-d94213.kb.us-west2.gcp.elastic-cloud.com/app/security/entity_analytics_management/status

Screenshots

Before

Image Image Image

After

Image Image Image

Resources

Related Dev PR: elastic/kibana#255009
Related Issue: https://github.com/elastic/security-team/issues/15932

Which documentation set does this change impact?

Elastic On-Prem and Cloud (all)

Feature differences

No feature differences between Serverless and Cloud

What release is this request related to?

9.4

Serverless release

The week of March 16 2026

Collaboration model

The documentation team

Point of contact.

Main contact:
@seanrathier

Stakeholders:
@erikh-elastic
@niros1

Metadata

Metadata

Assignees

Labels

Team:ExperienceIssues owned by the Experience Docs Team

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions