Book Image

Machine Learning with the Elastic Stack

By : Rich Collier, Bahaaldine Azarmi

Book Image

Machine Learning with the Elastic Stack

By: Rich Collier, Bahaaldine Azarmi

Overview of this book

Machine Learning with the Elastic Stack is a comprehensive overview of the embedded commercial features of anomaly detection and forecasting. The book starts with installing and setting up Elastic Stack. You will perform time series analysis on varied kinds of data, such as log files, network flows, application metrics, and financial data. As you progress through the chapters, you will deploy machine learning within the Elastic Stack for logging, security, and metrics. In the concluding chapters, you will see how machine learning jobs can be automatically distributed and managed across the Elasticsearch cluster and made resilient to failure. By the end of this book, you will understand the performance aspects of incorporating machine learning within the Elastic ecosystem and create anomaly detection jobs and view results from Kibana directly.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Machine Learning for IT

Machine Learning for IT

Overcoming the historical challenges

Theory of operation

Operationalization

Supporting indices

The orchestration

Installing the Elastic Stack with Machine Learning

Installing the Elastic Stack with Machine Learning

Installing the Elastic Stack

A guided tour of Elastic ML features

Event Change Detection

Event Change Detection

How to understand the normal rate of occurrence

Exploring count functions

Counting in population analysis

Detecting things that rarely occur

Counting message-based logs via categorization

IT Operational Analytics and Root Cause Analysis

IT Operational Analytics and Root Cause Analysis

Holistic application visibility

Data organization

Bringing it all together for root cause analysis

Security Analytics with Elastic Machine Learning

Security Analytics with Elastic Machine Learning

Security in the field

Threat hunting architecture

Investigation analytics

Alerting on ML Analysis

Alerting on ML Analysis

Results presentation

The results index

Alerts from the Machine Learning UI in Kibana

Creating ML alerts manually

Using Elastic ML Data in Kibana Dashboards

Using Elastic ML Data in Kibana Dashboards

Visualization options in Kibana

Preparing data for anomaly detection analysis

Building the visualizations

Using Elastic ML with Kibana Canvas

Using Elastic ML with Kibana Canvas

Introduction to Canvas

Building Elastic ML Canvas slides

Forecasting

Forecasting versus prophesying

Forecasting use cases

Forecasting – theory of operation

Single time series forecasting

Forecast results

Multiple time series forecasting

ML Tips and Tricks

ML Tips and Tricks

Influencers in split versus non-split jobs

Using ML on scripted fields

Using one-sided ML functions to your advantage

Ignoring time periods

Don't over-engineer the use case

ML job throughput considerations

Top-down alerting by leveraging custom rules

Sizing ML deployments

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Preface

Data analysis, manual charting, thresholding, and alerting have been an inherent part of IT and security operations for decades. Until the advent of sophisticated machine learning algorithms and techniques, much of the burden of proactive insight, problem detection, and root cause analysis fell onto the shoulders of the analysts. As the complexity and scale of modern applications and infrastructure has grown exponentially, it is apparent that humans need help. Elastic machine learning (ML) is an effective, easy-to-use solution for anomaly detection and forecasting use cases in relation to time-series machine data. This definitive elastic ML guide will get the reader proficient in the operation and techniques of advanced analytics without the need to be well-versed in data science.