ComodoSecurity/openedr — reverse-engineered prompt
Reverse engineered prompt
Build me a working open source endpoint detection and response setup from this repo.
I want something I can run on a test machine that watches endpoint activity in real time, including process launches, file activity, registry changes, device events, and network activity, then stores the telemetry locally and sends it into an Elasticsearch based backend. I should be able to search events, review alerts, see a dashboard, inspect process trees and timelines, and drill into event details for root cause analysis with MITRE style visibility.
Please use the project’s own build and getting started docs, including the parts about Docker, Kibana, log forwarding, and alerting policies, and hook up whatever service, monitoring, and installer pieces are needed so the whole thing actually works together. I do not need a perfect production rollout, I need a clean end to end demo that matches what this repo claims to do and is easy to start and test. If any setup steps are outdated, check current docs online and make practical choices that stay close to this project.
Want more depth? Deep Reverse