u/ShirtResponsible4233

Hi,

I’m new to backtesting and would like to know what free backtesting options are available.

TradingView seems to cost money. I’ve tested backtesting with Python — is that okay, or is there something else I should use instead?

For example, I’d like to backtest a strategy like this:

• Entry: FVG
• Trend Filter: EMA 8 & EMA 21 must be stacked in the direction of the trend
• Trading Time: First hour of the US market
• Stop Loss: Middle candle in the FVG
• Take Profit: 2R

And then run it on something like Bitcoin.

Thanks in advance.

I’m new to backtesting and would like to know what free backtesting options are available.

TradingView seems to cost money. I’ve tested backtesting with Python — is that okay, or is there something else I should use instead?

For example, I’d like to backtest a strategy like this:

• Entry: FVG
• Trend Filter: EMA 8 & EMA 21 must be stacked in the direction of the trend
• Trading Time: First hour of the US market
• Stop Loss: Middle candle in the FVG
• Take Profit: 2R

And then run it on something like Bitcoin.

Thanks in advance.

Hi, I’m looking for a good strategy to capture and monitor logs that are not matched by any existing parsing, filtering, or classification rules.

I’m considering setting up a dedicated dashboard for unmatched logs to improve visibility and identify missing patterns or filters over time. Maybe it exists?

Do you already have a solution or recommended approach for this? Also, are there any RFCs, standards, or industry best practices related to handling unmatched or unclassified logs?

Hi,
Why is it so tricky to import an NDJSON file and get it to work? Is the syntax and formatting really that strict?

Does anyone have any tips or tricks for handling it more easily?

Hi,

I have a product called Illumio, and I’m sending logs to Elasticsearch via Logstash.

The parsing isn’t working correctly, and the message field isn’t being tagged or processed as expected. Since the logs are in standard JSON format, I assumed this would be handled automatically.

How can I fix this, and why isn’t it parsing properly?

What’s the easiest way to handle this, own pipeline is tricky. I’m running Elastic Stack version 9.3.3.

Thanks in adance

https://preview.redd.it/mon98rmt2czg1.png?width=593&format=png&auto=webp&s=ccfbe6a8f331946bee4cdea7d90fd70748fd5bd5

Hi

I have a lab setup at home with Elastic 9.3.2.
In my fleet I did try to add an agent.

And for my testing Windows desktop I got folliwing from Kibana.

$ProgressPreference = 'SilentlyContinue'
Invoke-WebRequest -Uri https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-9.3.2-windows-x86_64.zip -OutFile elastic-agent-9.3.2-windows-x86_64.zip
Expand-Archive .\elastic-agent-9.3.2-windows-x86_64.zip -DestinationPath .
cd elastic-agent-9.3.2-windows-x86_64
.\elastic-agent.exe install --url=https://10.10.10.51:8220 --enrollment-token=WWV0TzFaMEIzU3FiaVY1UENocFE6bjZYVWIwaHJ3ZzRueFNOOXVzZFdCUQ==

Now I got this error: "UnsupportedVersion, message: version is not supported"

S C:\temp\elastic-agent-9.3.2-windows-x86_64> .\elastic-agent.exe install --url=https://10.10.10.51:8220 --enrollment-token=WWV0TzFaMEIzU3FiaVY1UENocFE6bjZYVWIwaHJ3ZzRueFNOOXVzZFdCUQ== --insecure

Elastic Agent will be installed at C:\Program Files\Elastic\Agent and will run as a service. Do you want to continue? [Y/n]:y

[== ] Service Started [15s] Elastic Agent successfully installed, starting enrollment.

[== ] Waiting For Enroll... [15s] {"log.level":"warn","@timestamp":"2026-04-28T20:19:23.532+0200","log.logger":"tls","log.origin":{"function":"github.com/elastic/elastic-agent-libs/transport/tlscommon.(*TLSConfig).ToConfig","file.name":"tlscommon/tls_config.go","file.line":129},"message":"SSL/TLS verifications disabled.","ecs.version":"1.6.0"}

{"log.level":"info","@timestamp":"2026-04-28T20:19:23.536+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.EnrollWithBackoff","file.name":"enroll/enroll.go","file.line":86},"message":"Starting enrollment to URL: https://10.10.10.51:8220/","ecs.version":"1.6.0"}

[ =] Waiting For Enroll... [16s] {"log.level":"warn","@timestamp":"2026-04-28T20:19:23.780+0200","log.logger":"tls","log.origin":{"function":"github.com/elastic/elastic-agent-libs/transport/tlscommon.(*TLSConfig).ToConfig","file.name":"tlscommon/tls_config.go","file.line":129},"message":"SSL/TLS verifications disabled.","ecs.version":"1.6.0"}

{"log.level":"info","@timestamp":"2026-04-28T20:19:23.794+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.EnrollWithBackoff","file.name":"enroll/enroll.go","file.line":92},"message":"1st enrollment attempt failed, retrying enrolling to URL: https://10.10.10.51:8220/ with exponential backoff (init 5s, max 10m0s)","ecs.version":"1.6.0"}

{"log.level":"warn","@timestamp":"2026-04-28T20:19:23.797+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":121},"message":"Error detected: fail to execute request to fleet-server: status code: 400, fleet-server returned an error: UnsupportedVersion, message: version is not supported, will retry in a moment.","ecs.version":"1.6.0"}

[== ] Waiting For Enroll... [23s] {"log.level":"info","@timestamp":"2026-04-28T20:19:31.496+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":126},"message":"Retrying enrollment to URL: https://10.10.10.51:8220/","ecs.version":"1.6.0"}

[ ] Waiting For Enroll... [24s] {"log.level":"warn","@timestamp":"2026-04-28T20:19:31.710+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":121},"message":"Error detected: fail to execute request to fleet-server: status code: 400, fleet-server returned an error: UnsupportedVersion, message: version is not supported, will retry in a moment.","ecs.version":"1.6.0"}

[ =] Waiting For Enroll... [34s] {"log.level":"info","@timestamp":"2026-04-28T20:19:42.149+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":126},"message":"Retrying enrollment to URL: https://10.10.10.51:8220/","ecs.version":"1.6.0"}

[ ===] Waiting For Enroll... [34s] {"log.level":"warn","@timestamp":"2026-04-28T20:19:42.362+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":121},"message":"Error detected: fail to execute request to fleet-server: status code: 400, fleet-server returned an error: UnsupportedVersion, message: version is not supported, will retry in a moment.","ecs.version":"1.6.0"}

[= ] Waiting For Enroll... [1m2s] {"log.level":"info","@timestamp":"2026-04-28T20:20:10.021+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":126},"message":"Retrying enrollment to URL: https://10.10.10.51:8220/","ecs.version":"1.6.0"}

[ ==] Waiting For Enroll... [1m2s] {"log.level":"warn","@timestamp":"2026-04-28T20:20:10.237+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":121},"message":"Error detected: fail to execute request to fleet-server: status code: 400, fleet-server returned an error: UnsupportedVersion, message: version is not supported, will retry in a moment.","ecs.version":"1.6.0"}

[====] Waiting For Enroll... [2m20s] {"log.level":"info","@timestamp":"2026-04-28T20:21:28.039+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":126},"message":"Retrying enrollment to URL: https://10.10.10.51:8220/","ecs.version":"1.6.0"}

[== ] Waiting For Enroll... [2m20s] {"log.level":"warn","@timestamp":"2026-04-28T20:21:28.261+0200","log.origin":{"function":"github.com/elastic/elastic-agent/internal/pkg/agent/application/enroll.retryEnroll","file.name":"enroll/enroll.go","file.line":121},"message":"Error detected: fail to execute request to fleet-server: status code: 400, fleet-server returned an error: UnsupportedVersion, message: version is not supported, will retry in a moment.","ecs.version":"1.6.0"}

[== ] Waiting For Enroll... [2m39s]

Hi,
I’m looking for recommendations for YouTubers I can learn from—preferably traders who stream or record live trades and explain their thinking in real time. I’m especially interested in how they start the day, form a bias, and manage their trades.

Paid recommendations are also welcome if they’re worth it.

It has to be in English, and preferably in an ICT-style approach.

Thanks in advance!

Hi,
I’m looking for recommendations for YouTubers I can learn from—preferably traders who stream or record live trades and explain their thinking in real time. I’m especially interested in how they start the day, form a bias, and manage their trades.

Paid recommendations are also welcome if they’re worth it.

It has to be in English, and preferably in an ICT-style approach.

Thanks in advance!

I’m looking for a way to view vulnerabilities on my servers and clients that are running the Elastic Agent. I know that Wazuh can do this, but I don’t want to install it in my environment.

Are there any other solutions or approaches I can use to achieve vulnerability visibility with my current setup? I’d really appreciate any recommendations or guidance on a good solution.

Hi,
I’m wondering if Sigma detection rules are a good addition to an Elastic SIEM environment. Are the built-in Elastic SIEM rules sufficient, or does Sigma provide additional value? What are your thoughts on using Sigma, and is it worth implementing? I’d appreciate hearing about your experience.
Any working guide for implement it would be great.

Thanks in advance :)